age: Store C: Callbacks inside IdentityFile

This removes the need for explicit `callbacks` arguments in methods that
may act on plugin identities, and instead enables the caller to choose
whether or not to provide callbacks independently of plugin support
being compiled in. Enabling plugin support without providing callbacks
now has well-defined fallback behaviour via the default `NoCallbacks`
struct.

age/CHANGELOG.md

@@ -12,6 +12,8 @@ to 1.0.0 are beta releases.
 ### Added
 - `age::Decryptor::{decrypt, decrypt_async, is_scrypt}`
 - `age::IdentityFile::to_recipients`
+- `age::IdentityFile::with_callbacks`
+- `age::NoCallbacks`
 - `age::scrypt`, providing recipient and identity types for passphrase-based
   encryption.
 - Partial French translation!
@@ -20,6 +22,8 @@ to 1.0.0 are beta releases.
 - Migrated to `i18n-embed 0.15`.
 - `age::Decryptor` is now an opaque struct instead of an enum with `Recipients`
   and `Passphrase` variants.
+- `age::IdentityFile` now has a `C: Callbacks` generic parameter, which defaults
+  to `NoCallbacks`.
 - `age::Recipient::wrap_file_key` now returns `(Vec<Stanza>, HashSet<String>)`:
   a tuple of the stanzas to be placed in an age file header, and labels that
   constrain how the stanzas may be combined with those from other recipients.

age/src/cli_common/identities.rs

@@ -74,7 +74,7 @@ pub(super) fn parse_identity_files<Ctx, E: From<ReadError> + From<io::Error>>(
         crate::encrypted::Identity<ArmoredReader<BufReader<InputReader>>, UiCallbacks>,
     ) -> Result<(), E>,
     #[cfg(feature = "ssh")] ssh_identity: impl Fn(&mut Ctx, &str, crate::ssh::Identity) -> Result<(), E>,
-    identity_file: impl Fn(&mut Ctx, crate::IdentityFile) -> Result<(), E>,
+    identity_file: impl Fn(&mut Ctx, crate::IdentityFile<UiCallbacks>) -> Result<(), E>,
 ) -> Result<(), E> {
     for filename in filenames {
         #[cfg_attr(not(any(feature = "armor", feature = "ssh")), allow(unused_mut))]
@@ -137,7 +137,10 @@ pub(super) fn parse_identity_files<Ctx, E: From<ReadError> + From<io::Error>>(
         reader.reset()?;
 
         // Try parsing as multiple single-line age identities.
-        identity_file(ctx, IdentityFile::from_buffer(reader)?)?;
+        identity_file(
+            ctx,
+            IdentityFile::from_buffer(reader)?.with_callbacks(UiCallbacks),
+        )?;
     }
 
     Ok(())

age/src/encrypted.rs

@@ -5,12 +5,13 @@ use std::{cell::Cell, io};
 use crate::{fl, scrypt, Callbacks, DecryptError, Decryptor, EncryptError, IdentityFile};
 
 /// The state of the encrypted age identity.
-enum IdentityState<R: io::Read> {
+enum IdentityState<R: io::Read, C: Callbacks> {
     Encrypted {
         decryptor: Decryptor<R>,
         max_work_factor: Option<u8>,
+        callbacks: C,
     },
-    Decrypted(IdentityFile),
+    Decrypted(IdentityFile<C>),
 
     /// The file was not correctly encrypted, or did not contain age identities. We cache
     /// this error in case the caller tries to use this identity again. The `Option` is to
@@ -19,26 +20,23 @@ enum IdentityState<R: io::Read> {
     Poisoned(Option<DecryptError>),
 }
 
-impl<R: io::Read> Default for IdentityState<R> {
+impl<R: io::Read, C: Callbacks> Default for IdentityState<R, C> {
     fn default() -> Self {
         Self::Poisoned(None)
     }
 }
 
