diff options
-rw-r--r-- | openpgp/src/crypto/aead.rs | 52 | ||||
-rw-r--r-- | openpgp/src/crypto/ecdh.rs | 2 | ||||
-rw-r--r-- | openpgp/src/packet/pkesk.rs | 8 | ||||
-rw-r--r-- | openpgp/src/packet/skesk.rs | 18 | ||||
-rw-r--r-- | openpgp/src/parse/parse.rs | 16 | ||||
-rw-r--r-- | tool/src/commands/dump.rs | 8 |
6 files changed, 53 insertions, 51 deletions
diff --git a/openpgp/src/crypto/aead.rs b/openpgp/src/crypto/aead.rs index 6e7dda1b..00cd5215 100644 --- a/openpgp/src/crypto/aead.rs +++ b/openpgp/src/crypto/aead.rs @@ -40,10 +40,10 @@ impl AEADAlgorithm { } /// Creates a nettle context. - pub fn context(&self, cipher: SymmetricAlgorithm, key: &[u8], nonce: &[u8]) + pub fn context(&self, sym_algo: SymmetricAlgorithm, key: &[u8], nonce: &[u8]) -> Result<Box<aead::Aead>> { match self { - AEADAlgorithm::EAX => match cipher { + AEADAlgorithm::EAX => match sym_algo { SymmetricAlgorithm::AES128 => Ok(Box::new(aead::Eax::<cipher::Aes128> ::with_key_and_nonce(key, nonce)?)), @@ -66,7 +66,7 @@ impl AEADAlgorithm { Ok(Box::new(aead::Eax::<cipher::Camellia256> ::with_key_and_nonce(key, nonce)?)), _ => - Err(Error::UnsupportedSymmetricAlgorithm(cipher).into()), + Err(Error::UnsupportedSymmetricAlgorithm(sym_algo).into()), }, _ => Err(Error::UnsupportedAEADAlgorithm(self.clone()).into()), @@ -81,7 +81,7 @@ pub struct Decryptor<R: io::Read> { // The encrypted data. source: R, - cipher: SymmetricAlgorithm, + sym_algo: SymmetricAlgorithm, aead: AEADAlgorithm, key: SessionKey, iv: Box<[u8]>, @@ -99,18 +99,18 @@ impl<R: io::Read> Decryptor<R> { /// Instantiate a new AEAD decryptor. /// /// `source` is the source to wrap. - pub fn new(version: u8, cipher: SymmetricAlgorithm, aead: AEADAlgorithm, + pub fn new(version: u8, sym_algo: SymmetricAlgorithm, aead: AEADAlgorithm, chunk_size: usize, iv: &[u8], key: &SessionKey, source: R) -> Result<Self> { Ok(Decryptor { source: source, - cipher: cipher, + sym_algo: sym_algo, aead: aead, key: key.clone(), iv: Vec::from(iv).into_boxed_slice(), ad: [ // Prefix. - 0xd4, version, cipher.into(), aead.into(), + 0xd4, version, sym_algo.into(), aead.into(), chunk_size.trailing_zeros() as u8 - 6, // Chunk index. 0, 0, 0, 0, 0, 0, 0, 0, @@ -162,7 +162,7 @@ impl<R: io::Read> Decryptor<R> { } // Instantiate the AEAD cipher. - let aead = self.aead.context(self.cipher, &self.key, &self.iv)?; + let aead = self.aead.context(self.sym_algo, &self.key, &self.iv)?; // Restore the IV. for (i, o) in &mut self.iv[iv_len - 8..].iter_mut() @@ -398,14 +398,14 @@ impl <R: BufferedReader<C>, C> BufferedReaderDecryptor<R, C> { /// Like `new()`, but sets a cookie, which can be retrieved using /// the `cookie_ref` and `cookie_mut` methods, and set using /// the `cookie_set` method. - pub fn with_cookie(version: u8, cipher: SymmetricAlgorithm, + pub fn with_cookie(version: u8, sym_algo: SymmetricAlgorithm, aead: AEADAlgorithm, chunk_size: usize, iv: &[u8], key: &SessionKey, source: R, cookie: C) -> Result<Self> { Ok(BufferedReaderDecryptor { reader: buffered_reader::Generic::with_cookie( - Decryptor::new(version, cipher, aead, chunk_size, iv, key, + Decryptor::new(version, sym_algo, aead, chunk_size, iv, key, source)?, None, cookie), }) @@ -509,7 +509,7 @@ impl<R: BufferedReader<C>, C> BufferedReader<C> pub