@@ -80,11 +80,14 @@ pub trait Aead {
8080 /// The length of a nonce.
8181type NonceSize : ArraySize ;
8282
83- /// The maximum length of the tag.
83+ /// The length of a tag.
8484type TagSize : ArraySize ;
8585
8686 /// Constant which defines whether AEAD specification appends or prepends tags.
8787///
88+ /// It influences the behavior of the [`Aead::encrypt_to_vec`], [`Aead::decrypt_to_vec`],
89+ /// [`Aead::encrypt_to_buffer`], and [`Aead::decrypt_to_buffer`] methods.
90+ ///
8891/// If the specification does not explicitly specify tag kind, we default to postfix tags.
8992const IS_POSTFIX : bool = true ;
9093
@@ -158,6 +161,13 @@ pub trait Aead {
158161 self . detached_decrypt_inout ( nonce, associated_data, buf, tag)
159162 }
160163
164+ /// Encrypt the [`InOutBufReserved`] data, append the authentication tag, and return
165+ /// the resulting byte slice.
166+ ///
167+ /// `buffer` should have at least [`TagSize`][Aead::TagSize] bytes of additional output
168+ /// capacity; otherwise, the method will return an error.
169+ ///
170+ /// The returned byte slice is guaranteed to point to the output of `buffer`.
161171#[ inline]
162172 fn postfix_encrypt_inout < ' out > (
163173 & self ,
@@ -176,8 +186,13 @@ pub trait Aead {
176186 Ok ( & mut out_buf[ ..res_len] )
177187 }
178188
179- /// Decrypt the [`InOutBuf`] data, returning an error in the event the provided
180- /// authentication tag does not match the given ciphertext.
189+ /// Decrypt the [`InOutBuf`] data, verify the appended authentication tag, and return
190+ /// the resulting byte slice in case of success.
191+ ///
192+ /// Returns an error if the provided authentication tag does not match the given ciphertext
193+ /// or if the size of `buffer` is smaller than the tag size.
194+ ///
195+ /// The returned byte slice is guaranteed to point to the output of `buffer`.
181196#[ inline]
182197 fn postfix_decrypt_inout < ' out > (
183198 & self ,
@@ -193,6 +208,13 @@ pub trait Aead {
193208 Ok ( into_out_buf ( buf) )
194209 }
195210
211+ /// Encrypt the plaintext data of length `plaintext_len` residing at the beggining of `buffer`
212+ /// in-place, append the authentication tag, and return the resulting byte slice.
213+ ///
214+ /// `buffer` should have at least [`TagSize`][Aead::TagSize] bytes of additional output
215+ /// capacity; otherwise, the method will return an error.
216+ ///
217+ /// The returned byte slice is guaranteed to point to `buffer`.
196218#[ inline]
197219 fn postfix_encrypt_inplace < ' out > (
198220 & self ,
@@ -210,8 +232,13 @@ pub trait Aead {
210232 Ok ( buf)
211233 }
212234
213- /// Encrypt the data in-place, returning an error in the event the provided
214- /// authentication tag does not match the given ciphertext.
235+ /// Decrypt the data in `buffer` in-place, verify the appended authentication tag, and return
236+ /// the resulting byte slice in case of success.
237+ ///
238+ /// Returns an error if the provided authentication tag does not match the given ciphertext
239+ /// or if the size of `buffer` is smaller than the tag size.
240+ ///
241+ /// The returned byte slice is guaranteed to point to the output of `buffer`.
215242#[ inline]
216243 fn postfix_decrypt_inplace < ' out > (
217244 & self ,
@@ -227,6 +254,13 @@ pub trait Aead {
227254 Ok ( buf)
228255 }
229256
257+ /// Encrypt the data in `plaintext`, write resulting ciphertext to `buffer`, append
258+ /// the authentication tag, and return the resulting byte slice.
259+ ///
260+ /// `buffer` should have at least [`TagSize`][Aead::TagSize] bytes of additional capacity;
261+ /// otherwise, the method will return an error.
262+ ///
263+ /// The returned byte slice is guaranteed to point to the output of `buffer`.
230264#[ inline]
231265 fn postfix_encrypt_to_buf < ' out > (
232266 & self ,
@@ -245,8 +279,15 @@ pub trait Aead {
245279 Ok ( buf)
246280 }
247281
248- /// Encrypt the data buffer-to-buffer, returning an error in the event the provided
249- /// authentication tag does not match the given ciphertext.
282+ /// Decrypt the data in `ciphertext`, write resulting ciphertext to `buffer`, verify
283+ /// the appended authentication tag, and return the resulting byte slice in case of success.
284+ ///
285+ /// Returns an error if the provided authentication tag does not match the given ciphertext,
286+ /// if the size of `ciphertext` is smaller than the tag size, or if the size of `buffer` is
287+ /// too small for resulting plaintext (i.e. it should have capacity of at least
288+ /// `ciphertext.len() - tag_size`).
289+ ///
290+ /// The returned byte slice is guaranteed to point to the output of `buffer`.
250291#[ inline]
251292 fn postfix_decrypt_to_buf < ' out > (
252293 & self ,
@@ -265,6 +306,9 @@ pub trait Aead {
265306 Ok ( pt_dst)
266307 }
267308
309+ /// Encrypt the data in `buffer`, and append the authentication tag to it.
310+ ///
311+ /// `buffer` is a generic [`Buffer`] type. See the trait docs for more information.
268312#[ inline]
269313 fn postfix_encrypt_buffer (
270314 & self ,
@@ -276,6 +320,11 @@ pub trait Aead {
276320 buffer. extend_from_slice ( & tag)
277321 }
278322
323+ /// Decrypt the data in `buffer`, verify the appended authentication tag, and truncate `buffer`
324+ /// to contain only the resulting plaintext.
325+ ///
326+ /// Returns an error if the provided authentication tag does not match the given ciphertext,
327+ /// or if the length of `buffer` is smaller than the tag size.
279328#[ inline]
280329 fn postfix_decrypt_buffer (
281330 & self ,
0 commit comments