Skip to main content

AesGcm

Struct AesGcm 

Source
pub struct AesGcm<Aes, NonceSize, TagSize = U16>
where TagSize: TagSize,
{ pub(crate) cipher: Aes, pub(crate) ghash: GHash, pub(crate) nonce_size: PhantomData<NonceSize>, pub(crate) tag_size: PhantomData<TagSize>, }
Expand description

AES-GCM: generic over an underlying AES implementation and nonce size.

This type is generic to support substituting alternative AES implementations (e.g. embedded hardware implementations)

It is NOT intended to be instantiated with any block cipher besides AES! Doing so runs the risk of unintended cryptographic properties!

The NonceSize generic parameter can be used to instantiate AES-GCM with other nonce sizes, however it’s recommended to use it with typenum::U12, the default of 96-bits.

The TagSize generic parameter can be used to instantiate AES-GCM with other authorization tag sizes, however it’s recommended to use it with typenum::U16, the default of 128-bits.

If in doubt, use the built-in Aes128Gcm and Aes256Gcm type aliases.

§⚠️ WARNING: Hazmat!

When using short authentication tags, namely 32-bit tags with typenum::U4 or 64-bit tags with typenum::U8 (which require the crate feature hazmat), it is RECOMMENDED that a key not be used for more than the maximum invocations of authenticated decryption specified in Table 1 or Table 2 of NIST SP 800-38D, respectively.

Fields§

§cipher: Aes

Encryption cipher.

§ghash: GHash

GHASH authenticator.

§nonce_size: PhantomData<NonceSize>

Length of the nonce.

§tag_size: PhantomData<TagSize>

Length of the tag.

Implementations§

Source§

impl<Aes, NonceSize, TagSize> AesGcm<Aes, NonceSize, TagSize>
where Aes: BlockSizeUser<BlockSize = U16> + BlockCipherEncrypt, NonceSize: ArraySize, TagSize: TagSize,

Source

pub(crate) fn init_ctr( &self, nonce: &Nonce<NonceSize>, ) -> (CtrCore<&Aes, Ctr32BE>, Array<u8, U16>)

Initialize counter mode.

See algorithm described in Section 7.2 of NIST SP800-38D: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf

Define a block, J0, as follows: If len(IV)=96, then J0 = IV || 0{31} || 1. If len(IV) ≠ 96, then let s = 128 ⎡len(IV)/128⎤-len(IV), and J0=GHASH(IV||0s+64||[len(IV)]64).

Source

pub(crate) fn compute_tag( &self, mask: Array<u8, U16>, associated_data: &[u8], buffer: &[u8], ) -> Tag

Authenticate the given plaintext and associated data using GHASH.

Trait Implementations§

Source§

impl<Aes, NonceSize, TagSize> AeadCore for AesGcm<Aes, NonceSize, TagSize>
where NonceSize: ArraySize, TagSize: TagSize,

Source§

const TAG_POSITION: TagPosition = TagPosition::Postfix

The AEAD tag position.
Source§

type NonceSize = NonceSize

The length of a nonce.
Source§

type TagSize = TagSize

The maximum length of the tag.
Source§

impl<Aes, NonceSize, TagSize> AeadInOut for AesGcm<Aes, NonceSize, TagSize>
where Aes: BlockSizeUser<BlockSize = U16> + BlockCipherEncrypt, NonceSize: ArraySize, TagSize: TagSize,

Source§

fn encrypt_inout_detached( &self, nonce: &Nonce<NonceSize>, associated_data: &[u8], buffer: InOutBuf<'_, '_, u8>, ) -> Result<Tag<TagSize>, Error>

Encrypt the data in the provided InOutBuf, returning the authentication tag. Read more
Source§

fn decrypt_inout_detached( &self, nonce: &Nonce<NonceSize>, associated_data: &[u8], buffer: InOutBuf<'_, '_, u8>, tag: &Tag<TagSize>, ) -> Result<(), Error>

Decrypt the data in the provided InOutBuf, returning an error in the event the provided authentication tag is invalid for the given ciphertext (i.e. ciphertext is modified/unauthentic). Read more
Source§

fn encrypt_in_place( &self, nonce: &Array<u8, Self::NonceSize>, associated_data: &[u8], buffer: &mut dyn Buffer, ) -> Result<(), Error>

Encrypt the given buffer containing a plaintext message in-place. Read more
Source§

fn decrypt_in_place( &self, nonce: &Array<u8, Self::NonceSize>, associated_data: &[u8], buffer: &mut dyn Buffer, ) -> Result<(), Error>

Decrypt the message in-place, returning an error in the event the provided authentication tag does not match the given ciphertext. Read more
Source§

impl<Aes: Clone, NonceSize: Clone, TagSize> Clone for AesGcm<Aes, NonceSize, TagSize>
where TagSize: TagSize + Clone,

Source§

fn clone(&self) -> AesGcm<Aes, NonceSize, TagSize>

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<Aes, NonceSize, TagSize> Debug for AesGcm<Aes, NonceSize, TagSize>
where TagSize: TagSize,

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<Aes, NonceSize, TagSize> From<Aes> for AesGcm<Aes, NonceSize, TagSize>
where Aes: BlockSizeUser<BlockSize = U16> + BlockCipherEncrypt, TagSize: TagSize,

