rustic_core 0.11.0

rustic_core - library for fast, encrypted, deduplicated backups that powers rustic-rs
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166

use aes256ctr_poly1305aes::{
    Aes256CtrPoly1305Aes,
    aead::{self, Aead, AeadInPlace},
};
use rand::{Rng, rng};

use crate::{
    crypto::CryptoKey,
    error::{ErrorKind, RusticError, RusticResult},
};

pub(crate) type Nonce = aead::Nonce<Aes256CtrPoly1305Aes>;
pub(crate) type AeadKey = aes256ctr_poly1305aes::Key;

/// The `Key` is used to encrypt/MAC and check/decrypt data.
///
/// It is a 64 byte key that is used to derive the AES256 encryption key and the numbers `k` and `r` used in the `Poly1305AES` MAC.
///
/// The first 32 bytes are used for the AES256 encryption.
///
/// The next 16 bytes are used for the number `k` of `Poly1305AES`.
///
/// The last 16 bytes are used for the number `r` of `Poly1305AES`.
///
#[derive(Clone, Default, Debug, Copy)]
pub struct Key(AeadKey);

impl Key {
    /// Create a new random [`Key`] using a suitable entropy source.
    #[must_use]
    pub fn new() -> Self {
        let mut key = AeadKey::default();
        rng().fill_bytes(&mut key);
        Self(key)
    }

    /// Create a new [`Key`] from a slice.
    ///
    /// # Arguments
    ///
    /// * `key` - The slice to create the [`Key`] from.
    #[must_use]
    pub fn from_slice(key: &[u8]) -> Self {
        Self(*AeadKey::from_slice(key))
    }

    /// Create a new [`Key`] from the AES key and numbers `k` and `r` for `Poly1305AES`.
    ///
    /// # Arguments
    ///
    /// * `encrypt` - The AES key.
    /// * `k` - The number k for `Poly1305AES`.
    /// * `r` - The number r for `Poly1305AES`.
    #[must_use]
    pub fn from_keys(encrypt: &[u8], k: &[u8], r: &[u8]) -> Self {
        let mut key = AeadKey::default();
        key[0..32].copy_from_slice(encrypt);
        key[32..48].copy_from_slice(k);
        key[48..64].copy_from_slice(r);

        Self(key)
    }

    /// Returns the AES key and numbers `k`and `r` for `Poly1305AES`.
    #[must_use]
    pub fn to_keys(self) -> (Vec<u8>, Vec<u8>, Vec<u8>) {
        let mut encrypt = vec![0; 32];
        let mut k = vec![0; 16];
        let mut r = vec![0; 16];
        encrypt[0..32].copy_from_slice(&self.0[0..32]);
        k[0..16].copy_from_slice(&self.0[32..48]);
        r[0..16].copy_from_slice(&self.0[48..64]);

        (encrypt, k, r)
    }
}

impl CryptoKey for Key {
    /// Returns the decrypted data from the given encrypted/MACed data.
    ///
    /// # Arguments
    ///
    /// * `data` - The encrypted/MACed data.
    ///
    /// # Errors
    ///
    /// * If the MAC couldn't be checked.
    fn decrypt_data(&self, data: &[u8]) -> RusticResult<Vec<u8>> {
        if data.len() < 16 {
            return Err(RusticError::new(
                ErrorKind::Cryptography,
                "Data is too short (less than 16 bytes), cannot decrypt.",
            ))?;
        }

        let nonce = Nonce::from_slice(&data[0..16]);
        Aes256CtrPoly1305Aes::new(&self.0)
            .decrypt(nonce, &data[16..])
            .map_err(|err| {
                RusticError::with_source(
                    ErrorKind::Cryptography,
                    "Data decryption failed, MAC check failed.",
                    err,
                )
                .attach_context("nonce", format!("{nonce:?}"))
                .attach_error_code("C001")
            })
    }

    /// Returns the encrypted+MACed data from the given data.
    ///
    /// # Arguments
    ///
    /// * `data` - The data to encrypt.
    ///
    /// # Errors
    ///
    /// * If the data could not be encrypted.
    fn encrypt_data(&self, data: &[u8]) -> RusticResult<Vec<u8>> {
        let mut nonce = Nonce::default();
        rng().fill_bytes(&mut nonce);

        let mut res = Vec::with_capacity(data.len() + 32);
        res.extend_from_slice(&nonce);
        res.extend_from_slice(data);
        let tag = Aes256CtrPoly1305Aes::new(&self.0)
            .encrypt_in_place_detached(&nonce, &[], &mut res[16..])
            .map_err(|err| {
                RusticError::with_source(ErrorKind::Cryptography, "Data encryption failed.", err)
                    .attach_context("nonce", format!("{nonce:?}"))
            })?;
        res.extend_from_slice(&tag);
        Ok(res)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn encrypt_decrypt_hello() {
        let key = Key::default();
        let data: Vec<u8> = b"Hello!".to_vec();
        let enc = key.encrypt_data(&data).unwrap();
        let dec = key.decrypt_data(&enc).unwrap();
        assert_eq!(data, dec);
    }

    #[test]
    fn encrypt_decrypt_empty() {
        let key = Key::default();
        let data = Vec::<u8>::new();
        let enc = key.encrypt_data(&data).unwrap();
        let dec = key.decrypt_data(&enc).unwrap();
        assert_eq!(data, dec);
    }

    #[test]
    fn decrypt_empty() {
        let key = Key::default();
        let data = Vec::<u8>::new();
        let res = key.decrypt_data(&data);
        assert!(res.is_err());
    }
}