-impl<R: io::Read> IdentityState<R> {
+impl<R: io::Read, C: Callbacks> IdentityState<R, C> {
     /// Decrypts this encrypted identity if necessary.
     ///
     /// Returns the (possibly cached) identities, and a boolean marking if the identities
     /// were not cached (and we just asked the user for a passphrase).
-    fn decrypt<C: Callbacks>(
-        self,
-        filename: Option<&str>,
-        callbacks: C,
-    ) -> Result<(IdentityFile, bool), DecryptError> {
+    fn decrypt(self, filename: Option<&str>) -> Result<(IdentityFile<C>, bool), DecryptError> {
         match self {
             Self::Encrypted {
                 decryptor,
                 max_work_factor,
+                callbacks,
             } => {
                 let passphrase = match callbacks.request_passphrase(&fl!(
                     "encrypted-passphrase-prompt",
@@ -63,7 +61,8 @@ impl<R: io::Read> IdentityState<R> {
                         }
                     })
                     .and_then(|stream| {
-                        let file = IdentityFile::from_buffer(io::BufReader::new(stream))?;
+                        let file = IdentityFile::from_buffer(io::BufReader::new(stream))?
+                            .with_callbacks(callbacks);
                         Ok((file, true))
                     })
             }
@@ -76,9 +75,8 @@ impl<R: io::Read> IdentityState<R> {
 
 /// An encrypted age identity file.
 pub struct Identity<R: io::Read, C: Callbacks> {
-    state: Cell<IdentityState<R>>,
+    state: Cell<IdentityState<R, C>>,
     filename: Option<String>,
-    callbacks: C,
 }
 
 impl<R: io::Read, C: Callbacks> Identity<R, C> {
@@ -99,9 +97,9 @@ impl<R: io::Read, C: Callbacks> Identity<R, C> {
             state: Cell::new(IdentityState::Encrypted {
                 decryptor,
                 max_work_factor,
+                callbacks,
             }),
             filename,
-            callbacks,
         }))
     }
 
@@ -110,13 +108,9 @@ impl<R: io::Read, C: Callbacks> Identity<R, C> {
     /// If this encrypted identity has not been decrypted yet, calling this method will
     /// trigger a passphrase request.
     pub fn recipients(&self) -> Result<Vec<Box<dyn crate::Recipient + Send>>, EncryptError> {
-        match self
-            .state
-            .take()
-            .decrypt(self.filename.as_deref(), self.callbacks.clone())
-        {
+        match self.state.take().decrypt(self.filename.as_deref()) {
             Ok((identity_file, _)) => {
-                let recipients = identity_file.to_recipients(self.callbacks.clone());
+                let recipients = identity_file.to_recipients();
                 self.state.set(IdentityState::Decrypted(identity_file));
                 recipients
             }
@@ -147,20 +141,14 @@ impl<R: io::Read, C: Callbacks> Identity<R, C> {
             Result<Box<dyn crate::Identity>, DecryptError>,
         ) -> Option<Result<age_core::format::FileKey, DecryptError>>,
     {
-        match self
-            .state
-            .take()
-            .decrypt(self.filename.as_deref(), self.callbacks.clone())
-        {
+        match self.state.take().decrypt(self.filename.as_deref()) {
             Ok((identity_file, requested_passphrase)) => {
-                let result = identity_file
-                    .to_identities(self.callbacks.clone())
-                    .find_map(filter);
+                let result = identity_file.to_identities().find_map(filter);
 
                 // If we requested a passphrase to decrypt, and none of the identities
                 // matched, warn the user.
                 if requested_passphrase && result.is_none() {
-                    self.callbacks.display_message(&fl!(
+                    identity_file.callbacks.display_message(&fl!(
                         "encrypted-warn-no-match",
                         filename = self.filename.as_deref().unwrap_or_default()
                     ));

age/src/identity.rs

@@ -1,7 +1,7 @@
 use std::fs::File;
 use std::io;
 
-use crate::{x25519, Callbacks, DecryptError, EncryptError};
+use crate::{x25519, Callbacks, DecryptError, EncryptError, NoCallbacks};
 
 #[cfg(feature = "cli-common")]
 use crate::cli_common::file_io::InputReader;
@@ -41,11 +41,12 @@ impl IdentityFileEntry {
 }
 
 /// A list of identities that has been parsed from some input file.
-pub struct IdentityFile {
+pub struct IdentityFile<C: Callbacks> {
     identities: Vec<IdentityFileEntry>,
+    pub(crate) callbacks: C,
 }
 
