diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2022-02-08 15:55:10 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-01-12 17:45:47 +0100 |
commit | 9516eb1ea2e6795a269114fd221171571da8185c (patch) | |
tree | 533cb5c145dc18063d73bc3f24fd9195cb23eaf2 | |
parent | 51a74a57d29ed8384871c2859034b1073516856b (diff) |
WIP: openpgp: Implement OCB mode.
-rw-r--r-- | Cargo.lock | 7 | ||||
-rw-r--r-- | openpgp/Cargo.toml | 2 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/nettle.rs | 4 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/nettle/aead.rs | 33 | ||||
-rw-r--r-- | openpgp/src/serialize/stream.rs | 5 |
5 files changed, 44 insertions, 7 deletions
@@ -1794,20 +1794,19 @@ dependencies = [ [[package]] name = "nettle" version = "7.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c511dff9452c522101505be4b5bbe07afd4f4565c65ca7d8118d4b804bd6a199" +source = "git+https://gitlab.com/sequoia-pgp/nettle-rs?branch=justus/ocb#f2d6d7f088c97a84dcfbdc8a4d10aad1efb0bee3" dependencies = [ "getrandom 0.2.6", "libc", "nettle-sys", "thiserror", + "typenum", ] [[package]] name = "nettle-sys" version = "2.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b13b685c7883e3a32196ccf3ce594947ec37ace43d74e157de7ca03d3fe62d17" +source = "git+https://gitlab.com/sequoia-pgp/nettle-sys?branch=justus/ocb#61e99ad29d46fe40685d99bc7c86f45f958a92ec" dependencies = [ "bindgen", "cc", diff --git a/openpgp/Cargo.toml b/openpgp/Cargo.toml index 0407d482..0a164285 100644 --- a/openpgp/Cargo.toml +++ b/openpgp/Cargo.toml @@ -38,7 +38,7 @@ lalrpop-util = ">=0.17" lazy_static = "1.4.0" libc = "0.2.66" memsec = { version = ">=0.5", default-features = false } -nettle = { version = "7.0.2", optional = true } +nettle = { git = "https://gitlab.com/sequoia-pgp/nettle-rs", branch = "justus/ocb", optional = true } regex = "1" regex-syntax = "0.6" sha1collisiondetection = { version = "0.2.3", default-features = false, features = ["std"] } diff --git a/openpgp/src/crypto/backend/nettle.rs b/openpgp/src/crypto/backend/nettle.rs index 1cd601c2..b07d8da7 100644 --- a/openpgp/src/crypto/backend/nettle.rs +++ b/openpgp/src/crypto/backend/nettle.rs @@ -62,9 +62,11 @@ impl AEADAlgorithm { match &self { EAX => true, + OCB + => nettle::aead::OCB_IS_SUPPORTED, GCM => true, - OCB | Private(_) | Unknown(_) + Private(_) | Unknown(_) => false, } } diff --git a/openpgp/src/crypto/backend/nettle/aead.rs b/openpgp/src/crypto/backend/nettle/aead.rs index e7fff77e..860c6b60 100644 --- a/openpgp/src/crypto/backend/nettle/aead.rs +++ b/openpgp/src/crypto/backend/nettle/aead.rs @@ -1,7 +1,14 @@ //! Implementation of AEAD using Nettle cryptographic library. + use std::cmp::Ordering; -use nettle::{aead, cipher}; +use nettle::{ + aead::{ + self, + typenum::consts::U16, + }, + cipher, +}; use crate::{Error, Result}; @@ -80,6 +87,30 @@ impl AEADAlgorithm { )), _ => Err(Error::UnsupportedSymmetricAlgorithm(sym_algo).into()), }, + AEADAlgorithm::OCB => match sym_algo { + SymmetricAlgorithm::AES128 => Ok(Box::new( + aead::Ocb::<cipher::Aes128, U16>::with_key_and_nonce(key, nonce)?, + )), + SymmetricAlgorithm::AES192 => Ok(Box::new( + aead::Ocb::<cipher::Aes192, U16>::with_key_and_nonce(key, nonce)?, + )), + SymmetricAlgorithm::AES256 => Ok(Box::new( + aead::Ocb::<cipher::Aes256, U16>::with_key_and_nonce(key, nonce)?, + )), + SymmetricAlgorithm::Twofish => Ok(Box::new( + aead::Ocb::<cipher::Twofish, U16>::with_key_and_nonce(key, nonce)?, + )), + SymmetricAlgorithm::Camellia128 => Ok(Box::new( + aead::Ocb::<cipher::Camellia128, U16>::with_key_and_nonce(key, nonce)?, + )), + SymmetricAlgorithm::Camellia192 => Ok(Box::new( + aead::Ocb::<cipher::Camellia192, U16>::with_key_and_nonce(key, nonce)?, + )), + SymmetricAlgorithm::Camellia256 => Ok(Box::new( + aead::Ocb::<cipher::Camellia256, U16>::with_key_and_nonce(key, nonce)?, + )), + _ => Err(Error::UnsupportedSymmetricAlgorithm(sym_algo).into()), + }, AEADAlgorithm::GCM => match sym_algo { SymmetricAlgorithm::AES128 => Ok(Box::new( aead::Gcm::<cipher::Aes128>::with_key_and_nonce(key, nonce)?, diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs index 51130af8..42b46d88 100644 --- a/openpgp/src/serialize/stream.rs +++ b/openpgp/src/serialize/stream.rs @@ -3408,6 +3408,11 @@ mod test { } #[test] + fn aead_ocb() -> Result<()> { + test_aead_messages(AEADAlgorithm::OCB) + } + + #[test] fn aead_gcm() -> Result<()> { test_aead_messages(AEADAlgorithm::GCM) } |