fluxencrypt 0.7.1

A high-performance, secure encryption SDK for Rust applications
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376

//! RSA-OAEP asymmetric encryption implementation.
//!
//! This module provides RSA-OAEP encryption and decryption functionality
//! for encrypting small amounts of data, typically AES keys in hybrid encryption.

use crate::error::{FluxError, Result};
use crate::keys::{PrivateKey, PublicKey};
use rsa::Oaep;
use sha2::Sha512;

/// RSA-OAEP cipher for asymmetric encryption operations
#[derive(Debug)]
pub struct RsaOaepCipher;

impl RsaOaepCipher {
    /// Create a new RSA-OAEP cipher
    pub fn new() -> Self {
        Self
    }

    /// Encrypt data with RSA-OAEP
    ///
    /// # Arguments
    /// * `public_key` - The RSA public key to encrypt with
    /// * `plaintext` - The data to encrypt (must be small enough for RSA)
    ///
    /// # Returns
    /// The encrypted data
    pub fn encrypt(&self, public_key: &PublicKey, plaintext: &[u8]) -> Result<Vec<u8>> {
        // Check plaintext size constraints
        let max_plaintext_len = self.max_plaintext_length(public_key)?;
        if plaintext.len() > max_plaintext_len {
            return Err(FluxError::invalid_input(format!(
                "Plaintext too long for RSA encryption: {} > {}",
                plaintext.len(),
                max_plaintext_len
            )));
        }

        // Create OAEP padding with SHA-512
        let padding = Oaep::new::<Sha512>();

        // Get a random number generator
        let mut rng = rand::thread_rng();

        // Encrypt using RSA-OAEP
        public_key
            .inner()
            .encrypt(&mut rng, padding, plaintext)
            .map_err(|e| FluxError::crypto(format!("RSA encryption failed: {}", e)))
    }

    /// Decrypt data with RSA-OAEP
    ///
    /// # Arguments
    /// * `private_key` - The RSA private key to decrypt with
    /// * `ciphertext` - The encrypted data
    ///
    /// # Returns
    /// The decrypted plaintext
    pub fn decrypt(&self, private_key: &PrivateKey, ciphertext: &[u8]) -> Result<Vec<u8>> {
        let expected_size = private_key.key_size_bits() / 8;
        if ciphertext.len() != expected_size {
            return Err(FluxError::invalid_input(format!(
                "Invalid ciphertext length: {} != {}",
                ciphertext.len(),
                expected_size
            )));
        }

        // Create OAEP padding with SHA-512
        let padding = Oaep::new::<Sha512>();

        // Decrypt using RSA-OAEP
        private_key
            .inner()
            .decrypt(padding, ciphertext)
            .map_err(|e| FluxError::crypto(format!("RSA decryption failed: {}", e)))
    }

    /// Calculate the maximum plaintext length for RSA-OAEP encryption
    ///
    /// For RSA-OAEP with SHA-512, the maximum plaintext length is:
    /// key_length_bytes - 2 * hash_length_bytes - 2
    /// where hash_length_bytes = 64 for SHA-512
    pub fn max_plaintext_length(&self, public_key: &PublicKey) -> Result<usize> {
        let key_size_bytes = public_key.key_size_bits() / 8;

        // For RSA-OAEP with SHA-512: overhead = 2 * 64 + 2 = 130 bytes
        let oaep_overhead = 130;

        if key_size_bytes <= oaep_overhead {
            return Err(FluxError::key("RSA key too small for OAEP encryption"));
        }

        Ok(key_size_bytes - oaep_overhead)
    }

    /// Get the ciphertext length for a given RSA key
    pub fn ciphertext_length(&self, public_key: &PublicKey) -> usize {
        public_key.key_size_bits() / 8
    }
}

impl Default for RsaOaepCipher {
    fn default() -> Self {
        Self::new()
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::keys::KeyPair;
    use proptest::prelude::*;

    #[test]
    fn test_rsa_oaep_cipher_creation() {
        let cipher = RsaOaepCipher::new();
        assert!(format!("{:?}", cipher).contains("RsaOaepCipher"));

        let default_cipher = RsaOaepCipher;
        assert!(format!("{:?}", default_cipher).contains("RsaOaepCipher"));
    }

