1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
//! Implementation of Sequoia crypto API using pure Rust cryptographic
//! libraries.
use generic_array::{ArrayLength, GenericArray};
use crate::{Error, Result};
use crate::types::*;
pub mod aead;
pub mod asymmetric;
pub mod ecdh;
pub mod hash;
pub mod symmetric;
trait GenericArrayExt<T, N: ArrayLength<T>> {
const LEN: usize;
/// Like [`GenericArray::from_slice`], but fallible.
fn try_from_slice(slice: &[T]) -> Result<&GenericArray<T, N>> {
if slice.len() == Self::LEN {
Ok(GenericArray::from_slice(slice))
} else {
Err(Error::InvalidArgument(
format!("Invalid slice length, want {}, got {}",
Self::LEN, slice.len())).into())
}
}
/// Like [`GenericArray::clone_from_slice`], but fallible.
fn try_clone_from_slice(slice: &[T]) -> Result<GenericArray<T, N>>
where T: Clone
{
if slice.len() == Self::LEN {
Ok(GenericArray::clone_from_slice(slice))
} else {
Err(Error::InvalidArgument(
format!("Invalid slice length, want {}, got {}",
Self::LEN, slice.len())).into())
}
}
}
impl<T, N: ArrayLength<T>> GenericArrayExt<T, N> for GenericArray<T, N> {
const LEN: usize = N::USIZE;
}
/// Returns a short, human-readable description of the backend.
pub fn backend() -> String {
// XXX: can we include features and the version?
"RustCrypto".to_string()
}
/// Fills the given buffer with random data.
pub fn random(buf: &mut [u8]) {
use rand07::rngs::OsRng;
use rand07::RngCore;
OsRng.fill_bytes(buf)
}
impl PublicKeyAlgorithm {
pub(crate) fn is_supported_by_backend(&self) -> bool {
use PublicKeyAlgorithm::*;
#[allow(deprecated)]
match &self {
RSAEncryptSign | RSAEncrypt | RSASign | ECDH | EdDSA | ECDSA
=> true,
DSA
=> false,
ElGamalEncrypt | ElGamalEncryptSign | Private(_) | Unknown(_)
=> false,
}
}
}
impl Curve {
pub(crate) fn is_supported_by_backend(&self) -> bool {
use self::Curve::*;
match &self {
NistP256
=> true,
NistP384 | NistP521
=> false,
Ed25519 | Cv25519
=> true,
BrainpoolP256 | BrainpoolP512 | Unknown(_)
=> false,
}
}
}
impl AEADAlgorithm {
/// Returns the best AEAD mode supported by the backend.
///
/// This SHOULD return OCB, which is the mandatory-to-implement
/// algorithm and the most performing one, but fall back to any
/// supported algorithm.
pub(crate) const fn const_default() -> AEADAlgorithm {
AEADAlgorithm::EAX
}
pub(crate) fn is_supported_by_backend(&self) -> bool {
use self::AEADAlgorithm::*;
match &self {
EAX => true,
OCB => false,
GCM => true,
Private(_) | Unknown(_)
=> false,
}
}
#[cfg(test)]
pub(crate) fn supports_symmetric_algo(&self, algo: &SymmetricAlgorithm) -> bool {
match &self {
AEADAlgorithm::EAX =>
match algo {
SymmetricAlgorithm::AES128 |
SymmetricAlgorithm::AES192 |
SymmetricAlgorithm::AES256 |
// XXX: Skipping Twofish until Twofish implements Clone
// SymmetricAlgorithm::Twofish |
SymmetricAlgorithm::Camellia128 |
SymmetricAlgorithm::Camellia192 |
SymmetricAlgorithm::Camellia256 => true,
_ => false,
},
AEADAlgorithm::GCM =>
match algo {
SymmetricAlgorithm::AES128 |
SymmetricAlgorithm::AES192 |
SymmetricAlgorithm::AES256 => true,
_ => false,
},
_ => false
}
}
}
|
