From 341fdd29a9863e793c560e2a7207989c4f61d772 Mon Sep 17 00:00:00 2001
From: Nikhil Benesch <nikhil.benesch@gmail.com>
Date: Thu, 10 Dec 2020 20:46:58 -0500
Subject: openpgp: Add a RustCrypto backend.

  - This adds a cryptographic backend based on the RustCrypto crates.
    The backend is marked as experimental, as the RustCrypto crates'
    authors state that they have not been audited and may not perform
    computations in constant time.  Nevertheless, it may be useful in
    certain environments, e.g. WebAssembly.

  - The backend implements RSA, EdDSA and ECDH over Curve25519, IDEA,
    3DES, CAST5, Blowfish, AES, Twofish, EAX, MD5, SHA1, RipeMD160, and
    the SHA2 family.

  - Notably missing are DSA, ElGamal, and ECDSA and ECDH over the NIST
    curves.

  - See #333.
---
 openpgp/src/crypto/backend/rust.rs | 64 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 openpgp/src/crypto/backend/rust.rs

(limited to 'openpgp/src/crypto/backend/rust.rs')

diff --git a/openpgp/src/crypto/backend/rust.rs b/openpgp/src/crypto/backend/rust.rs
new file mode 100644
index 00000000..a661c14e
--- /dev/null
+++ b/openpgp/src/crypto/backend/rust.rs
@@ -0,0 +1,64 @@
+//! Implementation of Sequoia crypto API using pure Rust cryptographic
+//! libraries.
+
+use crate::types::*;
+
+pub mod aead;
+pub mod asymmetric;
+pub mod ecdh;
+pub mod hash;
+pub mod symmetric;
+
+/// Fills the given buffer with random data.
+///
+/// Fills the given buffer with random data produced by a
+/// cryptographically secure pseudorandom number generator (CSPRNG).
+/// The output may be used as session keys or to derive long-term
+/// cryptographic keys from.
+pub fn random<B: AsMut<[u8]>>(mut buf: B) {
+    use rand::rngs::OsRng;
+    use rand::RngCore;
+
+    OsRng.fill_bytes(buf.as_mut())
+}
+
+impl PublicKeyAlgorithm {
+    pub(crate) fn is_supported_by_backend(&self) -> bool {
+        use PublicKeyAlgorithm::*;
+        #[allow(deprecated)]
+        match &self {
+            RSAEncryptSign | RSAEncrypt | RSASign | ECDH | EdDSA
+                => true,
+            DSA | ECDSA
+                => false,
+            ElGamalEncrypt | ElGamalEncryptSign | Private(_) | Unknown(_)
+                => false,
+        }
+    }
+}
+
+impl Curve {
+    pub(crate) fn is_supported_by_backend(&self) -> bool {
+        use self::Curve::*;
+        match &self {
+            NistP256 | NistP384 | NistP521
+                => false,
+            Ed25519 | Cv25519
+                => true,
+            BrainpoolP256 | BrainpoolP512 | Unknown(_)
+                => false,
+        }
+    }
+}
+
+impl AEADAlgorithm {
+    pub(crate) fn is_supported_by_backend(&self) -> bool {
+        use self::AEADAlgorithm::*;
+        match &self {
+            EAX
+                => true,
+            OCB | Private(_) | Unknown(_)
+                => false,
+        }
+    }
+}
-- 
cgit v1.2.3