    #[test]
    fn test_max_plaintext_length() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();

        let max_len = cipher.max_plaintext_length(keypair.public_key()).unwrap();

        // For 2048-bit RSA with OAEP-SHA512: 256 - 130 = 126 bytes
        assert_eq!(max_len, 126);
    }

    #[test]
    fn test_max_plaintext_length_different_key_sizes() {
        let cipher = RsaOaepCipher::new();

        // Test different key sizes
        let key_sizes = [2048, 3072, 4096];
        let expected_max_lens = [126, 254, 382]; // key_size/8 - 130

        for (i, &key_size) in key_sizes.iter().enumerate() {
            let keypair = KeyPair::generate(key_size).unwrap();
            let max_len = cipher.max_plaintext_length(keypair.public_key()).unwrap();
            assert_eq!(
                max_len, expected_max_lens[i],
                "Incorrect max length for {}-bit key",
                key_size
            );
        }
    }

    #[test]
    fn test_ciphertext_length() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();

        let ciphertext_len = cipher.ciphertext_length(keypair.public_key());

        // For 2048-bit RSA: 2048 / 8 = 256 bytes
        assert_eq!(ciphertext_len, 256);
    }

    #[test]
    fn test_ciphertext_length_different_key_sizes() {
        let cipher = RsaOaepCipher::new();

        let key_sizes = [2048, 3072, 4096];
        let expected_ciphertext_lens = [256, 384, 512]; // key_size / 8

        for (i, &key_size) in key_sizes.iter().enumerate() {
            let keypair = KeyPair::generate(key_size).unwrap();
            let ciphertext_len = cipher.ciphertext_length(keypair.public_key());
            assert_eq!(
                ciphertext_len, expected_ciphertext_lens[i],
                "Incorrect ciphertext length for {}-bit key",
                key_size
            );
        }
    }

    #[test]
    fn test_encrypt_decrypt() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();
        let plaintext = b"Hello, world!";

        // Test that encryption produces output of expected size
        let ciphertext = cipher.encrypt(keypair.public_key(), plaintext).unwrap();
        assert_eq!(ciphertext.len(), 2048 / 8); // Should be key size in bytes

        // Test that decryption recovers the plaintext
        let decrypted = cipher.decrypt(keypair.private_key(), &ciphertext).unwrap();
        assert_eq!(decrypted, plaintext);
    }

    #[test]
    fn test_encrypt_decrypt_empty_data() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();
        let plaintext = b"";

        let ciphertext = cipher.encrypt(keypair.public_key(), plaintext).unwrap();
        let decrypted = cipher.decrypt(keypair.private_key(), &ciphertext).unwrap();
        assert_eq!(decrypted, plaintext);
    }

    #[test]
    fn test_encrypt_decrypt_max_length_data() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();

        let max_len = cipher.max_plaintext_length(keypair.public_key()).unwrap();
        let plaintext = vec![0x42u8; max_len];

        let ciphertext = cipher.encrypt(keypair.public_key(), &plaintext).unwrap();
        let decrypted = cipher.decrypt(keypair.private_key(), &ciphertext).unwrap();
        assert_eq!(decrypted, plaintext);
    }

    #[test]
    fn test_encrypt_plaintext_too_long() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();

        let max_len = cipher.max_plaintext_length(keypair.public_key()).unwrap();
        let plaintext = vec![0x42u8; max_len + 1]; // One byte too long

        let result = cipher.encrypt(keypair.public_key(), &plaintext);
        assert!(result.is_err());

        if let Err(e) = result {
            assert!(e.to_string().contains("Plaintext too long"));
        }
    }

    #[test]
    fn test_decrypt_invalid_ciphertext_length() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();

        // Test with various invalid lengths
        let invalid_lengths = vec![0, 100, 200, 300]; // All wrong for 2048-bit key

        for &invalid_len in &invalid_lengths {
            let invalid_ciphertext = vec![0u8; invalid_len];
            let result = cipher.decrypt(keypair.private_key(), &invalid_ciphertext);
            assert!(result.is_err(), "Should fail with length {}", invalid_len);

            if let Err(e) = result {
                assert!(e.to_string().contains("Invalid ciphertext length"));
            }
        }
    }

