ender-eye 1.0.0

Encrypt and decrypt messages using SGA encoding + AES-256-GCM, inspired by the Standard Galactic Alphabet from Minecraft.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

use crate::error::{Result, ValidationErrors};
use base64::{Engine, engine::general_purpose::STANDARD};

pub fn encode_payload(ciphertext: &[u8], salt: &[u8; 16], nonce: &[u8; 12]) -> String {
    let mut payload = Vec::new();

    payload.extend_from_slice(salt);
    payload.extend_from_slice(nonce);
    payload.extend_from_slice(ciphertext);

    STANDARD.encode(&payload)
}

pub fn decode_payload(payload: &str) -> Result<(Vec<u8>, [u8; 16], [u8; 12])> {
    let bytes = STANDARD
        .decode(payload)
        .map_err(|_| ValidationErrors::Base64DecodingFailed)?;

    // salt (16) + nonce (12) + at least 1 byte of ciphertext
    if bytes.len() < 29 {
        return Err(ValidationErrors::PayloadTooShort);
    }

    let salt: [u8; 16] = bytes[0..16]
        .try_into()
        .map_err(|_| ValidationErrors::Base64SaltDecodingFailed)?;

    let nonce: [u8; 12] = bytes[16..28]
        .try_into()
        .map_err(|_| ValidationErrors::Base64NonceDecodingFailed)?;

    let ciphertext: Vec<u8> = bytes[28..]
        .try_into()
        .map_err(|_| ValidationErrors::Base64CiphertextDecodingFailed)?;

    Ok((ciphertext, salt, nonce))
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn roundtrip_default() {
        let salt: [u8; 16] = [1u8; 16];
        let nonce: [u8; 12] = [1u8; 12];
        let ciphertext: Vec<u8> = vec![3u8; 32];

        let encoded = encode_payload(&ciphertext, &salt, &nonce);
        let (decoded_cipher, decoded_salt, decoded_nonce) = decode_payload(&encoded).unwrap();

        assert_eq!(decoded_salt, salt);
        assert_eq!(decoded_nonce, nonce);
        assert_eq!(decoded_cipher, ciphertext);
    }
}