cipherstash-client 0.34.1-alpha.1

The official CipherStash SDK
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213

use crate::zerokms::{
    self, DataKeyWithTag, Decryptable, EncryptPayload, EncryptedRecord, Error, GenerateKeyPayload,
    IndexKey, RecordDecryptError, ZeroKMSWithClientKey,
};
use stack_auth::AuthStrategy;
use std::{borrow::Cow, fmt::Debug, sync::Arc};
use uuid::Uuid;
use zeroize::{Zeroize, ZeroizeOnDrop};
use zerokms_protocol::{IdentifiedBy, UnverifiedContext};

use crate::credentials::ServiceToken;

use super::{
    compound_indexer::{Accumulator, ComposableIndex, ComposablePlaintext, CompoundIndex},
    EncryptionError, IndexTerm,
};

const DEFAULT_INDEX_TERM_SIZE: usize = 12;

/// A Scoped Cipher is one which has been initialized for a specific keyset.
/// It can be used *only* to encrypt and decrypt data for that keyset.
#[derive(Zeroize, ZeroizeOnDrop)]
pub struct ScopedCipher<C> {
    #[zeroize(skip)]
    client: Arc<ZeroKMSWithClientKey<C>>,
    #[zeroize(skip)]
    keyset_id: Uuid,
    index_key: IndexKey,
}

impl<C> Debug for ScopedCipher<C> {
    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
        f.debug_struct("ScopedCipher")
            .field("keyset_id", &self.keyset_id)
            .finish()
    }
}

impl<C> ScopedCipher<C> {
    /// Initialize a new ScopedCipher for the default keyset_id.
    pub async fn init_default(client: Arc<ZeroKMSWithClientKey<C>>) -> Result<Self, zerokms::Error>
    where
        C: Send + Sync + 'static,
        for<'b> &'b C: AuthStrategy,
    {
        Self::init(client, None).await
    }

    /// Initialize a new ScopedCipher for the given keyset_id.
    /// If the keyset_id is None, the ScopedCipher will be initialized with the default keyset_id for the client.
    pub async fn init(
        client: Arc<ZeroKMSWithClientKey<C>>,
        keyset_id: Option<IdentifiedBy>,
    ) -> Result<Self, zerokms::Error>
    where
        C: Send + Sync + 'static,
        for<'b> &'b C: AuthStrategy,
    {
        client
            .load_keyset_index_key(keyset_id)
            .await
            .map(|(keyset_id, index_key)| Self {
                client,
                keyset_id,
                index_key,
            })
    }

    /// This value is used for term index keys and "encrypted" partition / sort keys
    pub fn mac<const N: usize>(&self, value: &str, prefix: Option<&str>) -> [u8; N] {
        // TODO: Make sure this uses an unambiguous encoding scheme
        // see https://linear.app/cipherstash/issue/BUG-95/wip-ensure-unambiguous-coding-for-mac-prefixes
        let mut hasher = blake3::Hasher::new_keyed(self.index_key.key());
        if let Some(prefix) = prefix {
            hasher.update(prefix.as_bytes());
        }
        hasher.update(value.as_bytes());
        let mut result = [0; N];
        hasher.finalize_xof().fill(&mut result);
        hasher.zeroize();
        result
    }

    pub fn compound_index<I>(
        &self,
        index: I,
        plaintext: ComposablePlaintext,
        info: String,
    ) -> Result<IndexTerm, EncryptionError>
    where
        I: ComposableIndex + Send,
    {
        let index = CompoundIndex::new(index);
        let accumulator = Accumulator::from_salt(info);

        let term = index
            .compose_index(&self.index_key, plaintext, accumulator)?
            .truncate(DEFAULT_INDEX_TERM_SIZE)?;

        Ok(term.into())
    }

    pub fn compound_query<I>(
        &self,
        index: I,
        input: ComposablePlaintext,
        info: String,
    ) -> Result<IndexTerm, EncryptionError>
    where
        I: ComposableIndex + Send,
    {
        let index = CompoundIndex::new(index);
        let accumulator = Accumulator::from_salt(info);

        let term = index
            .compose_query(&self.index_key, input, accumulator)?
            .exactly_one()?
            .truncate(DEFAULT_INDEX_TERM_SIZE)?;

        Ok(term.try_into()?)
    }

    /// Encrypt a stream of [`EncryptPayload`] and return them as an [`EncryptedRecord`].
    /// This function wraps the [`ZeroKMSWithClientKey::encrypt`] function but with the keyset_id set.
    pub async fn encrypt(
        &self,
        payloads: impl IntoIterator<Item = EncryptPayload<'_>>,
    ) -> Result<Vec<EncryptedRecord>, Error>
    where
        C: Send + Sync + 'static,
        for<'b> &'b C: AuthStrategy,
    {
        self.client.encrypt(payloads, Some(self.keyset_id)).await
    }

    /// Decrypt a stream of encrypted values (of type `D` where `D: Decryptable`) and return the raw decrypted binary
    /// blob.
    pub async fn decrypt<'a, D>(
        &self,
        payloads: impl IntoIterator<Item = D>,
        opts: &DecryptOptions<'a>,
    ) -> Result<Vec<Vec<u8>>, Error>
    where
        D: Decryptable,
        C: Send + Sync + 'static,
        for<'b> &'b C: AuthStrategy,
    {
        self.client
            .decrypt(
                payloads,
                opts.keyset_id.or(Some(self.keyset_id)),
                opts.service_token.clone(),
                opts.unverified_context.as_deref(),
            )
            .await
    }

    pub async fn decrypt_fallible<'a, D>(
        &self,
        payloads: impl IntoIterator<Item = D>,
        opts: &DecryptOptions<'a>,
    ) -> Result<Vec<Result<Vec<u8>, RecordDecryptError>>, Error>
    where
        D: Decryptable,
        C: Send + Sync + 'static,
        for<'b> &'b C: AuthStrategy,
    {
        let unverified_context = opts.unverified_context.as_deref().map(Cow::Borrowed);
        let service_token = opts.service_token.as_deref().map(Cow::Borrowed);
        self.client
            .decrypt_fallible(payloads, service_token, unverified_context)
            .await
    }

    // TODO: Dan to make this pub(crate) again
    pub fn index_key(&self) -> &IndexKey {
        &self.index_key
    }

    pub fn keyset_id(&self) -> Uuid {
        self.keyset_id
    }

    /// Generate data keys for a stream of [`GenerateKeyPayload`] and return them as a [`DataKeyWithTag`].
    /// Scoped to the keyset_id of this [`ScopedCipher`].
    #[allow(dead_code)]
    pub(crate) async fn generate_data_keys<'a>(
        &self,
        payloads: impl IntoIterator<Item = GenerateKeyPayload<'_>>,
        service_token: Option<Cow<'a, ServiceToken>>,
        unverified_context: Option<Cow<'a, UnverifiedContext>>,
    ) -> Result<Vec<DataKeyWithTag>, Error>
    where
        C: Send + Sync + 'static,
        for<'b> &'b C: AuthStrategy,
    {
        self.client
            .generate_data_keys(
                payloads,
                Some(self.keyset_id),
                service_token,
                unverified_context,
            )
            .await
    }
}

#[derive(Debug, Default)]
pub struct DecryptOptions<'a> {
    pub keyset_id: Option<Uuid>,
    pub service_token: Option<Cow<'a, ServiceToken>>,
    pub unverified_context: Option<Cow<'a, UnverifiedContext>>,
}