struct Encryptor<W: io::Write> { inner: Option<W>, - cipher: SymmetricAlgorithm, + sym_algo: SymmetricAlgorithm, aead: AEADAlgorithm, key: SessionKey, iv: Box<[u8]>, @@ -528,7 +528,7 @@ pub struct Encryptor<W: io::Write> { impl<W: io::Write> Encryptor<W> { /// Instantiate a new AEAD encryptor. - pub fn new(version: u8, cipher: SymmetricAlgorithm, aead: AEADAlgorithm, + pub fn new(version: u8, sym_algo: SymmetricAlgorithm, aead: AEADAlgorithm, chunk_size: usize, iv: &[u8], key: &SessionKey, sink: W) -> Result<Self> { let mut scratch = Vec::with_capacity(chunk_size); @@ -536,13 +536,13 @@ impl<W: io::Write> Encryptor<W> { Ok(Encryptor { inner: Some(sink), - cipher: cipher, + sym_algo: sym_algo, aead: aead, key: key.clone(), iv: Vec::from(iv).into_boxed_slice(), ad: [ // Prefix. - 0xd4, version, cipher.into(), aead.into(), + 0xd4, version, sym_algo.into(), aead.into(), chunk_size.trailing_zeros() as u8 - 6, // Chunk index. 0, 0, 0, 0, 0, 0, 0, 0, @@ -595,7 +595,7 @@ impl<W: io::Write> Encryptor<W> { } // Instantiate the AEAD cipher. - let aead = self.aead.context(self.cipher, &self.key, &self.iv)?; + let aead = self.aead.context(self.sym_algo, &self.key, &self.iv)?; // Restore the IV. for (i, o) in &mut self.iv[iv_len - 8..].iter_mut() @@ -760,17 +760,17 @@ mod tests { use nettle::{Random, Yarrow}; let mut rng = Yarrow::default(); - for cipher in [SymmetricAlgorithm::AES128, - SymmetricAlgorithm::AES192, - SymmetricAlgorithm::AES256, - SymmetricAlgorithm::Twofish, - SymmetricAlgorithm::Camellia128, - SymmetricAlgorithm::Camellia192, - SymmetricAlgorithm::Camellia256].iter() { + for sym_algo in [SymmetricAlgorithm::AES128, + SymmetricAlgorithm::AES192, + SymmetricAlgorithm::AES256, + SymmetricAlgorithm::Twofish, + SymmetricAlgorithm::Camellia128, + SymmetricAlgorithm::Camellia192, + SymmetricAlgorithm::Camellia256].iter() { for aead in [AEADAlgorithm::EAX].iter() { let version = 1; let chunk_size = 64; - let mut key = vec![0; cipher.key_size().unwrap()]; + let mut key = vec![0; sym_algo.key_size().unwrap()]; rng.random(&mut key); let key: SessionKey = key.into(); let mut iv = vec![0; aead.iv_size().unwrap()]; @@ -778,7 +778,8 @@ mod tests { let mut ciphertext = Vec::new(); { - let mut encryptor = Encryptor::new(version, *cipher, *aead, + let mut encryptor = Encryptor::new(version, *sym_algo, + *aead, chunk_size, &iv, &key, &mut ciphertext) .unwrap(); @@ -788,7 +789,8 @@ mod tests { let mut plaintext = Vec::new(); { - let mut decryptor = Decryptor::new(version, *cipher, *aead, + let mut decryptor = Decryptor::new(version, *sym_algo, + *aead, chunk_size, &iv, &key, Cursor::new(&ciphertext)) .unwrap(); diff --git a/openpgp/src/crypto/ecdh.rs b/openpgp/src/crypto/ecdh.rs index c0b6f932..c121d3e4 100644 --- a/openpgp/src/crypto/ecdh.rs +++ b/openpgp/src/crypto/ecdh.rs @@ -116,7 +116,7 @@ pub(crate) fn wrap_session_key_deterministic(recipient: &Key, session_key: &[u8] { match recipient.mpis() { &PublicKey::ECDH{ ref curve, ref hash, ref sym,.. } => { - // m = symm_alg_ID || session key || checksum || pkcs5_padding; + // m = sym_alg_ID || session key || checksum || pkcs5_padding; let mut m = Vec::with_capacity(40); m.extend_from_slice(session_key); pkcs5_pad(&mut m, 40); diff --git a/openpgp/src/packet/pkesk.rs b/openpgp/src/packet/pkesk.rs index 6933b204..bc31360f 100644 --- a/openpgp/src/packet/pkesk.rs +++ b/openpgp/src/packet/pkesk.rs @@ -185,10 +185,10 @@ impl PKESK3 { }.into(); let key_rgn = 1..