diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2022-01-25 13:58:30 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2022-02-14 17:14:03 +0100 |
commit | f32f7d2fba9c70acb768b3c817545479ec2ae721 (patch) | |
tree | 095774e2f19dccec751b0e22945f4ecbc229d7d5 /openpgp/src/parse.rs | |
parent | 6873c811adaa2be86e2bab2b684a80b59fc04c5b (diff) |
openpgp: Refactor AEAD encryption and decryption.
- Introduce a trait that schedules nonce and additional
authenticated data for each AEAD chunk.
- Factoring that out allows us to support different schemes, and
decouple memory encryption from the OpenPGP schedules.
Diffstat (limited to 'openpgp/src/parse.rs')
-rw-r--r-- | openpgp/src/parse.rs | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/openpgp/src/parse.rs b/openpgp/src/parse.rs index d1b5a440..3e5eead6 100644 --- a/openpgp/src/parse.rs +++ b/openpgp/src/parse.rs @@ -5278,9 +5278,15 @@ impl<'a> PacketParser<'a> { + aed.aead().digest_size()? as u64)?; let data = self.data(amount)?; + let schedule = aead::AEDv1Schedule::new( + aed.symmetric_algo(), + aed.aead(), + chunk_size, + aed.iv())?; + let dec = aead::Decryptor::new( - 1, aed.symmetric_algo(), aed.aead(), chunk_size, - aed.iv(), key, + aed.symmetric_algo(), aed.aead(), chunk_size, + schedule, key.clone(), &data[..cmp::min(data.len(), amount)])?; let mut chunk = Vec::new(); dec.take(aed.chunk_size() as u64).read_to_end(&mut chunk)?; @@ -5291,10 +5297,16 @@ impl<'a> PacketParser<'a> { // This can't fail, because we create a decryptor // above with the same parameters. + let schedule = aead::AEDv1Schedule::new( + aed.symmetric_algo(), + aed.aead(), + chunk_size, + aed.iv())?; + let reader = self.take_reader(); let mut reader = aead::BufferedReaderDecryptor::with_cookie( - 1, aed.symmetric_algo(), aed.aead(), chunk_size, - aed.iv(), key, reader, Cookie::default()).unwrap(); + aed.symmetric_algo(), aed.aead(), chunk_size, + schedule, key.clone(), reader, Cookie::default()).unwrap(); reader.cookie_mut().level = Some(self.recursion_depth()); t!("Pushing aead::Decryptor, level {:?}.", |