gun/sea/mod.rs
1//! SEA (Security, Encryption, Authorization) module
2//! Based on Gun.js sea/ directory
3//! Provides encryption, authentication, and authorization capabilities
4
5mod certify;
6mod decrypt;
7mod encrypt;
8mod pair;
9mod secret;
10mod sign;
11mod user;
12mod verify;
13mod work;
14
15pub use certify::*;
16pub use decrypt::*;
17pub use encrypt::*;
18pub use pair::*;
19pub use secret::*;
20pub use sign::*;
21pub use user::*;
22pub use verify::*;
23pub use work::*;
24
25/// Key pair for signing and encryption
26#[derive(Clone, Debug)]
27pub struct KeyPair {
28 /// Public key for signing (ECDSA, P-256)
29 pub pub_key: String,
30 /// Private key for signing (ECDSA, P-256)
31 pub priv_key: String,
32 /// Public key for encryption (ECDH, P-256)
33 pub epub_key: Option<String>,
34 /// Private key for encryption (ECDH, P-256)
35 pub epriv_key: Option<String>,
36}
37
38/// Generate a new key pair for signing and encryption
39/// Based on Gun.js SEA.pair()
40///
41/// # Returns
42/// A `KeyPair` containing:
43/// - `pub_key`: Public key for signing (ECDSA P-256) in base64 x.y format
44/// - `priv_key`: Private key for signing (ECDSA P-256) in base64 format
45/// - `epub_key`: Public key for encryption (ECDH P-256) in base64 x.y format
46/// - `epriv_key`: Private key for encryption (ECDH P-256) in base64 format
47///
48/// # Errors
49/// Returns `SeaError::Crypto` if key generation fails
50///
51/// # Example
52/// ```rust,no_run
53/// use gun::sea::pair;
54///
55/// # async fn example() -> Result<(), Box<dyn std::error::Error>> {
56/// let keypair = pair().await?;
57/// println!("Public key: {}", keypair.pub_key);
58/// # Ok(())
59/// # }
60/// ```
61pub async fn pair() -> Result<KeyPair, SeaError> {
62 pair::generate_pair().await
63}
64
65/// User authentication structure
66///
67/// Contains the authenticated user's key pair and optional alias.
68/// This is returned by `create_user()` and `authenticate()` functions.
69///
70/// # Fields
71/// - `pair`: The user's key pair (public and private keys)
72/// - `alias`: Optional user alias/username
73pub struct UserAuth {
74 pub pair: KeyPair,
75 pub alias: Option<String>,
76}
77
78/// SEA module error types
79///
80/// All errors that can occur in SEA (Security, Encryption, Authorization) operations.
81///
82/// # Variants
83/// - `Crypto(String)`: General cryptographic error with message
84/// - `InvalidKey`: Key format is invalid or cannot be parsed
85/// - `VerificationFailed`: Signature verification failed (data may be tampered or wrong key)
86/// - `Encryption(String)`: Error during encryption operation
87/// - `Decryption(String)`: Error during decryption operation
88///
89/// # Example
90/// ```rust,no_run
91/// use gun::sea::{pair, sign, verify, SeaError};
92/// use serde_json::json;
93///
94/// # async fn example() -> Result<(), SeaError> {
95/// let keypair = pair().await?;
96/// let data = json!({"message": "hello"});
97/// let signed = sign(&data, &keypair).await?;
98///
99/// // Verification should succeed
100/// let verified = verify(&signed, &keypair.pub_key).await?;
101/// assert_eq!(verified, data);
102///
103/// // Wrong key should fail
104/// let wrong_keypair = pair().await?;
105/// let result = verify(&signed, &wrong_keypair.pub_key).await;
106/// assert!(matches!(result, Err(SeaError::VerificationFailed)));
107/// # Ok(())
108/// # }
109/// ```
110#[derive(Debug, thiserror::Error)]
111pub enum SeaError {
112 #[error("Crypto error: {0}")]
113 Crypto(String),
114 #[error("Invalid key format")]
115 InvalidKey,
116 #[error("Signature verification failed")]
117 VerificationFailed,
118 #[error("Encryption error: {0}")]
119 Encryption(String),
120 #[error("Decryption error: {0}")]
121 Decryption(String),
122}