Skip to content

Commit e7bdd0a

Browse files
tnulltnull
committed
Let StorableBuilder take data_encryption_key
There is now reason `StorableBuilder` needs to permanently own the `data_encryption_key`, which just risks that the key will linger around in memory after `StorableBuilder` has been dropped. Here, we switch the API to simply take `data_encryption_key` by reference for the `build`/`deconstruct` operations.
1 parent 1bf851f commit e7bdd0a

File tree

1 file changed

+15
-21
lines changed

1 file changed

+15
-21
lines changed

src/util/storable_builder.rs

Lines changed: 15 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -6,16 +6,16 @@ use std::io;
66
use std::io::{Error, ErrorKind};
77

88
/// [`StorableBuilder`] is a utility to build and deconstruct [`Storable`] objects.
9+
///
910
/// It provides client-side Encrypt-then-MAC using ChaCha20-Poly1305.
1011
pub struct StorableBuilder<T: EntropySource> {
11-
data_encryption_key: [u8; 32],
1212
entropy_source: T,
1313
}
1414

1515
impl<T: EntropySource> StorableBuilder<T> {
1616
/// Constructs a new instance.
17-
pub fn new(data_encryption_key: [u8; 32], entropy_source: T) -> StorableBuilder<T> {
18-
Self { data_encryption_key, entropy_source }
17+
pub fn new(entropy_source: T) -> StorableBuilder<T> {
18+
Self { entropy_source }
1919
}
2020
}
2121

@@ -40,13 +40,13 @@ impl<T: EntropySource> StorableBuilder<T> {
4040
/// Refer to docs on [`Storable`] for more information.
4141
///
4242
/// [`PutObjectRequest`]: crate::types::PutObjectRequest
43-
pub fn build(&self, input: Vec<u8>, version: i64, aad: &[u8]) -> Storable {
43+
pub fn build(&self, input: Vec<u8>, version: i64, data_encryption_key: &[u8; 32], aad: &[u8]) -> Storable {
4444
let mut nonce = vec![0u8; 12];
4545
self.entropy_source.fill_bytes(&mut nonce[4..]);
4646

4747
let mut data_blob = PlaintextBlob { value: input, version }.encode_to_vec();
4848

49-
let mut cipher = ChaCha20Poly1305::new(&self.data_encryption_key, &nonce, aad);
49+
let mut cipher = ChaCha20Poly1305::new(data_encryption_key, &nonce, aad);
5050
let mut tag = vec![0u8; 16];
5151
cipher.encrypt_inplace(&mut data_blob, &mut tag);
5252
Storable {
@@ -63,12 +63,12 @@ impl<T: EntropySource> StorableBuilder<T> {
6363
/// corresponding version as stored at the time of [`PutObjectRequest`].
6464
///
6565
/// [`PutObjectRequest`]: crate::types::PutObjectRequest
66-
pub fn deconstruct(&self, mut storable: Storable, aad: &[u8]) -> io::Result<(Vec<u8>, i64)> {
66+
pub fn deconstruct(&self, mut storable: Storable, data_encryption_key: &[u8; 32], aad: &[u8]) -> io::Result<(Vec<u8>, i64)> {
6767
let encryption_metadata = storable
6868
.encryption_metadata
6969
.ok_or_else(|| Error::new(ErrorKind::InvalidData, "Invalid Metadata"))?;
7070
let mut cipher =
71-
ChaCha20Poly1305::new(&self.data_encryption_key, &encryption_metadata.nonce, aad);
71+
ChaCha20Poly1305::new(data_encryption_key, &encryption_metadata.nonce, aad);
7272

7373
cipher
7474
.decrypt_inplace(&mut storable.data, encryption_metadata.tag.borrow())
@@ -100,16 +100,13 @@ mod tests {
100100
let test_entropy_provider = TestEntropyProvider;
101101
let mut data_key = [0u8; 32];
102102
test_entropy_provider.fill_bytes(&mut data_key);
103-
let storable_builder = StorableBuilder {
104-
data_encryption_key: data_key,
105-
entropy_source: test_entropy_provider,
106-
};
103+
let storable_builder = StorableBuilder::new(test_entropy_provider);
107104
let expected_data = b"secret".to_vec();
108105
let expected_version = 8;
109106
let aad = b"A";
110-
let storable = storable_builder.build(expected_data.clone(), expected_version, aad);
107+
let storable = storable_builder.build(expected_data.clone(), expected_version, &data_key, aad);
111108

112-
let (actual_data, actual_version) = storable_builder.deconstruct(storable, aad).unwrap();
109+
let (actual_data, actual_version) = storable_builder.deconstruct(storable, &data_key, aad).unwrap();
113110
assert_eq!(actual_data, expected_data);
114111
assert_eq!(actual_version, expected_version);
115112
}
@@ -119,25 +116,22 @@ mod tests {
119116
let test_entropy_provider = TestEntropyProvider;
120117
let mut data_key = [0u8; 32];
121118
test_entropy_provider.fill_bytes(&mut data_key);
122-
let storable_builder = StorableBuilder {
123-
data_encryption_key: data_key,
124-
entropy_source: test_entropy_provider,
125-
};
119+
let storable_builder = StorableBuilder::new(test_entropy_provider);
126120

127121
let expected_data_a = b"secret_a".to_vec();
128122
let expected_version_a = 8;
129123
let aad_a = b"A";
130-
let storable_a = storable_builder.build(expected_data_a.clone(), expected_version_a, aad_a);
124+
let storable_a = storable_builder.build(expected_data_a.clone(), expected_version_a, &data_key, aad_a);
131125

132126
let expected_data_b = b"secret_b".to_vec();
133127
let expected_version_b = 8;
134128
let aad_b = b"B";
135-
let storable_b = storable_builder.build(expected_data_b.clone(), expected_version_b, aad_b);
129+
let storable_b = storable_builder.build(expected_data_b.clone(), expected_version_b, &data_key, aad_b);
136130

137131
let (actual_data, actual_version) =
138-
storable_builder.deconstruct(storable_a, aad_a).unwrap();
132+
storable_builder.deconstruct(storable_a, &data_key, aad_a).unwrap();
139133
assert_eq!(actual_data, expected_data_a);
140134
assert_eq!(actual_version, expected_version_a);
141-
assert!(storable_builder.deconstruct(storable_b, aad_a).is_err());
135+
assert!(storable_builder.deconstruct(storable_b, &data_key, aad_a).is_err());
142136
}
143137
}

0 commit comments

Comments
 (0)