(plain.len() - 2); - let symm_algo: SymmetricAlgorithm = plain[0].into(); - let mut key = vec![0u8; symm_algo.key_size()?]; + let sym_algo: SymmetricAlgorithm = plain[0].into(); + let mut key = vec![0u8; sym_algo.key_size()?]; - if key_rgn.len() != symm_algo.key_size()? { + if key_rgn.len() != sym_algo.key_size()? { return Err(Error::MalformedPacket( format!("session key has the wrong size")).into()); } @@ -201,7 +201,7 @@ impl PKESK3 { | (plain[plain.len() - 1] as usize); if their_checksum == our_checksum { - Ok((symm_algo, key.into())) + Ok((sym_algo, key.into())) } else { Err(Error::MalformedPacket(format!("key checksum wrong")) .into()) diff --git a/openpgp/src/packet/skesk.rs b/openpgp/src/packet/skesk.rs index 64c9f99b..56ce4768 100644 --- a/openpgp/src/packet/skesk.rs +++ b/openpgp/src/packet/skesk.rs @@ -64,7 +64,7 @@ pub struct SKESK4 { /// field. version: u8, /// Symmetric algorithm used to encrypt the session key. - symm_algo: SymmetricAlgorithm, + sym_algo: SymmetricAlgorithm, /// Key derivation method for the symmetric key. s2k: S2K, /// The encrypted session key. @@ -82,7 +82,7 @@ impl SKESK4 { Ok(SKESK4{ common: Default::default(), version: 4, - symm_algo: cipher, + sym_algo: cipher, s2k: s2k, esk: esk.and_then(|esk| { if esk.len() == 0 { None } else { Some(esk) } @@ -120,12 +120,12 @@ impl SKESK4 { /// Gets the symmetric encryption algorithm. pub fn symmetric_algo(&self) -> SymmetricAlgorithm { - self.symm_algo + self.sym_algo } /// Sets the symmetric encryption algorithm. pub fn set_symmetric_algo(&mut self, algo: SymmetricAlgorithm) -> SymmetricAlgorithm { - ::std::mem::replace(&mut self.symm_algo, algo) + ::std::mem::replace(&mut self.sym_algo, algo) } /// Gets the key derivation method. @@ -159,14 +159,14 @@ impl SKESK4 { pub fn decrypt(&self, password: &Password) -> Result<(SymmetricAlgorithm, SessionKey)> { - let key = self.s2k.derive_key(password, self.symm_algo.key_size()?)?; + let key = self.s2k.derive_key(password, self.sym_algo.key_size()?)?; if let Some(ref esk) = self.esk { // Use the derived key to decrypt the ESK. Unlike SEP & // SEIP we have to use plain CFB here. - let blk_sz = self.symm_algo.block_size()?; + let blk_sz = self.sym_algo.block_size()?; let mut iv = vec![0u8; blk_sz]; - let mut dec = self.symm_algo.make_decrypt_cfb(&key[..])?; + let mut dec = self.sym_algo.make_decrypt_cfb(&key[..])?; let mut plain = vec![0u8; esk.len()]; let cipher = &esk[..]; @@ -191,7 +191,7 @@ impl SKESK4 { Err(Error::InvalidOperation( "SKESK4: Cannot use Simple S2K without ESK".into()) .into()), - _ => Ok((self.symm_algo, key)), + _ => Ok((self.sym_algo, key)), } } } @@ -258,7 +258,7 @@ impl SKESK5 { skesk4: SKESK4{ common: Default::default(), version: 5, - symm_algo: cipher, + sym_algo: cipher, s2k: s2k, esk: Some(esk), }, diff --git a/openpgp/src/parse/parse.rs b/openpgp/src/parse/parse.rs index ab7de21a..cf747a9c 100644 --- a/openpgp/src/parse/parse.rs +++ b/openpgp/src/parse/parse.rs @@ -1405,7 +1405,7 @@ impl Key4 { } // Encrypted, S2K & SHA-1 checksum 254 => { - let sk: SymmetricAlgorithm = php_try!