diff options
author | Daniel McCarney <daniel@binaryparadox.net> | 2024-05-24 15:38:03 -0400 |
---|---|---|
committer | Daniel McCarney <daniel@binaryparadox.net> | 2024-05-31 12:46:48 +0000 |
commit | 981b2dd3b18722a927ab9e9980f4224f2fccbe7d (patch) | |
tree | 97fbdd39e09935b547ad6ae93dd91ba03f6163e6 /provider-example | |
parent | ce11c13c65e10a4ada7b45870acca1c4924ab742 (diff) |
crypto: offer HpkeSuite from Hpke trait
This will make it easier to drop the `HpkeProvider` trait. The only
implementation, in the `provider-example` crate, is reworked to support
the new trait fn. We can make this breaking change without worrying
about semver because the `crypto::hpke` module is docs-hidden and has
been considered an internal unstable API.
This change also allows deriving `Debug` for the provider example
`HpkeRs` struct.
Diffstat (limited to 'provider-example')
-rw-r--r-- | provider-example/src/hpke.rs | 35 |
1 files changed, 20 insertions, 15 deletions
diff --git a/provider-example/src/hpke.rs b/provider-example/src/hpke.rs index 8fbbd952..a2269f27 100644 --- a/provider-example/src/hpke.rs +++ b/provider-example/src/hpke.rs @@ -1,7 +1,7 @@ use alloc::boxed::Box; use alloc::sync::Arc; use alloc::vec::Vec; -use core::fmt::{Debug, Formatter}; +use core::fmt::Debug; use std::error::Error as StdError; use hpke_rs_crypto::types::{AeadAlgorithm, KdfAlgorithm, KemAlgorithm}; @@ -21,12 +21,7 @@ struct HpkeRsProvider {} impl HpkeProvider for HpkeRsProvider { fn start(&self, suite: &HpkeSuite) -> Result<Box<dyn Hpke + 'static>, Error> { - Ok(Box::new(HpkeRs(hpke_rs::Hpke::new( - hpke_rs::Mode::Base, - KemAlgorithm::try_from(u16::from(suite.kem)).map_err(other_err)?, - KdfAlgorithm::try_from(u16::from(suite.sym.kdf_id)).map_err(other_err)?, - AeadAlgorithm::try_from(u16::from(suite.sym.aead_id)).map_err(other_err)?, - )))) + Ok(Box::new(HpkeRs(*suite))) } fn supports_suite(&self, suite: &HpkeSuite) -> bool { @@ -44,11 +39,17 @@ impl HpkeProvider for HpkeRsProvider { } } -struct HpkeRs(hpke_rs::Hpke<HpkeRustCrypto>); +#[derive(Debug)] +struct HpkeRs(HpkeSuite); -impl Debug for HpkeRs { - fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result { - f.debug_struct("HpkeRsHpke").finish() +impl HpkeRs { + fn start(&self) -> Result<hpke_rs::Hpke<HpkeRustCrypto>, Error> { + Ok(hpke_rs::Hpke::new( + hpke_rs::Mode::Base, + KemAlgorithm::try_from(u16::from(self.0.kem)).map_err(other_err)?, + KdfAlgorithm::try_from(u16::from(self.0.sym.kdf_id)).map_err(other_err)?, + AeadAlgorithm::try_from(u16::from(self.0.sym.aead_id)).map_err(other_err)?, + )) } } @@ -62,7 +63,7 @@ impl Hpke for HpkeRs { ) -> Result<(EncapsulatedSecret, Vec<u8>), Error> { let pk_r = hpke_rs::HpkePublicKey::new(pub_key.0.clone()); let (enc, ciphertext) = self - .0 + .start()? .seal(&pk_r, info, aad, plaintext, None, None, None) .map_err(other_err)?; Ok((EncapsulatedSecret(enc.to_vec()), ciphertext)) @@ -75,7 +76,7 @@ impl Hpke for HpkeRs { ) -> Result<(EncapsulatedSecret, Box<dyn HpkeSealer + 'static>), Error> { let pk_r = hpke_rs::HpkePublicKey::new(pub_key.0.clone()); let (enc, context) = self - .0 + .start()? .setup_sender(&pk_r, info, None, None, None) .map_err(other_err)?; Ok(( @@ -93,7 +94,7 @@ impl Hpke for HpkeRs { secret_key: &HpkePrivateKey, ) -> Result<Vec<u8>, Error> { let sk_r = hpke_rs::HpkePrivateKey::new(secret_key.secret_bytes().to_vec()); - self.0 + self.start()? .open( enc.0.as_slice(), &sk_r, @@ -116,11 +117,15 @@ impl Hpke for HpkeRs { let sk_r = hpke_rs::HpkePrivateKey::new(secret_key.secret_bytes().to_vec()); Ok(Box::new(HpkeRsReceiver { context: self - .0 + .start()? .setup_receiver(enc.0.as_slice(), &sk_r, info, None, None, None) .map_err(other_err)?, })) } + + fn suite(&self) -> HpkeSuite { + self.0 + } } #[derive(Debug)] |