    #[test]
    fn test_encrypt_decrypt_different_key_pairs() {
        let keypair1 = KeyPair::generate(2048).unwrap();
        let _keypair2 = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();
        let plaintext = b"Test data for different key pairs";

        // Encrypt with first key pair
        let ciphertext = cipher.encrypt(keypair1.public_key(), plaintext).unwrap();

        // Should work with correct private key
        let decrypted1 = cipher.decrypt(keypair1.private_key(), &ciphertext).unwrap();
        assert_eq!(decrypted1, plaintext);

        // Should fail with wrong private key
        let result = cipher.decrypt(_keypair2.private_key(), &ciphertext);
        assert!(
            result.is_err(),
            "Decryption should fail with wrong private key"
        );
    }

    #[test]
    fn test_encrypt_various_data_sizes() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();
        let max_len = cipher.max_plaintext_length(keypair.public_key()).unwrap();

        let test_sizes = vec![1, 16, 32, 64, max_len / 2, max_len - 1, max_len];

        for &size in &test_sizes {
            let plaintext = vec![0x42u8; size];

            let ciphertext = cipher.encrypt(keypair.public_key(), &plaintext).unwrap();
            let decrypted = cipher.decrypt(keypair.private_key(), &ciphertext).unwrap();

            assert_eq!(decrypted, plaintext, "Failed for data size {}", size);
            assert_eq!(
                ciphertext.len(),
                cipher.ciphertext_length(keypair.public_key())
            );
        }
    }

    #[test]
    fn test_key_size_bounds_checking() {
        // Test that very small keys would be rejected
        // Note: KeyPair::generate might not allow very small keys, but we test the logic
        let _cipher = RsaOaepCipher::new();

        // This is testing the theoretical case where a key is too small
        // In practice, KeyPair::generate should reject keys smaller than minimum secure sizes
        // But the max_plaintext_length should handle edge cases gracefully

        // Test with minimum viable key size (512 bits = 64 bytes)
        // OAEP overhead is 66 bytes, so this should fail
        // We can't actually create such a small key with KeyPair::generate,
        // so this test documents the expected behavior
    }

    #[test]
    fn test_encrypt_with_special_characters() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();

        let special_data = b"!@#$%^&*()_+-=[]{}|;':\",./<>?`~\n\r\t\0";

        let ciphertext = cipher.encrypt(keypair.public_key(), special_data).unwrap();
        let decrypted = cipher.decrypt(keypair.private_key(), &ciphertext).unwrap();
        assert_eq!(decrypted, special_data);
    }

    // Property-based tests
    proptest! {
        #[test]
        fn test_encrypt_decrypt_roundtrip(
            data in prop::collection::vec(any::<u8>(), 1..126) // Max 126 bytes for 2048-bit RSA with SHA-512
        ) {
            let keypair = KeyPair::generate(2048).unwrap();
            let cipher = RsaOaepCipher::new();

            let ciphertext = cipher.encrypt(keypair.public_key(), &data).unwrap();
            let decrypted = cipher.decrypt(keypair.private_key(), &ciphertext).unwrap();

            prop_assert_eq!(decrypted, data);
            prop_assert_eq!(ciphertext.len(), cipher.ciphertext_length(keypair.public_key()));
        }
    }

    #[test]
    fn test_error_message_quality() {
        let keypair = KeyPair::generate(2048).unwrap();
        let cipher = RsaOaepCipher::new();

        // Test plaintext too long error
        let max_len = cipher.max_plaintext_length(keypair.public_key()).unwrap();
        let too_long = vec![0u8; max_len + 50];
        let result = cipher.encrypt(keypair.public_key(), &too_long);

        if let Err(e) = result {
            let error_msg = e.to_string();
            assert!(error_msg.contains("Plaintext too long"));
            assert!(error_msg.contains(&(max_len + 50).to_string()));
            assert!(error_msg.contains(&max_len.to_string()));
        }

        // Test invalid ciphertext length error
        let wrong_size = vec![0u8; 100];
        let result = cipher.decrypt(keypair.private_key(), &wrong_size);

        if let Err(e) = result {
            let error_msg = e.to_string();
            assert!(error_msg.contains("Invalid ciphertext length"));
            assert!(error_msg.contains("100"));
            assert!(error_msg.contains("256"));
        }
    }
}