diff options
Diffstat (limited to 'openpgp/src')
-rw-r--r-- | openpgp/src/crypto/aead.rs | 57 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/cng/aead.rs | 23 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/nettle/aead.rs | 15 | ||||
-rw-r--r-- | openpgp/src/crypto/backend/rust/aead.rs | 23 | ||||
-rw-r--r-- | openpgp/src/packet/skesk.rs | 8 |
5 files changed, 71 insertions, 55 deletions
diff --git a/openpgp/src/crypto/aead.rs b/openpgp/src/crypto/aead.rs index 9d43c1a5..6b35fec1 100644 --- a/openpgp/src/crypto/aead.rs +++ b/openpgp/src/crypto/aead.rs @@ -51,14 +51,13 @@ pub(crate) fn chunk_size_usize(chunk_size: u64) -> Result<usize> { /// [sealed]: https://rust-lang.github.io/api-guidelines/future-proofing.html#sealed-traits-protect-against-downstream-implementations-c-sealed pub trait Aead : seal::Sealed { /// Adds associated data `ad`. - fn update(&mut self, ad: &[u8]); + fn update(&mut self, ad: &[u8]) -> Result<()>; /// Encrypts one block `src` to `dst`. - fn encrypt(&mut self, dst: &mut [u8], src: &[u8]); - /// Decrypts one block `src` to `dst`. + fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) -> Result<()>; /// Produce the digest. - fn digest(&mut self, digest: &mut [u8]); + fn digest(&mut self, digest: &mut [u8]) -> Result<()>; /// Length of the digest in bytes. fn digest_size(&self) -> usize; @@ -391,10 +390,10 @@ impl<'a, S: Schedule> Decryptor<'a, S> { self.aead.context(self.sym_algo, &self.key, iv, CipherOp::Decrypt) .map(|mut aead| { - aead.update(ad); - aead + aead.update(ad)?; + Ok::<Box<dyn Aead>, anyhow::Error>(aead) }) - })?; + })??; // Decrypt the chunk and check the tag. let to_decrypt = chunk.len() - self.digest_size; @@ -442,10 +441,10 @@ impl<'a, S: Schedule> Decryptor<'a, S> { self.aead.context(self.sym_algo, &self.key, iv, CipherOp::Decrypt) .map(|mut aead| { - aead.update(ad); - aead + aead.update(ad)?; + Ok::<Box<dyn Aead>, anyhow::Error>(aead) }) - })?; + })??; let final_digest = self.source.data(final_digest_size)?; @@ -660,22 +659,22 @@ impl<W: io::Write, S: Schedule> Encryptor<W, S> { self.aead.context(self.sym_algo, &self.key, iv, CipherOp::Encrypt) .map(|mut aead| { - aead.update(ad); - aead + aead.update(ad)?; + Ok::<Box<dyn Aead>, anyhow::Error>(aead) }) - })?; + })??; let inner = self.inner.as_mut().unwrap(); // Encrypt the chunk. - aead.encrypt(&mut self.scratch, &self.buffer); + aead.encrypt(&mut self.scratch, &self.buffer)?; self.bytes_encrypted += self.scratch.len() as u64; self.chunk_index += 1; crate::vec_truncate(&mut self.buffer, 0); inner.write_all(&self.scratch)?; // Write digest. - aead.digest(&mut self.scratch[..self.digest_size]); + aead.digest(&mut self.scratch[..self.digest_size])?; inner.write_all(&self.scratch[..self.digest_size])?; } } @@ -689,21 +688,21 @@ impl<W: io::Write, S: Schedule> Encryptor<W, S> { self.aead.context(self.sym_algo, &self.key, iv, CipherOp::Encrypt) .map(|mut aead| { - aead.update(ad); - aead + aead.update(ad)?; + Ok::<Box<dyn Aead>, anyhow::Error>(aead) }) - })?; + })??; let inner = self.inner.as_mut().unwrap(); // Encrypt the chunk. - aead.encrypt(&mut self.scratch, chunk); + aead.encrypt(&mut self.scratch, chunk)?; self.bytes_encrypted += self.scratch.len() as u64; self.chunk_index += 1; inner.write_all(&self.scratch)?; // Write digest. - aead.digest(&mut self.scratch[..self.digest_size]); + aead.digest(&mut self.scratch[..self.digest_size])?; inner.write_all(&self.scratch[..self.digest_size])?; } else { // Stash for later. @@ -724,14 +723,14 @@ impl<W: io::Write, S: Schedule> Encryptor<W, S> { self.aead.context(self.sym_algo, &self.key, iv, CipherOp::Encrypt) .map(|mut