Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow exporting key material and init of cipherstate #50

Merged
merged 1 commit into from
Feb 2, 2024
Merged

Allow exporting key material and init of cipherstate #50

merged 1 commit into from
Feb 2, 2024

Conversation

aidantwoods-1p
Copy link
Contributor

In order to allow implementations to store the nonce and key (e.g. for use with distributed systems), I've added an UnsafeKey method that exports the current key for storage. Combined with the CipherSuite, already exportable nonce, and this key, these can be used to reconstruct a CipherState from stored data using the new UnsafeNewCipherState method.

Noting that UnsafeKey isn't strictly necessary if it is already accessible from the Cipher, but I think this is preferable overall to needing to possibly create wrapped Cipher types which allow the key to be later exportable.

The Unsafe keyword is mean to indicate that these functions should be avoided at a glance, unless the caller accepts responsibility for manually managing exported state outside of application memory.

titanous
titanous requested changes Feb 1, 2024
View reviewed changes
Copy link
Contributor

@titanous titanous left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good, just minor nits in the docs.

state.go Outdated Show resolved Hide resolved
state.go Outdated Show resolved Hide resolved
state.go Outdated Show resolved Hide resolved
@aidantwoods-1p
Copy link
Contributor Author

Nits now resolved 🙂

@titanous titanous merged commit 4d9f71c into flynn:main Feb 2, 2024
2 checks passed
@aidantwoods-1p aidantwoods-1p deleted the init-export branch February 2, 2024 00:38
@complexspaces
Copy link

Thank you for taking a look at this so quick for us 🎉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@titanous titanous titanous approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aidantwoods-1p @complexspaces @titanous