separate Crypto traits in non Send+Sync and in Send+Sync

.github/workflows/build_and_tests_reusable.yaml

@@ -4,7 +4,8 @@ on:
 
 env:
   CARGO_TERM_COLOR: always
-  CARGO_INCREMENTAL: 0 # TODO: remove this when we cache the builds
+  RUSTFLAGS: "-Dwarnings"
+  RUSTDOCFLAGS: "-Dwarnings"
 
 jobs:
   tests:

.github/workflows/package_reusable.yaml

@@ -10,7 +10,12 @@ on:
         description: 'The current value in version file (type: string)'
         type: string
         required: true
-
+
+env:
+  CARGO_TERM_COLOR: always
+  RUSTFLAGS: "-Dwarnings"
+  RUSTDOCFLAGS: "-Dwarnings"
+
 jobs:
   aur_build:
       name: build AUR

check-before-push.bat

@@ -6,7 +6,7 @@ set RUSTDOCFLAGS=-Dwarnings
 cargo fmt --all
 if %errorlevel% neq 0 exit /b %errorlevel%
 
-cargo clippy --release --all-targets --fix --allow-dirty
+cargo clippy --release --all-targets --fix --allow-dirty --allow-staged
 if %errorlevel% neq 0 exit /b %errorlevel%
 
 act --action-offline-mode -W .github/workflows/build_and_tests_reusable.yaml

check-before-push.sh

@@ -7,5 +7,5 @@ export RUSTFLAGS="-Dwarnings"
 export RUSTDOCFLAGS="-Dwarnings"
 
 cargo fmt --all
-cargo clippy --release --all-targets --fix --allow-dirty
+cargo clippy --release --all-targets --fix --allow-dirty --allow-staged
 act --action-offline-mode -W .github/workflows/build_and_tests_reusable.yaml

src/crypto.rs

@@ -22,8 +22,14 @@ use thiserror::Error;
 use tracing::{debug, error, instrument};
 use write::CryptoInnerWriter;
 
-use crate::crypto::read::{CryptoRead, CryptoReadSeek, RingCryptoRead};
-use crate::crypto::write::{CryptoWrite, CryptoWriteSeek, RingCryptoWrite};
+use crate::crypto::read::{
+    CryptoRead, CryptoReadSeek, CryptoReadSeekSendSync, CryptoReadSeekSendSyncImpl,
+    CryptoReadSendSync, CryptoReadSendSyncImpl, RingCryptoRead,
+};
+use crate::crypto::write::{
+    CryptoWrite, CryptoWriteSeek, CryptoWriteSeekSendSync, CryptoWriteSeekSendSyncImpl,
+    CryptoWriteSendSync, CryptoWriteSendSyncImpl, RingCryptoWrite,
+};
 use crate::encryptedfs::FsResult;
 use crate::{fs_util, stream_util};
 
@@ -109,7 +115,7 @@ pub enum Error {
 
 pub type Result<T> = std::result::Result<T, Error>;
 
-/// Creates an encrypted writer
+/// Creates a crypto writer
 pub fn create_write<W: CryptoInnerWriter + Send + Sync + 'static>(
     writer: W,
     cipher: Cipher,
@@ -118,7 +124,7 @@ pub fn create_write<W: CryptoInnerWriter + Send + Sync + 'static>(
     create_ring_write(writer, cipher, key)
 }
 
-/// Creates an encrypted writer with seek
+/// Creates a crypto writer with seek
 pub fn create_write_seek<W: CryptoInnerWriter + Seek + Read + Send + Sync + 'static>(
     writer: W,
     cipher: Cipher,
@@ -127,6 +133,24 @@ pub fn create_write_seek<W: CryptoInnerWriter + Seek + Read + Send + Sync + 'sta
     create_ring_write_seek(writer, cipher, key)
 }
 
