diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2023-03-02 13:39:50 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2023-03-02 15:03:12 +0100 |
| commit | 3d2b1e3ae7f555b027113767938bbe5663df74a0 (patch) | |
| tree | de02ffbdd529d7b56d6ba8361dec99be24d6940e /openpgp/src/crypto/aead.rs | |
| parent | b9d5a76186e2a9380cf3f6f7a96b07b6bdaaaa26 (diff) | |
openpgp: Combine ciphertext and tag in Aead::decrypt_verify.
- It is easier (and cheaper) to tear apart in backends that need
ciphertext and tag to be separate than to combine it for backends
that expect the tag to be appended to the ciphertext.
- The caller doesn't have to do anything, because in OpenPGP on the
wire the tag is already appended to the ciphertext. The one
exception is our current implementation of SKESKv5, but in our
upcoming SKESKv6 implementation, we store the tag appended to the
ciphertext, so it will be easy to use this interface there.
Diffstat (limited to 'openpgp/src/crypto/aead.rs')
| -rw-r--r-- | openpgp/src/crypto/aead.rs | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/openpgp/src/crypto/aead.rs b/openpgp/src/crypto/aead.rs index feee035f..700a2bcb 100644 --- a/openpgp/src/crypto/aead.rs +++ b/openpgp/src/crypto/aead.rs @@ -59,9 +59,9 @@ pub trait Aead : seal::Sealed { /// Length of the digest in bytes. fn digest_size(&self) -> usize; - /// Decrypt one block `src` to `dst` and verify if the digest - /// matches `digest`. - fn decrypt_verify(&mut self, dst: &mut [u8], src: &[u8], digest: &[u8]) -> Result<()>; + /// Decrypt one chunk `src` to `dst` and verify that the digest is + /// correct. + fn decrypt_verify(&mut self, dst: &mut [u8], src: &[u8]) -> Result<()>; } /// Whether AEAD cipher is used for data encryption or decryption. @@ -401,7 +401,7 @@ impl<'a, S: Schedule> Decryptor<'a, S> { &mut plaintext[pos..pos + to_decrypt] }; - aead.decrypt_verify(buffer, &chunk[..to_decrypt], &chunk[to_decrypt..])?; + aead.decrypt_verify(buffer, chunk)?; if double_buffer { let to_copy = plaintext.len() - pos; @@ -437,7 +437,7 @@ impl<'a, S: Schedule> Decryptor<'a, S> { let final_digest = self.source.data(final_digest_size)?; - aead.decrypt_verify(&mut [], &[], final_digest)?; + aead.decrypt_verify(&mut [], final_digest)?; // Consume the data only on success so that we keep // returning the error. |