1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
//! Implementation of Sequoia crypto API using pure Rust cryptographic
//! libraries.
use cipher::generic_array::{ArrayLength, GenericArray};
use crate::{Error, Result};
use crate::types::*;
pub mod aead;
pub mod asymmetric;
pub mod ecdh;
pub mod hash;
pub mod symmetric;
pub struct Backend(());
impl super::interface::Backend for Backend {
fn backend() -> String {
// XXX: can we include features and the version?
"RustCrypto".to_string()
}
fn random(buf: &mut [u8]) -> Result<()> {
use rand::rngs::OsRng;
use rand::RngCore;
OsRng.fill_bytes(buf);
Ok(())
}
}
trait GenericArrayExt<T, N: ArrayLength<T>> {
const LEN: usize;
/// Like [`GenericArray::from_slice`], but fallible.
fn try_from_slice(slice: &[T]) -> Result<&GenericArray<T, N>> {
if slice.len() == Self::LEN {
Ok(GenericArray::from_slice(slice))
} else {
Err(Error::InvalidArgument(
format!("Invalid slice length, want {}, got {}",
Self::LEN, slice.len())).into())
}
}
/// Like [`GenericArray::clone_from_slice`], but fallible.
fn try_clone_from_slice(slice: &[T]) -> Result<GenericArray<T, N>>
where T: Clone
{
if slice.len() == Self::LEN {
Ok(GenericArray::clone_from_slice(slice))
} else {
Err(Error::InvalidArgument(
format!("Invalid slice length, want {}, got {}",
Self::LEN, slice.len())).into())
}
}
}
impl<T, N: ArrayLength<T>> GenericArrayExt<T, N> for GenericArray<T, N> {
const LEN: usize = N::USIZE;
}
impl AEADAlgorithm {
/// Returns the best AEAD mode supported by the backend.
///
/// This SHOULD return OCB, which is the mandatory-to-implement
/// algorithm and the most performing one, but fall back to any
/// supported algorithm.
pub(crate) const fn const_default() -> AEADAlgorithm {
AEADAlgorithm::EAX
}
pub(crate) fn is_supported_by_backend(&self) -> bool {
use self::AEADAlgorithm::*;
match &self {
EAX => true,
OCB => false,
GCM => true,
Private(_) | Unknown(_)
=> false,
}
}
#[cfg(test)]
pub(crate) fn supports_symmetric_algo(&self, algo: &SymmetricAlgorithm) -> bool {
match &self {
AEADAlgorithm::EAX =>
match algo {
SymmetricAlgorithm::AES128 |
SymmetricAlgorithm::AES192 |
SymmetricAlgorithm::AES256 |
// XXX: Skipping Twofish until Twofish implements Clone
// SymmetricAlgorithm::Twofish |
SymmetricAlgorithm::Camellia128 |
SymmetricAlgorithm::Camellia192 |
SymmetricAlgorithm::Camellia256 => true,
_ => false,
},
AEADAlgorithm::GCM =>
match algo {
SymmetricAlgorithm::AES128 |
SymmetricAlgorithm::AES192 |
SymmetricAlgorithm::AES256 => true,
_ => false,
},
_ => false
}
}
}
|