aead| { - aead.update(ad); - aead + aead.update(ad)?; + Ok::<Box<dyn Aead>, anyhow::Error>(aead) }) - })?; + })??; // Encrypt the chunk. unsafe { self.scratch.set_len(self.buffer.len()) } - aead.encrypt(&mut self.scratch, &self.buffer); + aead.encrypt(&mut self.scratch, &self.buffer)?; self.bytes_encrypted += self.scratch.len() as u64; self.chunk_index += 1; crate::vec_truncate(&mut self.buffer, 0); @@ -739,7 +738,7 @@ impl<W: io::Write, S: Schedule> Encryptor<W, S> { // Write digest. unsafe { self.scratch.set_len(self.digest_size) } - aead.digest(&mut self.scratch[..self.digest_size]); + aead.digest(&mut self.scratch[..self.digest_size])?; inner.write_all(&self.scratch[..self.digest_size])?; } @@ -750,11 +749,11 @@ impl<W: io::Write, S: Schedule> Encryptor<W, S> { self.aead.context(self.sym_algo, &self.key, iv, CipherOp::Encrypt) .map(|mut aead| { - aead.update(ad); - aead + aead.update(ad)?; + Ok::<Box<dyn Aead>, anyhow::Error>(aead) }) - })?; - aead.digest(&mut self.scratch[..self.digest_size]); + })??; + aead.digest(&mut self.scratch[..self.digest_size])?; inner.write_all(&self.scratch[..self.digest_size])?; Ok(inner) diff --git a/openpgp/src/crypto/backend/cng/aead.rs b/openpgp/src/crypto/backend/cng/aead.rs index fb95b150..7389c1f0 100644 --- a/openpgp/src/crypto/backend/cng/aead.rs +++ b/openpgp/src/crypto/backend/cng/aead.rs @@ -89,18 +89,23 @@ macro_rules! impl_aead { ($($type: ty),*) => { $( impl Aead for EaxOnline<$type, Encrypt> { - fn update(&mut self, ad: &[u8]) { self.update_assoc(ad) } + fn update(&mut self, ad: &[u8]) -> Result<()> { + self.update_assoc(ad); + Ok(()) + } fn digest_size(&self) -> usize { <eax::Tag as GenericArrayExt<_, _>>::LEN } - fn digest(&mut self, digest: &mut [u8]) { + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { let tag = self.tag_clone(); digest[..tag.len()].copy_from_slice(&tag[..]); + Ok(()) } - fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) { + fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) -> Result<()> { let len = core::cmp::min(dst.len(), src.len()); dst[..len].copy_from_slice(&src[..len]); - EaxOnline::<$type, Encrypt>::encrypt(self, &mut dst[..len]) + EaxOnline::<$type, Encrypt>::encrypt(self, &mut dst[..len]); + Ok(()) } fn decrypt_verify(&mut self, _dst: &mut [u8], _src: &[u8], _digest: &[u8]) -> Result<()> { panic!("AEAD decryption called in the encryption context") @@ -110,15 +115,19 @@ macro_rules! impl_aead { )* $( impl Aead for EaxOnline<$type, Decrypt> { - fn update(&mut self, ad: &[u8]) { self.update_assoc(ad) } + fn update(&mut self, ad: &[u8]) -> Result<()> { + self.update_assoc(ad); + Ok(()) + } fn digest_size(&self) -> usize { <eax::Tag as GenericArrayExt<_, _>>::LEN } - fn digest(&mut self, digest: &mut [u8]) { + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { let tag = self.tag_clone(); digest[..tag.len()].copy_from_slice(&tag[..]); + Ok(()) } - fn encrypt(&mut self, _dst: &mut [u8], _src: &[u8]) { + fn encrypt(&mut self, _dst: &mut [u8], _src: &[u8]) -> Result<()> { panic!("AEAD encryption called in the decryption context") } fn decrypt_verify(&mut self, dst: &mut [u8], src: &[u8], digest: &[u8]) -> Result<()> { diff --git a/openpgp/src/crypto/backend/nettle/aead.rs b/openpgp/src/crypto/backend/nettle/aead.rs index 000d3156..3cdbc42e 100644 --- a/openpgp/src/crypto/backend/nettle/aead.rs +++ b/openpgp/src/crypto/backend/nettle/aead.rs @@ -18,11 +18,13 @@ const DANGER_DISABLE_AUTHENTICATION: bool = false; impl<T: nettle::aead::Aead> seal::Sealed for T {} impl<T: nettle::aead::Aead> Aead for T { - fn update(&mut