bc-components 0.31.1

Secure Components for Rust.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178

use bc_ur::prelude::*;

use crate::{AuthenticationTag, Digest, DigestProvider, Nonce, tags};

/// A secure encrypted message using IETF ChaCha20-Poly1305 authenticated
/// encryption.
///
/// `EncryptedMessage` represents data that has been encrypted using a symmetric
/// key with the ChaCha20-Poly1305 AEAD (Authenticated Encryption with
/// Associated Data) construction as specified in [RFC-8439](https://datatracker.ietf.org/doc/html/rfc8439).
///
/// An `EncryptedMessage` contains:
/// - `ciphertext`: The encrypted data (same length as the original plaintext)
/// - `aad`: Additional Authenticated Data that is not encrypted but is
///   authenticated (optional)
/// - `nonce`: A 12-byte number used once for this specific encryption operation
/// - `auth`: A 16-byte authentication tag that verifies the integrity of the
///   message
///
/// The `aad` field is often used to include the `Digest` of the plaintext,
/// which allows verification of the plaintext after decryption and preserves
/// the unique identity of the data when used with structures like Gordian
/// Envelope.
///
/// To facilitate decoding, it is recommended that the plaintext of an
/// `EncryptedMessage` be tagged CBOR.
///
/// CDDL:
/// ```cddl
/// EncryptedMessage =
///     #6.40002([ ciphertext: bstr, nonce: bstr, auth: bstr, ? aad: bstr ]) ; TAG_ENCRYPTED
/// ```
#[derive(Clone, Eq, PartialEq)]
pub struct EncryptedMessage {
    ciphertext: Vec<u8>,
    aad: Vec<u8>, // Additional authenticated data (AAD) per RFC8439
    nonce: Nonce,
    auth: AuthenticationTag,
}

impl EncryptedMessage {
    /// Restores an EncryptedMessage from its CBOR representation.
    ///
    /// This is a low-level function that is not normally needed.
    pub fn new(
        ciphertext: impl AsRef<[u8]>,
        aad: impl AsRef<[u8]>,
        nonce: Nonce,
        auth: AuthenticationTag,
    ) -> Self {
        Self {
            ciphertext: ciphertext.as_ref().to_vec(),
            aad: aad.as_ref().to_vec(),
            nonce,
            auth,
        }
    }

    /// Returns a reference to the ciphertext data.
    pub fn ciphertext(&self) -> &[u8] { &self.ciphertext }

    /// Returns a reference to the additional authenticated data (AAD).
    pub fn aad(&self) -> &[u8] { &self.aad }

    /// Returns a reference to the nonce value used for encryption.
    pub fn nonce(&self) -> &Nonce { &self.nonce }

    /// Returns a reference to the authentication tag value used for encryption.
    pub fn authentication_tag(&self) -> &AuthenticationTag { &self.auth }

    /// Returns a CBOR representation in the AAD field, if it exists.
    pub fn aad_cbor(&self) -> Option<CBOR> {
        if self.aad.is_empty() {
            None
        } else {
            CBOR::try_from_data(self.aad()).ok()
        }
    }

    /// Returns a `Digest` instance if the AAD data can be parsed as
    /// CBOR.
    pub fn aad_digest(&self) -> Option<Digest> {
        self.aad_cbor().and_then(|cbor| Digest::try_from(cbor).ok())
    }

    /// Returns `true` if the AAD data can be parsed as CBOR.
    pub fn has_digest(&self) -> bool { self.aad_digest().is_some() }
}

/// Implements Debug formatting to display the message contents in a structured
/// format.
impl std::fmt::Debug for EncryptedMessage {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        f.debug_struct("EncryptedMessage")
            .field("ciphertext", &hex::encode(&self.ciphertext))
            .field("aad", &hex::encode(&self.aad))
            .field("nonce", &self.nonce)
            .field("auth", &self.auth)
            .finish()
    }
}

/// Implements `AsRef<EncryptedMessage>` to allow self-reference.
impl AsRef<EncryptedMessage> for EncryptedMessage {
    fn as_ref(&self) -> &EncryptedMessage { self }
}

/// Implements DigestProvider to provide the digest stored in the AAD field.
impl DigestProvider for EncryptedMessage {
    fn digest(&self) -> Digest { self.aad_digest().unwrap() }
}

/// Implements CBORTagged to provide the CBOR tag for the EncryptedMessage.
impl CBORTagged for EncryptedMessage {
    fn cbor_tags() -> Vec<Tag> { tags_for_values(&[tags::TAG_ENCRYPTED]) }
}

/// Implements conversion from EncryptedMessage to CBOR for serialization.
impl From<EncryptedMessage> for CBOR {
    fn from(value: EncryptedMessage) -> Self { value.tagged_cbor() }
}

/// Implements `TryFrom<CBOR>` for EncryptedMessage to support conversion from
/// CBOR data.
impl TryFrom<CBOR> for EncryptedMessage {
    type Error = dcbor::Error;

    fn try_from(cbor: CBOR) -> dcbor::Result<Self> {
        Self::from_tagged_cbor(cbor)
    }
}

/// Implements CBORTaggedEncodable to provide CBOR encoding functionality.
impl CBORTaggedEncodable for EncryptedMessage {
    fn untagged_cbor(&self) -> CBOR {
        let mut a = vec![
            CBOR::to_byte_string(&self.ciphertext),
            CBOR::to_byte_string(self.nonce.data()),
            CBOR::to_byte_string(self.auth.data()),
        ];

        if !self.aad.is_empty() {
            a.push(CBOR::to_byte_string(&self.aad));
        }

        a.into()
    }
}

/// Implements CBORTaggedDecodable to provide CBOR decoding functionality.
impl CBORTaggedDecodable for EncryptedMessage {
    fn from_untagged_cbor(cbor: CBOR) -> dcbor::Result<Self> {
        match cbor.as_case() {
            CBORCase::Array(elements) => {
                if elements.len() < 3 {
                    return Err(
                        "EncryptedMessage must have at least 3 elements".into(),
                    );
                }
                let ciphertext =
                    CBOR::try_into_byte_string(elements[0].clone())?;
                let nonce_data =
                    CBOR::try_into_byte_string(elements[1].clone())?;
                let nonce = Nonce::from_data_ref(nonce_data)?;
                let auth_data =
                    CBOR::try_into_byte_string(elements[2].clone())?;
                let auth = AuthenticationTag::from_data_ref(auth_data)?;
                let aad = if elements.len() > 3 {
                    CBOR::try_into_byte_string(elements[3].clone())?
                } else {
                    Vec::new()
                };
                Ok(Self::new(ciphertext, aad, nonce, auth))
            }
            _ => Err("EncryptedMessage must be an array".into()),
        }
    }
}