asupersync 0.3.4

Spec-first, cancel-correct, capability-secure async runtime for Rust.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164

//! ATP Mailbox Encryption - Cryptographic primitives for secure mailbox operations.

use serde::{Deserialize, Serialize};
use std::fmt;
use zeroize::Zeroize;

const MAILBOX_AEAD_AAD: &[u8] = b"atp-mailbox-v1";

/// Encryption key for mailbox operations.
#[derive(Clone)]
pub struct MailboxKey {
    /// Key material for AES-256-GCM.
    key_material: [u8; 32],
}

impl MailboxKey {
    /// Generate a new random mailbox key.
    #[must_use]
    pub fn generate() -> Self {
        let mut key_material = [0u8; 32];
        getrandom::fill(&mut key_material).expect("OS entropy unavailable for mailbox key");
        Self { key_material }
    }

    /// Create key from bytes.
    pub fn from_bytes(bytes: [u8; 32]) -> Self {
        Self {
            key_material: bytes,
        }
    }

    /// Get key bytes.
    pub fn as_bytes(&self) -> &[u8; 32] {
        &self.key_material
    }
}

impl fmt::Debug for MailboxKey {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        f.debug_struct("MailboxKey")
            .field("key_material", &"[redacted]")
            .finish()
    }
}

impl Drop for MailboxKey {
    fn drop(&mut self) {
        self.key_material.zeroize();
    }
}

/// Encrypted chunk of data.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct EncryptedChunk {
    /// Encrypted data
    pub data: Vec<u8>,

    /// Nonce used for encryption
    pub nonce: ChunkNonce,

    /// Authentication tag
    pub tag: [u8; 16],
}

/// Nonce for chunk encryption.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ChunkNonce {
    /// Nonce bytes
    pub bytes: [u8; 12],
}

impl ChunkNonce {
    /// Generate a new random nonce.
    pub fn generate() -> Result<Self, String> {
        let mut bytes = [0u8; 12];
        getrandom::fill(&mut bytes)
            .map_err(|err| format!("OS entropy unavailable for mailbox nonce: {err}"))?;
        Ok(Self { bytes })
    }
}

impl EncryptedChunk {
    /// Encrypt data with the given key.
    pub fn encrypt(data: &[u8], key: &MailboxKey) -> Result<Self, String> {
        use aes_gcm::aead::{AeadInPlace, KeyInit};
        use aes_gcm::{Aes256Gcm, Nonce};

        let cipher = Aes256Gcm::new_from_slice(key.as_bytes())
            .map_err(|err| format!("invalid mailbox key: {err}"))?;
        let nonce = ChunkNonce::generate()?;
        let mut encrypted = data.to_vec();
        let tag = cipher
            .encrypt_in_place_detached(
                Nonce::from_slice(&nonce.bytes),
                MAILBOX_AEAD_AAD,
                &mut encrypted,
            )
            .map_err(|err| format!("mailbox encryption failed: {err}"))?;
        let mut tag_bytes = [0u8; 16];
        tag_bytes.copy_from_slice(tag.as_slice());

        Ok(Self {
            data: encrypted,
            nonce,
            tag: tag_bytes,
        })
    }

    /// Decrypt chunk with the given key.
    pub fn decrypt(&self, key: &MailboxKey) -> Result<Vec<u8>, String> {
        use aes_gcm::aead::{AeadInPlace, KeyInit};
        use aes_gcm::{Aes256Gcm, Nonce, Tag};

        let cipher = Aes256Gcm::new_from_slice(key.as_bytes())
            .map_err(|err| format!("invalid mailbox key: {err}"))?;
        let mut decrypted = self.data.clone();
        cipher
            .decrypt_in_place_detached(
                Nonce::from_slice(&self.nonce.bytes),
                MAILBOX_AEAD_AAD,
                &mut decrypted,
                Tag::from_slice(&self.tag),
            )
            .map_err(|_| "mailbox authentication failed".to_string())?;
        Ok(decrypted)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn test_mailbox_key_generation() {
        let key = MailboxKey::generate();
        assert_eq!(key.as_bytes().len(), 32);
    }

    #[test]
    fn mailbox_key_debug_redacts_key_material() {
        let key = MailboxKey::from_bytes([0xab; 32]);
        let debug = format!("{key:?}");

        assert!(debug.contains("[redacted]"));
        assert!(!debug.contains("abababab"));
    }

    #[test]
    fn test_encryption_roundtrip() {
        let key = MailboxKey::generate();
        let data = b"test data";

        let encrypted = EncryptedChunk::encrypt(data, &key).unwrap();
        let decrypted = encrypted.decrypt(&key).unwrap();

        assert_eq!(data.to_vec(), decrypted);
    }

    #[test]
    fn test_chunk_nonce_generation() {
        let nonce = ChunkNonce::generate().unwrap();
        assert_eq!(nonce.bytes.len(), 12);
    }
}