enseal 0.15.1

Secure, ephemeral secret sharing for developers
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

use anyhow::{Context, Result};
use magic_wormhole::{MailboxConnection, Wormhole};

use crate::crypto::envelope::Envelope;
use crate::crypto::signing::SignedEnvelope;
use crate::keys::identity::{EnsealIdentity, TrustedKey};

/// Create a mailbox for identity-mode wormhole transfer.
/// Returns the share code and signed wire bytes ready to send.
/// The code is available immediately so it can be displayed before the receiver connects.
pub async fn create_mailbox(
    envelope: &Envelope,
    recipients: &[&age::x25519::Recipient],
    sender: &EnsealIdentity,
    relay_url: Option<&str>,
    code_words: usize,
) -> Result<(String, Vec<u8>, MailboxConnection<serde_json::Value>)> {
    let inner_bytes = envelope.to_bytes()?;

    // Encrypt + sign
    let signed = SignedEnvelope::seal(&inner_bytes, recipients, sender)?;
    let wire_bytes = signed.to_bytes()?;

    let config = super::app_config(relay_url);

    tracing::debug!("connecting to rendezvous server (identity mode)...");
    let mailbox = MailboxConnection::create(config, code_words)
        .await
        .context("failed to connect to rendezvous server")?;

    let code = mailbox.code().to_string();

    Ok((code, wire_bytes, mailbox))
}

/// Send signed wire bytes through an already-created identity-mode mailbox.
pub async fn send(
    wire_bytes: Vec<u8>,
    mailbox: MailboxConnection<serde_json::Value>,
) -> Result<()> {
    let mut wormhole = Wormhole::connect(mailbox)
        .await
        .context("failed to establish wormhole connection")?;

    tracing::debug!("sending {} bytes (identity mode)...", wire_bytes.len());
    wormhole
        .send(wire_bytes)
        .await
        .context("failed to send data through wormhole")?;

    wormhole
        .close()
        .await
        .context("failed to close wormhole cleanly")?;

    Ok(())
}

/// Receive an identity-mode envelope via wormhole relay.
/// Verifies signature and decrypts with own age key.
#[allow(dead_code)]
pub async fn receive(
    code: &str,
    own_identity: &EnsealIdentity,
    expected_sender: Option<&TrustedKey>,
    relay_url: Option<&str>,
) -> Result<(Envelope, String)> {
    let config = super::app_config(relay_url);

    let code_parsed = code.parse().context("invalid wormhole code format")?;

    tracing::debug!("connecting to rendezvous server (identity mode)...");
    let mailbox = MailboxConnection::connect(config, code_parsed, true)
        .await
        .context("failed to connect to rendezvous server")?;

    let mut wormhole = Wormhole::connect(mailbox)
        .await
        .context("failed to establish wormhole connection")?;

    const MAX_WORMHOLE_PAYLOAD: usize = 16 * 1024 * 1024; // 16 MiB

    tracing::debug!("waiting for data (identity mode)...");
    let data = wormhole
        .receive()
        .await
        .context("failed to receive data through wormhole")?;

    if data.len() > MAX_WORMHOLE_PAYLOAD {
        anyhow::bail!(
            "wormhole payload too large ({} bytes, max {})",
            data.len(),
            MAX_WORMHOLE_PAYLOAD
        );
    }

    wormhole
        .close()
        .await
        .context("failed to close wormhole cleanly")?;

    // Parse signed envelope
    let signed = SignedEnvelope::from_bytes(&data)?;
    let sender_pubkey = signed.sender_sign_pubkey.clone();

    // Verify + decrypt
    let inner_bytes = signed.open(own_identity, expected_sender)?;
    let envelope = Envelope::from_bytes(&inner_bytes)?;
    envelope.check_age(300)?;

    Ok((envelope, sender_pubkey))
}