Struct Crypter

pub struct Crypter { /* private fields */ }
Expand description

Represents a symmetric cipher context.

Padding is enabled by default.

§Examples

Encrypt some plaintext in chunks, then decrypt the ciphertext back into plaintext, in AES 128 CBC mode.

use rama_boring::symm::{Cipher, Mode, Crypter};

let plaintexts: [&[u8]; 2] = [b"Some Stream of", b" Crypto Text"];
let key = b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
let iv = b"\x00\x01\x02\x03\x04\x05\x06\x07\x00\x01\x02\x03\x04\x05\x06\x07";
let data_len = plaintexts.iter().fold(0, |sum, x| sum + x.len());

// Create a cipher context for encryption.
let mut encrypter = Crypter::new(
    Cipher::aes_128_cbc(),
    Mode::Encrypt,
    key,
    Some(iv)).unwrap();

let block_size = Cipher::aes_128_cbc().block_size();
let mut ciphertext = vec![0; data_len + block_size];

// Encrypt 2 chunks of plaintexts successively.
let mut count = encrypter.update(plaintexts[0], &mut ciphertext).unwrap();
count += encrypter.update(plaintexts[1], &mut ciphertext[count..]).unwrap();
count += encrypter.finalize(&mut ciphertext[count..]).unwrap();
ciphertext.truncate(count);

assert_eq!(
    b"\x0F\x21\x83\x7E\xB2\x88\x04\xAF\xD9\xCC\xE2\x03\x49\xB4\x88\xF6\xC4\x61\x0E\x32\x1C\xF9\
      \x0D\x66\xB1\xE6\x2C\x77\x76\x18\x8D\x99",
    &ciphertext[..]
);


// Let's pretend we don't know the plaintext, and now decrypt the ciphertext.
let data_len = ciphertext.len();
let ciphertexts = [&ciphertext[..9], &ciphertext[9..]];

// Create a cipher context for decryption.
let mut decrypter = Crypter::new(
    Cipher::aes_128_cbc(),
    Mode::Decrypt,
    key,
    Some(iv)).unwrap();
let mut plaintext = vec![0; data_len + block_size];

// Decrypt 2 chunks of ciphertexts successively.
let mut count = decrypter.update(ciphertexts[0], &mut plaintext).unwrap();
count += decrypter.update(ciphertexts[1], &mut plaintext[count..]).unwrap();
count += decrypter.finalize(&mut plaintext[count..]).unwrap();
plaintext.truncate(count);

assert_eq!(b"Some Stream of Crypto Text", &plaintext[..]);

Implementations§

§

impl Crypter

pub fn new( t: Cipher, mode: Mode, key: &[u8], iv: Option<&[u8]>, ) -> Result<Crypter, ErrorStack>

Creates a new Crypter. The initialisation vector, iv, is not necesarry for certain types of Cipher.

§Panics

Panics if an IV is required by the cipher but not provided. Also make sure that the key and IV size are appropriate for your cipher.

pub fn pad(&mut self, padding: bool)

Enables or disables padding.

If padding is disabled, total amount of data encrypted/decrypted must be a multiple of the cipher’s block size.

pub fn set_tag(&mut self, tag: &[u8]) -> Result<(), ErrorStack>

Sets the tag used to authenticate ciphertext in AEAD ciphers such as AES GCM.

When decrypting cipher text using an AEAD cipher, this must be called before finalize.

pub fn set_tag_len(&mut self, tag_len: usize) -> Result<(), ErrorStack>

Sets the length of the authentication tag to generate in AES CCM.

When encrypting with AES CCM, the tag length needs to be explicitly set in order to use a value different than the default 12 bytes.

pub fn set_data_len(&mut self, data_len: usize) -> Result<(), ErrorStack>

Feeds total plaintext length to the cipher.

The total plaintext or ciphertext length MUST be passed to the cipher when it operates in CCM mode.

pub fn aad_update(&mut self, input: &[u8]) -> Result<(), ErrorStack>

Feeds Additional Authenticated Data (AAD) through the cipher.

This can only be used with AEAD ciphers such as AES GCM. Data fed in is not encrypted, but is factored into the authentication tag. It must be called before the first call to update.

pub fn update( &mut self, input: &[u8], output: &mut [u8], ) -> Result<usize, ErrorStack>

Feeds data from input through the cipher, writing encrypted/decrypted bytes into output.

The number of bytes written to output is returned. Note that this may not be equal to the length of input.

§Panics

Panics for stream ciphers if output.len() < input.len().

Panics for block ciphers if output.len() < input.len() + block_size, where block_size is the block size of the cipher (see Cipher::block_size).

Panics if output.len() > c_int::MAX.

pub fn finalize(&mut self, output: &mut [u8]) -> Result<usize, ErrorStack>

Finishes the encryption/decryption process, writing any remaining data to output.

The number of bytes written to output is returned.

update should not be called after this method.

§Panics

Panics for block ciphers if output.len() < block_size, where block_size is the block size of the cipher (see Cipher::block_size).

pub fn get_tag(&self, tag: &mut [u8]) -> Result<(), ErrorStack>

Retrieves the authentication tag used to authenticate ciphertext in AEAD ciphers such as AES GCM.

When encrypting data with an AEAD cipher, this must be called after finalize.

The size of the buffer indicates the required size of the tag. While some ciphers support a range of tag sizes, it is recommended to pick the maximum size. For AES GCM, this is 16 bytes, for example.

Trait Implementations§

§

impl Drop for Crypter

§

fn drop(&mut self)

Executes the destructor for this type. Read more
§

impl Send for Crypter

§

impl Sync for Crypter

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<'a, T, E> AsTaggedExplicit<'a, E> for T
where T: 'a,

§

fn explicit(self, class: Class, tag: u32) -> TaggedParser<'a, Explicit, Self, E>

§

impl<'a, T, E> AsTaggedImplicit<'a, E> for T
where T: 'a,

§

fn implicit( self, class: Class, constructed: bool, tag: u32, ) -> TaggedParser<'a, Implicit, Self, E>

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FutureExt for T

§

fn with_context(self, otel_cx: Context) -> WithContext<Self>

Attaches the provided Context to this type, returning a WithContext wrapper. Read more
§

fn with_current_context(self) -> WithContext<Self>

Attaches the current Context to this type, returning a WithContext wrapper. Read more
§

impl<T> Instrument for T

§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
§

impl<T> PolicyExt for T
where T: ?Sized,

§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
§

impl<T, U> RamaInto<U> for T
where U: RamaFrom<T>,

§

fn rama_into(self) -> U

§

impl<T, U> RamaInto<U> for T
where U: RamaFrom<T>,

§

fn rama_into(self) -> U

§

impl<T, U> RamaTryInto<U> for T
where U: RamaTryFrom<T>,

§

type Error = <U as RamaTryFrom<T>>::Error

§

fn rama_try_into(self) -> Result<U, <U as RamaTryFrom<T>>::Error>

§

impl<T, U> RamaTryInto<U> for T
where U: RamaTryFrom<T>,

§

type Error = <U as RamaTryFrom<T>>::Error

§

fn rama_try_into(self) -> Result<U, <U as RamaTryFrom<T>>::Error>

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> WithSubscriber for T

§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
§

impl<T> ErasedDestructor for T
where T: 'static,