1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
use crate::{VaultRequestMessage, VaultResponseMessage, VaultSync, VaultSyncCoreError};
use ockam_core::Result;
use ockam_node::block_future;
use ockam_vault_core::{Hasher, Secret, SecretAttributes, SmallBuffer};
impl Hasher for VaultSync {
fn sha256(&mut self, data: &[u8]) -> Result<[u8; 32]> {
block_future(&self.ctx.runtime(), async move {
self.send_message(VaultRequestMessage::Sha256 { data: data.into() })
.await?;
let resp = self.receive_message().await?;
if let VaultResponseMessage::Sha256(s) = resp {
Ok(s)
} else {
Err(VaultSyncCoreError::InvalidResponseType.into())
}
})
}
fn hkdf_sha256(
&mut self,
salt: &Secret,
info: &[u8],
ikm: Option<&Secret>,
output_attributes: SmallBuffer<SecretAttributes>,
) -> Result<SmallBuffer<Secret>> {
block_future(&self.ctx.runtime(), async move {
self.send_message(VaultRequestMessage::HkdfSha256 {
salt: salt.clone(),
info: info.into(),
ikm: ikm.cloned(),
output_attributes,
})
.await?;
let resp = self.receive_message().await?;
if let VaultResponseMessage::HkdfSha256(s) = resp {
Ok(s)
} else {
Err(VaultSyncCoreError::InvalidResponseType.into())
}
})
}
}
#[cfg(test)]
mod tests {
use ockam_vault::SoftwareVault;
use ockam_vault_test_attribute::*;
fn new_vault() -> SoftwareVault {
SoftwareVault::default()
}
#[vault_test_sync]
fn sha256() {}
#[vault_test_sync]
fn hkdf() {}
}