changes to module visibility
This commit is contained in:
17ms
parent
7e056f2711
commit
6a3c4e736c
@ -14,21 +14,21 @@ use x25519_dalek::{EphemeralSecret, PublicKey, SharedSecret};
|
|||||||
|
|
||||||
const AES_NONCE_SIZE: usize = 12;
|
const AES_NONCE_SIZE: usize = 12;
|
||||||
|
|
||||||
async fn ephemeral_dh(
|
pub async fn edh(
|
||||||
reader: &mut BufReader<ReadHalf<'_>>,
|
reader: &mut BufReader<ReadHalf<'_>>,
|
||||||
writer: &mut BufWriter<WriteHalf<'_>>,
|
writer: &mut BufWriter<WriteHalf<'_>>,
|
||||||
buf: &mut Vec<u8>,
|
buf: &mut Vec<u8>,
|
||||||
go_first: bool,
|
go_first: bool,
|
||||||
) -> Result<SharedSecret, Box<dyn Error>> {
|
) -> Result<SharedSecret, Box<dyn Error + Send + Sync>> {
|
||||||
let own_sec = EphemeralSecret::new(OsRng);
|
let own_sec = EphemeralSecret::new(OsRng);
|
||||||
let own_pbk = PublicKey::from(&own_sec);
|
let own_pbk = PublicKey::from(&own_sec);
|
||||||
|
|
||||||
if go_first {
|
if go_first {
|
||||||
comms::send_bytes(writer, own_pbk.as_bytes()).await?;
|
comms::send_bytes(writer, None, &own_pbk.as_bytes().to_vec()).await?;
|
||||||
comms::recv_bytes(reader, buf).await?;
|
comms::recv_bytes(reader, None, buf).await?;
|
||||||
} else {
|
} else {
|
||||||
comms::recv_bytes(reader, buf).await?;
|
comms::recv_bytes(reader, None, buf).await?;
|
||||||
comms::send_bytes(writer, own_pbk.as_bytes()).await?;
|
comms::send_bytes(writer, None, &own_pbk.as_bytes().to_vec()).await?;
|
||||||
}
|
}
|
||||||
|
|
||||||
let sliced_buf: [u8; 32] = buf[..32].try_into()?;
|
let sliced_buf: [u8; 32] = buf[..32].try_into()?;
|
||||||
@ -37,7 +37,9 @@ async fn ephemeral_dh(
|
|||||||
Ok(own_sec.diffie_hellman(&recv_pbk))
|
Ok(own_sec.diffie_hellman(&recv_pbk))
|
||||||
}
|
}
|
||||||
|
|
||||||
fn aes_cipher(secret: SharedSecret) -> Result<AesGcm<Aes256, U12>, Box<dyn Error>> {
|
pub fn aes_cipher(
|
||||||
|
secret: SharedSecret,
|
||||||
|
) -> Result<AesGcm<Aes256, U12>, Box<dyn Error + Sync + Send>> {
|
||||||
Ok(Aes256Gcm::new(secret.as_bytes().into()))
|
Ok(Aes256Gcm::new(secret.as_bytes().into()))
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -47,21 +49,20 @@ fn generate_nonce(rng: &mut impl RngCore) -> Nonce<U12> {
|
|||||||
nonce
|
nonce
|
||||||
}
|
}
|
||||||
|
|
||||||
fn aes_encrypt(
|
pub fn aes_encrypt(
|
||||||
data: Vec<u8>,
|
data: &Vec<u8>,
|
||||||
cipher: &mut AesGcm<Aes256, U12>,
|
cipher: &mut AesGcm<Aes256, U12>,
|
||||||
rng: &mut impl RngCore,
|
rng: &mut OsRng,
|
||||||
) -> Result<Vec<u8>, Box<dyn Error>> {
|
) -> Result<Vec<u8>, Box<dyn Error + Send + Sync>> {
|
||||||
let nonce = generate_nonce(rng);
|
let nonce = generate_nonce(rng);
|
||||||
let encrypted = cipher.encrypt(&nonce, data.as_ref()).unwrap(); // TODO: handle error types
|
let encrypted = cipher.encrypt(&nonce, data.as_ref()).unwrap(); // TODO: handle error types
|
||||||
Ok(encrypted)
|
Ok(encrypted)
|
||||||
}
|
}
|
||||||
|
|
||||||
fn aes_decrypt(
|
pub fn aes_decrypt(
|
||||||
data: Vec<u8>,
|
data: &Vec<u8>,
|
||||||
cipher: &mut AesGcm<Aes256, U12>,
|
cipher: &mut AesGcm<Aes256, U12>,
|
||||||
rng: &mut impl RngCore,
|
) -> Result<Vec<u8>, Box<dyn Error + Send + Sync>> {
|
||||||
) -> Result<Vec<u8>, Box<dyn Error>> {
|
|
||||||
let (nonce_bytes, data) = data.split_at(AES_NONCE_SIZE);
|
let (nonce_bytes, data) = data.split_at(AES_NONCE_SIZE);
|
||||||
let decrypted = cipher
|
let decrypted = cipher
|
||||||
.decrypt(Nonce::from_slice(nonce_bytes), data.as_ref())
|
.decrypt(Nonce::from_slice(nonce_bytes), data.as_ref())
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user