1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
//! Implementation of Sequoia crypto API using the Nettle cryptographic library.
use crate::types::*;
use nettle::random::{Random, Yarrow};
use crate::crypto::SessionKey;
pub mod aead;
pub mod asymmetric;
pub mod ecdh;
pub mod hash;
pub mod symmetric;
/// Returns a short, human-readable description of the backend.
pub fn backend() -> String {
// XXX: Once we depend on nettle-rs 7.1, add cv448 feature
// XXX: Once we depend on nettle-rs 7.2, add nettle::version
"Nettle".to_string()
}
/// Fills the given buffer with random data.
pub fn random(buf: &mut [u8]) {
Yarrow::default().random(buf);
}
/// HKDF instantiated with SHA256.
///
/// Used to derive message keys from session keys, and key
/// encapsulating keys from S2K mechanisms. In both cases, using a
/// KDF that includes algorithm information in the given `info`
/// provides key space separation between cipher algorithms and modes.
///
/// `salt`, if given, SHOULD be 32 bytes of salt matching the digest
/// size of the hash function. If it is not give, 32 zeros are used
/// instead.
///
/// `okm` must not be larger than 255 * 32 (the size of the hash
/// digest).
pub fn hkdf_sha256(ikm: &SessionKey, salt: Option<&[u8]>, info: &[u8],
okm: &mut SessionKey)
{
use nettle::{
kdf::hkdf,
hash::Sha256,
};
assert!(okm.len() <= 255 * 32);
const NO_SALT: [u8; 32] = [0; 32];
let salt = salt.unwrap_or(&NO_SALT);
hkdf::<Sha256>(&ikm[..], salt, info, okm);
}
impl PublicKeyAlgorithm {
pub(crate) fn is_supported_by_backend(&self) -> bool {
use PublicKeyAlgorithm::*;
#[allow(deprecated)]
match &self {
RSAEncryptSign | RSAEncrypt | RSASign | DSA | ECDH | ECDSA | EdDSA
=> true,
ElGamalEncrypt | ElGamalEncryptSign | Private(_) | Unknown(_)
=> false,
}
}
}
impl Curve {
pub(crate) fn is_supported_by_backend(&self) -> bool {
use self::Curve::*;
match &self {
NistP256 | NistP384 | NistP521 | Ed25519 | Cv25519
=> true,
Ed448
=> nettle::ed448::IS_SUPPORTED,
Cv448
=> nettle::curve448::IS_SUPPORTED,
BrainpoolP256 | BrainpoolP512 | Unknown(_)
=> false,
}
}
}
impl AEADAlgorithm {
/// Returns the best AEAD mode supported by the backend.
///
/// This SHOULD return OCB, which is the mandatory-to-implement
/// algorithm and the most performing one, but fall back to any
/// supported algorithm.
pub(crate) const fn const_default() -> AEADAlgorithm {
AEADAlgorithm::EAX
}
pub(crate) fn is_supported_by_backend(&self) -> bool {
use self::AEADAlgorithm::*;
match &self {
EAX
=> true,
OCB
=> nettle::aead::OCB_IS_SUPPORTED,
GCM
=> true,
Private(_) | Unknown(_)
=> false,
}
}
#[cfg(test)]
pub(crate) fn supports_symmetric_algo(&self, algo: &SymmetricAlgorithm) -> bool {
match &self {
AEADAlgorithm::EAX =>
match algo {
SymmetricAlgorithm::AES128 |
SymmetricAlgorithm::AES192 |
SymmetricAlgorithm::AES256 |
SymmetricAlgorithm::Twofish |
SymmetricAlgorithm::Camellia128 |
SymmetricAlgorithm::Camellia192 |
SymmetricAlgorithm::Camellia256 => true,
_ => false,
},
_ => false
}
}
}
|