diff options
author | Nikhil Benesch <nikhil.benesch@gmail.com> | 2020-12-10 20:46:58 -0500 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-10-05 11:46:38 +0200 |
commit | 341fdd29a9863e793c560e2a7207989c4f61d772 (patch) | |
tree | 38ffda8be4d3ebce675e6561a3a619882934495e /openpgp/src/crypto/backend/rust.rs | |
parent | aa21e2404d9502eeea84ff39da03a85c971ea2d3 (diff) |
openpgp: Add a RustCrypto backend.
- This adds a cryptographic backend based on the RustCrypto crates.
The backend is marked as experimental, as the RustCrypto crates'
authors state that they have not been audited and may not perform
computations in constant time. Nevertheless, it may be useful in
certain environments, e.g. WebAssembly.
- The backend implements RSA, EdDSA and ECDH over Curve25519, IDEA,
3DES, CAST5, Blowfish, AES, Twofish, EAX, MD5, SHA1, RipeMD160, and
the SHA2 family.
- Notably missing are DSA, ElGamal, and ECDSA and ECDH over the NIST
curves.
- See #333.
Diffstat (limited to 'openpgp/src/crypto/backend/rust.rs')
-rw-r--r-- | openpgp/src/crypto/backend/rust.rs | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/openpgp/src/crypto/backend/rust.rs b/openpgp/src/crypto/backend/rust.rs new file mode 100644 index 00000000..a661c14e --- /dev/null +++ b/openpgp/src/crypto/backend/rust.rs @@ -0,0 +1,64 @@ +//! Implementation of Sequoia crypto API using pure Rust cryptographic +//! libraries. + +use crate::types::*; + +pub mod aead; +pub mod asymmetric; +pub mod ecdh; +pub mod hash; +pub mod symmetric; + +/// Fills the given buffer with random data. +/// +/// Fills the given buffer with random data produced by a +/// cryptographically secure pseudorandom number generator (CSPRNG). +/// The output may be used as session keys or to derive long-term +/// cryptographic keys from. +pub fn random<B: AsMut<[u8]>>(mut buf: B) { + use rand::rngs::OsRng; + use rand::RngCore; + + OsRng.fill_bytes(buf.as_mut()) +} + +impl PublicKeyAlgorithm { + pub(crate) fn is_supported_by_backend(&self) -> bool { + use PublicKeyAlgorithm::*; + #[allow(deprecated)] + match &self { + RSAEncryptSign | RSAEncrypt | RSASign | ECDH | EdDSA + => true, + DSA | ECDSA + => false, + ElGamalEncrypt | ElGamalEncryptSign | Private(_) | Unknown(_) + => false, + } + } +} + +impl Curve { + pub(crate) fn is_supported_by_backend(&self) -> bool { + use self::Curve::*; + match &self { + NistP256 | NistP384 | NistP521 + => false, + Ed25519 | Cv25519 + => true, + BrainpoolP256 | BrainpoolP512 | Unknown(_) + => false, + } + } +} + +impl AEADAlgorithm { + pub(crate) fn is_supported_by_backend(&self) -> bool { + use self::AEADAlgorithm::*; + match &self { + EAX + => true, + OCB | Private(_) | Unknown(_) + => false, + } + } +} |