diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2023-02-16 10:52:14 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2023-05-22 11:03:16 +0200 |
commit | 4bcaebc7515ed15bb403a312532e8870a781fb3a (patch) | |
tree | 2b2b57dc0c64d47a918c5bfe5fa1b6265291f637 /openpgp/src/crypto/backend/nettle | |
parent | d088cdb56f525beb1306a8145362a13e11704bf6 (diff) |
openpgp: Implement GCM mode.
- The Galois/Counter mode for block ciphers is a FIPS-approved AEAD
mode. It will be added to the upcoming OpenPGP standard so that
we have a FIPS-compliant subset of OpenPGP.
Diffstat (limited to 'openpgp/src/crypto/backend/nettle')
-rw-r--r-- | openpgp/src/crypto/backend/nettle/aead.rs | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/openpgp/src/crypto/backend/nettle/aead.rs b/openpgp/src/crypto/backend/nettle/aead.rs index 76303715..c44defb3 100644 --- a/openpgp/src/crypto/backend/nettle/aead.rs +++ b/openpgp/src/crypto/backend/nettle/aead.rs @@ -164,6 +164,52 @@ impl AEADAlgorithm { _ => Err(Error::UnsupportedSymmetricAlgorithm(sym_algo).into()), }, + AEADAlgorithm::GCM => match sym_algo { + SymmetricAlgorithm::AES128 => { + let mut ctx = + aead::Gcm::<cipher::Aes128>::with_key_and_nonce(key, nonce)?; + ctx.update(aad); + Ok(Box::new(ctx)) + }, + SymmetricAlgorithm::AES192 => { + let mut ctx = + aead::Gcm::<cipher::Aes192>::with_key_and_nonce(key, nonce)?; + ctx.update(aad); + Ok(Box::new(ctx)) + }, + SymmetricAlgorithm::AES256 => { + let mut ctx = + aead::Gcm::<cipher::Aes256>::with_key_and_nonce(key, nonce)?; + ctx.update(aad); + Ok(Box::new(ctx)) + }, + SymmetricAlgorithm::Twofish => { + let mut ctx = + aead::Gcm::<cipher::Twofish>::with_key_and_nonce(key, nonce)?; + ctx.update(aad); + Ok(Box::new(ctx)) + }, + SymmetricAlgorithm::Camellia128 => { + let mut ctx = + aead::Gcm::<cipher::Camellia128>::with_key_and_nonce(key, nonce)?; + ctx.update(aad); + Ok(Box::new(ctx)) + }, + SymmetricAlgorithm::Camellia192 => { + let mut ctx = + aead::Gcm::<cipher::Camellia192>::with_key_and_nonce(key, nonce)?; + ctx.update(aad); + Ok(Box::new(ctx)) + }, + SymmetricAlgorithm::Camellia256 => { + let mut ctx = + aead::Gcm::<cipher::Camellia256>::with_key_and_nonce(key, nonce)?; + ctx.update(aad); + Ok(Box::new(ctx)) + }, + _ => Err(Error::UnsupportedSymmetricAlgorithm(sym_algo).into()), + }, + _ => Err(Error::UnsupportedAEADAlgorithm(*self).into()), } } |