diff --git a/age/CHANGELOG.md b/age/CHANGELOG.md index 2472484..263d68e 100644 --- a/age/CHANGELOG.md +++ b/age/CHANGELOG.md @@ -9,6 +9,9 @@ and this project adheres to Rust's notion of to 1.0.0 are beta releases. ## [Unreleased] +### Added +- `age::encrypted::EncryptedIdentity` + ### Changed - `age::IdentityFile::into_identities` now returns `Result>, DecryptError>` instead of diff --git a/age/src/encrypted.rs b/age/src/encrypted.rs index 9ebe539..f10f921 100644 --- a/age/src/encrypted.rs +++ b/age/src/encrypted.rs @@ -4,13 +4,80 @@ use std::{cell::Cell, io}; use crate::{fl, scrypt, Callbacks, DecryptError, Decryptor, EncryptError, IdentityFile}; +/// An encrypted age identity file. +/// +/// This type can be explicitly decrypted to obtain an [`IdentityFile`]. If you want a +/// type that can be used directly as an identity and caches the decryption result +/// internally, use [`Identity`]. +pub struct EncryptedIdentity { + decryptor: Decryptor, + max_work_factor: Option, + callbacks: C, +} + +impl EncryptedIdentity { + /// Parses an encrypted identity from an input containing valid UTF-8. + /// + /// Returns `Ok(None)` if the input contains an age ciphertext that is not encrypted + /// to a passphrase. + pub(crate) fn from_buffer( + data: R, + callbacks: C, + max_work_factor: Option, + ) -> Result, DecryptError> { + let decryptor = Decryptor::new(data)?; + Ok(Self::new(decryptor, callbacks, max_work_factor)) + } + + /// Constructs a new encrypted identity from a [`Decryptor`]. + /// + /// Returns `Ok(None)` if the input contains an age ciphertext that is not encrypted + /// to a passphrase. + pub fn new(decryptor: Decryptor, callbacks: C, max_work_factor: Option) -> Option { + decryptor.is_scrypt().then_some(EncryptedIdentity { + decryptor, + max_work_factor, + callbacks, + }) + } + + /// Decrypts this encrypted identity. + /// + /// The provided filename (if any) will be used in the passphrase request message. + pub fn decrypt(self, filename: Option<&str>) -> Result, DecryptError> { + let passphrase = match self.callbacks.request_passphrase(&fl!( + "encrypted-passphrase-prompt", + filename = filename.unwrap_or_default() + )) { + Some(passphrase) => passphrase, + None => todo!(), + }; + + let mut identity = scrypt::Identity::new(passphrase); + if let Some(max_work_factor) = self.max_work_factor { + identity.set_max_work_factor(max_work_factor); + } + + self.decryptor + .decrypt(Some(&identity as _).into_iter()) + .map_err(|e| { + if matches!(e, DecryptError::DecryptionFailed) { + DecryptError::KeyDecryptionFailed + } else { + e + } + }) + .and_then(|stream| { + let file = IdentityFile::from_buffer(io::BufReader::new(stream))? + .with_callbacks(self.callbacks); + Ok(file) + }) + } +} + /// The state of the encrypted age identity. enum IdentityState { - Encrypted { - decryptor: Decryptor, - max_work_factor: Option, - callbacks: C, - }, + Encrypted(EncryptedIdentity), Decrypted(IdentityFile), /// The file was not correctly encrypted, or did not contain age identities. We cache @@ -33,39 +100,7 @@ impl IdentityState { /// were not cached (and we just asked the user for a passphrase). fn decrypt(self, filename: Option<&str>) -> Result<(IdentityFile, bool), DecryptError> { match self { - Self::Encrypted { - decryptor, - max_work_factor, - callbacks, - } => { - let passphrase = match callbacks.request_passphrase(&fl!( - "encrypted-passphrase-prompt", - filename = filename.unwrap_or_default() - )) { - Some(passphrase) => passphrase, - None => todo!(), - }; - - let mut identity = scrypt::Identity::new(passphrase); - if let Some(max_work_factor) = max_work_factor { - identity.set_max_work_factor(max_work_factor); - } - - decryptor - .decrypt(Some(&identity as _).into_iter()) - .map_err(|e| { - if matches!(e, DecryptError::DecryptionFailed) { - DecryptError::KeyDecryptionFailed - } else { - e - } - }) - .and_then(|stream| { - let file = IdentityFile::from_buffer(io::BufReader::new(stream))? - .with_callbacks(callbacks); - Ok((file, true)) - }) - } + Self::Encrypted(encrypted) => encrypted.decrypt(filename).map(|file| (file, true)), Self::Decrypted(identity_file) => Ok((identity_file, false)), // `IdentityState::decrypt` is only ever called with `Some`. Self::Poisoned(e) => Err(e.unwrap()), @@ -74,6 +109,10 @@ impl IdentityState { } /// An encrypted age identity file. +/// +/// This type can be used directly as an identity and caches the decryption result +/// internally. If you want a type that can be explicitly decrypted to obtain an +/// [`IdentityFile`], use [`EncryptedIdentity`]. pub struct Identity { state: Cell>, filename: Option, @@ -92,13 +131,9 @@ impl Identity { callbacks: C, max_work_factor: Option, ) -> Result, DecryptError> { - let decryptor = Decryptor::new(data)?; - Ok(decryptor.is_scrypt().then_some(Identity { - state: Cell::new(IdentityState::Encrypted { - decryptor, - max_work_factor, - callbacks, - }), + let encrypted = EncryptedIdentity::from_buffer(data, callbacks, max_work_factor)?; + Ok(encrypted.map(|encrypted| Identity { + state: Cell::new(IdentityState::Encrypted(encrypted)), filename, })) }