Migrate to secrecy 0.10

2025-04-03 19:07:42 +03:00 · 2024-11-03 05:32:37 +00:00 · 2024-11-03 05:32:37 +00:00 · 93fa28ad78
commit 93fa28ad78
parent a59f0479d0
27 changed files with 155 additions and 93 deletions
--- a/age-core/CHANGELOG.md
+++ b/age-core/CHANGELOG.md
@ -8,9 +8,14 @@ to 1.0.0 are beta releases.

 ## [Unreleased]
 ### Added
- `age_core::format::is_arbitrary_string`
+- `age_core::format`:
+  - `FileKey::new`
+  - `FileKey::init_with_mut`
+  - `FileKey::try_init_with_mut`
+  - `is_arbitrary_string`

 ### Changed
+- Migrated to `secrecy 0.10`.
 - `age::plugin::Connection::unidir_receive` now takes an additional argument to
  enable handling an optional fourth command.

--- a/age-core/src/format.rs
+++ b/age-core/src/format.rs
@ -5,7 +5,7 @@ use rand::{
    distributions::{Distribution, Uniform},
    thread_rng, RngCore,
 };
-use secrecy::{ExposeSecret, Secret};
+use secrecy::{ExposeSecret, ExposeSecretMut, SecretBox};

 /// The prefix identifying an age stanza.
 const STANZA_TAG: &str = "-> ";
@ -14,11 +14,26 @@ const STANZA_TAG: &str = "-> ";
 pub const FILE_KEY_BYTES: usize = 16;

 /// A file key for encrypting or decrypting an age file.
-pub struct FileKey(Secret<[u8; FILE_KEY_BYTES]>);
+pub struct FileKey(SecretBox<[u8; FILE_KEY_BYTES]>);

-impl From<[u8; FILE_KEY_BYTES]> for FileKey {
-    fn from(file_key: [u8; FILE_KEY_BYTES]) -> Self {
-        FileKey(Secret::new(file_key))
+impl FileKey {
+    /// Creates a file key using a pre-boxed key.
+    pub fn new(file_key: Box<[u8; FILE_KEY_BYTES]>) -> Self {
+        Self(SecretBox::new(file_key))
+    }
+
+    /// Creates a file key using a function that can initialize the key in-place.
+    pub fn init_with_mut(ctr: impl FnOnce(&mut [u8; FILE_KEY_BYTES])) -> Self {
+        Self(SecretBox::init_with_mut(ctr))
+    }
+
+    /// Same as [`Self::init_with_mut`], but the constructor can be fallible.
+    pub fn try_init_with_mut<E>(
+        ctr: impl FnOnce(&mut [u8; FILE_KEY_BYTES]) -> Result<(), E>,
+    ) -> Result<Self, E> {
+        let mut file_key = SecretBox::new(Box::new([0; FILE_KEY_BYTES]));
+        ctr(file_key.expose_secret_mut())?;
+        Ok(Self(file_key))
    }
 }

--- a/age-core/src/plugin.rs
+++ b/age-core/src/plugin.rs
@ -4,7 +4,7 @@
 //! implementations built around the `age-plugin` crate.

 use rand::{thread_rng, Rng};
-use secrecy::Zeroize;
+use secrecy::zeroize::Zeroize;
 use std::env;
 use std::fmt;
 use std::io::{self, BufRead, BufReader, Read, Write};