hatter/aes-gcm-stream
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: add en/decrypt funcs

Browse Source
This commit is contained in:
Hatter Jiang
2023-10-15 17:15:14 +08:00
parent a8ca61dba4
commit 76bf2221bd
2 changed files with 130 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "aes-gcm-stream" name = "aes-gcm-stream"
version = "0.2.1" version = "0.2.2"
edition = "2021" edition = "2021"
authors = ["Hatter Jiang"] authors = ["Hatter Jiang"]
repository = "https://git.hatter.ink/hatter/aes-gcm-stream" repository = "https://git.hatter.ink/hatter/aes-gcm-stream"

144
src/lib.rs
View File

@@ -24,27 +24,81 @@ mod util;
mod encryptor; mod encryptor;
mod decryptor; mod decryptor;
pub fn aes_256_gcm_decrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> { pub fn aes_gcm_encrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
let mut key: [u8; 32] = match key.try_into() { match key.len() {
Err(_) => return Err(format!("Bad key length")), 16 => aes_128_gcm_encrypt(key, nonce, message),
Ok(key) => key, 24 => aes_192_gcm_encrypt(key, nonce, message),
}; 32 => aes_256_gcm_encrypt(key, nonce, message),
let mut aes256_gcm = Aes256GcmStreamDecryptor::new(key, nonce); _ => Err(format!("Bad key length")),
let mut first_block = aes256_gcm.update(message); }
let final_block = aes256_gcm.finalize()?; }
pub fn aes_gcm_decrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
match key.len() {
16 => aes_128_gcm_decrypt(key, nonce, message),
24 => aes_192_gcm_decrypt(key, nonce, message),
32 => aes_256_gcm_decrypt(key, nonce, message),
_ => Err(format!("Bad key length")),
}
}
pub fn aes_128_gcm_decrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
let mut key: [u8; 16] = key.try_into().map_err(|_| format!("Bad key length"))?;
let mut gcm_stream = Aes128GcmStreamDecryptor::new(key, nonce);
let mut first_block = gcm_stream.update(message);
let final_block = gcm_stream.finalize()?;
first_block.extend_from_slice(&final_block); first_block.extend_from_slice(&final_block);
key.zeroize(); key.zeroize();
Ok(first_block) Ok(first_block)
} }
pub fn aes_192_gcm_decrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
let mut key: [u8; 24] = key.try_into().map_err(|_| format!("Bad key length"))?;
let mut gcm_stream = Aes192GcmStreamDecryptor::new(key, nonce);
let mut first_block = gcm_stream.update(message);
let final_block = gcm_stream.finalize()?;
first_block.extend_from_slice(&final_block);
key.zeroize();
Ok(first_block)
}
pub fn aes_256_gcm_decrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
let mut key: [u8; 32] = key.try_into().map_err(|_| format!("Bad key length"))?;
let mut gcm_stream = Aes256GcmStreamDecryptor::new(key, nonce);
let mut first_block = gcm_stream.update(message);
let final_block = gcm_stream.finalize()?;
first_block.extend_from_slice(&final_block);
key.zeroize();
Ok(first_block)
}
pub fn aes_128_gcm_encrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
let mut key: [u8; 16] = key.try_into().map_err(|_| format!("Bad key length"))?;
let mut gcm_stream = Aes128GcmStreamEncryptor::new(key, nonce);
let mut first_block = gcm_stream.update(message);
let (last_block, tag) = gcm_stream.finalize();
first_block.extend_from_slice(&last_block);
first_block.extend_from_slice(&tag);
key.zeroize();
Ok(first_block)
}
pub fn aes_192_gcm_encrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
let mut key: [u8; 24] = key.try_into().map_err(|_| format!("Bad key length"))?;
let mut gcm_stream = Aes192GcmStreamEncryptor::new(key, nonce);
let mut first_block = gcm_stream.update(message);
let (last_block, tag) = gcm_stream.finalize();
first_block.extend_from_slice(&last_block);
first_block.extend_from_slice(&tag);
key.zeroize();
