breaking!: Reorganize atchops #770
Conversation
| @@ -36,7 +37,8 @@ void main(List<String> args) async { | |||
| atChops = AtChopsImpl(atChopsKeys); | |||
| } | |||
|
|
|||
| var atEncryptionKeyPair = atChops.atChopsKeys.atEncryptionKeyPair; | |||
| var atEncryptionKeyPair = | |||
| atChops.atChopsKeys.atEncryptionKeyPair as AtRSAKeyPair?; | |||
There was a problem hiding this comment.
Example of the place we need the cast, atChopsKeys has been generalized
| @@ -1,34 +1,16 @@ | |||
| library at_chops; | |||
| // export cryptography wrappers | |||
| export 'src/hashing/hashing.dart'; | |||
There was a problem hiding this comment.
Added files named after the directories in src to make export management easier.
| @@ -65,7 +66,7 @@ class _AtKeysCryptoImpl implements AtKeysCrypto { | |||
| String hashKey = | |||
| await _getHashKey(passPhrase, _hashingAlgoType, hashParams: hashParams); | |||
|
|
|||
| AESKey aesKey = AESKey(hashKey); | |||
| AtAESKey aesKey = AtAESKey(hashKey); | |||
There was a problem hiding this comment.
renamed to prevent namespace collisions with other packages.
|
|
||
| AtChopsKeys get atChopsKeys => _atChopsKeys; | ||
| const AtChops.init(); |
There was a problem hiding this comment.
This constructor does nothing, it only exists to allow the class to be extended.
|
|
||
| /// Default self encryption key | ||
| SymmetricKey? selfEncryptionKey; | ||
|
|
||
| /// APKAM symmetric key created during new enrollment | ||
| SymmetricKey? apkamSymmetricKey; | ||
|
|
||
| /// EnrollmentId associated with pkam keys | ||
| String? enrollmentId; |
There was a problem hiding this comment.
Added enrollmentId so that AtAuthKeys in at_auth can be casted to and from AtChopsKeys (without losing information).
| /// These parameters are particularly useful when working with algorithms | ||
| /// like Argon2id, which can be adjusted for performance and security needs. | ||
|
|
||
| class ArgonHashParams extends HashParams { |
There was a problem hiding this comment.
Moved from a separate file to be with it's hashing algorithm implementation
|
|
||
| class HashParams {} | ||
|
|
||
| class DefaultHashingAlgo extends Md5HashingAlgo {} |
There was a problem hiding this comment.
I've taken all the DefaultXXXAlgo and named them after their proper algorithm, then extended each of them to become the new DefaultAlgo. They still all conform to the same interface.
| import 'dart:typed_data'; | ||
|
|
||
| /// Represents a key pair for asymmetric public-private key encryption/decryption | ||
| abstract class AsymmetricKeyPair<Pub extends AtPublicKey, |
There was a problem hiding this comment.
AsymmetricKeyPairs can now be flavored with covariants of AtPublicKey and AtPrivateKey. Non breaking change, as they still conform to the same interface.
| final String _aesKey; | ||
| class AtAESKey extends SymmetricKey { | ||
| @override | ||
| final Uint8List raw; |
There was a problem hiding this comment.
Changed so that the stored member is the raw bytes rather than the base64 encoded string. This should reduce decrypt/encrypt latency as we don't need to decode every time now.
XavierChanth
force-pushed
the
reorganize-atchops
branch
from
19a75e4 to
8d5b3dd
Compare
| @@ -1 +1,11 @@ | |||
| enum EncryptionKeyType { rsa2048, rsa4096, ecc, aes128, aes192, aes256 } | |||
| enum EncryptionKeyType { | |||
There was a problem hiding this comment.
This is going to be a blocker later...
Sometimes we want to infer an algo, but when we infer from a runtimeType we don't always have the key size, nor care about the key size.
But also, when we get the algo used to encrypt / sign from a string, it's useful to have the algo. It's questionable whether it's useful to have the size. Maybe we need to make this a sealed class later, but, then it's not open to extension...
|
Setting back to draft, more work to be done. |
- What I did
Breaking:
(although breaking, today it only requires an additional cast in some places from
AtSymmetricKeyPairtoAtRSAKeyPair?)However, this future proofs the API in preparation for supporting different key types / algos for pkam and shared encryption, it is actually the other parts of the API that need to be adapted which will element the need for the cast
Non-breaking:
- How I did it
- How to verify it
- Description for the changelog
breaking!: Reorganize atchops