1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
use ockam_core::hex::{decode, encode};
use ockam_core::vault::{
SecretAttributes, SecretPersistence, SecretType, SecretVault, CURVE25519_PUBLIC_LENGTH,
CURVE25519_SECRET_LENGTH,
};
pub async fn new_public_keys(vault: &mut impl SecretVault) {
let attributes = SecretAttributes::new(
SecretType::Ed25519,
SecretPersistence::Ephemeral,
CURVE25519_SECRET_LENGTH,
);
let res = vault.secret_generate(attributes).await;
assert!(res.is_ok());
let ed_ctx_1 = res.unwrap();
let res = vault.secret_public_key_get(&ed_ctx_1).await;
assert!(res.is_ok());
let pk_1 = res.unwrap();
assert_eq!(pk_1.as_ref().len(), CURVE25519_PUBLIC_LENGTH);
let attributes = SecretAttributes::new(
SecretType::X25519,
SecretPersistence::Ephemeral,
CURVE25519_SECRET_LENGTH,
);
let res = vault.secret_generate(attributes).await;
assert!(res.is_ok());
let x25519_ctx_1 = res.unwrap();
let res = vault.secret_public_key_get(&x25519_ctx_1).await;
assert!(res.is_ok());
let pk_1 = res.unwrap();
assert_eq!(pk_1.as_ref().len(), CURVE25519_PUBLIC_LENGTH);
}
pub async fn new_secret_keys(vault: &mut impl SecretVault) {
let types = [(SecretType::X25519, 32), (SecretType::Buffer, 24)];
for (t, s) in &types {
let attributes = SecretAttributes::new(*t, SecretPersistence::Ephemeral, *s);
let res = vault.secret_generate(attributes).await;
assert!(res.is_ok());
let sk_ctx = res.unwrap();
let sk = vault.secret_export(&sk_ctx).await.unwrap();
assert_eq!(sk.as_ref().len(), *s);
vault.secret_destroy(sk_ctx).await.unwrap();
}
}
pub async fn secret_import_export(vault: &mut impl SecretVault) {
let attributes = SecretAttributes::new(
SecretType::X25519,
SecretPersistence::Ephemeral,
CURVE25519_SECRET_LENGTH,
);
let secret_str = "98d589b0dce92c9e2442b3093718138940bff71323f20b9d158218b89c3cec6e";
let secret = vault
.secret_import(decode(secret_str).unwrap().as_slice(), attributes)
.await
.unwrap();
assert_eq!(secret.index(), 1);
assert_eq!(
encode(vault.secret_export(&secret).await.unwrap().as_ref()),
secret_str
);
let attributes = SecretAttributes::new(SecretType::Buffer, SecretPersistence::Ephemeral, 24);
let secret_str = "5f791cc52297f62c7b8829b15f828acbdb3c613371d21aa1";
let secret = vault
.secret_import(decode(secret_str).unwrap().as_slice(), attributes)
.await
.unwrap();
assert_eq!(secret.index(), 2);
assert_eq!(
encode(vault.secret_export(&secret).await.unwrap().as_ref()),
secret_str
);
}
pub async fn secret_attributes_get(vault: &mut impl SecretVault) {
let attributes = SecretAttributes::new(
SecretType::X25519,
SecretPersistence::Ephemeral,
CURVE25519_SECRET_LENGTH,
);
let secret = vault.secret_generate(attributes).await.unwrap();
assert_eq!(
vault.secret_attributes_get(&secret).await.unwrap(),
attributes
);
let attributes = SecretAttributes::new(SecretType::Buffer, SecretPersistence::Ephemeral, 24);
let secret = vault.secret_generate(attributes).await.unwrap();
assert_eq!(
vault.secret_attributes_get(&secret).await.unwrap(),
attributes
);
}