lockbook_shared/
symkey.rs1use crate::crypto::*;
2use crate::{SharedErrorKind, SharedResult};
3use aead::{generic_array::GenericArray, Aead, NewAead};
4use aes_gcm::Aes256Gcm;
5use rand::rngs::OsRng;
6use rand::RngCore;
7use serde::de::DeserializeOwned;
8use serde::Serialize;
9
10pub fn generate_key() -> AESKey {
11 let mut random_bytes = [0u8; 32];
12 OsRng.fill_bytes(&mut random_bytes);
13 random_bytes
14}
15
16pub fn encrypt<T: Serialize + DeserializeOwned>(
17 key: &AESKey, to_encrypt: &T,
18) -> SharedResult<AESEncrypted<T>> {
19 let serialized = bincode::serialize(to_encrypt)?;
20 let nonce = &generate_nonce();
21 let encrypted = convert_key(key)
22 .encrypt(GenericArray::from_slice(nonce), aead::Payload { msg: &serialized, aad: &[] })
23 .map_err(SharedErrorKind::Encryption)?;
24 Ok(AESEncrypted::new(encrypted, nonce.to_vec()))
25}
26pub fn decrypt<T: DeserializeOwned>(key: &AESKey, to_decrypt: &AESEncrypted<T>) -> SharedResult<T> {
27 let nonce = GenericArray::from_slice(&to_decrypt.nonce);
28 let decrypted = convert_key(key)
29 .decrypt(nonce, aead::Payload { msg: &to_decrypt.value, aad: &[] })
30 .map_err(SharedErrorKind::Decryption)?;
31 let deserialized = bincode::deserialize(&decrypted)?;
32 Ok(deserialized)
33}
34
35pub fn convert_key(to_convert: &AESKey) -> Aes256Gcm {
36 Aes256Gcm::new(&GenericArray::clone_from_slice(to_convert))
37}
38
39pub fn generate_nonce() -> [u8; 12] {
40 let mut result = [0u8; 12];
41 OsRng.fill_bytes(&mut result);
42 result
43}
44
45#[cfg(test)]
46mod unit_tests {
47 use uuid::Uuid;
48
49 use crate::symkey::{decrypt, encrypt, generate_key};
50
51 #[test]
52 fn test_generate_encrypt_decrypt() {
53 let key = generate_key();
54 let test_value = Uuid::new_v4().to_string();
55 let encrypted = encrypt(&key, &test_value).unwrap();
56 let decrypted = decrypt(&key, &encrypted).unwrap();
57 assert_eq!(test_value, decrypted)
58 }
59}