Source§

fn from(cipher: Aes) -> Self

Converts to this type from the input type.
Source§

impl<Aes, NonceSize, TagSize> KeyInit for AesGcm<Aes, NonceSize, TagSize>
where Aes: BlockSizeUser<BlockSize = U16> + BlockCipherEncrypt + KeyInit, TagSize: TagSize,

Source§

fn new(key: &Key<Self>) -> Self

Create new value from fixed size key.
Source§

fn new_from_slice(key: &[u8]) -> Result<Self, InvalidLength>

Create new value from variable size key. Read more
Source§

fn generate_key<R>(rng: &mut R) -> Array<u8, Self::KeySize>
where R: CryptoRng,

👎Deprecated since 0.2.0: use the Generate trait impl on Key instead
DEPRECATED: generate random key using the provided CryptoRng. Read more
Source§

impl<Aes, NonceSize, TagSize> KeySizeUser for AesGcm<Aes, NonceSize, TagSize>
where Aes: KeySizeUser, TagSize: TagSize,

Source§

type KeySize = <Aes as KeySizeUser>::KeySize

Key size in bytes.
Source§

fn key_size() -> usize

Return key size in bytes.

Auto Trait Implementations§

§

impl<Aes, NonceSize, TagSize> Freeze for AesGcm<Aes, NonceSize, TagSize>
where Aes: Freeze,

§

impl<Aes, NonceSize, TagSize> RefUnwindSafe for AesGcm<Aes, NonceSize, TagSize>
where Aes: RefUnwindSafe, NonceSize: RefUnwindSafe, TagSize: RefUnwindSafe,

§

impl<Aes, NonceSize, TagSize> Send for AesGcm<Aes, NonceSize, TagSize>
where Aes: Send, NonceSize: Send, TagSize: Send,

§

impl<Aes, NonceSize, TagSize> Sync for AesGcm<Aes, NonceSize, TagSize>
where Aes: Sync, NonceSize: Sync, TagSize: Sync,

§

impl<Aes, NonceSize, TagSize> Unpin for AesGcm<Aes, NonceSize, TagSize>
where Aes: Unpin, NonceSize: Unpin, TagSize: Unpin,

§

impl<Aes, NonceSize, TagSize> UnsafeUnpin for AesGcm<Aes, NonceSize, TagSize>
where Aes: UnsafeUnpin,

§

impl<Aes, NonceSize, TagSize> UnwindSafe for AesGcm<Aes, NonceSize, TagSize>
where Aes: UnwindSafe, NonceSize: UnwindSafe, TagSize: UnwindSafe,

Blanket Implementations§

Source§

impl<T> AeadInPlace for T
where T: AeadInOut,

Source§

fn encrypt_in_place( &self, nonce: &Array<u8, <T as AeadCore>::NonceSize>, associated_data: &[u8], buffer: &mut dyn Buffer, ) -> Result<(), Error>

👎Deprecated since 0.6.0: use AeadInOut::encrypt_in_place instead
Encrypt the given buffer containing a plaintext message in-place.
Source§

fn encrypt_in_place_detached( &self, nonce: &Array<u8, <T as AeadCore>::NonceSize>, associated_data: &[u8], buffer: &mut [u8], ) -> Result<Array<u8, <T as AeadCore>::TagSize>, Error>

👎Deprecated since 0.6.0: use AeadInOut::encrypt_inout_detached instead
Encrypt the data in-place, returning the authentication tag
Source§

fn decrypt_in_place( &self, nonce: &Array<u8, <T as AeadCore>::NonceSize>, associated_data: &[u8], buffer: &mut dyn Buffer, ) -> Result<(), Error>

👎Deprecated since 0.6.0: use AeadInOut::decrypt_in_place instead
Decrypt the message in-place, returning an error in the event the provided authentication tag does not match the given ciphertext.
Source§

fn decrypt_in_place_detached( &self, nonce: &Array<u8, <T as AeadCore>::NonceSize>, associated_data: &[u8], buffer: &mut [u8], tag: &Array<u8, <T as AeadCore>::TagSize>, ) -> Result<(), Error>

👎Deprecated since 0.6.0: use AeadInOut::decrypt_inout_detached instead
Decrypt the message in-place, returning an error in the event the provided authentication tag does not match the given ciphertext (i.e. ciphertext is modified/unauthentic)
Source§

impl<T> Aead for T
where T: AeadInOut,

Source§

fn encrypt<'msg, 'aad>( &self, nonce: &Array<u8, <T as AeadCore>::NonceSize>, plaintext: impl Into<Payload<'msg, 'aad>>, ) -> Result<Vec<u8>, Error>

Encrypt the given plaintext payload, and return the resulting ciphertext as a vector of bytes. Read more
Source§

fn decrypt<'msg, 'aad>( &self, nonce: &Array<u8, <T as AeadCore>::NonceSize>, ciphertext: impl Into<Payload<'msg, 'aad>>, ) -> Result<Vec<u8>, Error>

Decrypt the given ciphertext slice, and return the resulting plaintext as a vector of bytes. Read more
Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.