-impl IdentityFile {
+impl IdentityFile<NoCallbacks> {
     /// Parses one or more identities from a file containing valid UTF-8.
     pub fn from_file(filename: String) -> io::Result<Self> {
         File::open(&filename)
@@ -114,7 +115,21 @@ impl IdentityFile {
             }
         }
 
-        Ok(IdentityFile { identities })
+        Ok(IdentityFile {
+            identities,
+            callbacks: NoCallbacks,
+        })
+    }
+}
+
+impl<C: Callbacks> IdentityFile<C> {
+    /// Sets the provided callbacks on this identity file, so that if this is an encrypted
+    /// identity, it can potentially be decrypted.
+    pub fn with_callbacks<D: Callbacks>(self, callbacks: D) -> IdentityFile<D> {
+        IdentityFile {
+            identities: self.identities,
+            callbacks,
+        }
     }
 
     /// Returns recipients for the identities in this file.
@@ -122,26 +137,22 @@ impl IdentityFile {
     /// Plugin identities will be merged into one [`Recipient`] per unique plugin.
     ///
     /// [`Recipient`]: crate::Recipient
-    pub fn to_recipients(
-        &self,
-        callbacks: impl Callbacks,
-    ) -> Result<Vec<Box<dyn crate::Recipient + Send>>, EncryptError> {
+    pub fn to_recipients(&self) -> Result<Vec<Box<dyn crate::Recipient + Send>>, EncryptError> {
         let mut recipients = RecipientsAccumulator::new();
         recipients.with_identities_ref(self);
         recipients.build(
             #[cfg(feature = "plugin")]
-            callbacks,
+            self.callbacks.clone(),
         )
     }
 
     /// Returns the identities in this file.
     pub(crate) fn to_identities(
         &self,
-        callbacks: impl Callbacks,
     ) -> impl Iterator<Item = Result<Box<dyn crate::Identity>, DecryptError>> + '_ {
         self.identities
             .iter()
-            .map(|entry| entry.clone().into_identity(callbacks.clone()))
+            .map(|entry| entry.clone().into_identity(self.callbacks.clone()))
     }
 
     /// Returns the identities in this file.
@@ -188,7 +199,7 @@ impl RecipientsAccumulator {
     }
 
     #[cfg(feature = "cli-common")]
-    pub(crate) fn with_identities(&mut self, identity_file: IdentityFile) {
+    pub(crate) fn with_identities<C: Callbacks>(&mut self, identity_file: IdentityFile<C>) {
         for entry in identity_file.identities {
             match entry {
                 IdentityFileEntry::Native(i) => self.recipients.push(Box::new(i.to_public())),
@@ -198,7 +209,7 @@ impl RecipientsAccumulator {
         }
     }
 
-    pub(crate) fn with_identities_ref(&mut self, identity_file: &IdentityFile) {
+    pub(crate) fn with_identities_ref<C: Callbacks>(&mut self, identity_file: &IdentityFile<C>) {
         for entry in &identity_file.identities {
             match entry {
                 IdentityFileEntry::Native(i) => self.recipients.push(Box::new(i.to_public())),

age/src/lib.rs

@@ -306,6 +306,29 @@ pub trait Callbacks: Clone + Send + Sync + 'static {
     fn request_passphrase(&self, description: &str) -> Option<SecretString>;
 }
 
+/// An implementation of [`Callbacks`] that does not allow callbacks.
+///
+/// No user interaction will occur; [`Recipient`] or [`Identity`] implementations will
+/// receive `None` from the callbacks that return responses, and will act accordingly.
+#[derive(Clone, Copy, Debug)]
+pub struct NoCallbacks;
+
+impl Callbacks for NoCallbacks {
+    fn display_message(&self, _: &str) {}
+
+    fn confirm(&self, _: &str, _: &str, _: Option<&str>) -> Option<bool> {
+        None
+    }
+
+    fn request_public_string(&self, _: &str) -> Option<String> {
+        None
+    }
+
+    fn request_passphrase(&self, _: &str) -> Option<SecretString> {
+        None
+    }
+}
+
 /// Helper for fuzzing the Header parser and serializer.
 #[cfg(fuzzing)]
 pub fn fuzz_header(data: &[u8]) {