(php.parse_u8("symm_algo")).into(); + let sk: SymmetricAlgorithm = php_try!(php.parse_u8("sym_algo")).into(); let s2k = php_try!(S2K::parse(&mut php)); let mut cipher = php_try!(php.parse_bytes_eof("encrypted_mpis")); @@ -1840,20 +1840,20 @@ impl SKESK { let version = php_try!(php.parse_u8("version")); let skesk = match version { 4 => { - let symm_algo = php_try!(php.parse_u8("symm_algo")); + let sym_algo = php_try!(php.parse_u8("sym_algo")); let s2k = php_try!(S2K::parse(&mut php)); let esk = php_try!(php.parse_bytes_eof("esk")); SKESK::V4(php_try!(SKESK4::new( - symm_algo.into(), + sym_algo.into(), s2k, if esk.len() > 0 { Some(esk) } else { None }, ))) }, 5 => { - let symm_algo: SymmetricAlgorithm = - php_try!(php.parse_u8("symm_algo")).into(); + let sym_algo: SymmetricAlgorithm = + php_try!(php.parse_u8("sym_algo")).into(); let aead_algo: AEADAlgorithm = php_try!(php.parse_u8("aead_algo")).into(); let s2k = php_try!(S2K::parse(&mut php)); @@ -1873,7 +1873,7 @@ impl SKESK { php_try!(php.parse_bytes("aead_digest", digest_size)); SKESK::V5(php_try!(SKESK5::new( - symm_algo, + sym_algo, aead_algo, s2k, aead_iv.into_boxed_slice(), @@ -1952,7 +1952,7 @@ fn skesk_parser_test() { assert_eq!(skesk.s2k(), &test.s2k); match skesk.decrypt(&test.password) { - Ok((_symm_algo, key)) => { + Ok((_sym_algo, key)) => { let key = ::conversions::to_hex(&key[..], false); assert_eq!(&key[..], &test.key_hex[..]); } @@ -2086,7 +2086,7 @@ impl AED1 { } let cipher: SymmetricAlgorithm = - php_try!(php.parse_u8("symm_algo")).into(); + php_try!(php.parse_u8("sym_algo")).into(); let aead: AEADAlgorithm = php_try!(php.parse_u8("aead_algo")).into(); let chunk_size: usize = diff --git a/tool/src/commands/dump.rs b/tool/src/commands/dump.rs index d8faaca8..ccf8b620 100644 --- a/tool/src/commands/dump.rs +++ b/tool/src/commands/dump.rs @@ -342,7 +342,7 @@ impl PacketDumper { writeln!(output, "{} Version: {}", i, s.version())?; match s { openpgp::packet::SKESK::V4(ref s) => { - writeln!(output, "{} Cipher: {}", i, + writeln!(output, "{} Symmetric algo: {}", i, s.symmetric_algo())?; write!(output, "{} S2K: ", i)?; self.dump_s2k(output, i, s.s2k())?; @@ -353,7 +353,7 @@ impl PacketDumper { }, openpgp::packet::SKESK::V5(ref s) => { - writeln!(output, "{} Cipher: {}", i, + writeln!(output, "{} Symmetric algo: {}", i, s.symmetric_algo())?; writeln!(output, "{} AEAD: {}", i, s.aead_algo())?; @@ -387,7 +387,7 @@ impl PacketDumper { AED(ref a) => { writeln!(output, "AEAD Encrypted Data Packet")?; writeln!(output, "{} Version: {}", i, a.version())?; - writeln!(output, "{} Cipher: {}", i, a.symmetric_algo())?; + writeln!(output, "{} Symmetric algo: {}", i, a.symmetric_algo())?; writeln!(output, "{} AEAD: {}", i, a.aead())?; writeln!(output, "{} Chunk size: {}", i, a.chunk_size())?; writeln!(output, "{} IV: {}", i, hex::encode(a.iv()))?; @@ -449,7 +449,7 @@ impl PacketDumper { KeyExpirationTime(ref t) => write!(output, "{} Key expiration time: {}", i, t)?, PreferredSymmetricAlgorithms(ref c) => - write!(output, "{} Cipher preferences: {}", i, + write!(output, "{} Symmetric algo preferences: {}", i, c.iter().map(|c| format!("{:?}", c)) .collect::<Vec<String>>().join(", "))?, RevocationKey{class, pk_algo, ref fp} => |