self, ad: &[u8]) { - self.update(ad) + fn update(&mut self, ad: &[u8]) -> Result<()> { + self.update(ad); + Ok(()) } - fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) { - self.encrypt(dst, src) + fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) -> Result<()> { + self.encrypt(dst, src); + Ok(()) } fn decrypt_verify(&mut self, dst: &mut [u8], src: &[u8], digest: &[u8]) -> Result<()> { self.decrypt(dst, src); @@ -36,8 +38,9 @@ impl<T: nettle::aead::Aead> Aead for T { } Ok(()) } - fn digest(&mut self, digest: &mut [u8]) { - self.digest(digest) + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { + self.digest(digest); + Ok(()) } fn digest_size(&self) -> usize { self.digest_size() diff --git a/openpgp/src/crypto/backend/rust/aead.rs b/openpgp/src/crypto/backend/rust/aead.rs index f4dbc198..e58583a1 100644 --- a/openpgp/src/crypto/backend/rust/aead.rs +++ b/openpgp/src/crypto/backend/rust/aead.rs @@ -45,23 +45,26 @@ where Cipher: BlockCipher<BlockSize = U16> + NewBlockCipher + Clone, Cipher::ParBlocks: ArrayLength<Block<Cipher>>, { - fn update(&mut self, ad: &[u8]) { - self.update_assoc(ad) + fn update(&mut self, ad: &[u8]) -> Result<()> { + self.update_assoc(ad); + Ok(()) } fn digest_size(&self) -> usize { eax::Tag::LEN } - fn digest(&mut self, digest: &mut [u8]) { + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { let tag = self.tag_clone(); digest[..tag.len()].copy_from_slice(&tag[..]); + Ok(()) } - fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) { + fn encrypt(&mut self, dst: &mut [u8], src: &[u8]) -> Result<()> { let len = cmp::min(dst.len(), src.len()); dst[..len].copy_from_slice(&src[..len]); - Self::encrypt(self, &mut dst[..len]) + Self::encrypt(self, &mut dst[..len]); + Ok(()) } fn decrypt_verify(&mut self, _dst: &mut [u8], _src: &[u8], _digest: &[u8]) -> Result<()> { @@ -74,20 +77,22 @@ where Cipher: BlockCipher<BlockSize = U16> + NewBlockCipher + Clone, Cipher::ParBlocks: ArrayLength<Block<Cipher>>, { - fn update(&mut self, ad: &[u8]) { - self.update_assoc(ad) + fn update(&mut self, ad: &[u8]) -> Result<()> { + self.update_assoc(ad); + Ok(()) } fn digest_size(&self) -> usize { eax::Tag::LEN } - fn digest(&mut self, digest: &mut [u8]) { + fn digest(&mut self, digest: &mut [u8]) -> Result<()> { let tag = self.tag_clone(); digest[..tag.len()].copy_from_slice(&tag[..]); + Ok(()) } - fn encrypt(&mut self, _dst: &mut [u8], _src: &[u8]) { + fn encrypt(&mut self, _dst: &mut [u8], _src: &[u8]) -> Result<()> { panic!("AEAD encryption called in the decryption context") } diff --git a/openpgp/src/packet/skesk.rs b/openpgp/src/packet/skesk.rs index fbbd0aac..1a3a74f7 100644 --- a/openpgp/src/packet/skesk.rs +++ b/openpgp/src/packet/skesk.rs @@ -462,15 +462,15 @@ impl SKESK5 { // Prepare associated data. let ad = [0xc3, 5, esk_algo.into(), esk_aead.into()]; - ctx.update(&ad); + ctx.update(&ad)?; // We need to prefix the cipher specifier to the session key. let mut esk = vec![0u8; session_key.len()]; - ctx.encrypt(&mut esk, session_key); + ctx.encrypt(&mut esk, session_key)?; // Digest. let mut digest = vec![0u8; esk_aead.digest_size()?]; - ctx.digest(&mut digest); + ctx.digest(&mut digest)?; SKESK5::new(esk_algo, esk_aead, s2k, iv.into_boxed_slice(), esk.into(), digest.into_boxed_slice()) @@ -499,7 +499,7 @@ impl SKESK5 { let ad = [0xc3, 5 /* Version. */, self.symmetric_algo().into(), self.aead_algo.into()]; - cipher.update(&ad); + cipher.update(&ad)?; let mut plain: SessionKey = vec![0; esk.len()].into(); cipher.decrypt_verify(&mut plain, esk, &self.aead_digest[..])?; Ok((SymmetricAlgorithm::Unencrypted, plain)) |