+/// Creates a [`Send`] + [`Seek`] + `'static` crypto writer.
+pub fn create_write_send_sync<W: CryptoInnerWriter + Send + Sync + 'static>(
+    writer: W,
+    cipher: Cipher,
+    key: &SecretVec<u8>,
+) -> impl CryptoWriteSendSync<W> {
+    CryptoWriteSendSyncImpl::new(writer, cipher, key)
+}
+
+/// Creates a [`Send`] + [`Seek`] + `'static` crypto writer with seek.
+pub fn create_write_seek_send_sync<W: CryptoInnerWriter + Seek + Read + Send + Sync + 'static>(
+    writer: W,
+    cipher: Cipher,
+    key: &SecretVec<u8>,
+) -> impl CryptoWriteSeekSendSync<W> {
+    CryptoWriteSeekSendSyncImpl::new(writer, cipher, key)
+}
+
 fn create_ring_write<W: CryptoInnerWriter + Send + Sync>(
     writer: W,
     cipher: Cipher,
@@ -151,19 +175,15 @@ fn create_ring_write_seek<W: CryptoInnerWriter + Seek + Read + Send + Sync>(
     RingCryptoWrite::new(writer, true, algorithm, key)
 }
 
-fn create_ring_read<R: Read + Send + Sync>(
-    reader: R,
-    cipher: Cipher,
-    key: &SecretVec<u8>,
-) -> RingCryptoRead<R> {
+fn create_ring_read<R: Read>(reader: R, cipher: Cipher, key: &SecretVec<u8>) -> RingCryptoRead<R> {
     let algorithm = match cipher {
         Cipher::ChaCha20Poly1305 => &CHACHA20_POLY1305,
         Cipher::Aes256Gcm => &AES_256_GCM,
     };
     RingCryptoRead::new(reader, algorithm, key)
 }
 
-fn create_ring_read_seek<R: Read + Seek + Send + Sync>(
+fn create_ring_read_seek<R: Read + Seek>(
     reader: R,
     cipher: Cipher,
     key: &SecretVec<u8>,
@@ -175,24 +195,42 @@ fn create_ring_read_seek<R: Read + Seek + Send + Sync>(
     RingCryptoRead::new_seek(reader, algorithm, key)
 }
 
-/// Creates an encrypted reader
-pub fn create_read<R: Read + Send + Sync>(
-    reader: R,
-    cipher: Cipher,
-    key: &SecretVec<u8>,
-) -> impl CryptoRead<R> {
+/// Creates a crypto reader. This is not thread-safe.
+///
+/// Use [`create_read_send_sync`] if you need thread-safe access.
+pub fn create_read<R: Read>(reader: R, cipher: Cipher, key: &SecretVec<u8>) -> impl CryptoRead<R> {
     create_ring_read(reader, cipher, key)
 }
 
-/// Creates an encrypted reader with seek
-pub fn create_read_seek<R: Read + Seek + Send + Sync>(
+/// Creates a crypto reader with seek. This is not thread-safe.
+///
+/// Use [`create_read_seek_send_sync`] if you need thread-safe access.
+pub fn create_read_seek<R: Read + Seek>(
     reader: R,
     cipher: Cipher,
     key: &SecretVec<u8>,
 ) -> impl CryptoReadSeek<R> {
     create_ring_read_seek(reader, cipher, key)
 }
 
+/// Creates a [`Send`] + [`Seek`] + `'static` crypto reader.
+pub fn create_read_send_sync<R: Read + Send + Sync + 'static>(
+    reader: R,
+    cipher: Cipher,
+    key: &SecretVec<u8>,
+) -> impl CryptoReadSendSync<R> {
+    CryptoReadSendSyncImpl::new(reader, cipher, key)
+}
+
+/// Creates a [`Send`] + [`Seek`] + `'static` encrypted reader with seek.
+pub fn create_read_seek_send_sync<R: Read + Seek + Send + Sync + 'static>(
+    reader: R,
+    cipher: Cipher,
+    key: &SecretVec<u8>,
+) -> impl CryptoReadSeekSendSync<R> {
+    CryptoReadSeekSendSyncImpl::new(reader, cipher, key)
+}
+
 #[allow(clippy::missing_errors_doc)]
 pub fn encrypt(s: &SecretString, cipher: Cipher, key: &SecretVec<u8>) -> Result<String> {
     let mut cursor = io::Cursor::new(vec![]);
@@ -293,7 +331,9 @@ pub fn hash_secret_vec(data: &SecretVec<u8>) -> [u8; 32] {
 }
 
 /// Copy from `pos` position in file `len` bytes
-#[instrument(skip(w, key), fields(pos = pos.to_formatted_string(& Locale::en), len = len.to_formatted_string(& Locale::en)))]
+#[instrument(skip(w, key), fields(
+    pos = pos.to_formatted_string(& Locale::en), len = len.to_formatted_string(& Locale::en)
+))]
 #[allow(clippy::missing_errors_doc)]
 pub fn copy_from_file_exact(
     file: PathBuf,