Ok(first_block)
}
pub fn aes_256_gcm_encrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> { pub fn aes_256_gcm_encrypt(key: &[u8], nonce: &[u8], message: &[u8]) -> Result<Vec<u8>, String> {
let mut key: [u8; 32] = match key.try_into() { let mut key: [u8; 32] = key.try_into().map_err(|_| format!("Bad key length"))?;
Err(_) => return Err(format!("Bad key length")), let mut gcm_stream = Aes256GcmStreamEncryptor::new(key, nonce);
Ok(key) => key, let mut first_block = gcm_stream.update(message);
}; let (last_block, tag) = gcm_stream.finalize();
let mut aes256_gcm = Aes256GcmStreamEncryptor::new(key, nonce);
let mut first_block = aes256_gcm.update(message);
let (last_block, tag) = aes256_gcm.finalize();
first_block.extend_from_slice(&last_block); first_block.extend_from_slice(&last_block);
first_block.extend_from_slice(&tag); first_block.extend_from_slice(&tag);
key.zeroize(); key.zeroize();
@@ -309,6 +363,62 @@ fn test256_stream() {
assert_eq!(plaintext, decrypted_plaintext.as_slice()); assert_eq!(plaintext, decrypted_plaintext.as_slice());
} }
#[test]
fn test128_stream_and_array() {
let key = [0u8; 16];
let nonce = [0; 12];
let mut plaintext = vec![];
// encrypt
let mut ciphertext = vec![];
let mut encryptor = Aes128GcmStreamEncryptor::new(key.clone(), &nonce);
for i in 0..1025 {
plaintext.extend_from_slice(&[(i % 128) as u8]);
ciphertext.extend_from_slice(&encryptor.update(&[(i % 128) as u8]));
}
let (last_block, tag) = encryptor.finalize();
ciphertext.extend_from_slice(&last_block);
ciphertext.extend_from_slice(&tag);
let encrypted = aes_128_gcm_encrypt(&key, &nonce, &plaintext).unwrap();
let decrypted = aes_128_gcm_decrypt(&key, &nonce, &ciphertext).unwrap();
assert_eq!(ciphertext, encrypted);
assert_eq!(plaintext, decrypted);
let encrypted = aes_gcm_encrypt(&key, &nonce, &plaintext).unwrap();
let decrypted = aes_gcm_decrypt(&key, &nonce, &ciphertext).unwrap();
assert_eq!(ciphertext, encrypted);
assert_eq!(plaintext, decrypted);
}
#[test]
fn test192_stream_and_array() {
let key = [0u8; 24];
let nonce = [0; 12];
let mut plaintext = vec![];
// encrypt
let mut ciphertext = vec![];
let mut encryptor = Aes192GcmStreamEncryptor::new(key.clone(), &nonce);
for i in 0..1025 {
plaintext.extend_from_slice(&[(i % 128) as u8]);
ciphertext.extend_from_slice(&encryptor.update(&[(i % 128) as u8]));
}
let (last_block, tag) = encryptor.finalize();
ciphertext.extend_from_slice(&last_block);
ciphertext.extend_from_slice(&tag);
let encrypted = aes_192_gcm_encrypt(&key, &nonce, &plaintext).unwrap();
let decrypted = aes_192_gcm_decrypt(&key, &nonce, &ciphertext).unwrap();
assert_eq!(ciphertext, encrypted);
assert_eq!(plaintext, decrypted);
let encrypted = aes_gcm_encrypt(&key, &nonce, &plaintext).unwrap();
let decrypted = aes_gcm_decrypt(&key, &nonce, &ciphertext).unwrap();
assert_eq!(ciphertext, encrypted);
assert_eq!(plaintext, decrypted);
}
#[test] #[test]
fn test256_stream_and_array() { fn test256_stream_and_array() {
let key = [0u8; 32]; let key = [0u8; 32];
@@ -328,7 +438,11 @@ fn test256_stream_and_array() {
let encrypted = aes_256_gcm_encrypt(&key, &nonce, &plaintext).unwrap(); let encrypted = aes_256_gcm_encrypt(&key, &nonce, &plaintext).unwrap();
let decrypted = aes_256_gcm_decrypt(&key, &nonce, &ciphertext).unwrap(); let decrypted = aes_256_gcm_decrypt(&key, &nonce, &ciphertext).unwrap();
assert_eq!(ciphertext, encrypted);
assert_eq!(plaintext, decrypted);
let encrypted = aes_gcm_encrypt(&key, &nonce, &plaintext).unwrap();
let decrypted = aes_gcm_decrypt(&key, &nonce, &ciphertext).unwrap();
assert_eq!(ciphertext, encrypted); assert_eq!(ciphertext, encrypted);
assert_eq!(plaintext, decrypted); assert_eq!(plaintext, decrypted);
} }