Implemented symmetric encryption; new commands are SYM KEYGEN; SYM ENCRYPT; SYM DECRYPT

2025-09-18 11:59:44 +02:00
parent c6b277cc9c
commit 8808c0e9d9
3 changed files with 150 additions and 0 deletions
--- a/src/cmd.rs
+++ b/src/cmd.rs
@@ -84,6 +84,12 @@ pub enum Cmd {
    AgeSignName(String, String),           // name, message
    AgeVerifyName(String, String, String), // name, message, signature_b64
    AgeList,
+
+    // SYM (symmetric) commands — stateless (Phase 1)
+    // Raw 32-byte key provided as base64; ciphertext returned as base64
+    SymKeygen,
+    SymEncrypt(String, String),            // key_b64, message
+    SymDecrypt(String, String),            // key_b64, ciphertext_b64
 }

 impl Cmd {
@@ -623,6 +629,20 @@ impl Cmd {
                                _ => return Err(DBError(format!("unsupported AGE subcommand {:?}", cmd))),
                            }
                        }
+                        "sym" => {
+                            if cmd.len() < 2 {
+                                return Err(DBError("wrong number of arguments for SYM".to_string()));
+                            }
+                            match cmd[1].to_lowercase().as_str() {
+                                "keygen"  => { if cmd.len() != 2 { return Err(DBError("SYM KEYGEN takes no args".to_string())); }
+                                               Cmd::SymKeygen }
+                                "encrypt" => { if cmd.len() != 4 { return Err(DBError("SYM ENCRYPT <key_b64> <message>".to_string())); }
+                                               Cmd::SymEncrypt(cmd[2].clone(), cmd[3].clone()) }
+                                "decrypt" => { if cmd.len() != 4 { return Err(DBError("SYM DECRYPT <key_b64> <ciphertext_b64>".to_string())); }
+                                               Cmd::SymDecrypt(cmd[2].clone(), cmd[3].clone()) }
+                                _ => return Err(DBError(format!("unsupported SYM subcommand {:?}", cmd))),
+                            }
+                        }
                        _ => Cmd::Unknow(cmd[0].clone()),
                    },
                    protocol,
@@ -737,6 +757,12 @@ impl Cmd {
            Cmd::AgeSignName(name, message) => Ok(crate::age::cmd_age_sign_name(server, &name, &message).await),
            Cmd::AgeVerifyName(name, message, sig_b64) => Ok(crate::age::cmd_age_verify_name(server, &name, &message, &sig_b64).await),
            Cmd::AgeList => Ok(crate::age::cmd_age_list(server).await),
+
+            // SYM (symmetric): stateless (Phase 1)
+            Cmd::SymKeygen => Ok(crate::sym::cmd_sym_keygen().await),
+            Cmd::SymEncrypt(key_b64, message) => Ok(crate::sym::cmd_sym_encrypt(&key_b64, &message).await),
+            Cmd::SymDecrypt(key_b64, ct_b64) => Ok(crate::sym::cmd_sym_decrypt(&key_b64, &ct_b64).await),
+
            Cmd::Unknow(s) => Ok(Protocol::err(&format!("ERR unknown command `{}`", s))),
        }
    }