Skip to content

Commit 6873274

Browse files
tnulltnull
committed
Let StorableBuilder take data_encryption_key
There is now reason `StorableBuilder` needs to permanently own the `data_encryption_key`, which just risks that the key will linger around in memory after `StorableBuilder` has been dropped. Here, we switch the API to simply take `data_encryption_key` by reference for the `build`/`deconstruct` operations.
1 parent 1bf851f commit 6873274

File tree

1 file changed

+23
-21
lines changed

1 file changed

+23
-21
lines changed

src/util/storable_builder.rs

Lines changed: 23 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -6,16 +6,16 @@ use std::io;
66
use std::io::{Error, ErrorKind};
77

88
/// [`StorableBuilder`] is a utility to build and deconstruct [`Storable`] objects.
9+
///
910
/// It provides client-side Encrypt-then-MAC using ChaCha20-Poly1305.
1011
pub struct StorableBuilder<T: EntropySource> {
11-
data_encryption_key: [u8; 32],
1212
entropy_source: T,
1313
}
1414

1515
impl<T: EntropySource> StorableBuilder<T> {
1616
/// Constructs a new instance.
17-
pub fn new(data_encryption_key: [u8; 32], entropy_source: T) -> StorableBuilder<T> {
18-
Self { data_encryption_key, entropy_source }
17+
pub fn new(entropy_source: T) -> StorableBuilder<T> {
18+
Self { entropy_source }
1919
}
2020
}
2121

@@ -40,13 +40,15 @@ impl<T: EntropySource> StorableBuilder<T> {
4040
/// Refer to docs on [`Storable`] for more information.
4141
///
4242
/// [`PutObjectRequest`]: crate::types::PutObjectRequest
43-
pub fn build(&self, input: Vec<u8>, version: i64, aad: &[u8]) -> Storable {
43+
pub fn build(
44+
&self, input: Vec<u8>, version: i64, data_encryption_key: &[u8; 32], aad: &[u8],
45+
) -> Storable {
4446
let mut nonce = vec![0u8; 12];
4547
self.entropy_source.fill_bytes(&mut nonce[4..]);
4648

4749
let mut data_blob = PlaintextBlob { value: input, version }.encode_to_vec();
4850

49-
let mut cipher = ChaCha20Poly1305::new(&self.data_encryption_key, &nonce, aad);
51+
let mut cipher = ChaCha20Poly1305::new(data_encryption_key, &nonce, aad);
5052
let mut tag = vec![0u8; 16];
5153
cipher.encrypt_inplace(&mut data_blob, &mut tag);
5254
Storable {
@@ -63,12 +65,14 @@ impl<T: EntropySource> StorableBuilder<T> {
6365
/// corresponding version as stored at the time of [`PutObjectRequest`].
6466
///
6567
/// [`PutObjectRequest`]: crate::types::PutObjectRequest
66-
pub fn deconstruct(&self, mut storable: Storable, aad: &[u8]) -> io::Result<(Vec<u8>, i64)> {
68+
pub fn deconstruct(
69+
&self, mut storable: Storable, data_encryption_key: &[u8; 32], aad: &[u8],
70+
) -> io::Result<(Vec<u8>, i64)> {
6771
let encryption_metadata = storable
6872
.encryption_metadata
6973
.ok_or_else(|| Error::new(ErrorKind::InvalidData, "Invalid Metadata"))?;
7074
let mut cipher =
71-
ChaCha20Poly1305::new(&self.data_encryption_key, &encryption_metadata.nonce, aad);
75+
ChaCha20Poly1305::new(data_encryption_key, &encryption_metadata.nonce, aad);
7276

7377
cipher
7478
.decrypt_inplace(&mut storable.data, encryption_metadata.tag.borrow())
@@ -100,16 +104,15 @@ mod tests {
100104
let test_entropy_provider = TestEntropyProvider;
101105
let mut data_key = [0u8; 32];
102106
test_entropy_provider.fill_bytes(&mut data_key);
103-
let storable_builder = StorableBuilder {
104-
data_encryption_key: data_key,
105-
entropy_source: test_entropy_provider,
106-
};
107+
let storable_builder = StorableBuilder::new(test_entropy_provider);
107108
let expected_data = b"secret".to_vec();
108109
let expected_version = 8;
109110
let aad = b"A";
110-
let storable = storable_builder.build(expected_data.clone(), expected_version, aad);
111+
let storable =
112+
storable_builder.build(expected_data.clone(), expected_version, &data_key, aad);
111113

112-
let (actual_data, actual_version) = storable_builder.deconstruct(storable, aad).unwrap();
114+
let (actual_data, actual_version) =
115+
storable_builder.deconstruct(storable, &data_key, aad).unwrap();
113116
assert_eq!(actual_data, expected_data);
114117
assert_eq!(actual_version, expected_version);
115118
}
@@ -119,25 +122,24 @@ mod tests {
119122
let test_entropy_provider = TestEntropyProvider;
120123
let mut data_key = [0u8; 32];
121124
test_entropy_provider.fill_bytes(&mut data_key);
122-
let storable_builder = StorableBuilder {
123-
data_encryption_key: data_key,
124-
entropy_source: test_entropy_provider,
125-
};
125+
let storable_builder = StorableBuilder::new(test_entropy_provider);
126126

127127
let expected_data_a = b"secret_a".to_vec();
128128
let expected_version_a = 8;
129129
let aad_a = b"A";
130-
let storable_a = storable_builder.build(expected_data_a.clone(), expected_version_a, aad_a);
130+
let storable_a =
131+
storable_builder.build(expected_data_a.clone(), expected_version_a, &data_key, aad_a);
131132

132133
let expected_data_b = b"secret_b".to_vec();
133134
let expected_version_b = 8;
134135
let aad_b = b"B";
135-
let storable_b = storable_builder.build(expected_data_b.clone(), expected_version_b, aad_b);
136+
let storable_b =
137+
storable_builder.build(expected_data_b.clone(), expected_version_b, &data_key, aad_b);
136138

137139
let (actual_data, actual_version) =
138-
storable_builder.deconstruct(storable_a, aad_a).unwrap();
140+
storable_builder.deconstruct(storable_a, &data_key, aad_a).unwrap();
139141
assert_eq!(actual_data, expected_data_a);
140142
assert_eq!(actual_version, expected_version_a);
141-
assert!(storable_builder.deconstruct(storable_b, aad_a).is_err());
143+
assert!(storable_builder.deconstruct(storable_b, &data_key, aad_a).is_err());
142144
}
143145
}

0 commit comments

Comments
 (0)