From 1cc03488a9ffc8ce33bf479cb007393b322119e6 Mon Sep 17 00:00:00 2001 From: Claudia Richoux Date: Thu, 12 Jan 2023 22:55:06 -0800 Subject: [PATCH 1/3] adding detached tag mode to stream --- aead/src/stream.rs | 50 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/aead/src/stream.rs b/aead/src/stream.rs index 6b38d43fd..93a69d458 100644 --- a/aead/src/stream.rs +++ b/aead/src/stream.rs @@ -32,7 +32,7 @@ #![allow(clippy::upper_case_acronyms)] -use crate::{AeadCore, AeadInPlace, Buffer, Error, Key, KeyInit, Result}; +use crate::{AeadCore, AeadInPlace, Buffer, Error, Key, KeyInit, Result, Tag}; use core::ops::{AddAssign, Sub}; use generic_array::{ typenum::{Unsigned, U4, U5}, @@ -128,6 +128,15 @@ where buffer: &mut dyn Buffer, ) -> Result<()>; + /// Encrypt an AEAD message in-place at the given position in the STREAM. + fn encrypt_in_place_detached( + &self, + position: Self::Counter, + last_block: bool, + associated_data: &[u8], + buffer: &mut dyn Buffer, + ) -> Result>; + /// Encrypt the given plaintext payload, and return the resulting /// ciphertext as a vector of bytes. #[cfg(feature = "alloc")] @@ -346,6 +355,28 @@ impl_stream_object!( "ℰ STREAM encryptor" ); +impl Encryptor + where + A: AeadInPlace, + S: StreamPrimitive, + A::NonceSize: Sub<>::NonceOverhead>, + NonceSize: ArrayLength, +{ + #[doc = "Use the underlying AEAD to encrypt"] + #[doc = "the last AEAD message in this STREAM in-place,"] + #[doc = "consuming the "] + #[doc = "ℰ STREAM encryptor"] + #[doc = "object in order to prevent further use."] + #[doc = "Returns the tag separately."] + pub fn encrypt_last_in_place_detached( + self, + associated_data: &[u8], + buffer: &mut dyn Buffer, + ) -> Result> { + self.stream.encrypt_in_place_detached(self.position, true, associated_data, buffer) + } +} + impl_stream_object!( Decryptor, decrypt_next, @@ -424,6 +455,18 @@ where let nonce = self.aead_nonce(position, last_block); self.aead.decrypt_in_place(&nonce, associated_data, buffer) } + + fn encrypt_in_place_detached( + &self, + position: u32, + last_block: bool, + associated_data: &[u8], + buffer: &mut dyn Buffer, + ) -> Result> { + let nonce = self.aead_nonce(position, last_block); + self.aead.encrypt_in_place_detached(&nonce, associated_data, buffer.as_mut()) + } + } impl StreamBE32 @@ -503,6 +546,11 @@ where self.aead.encrypt_in_place(&nonce, associated_data, buffer) } + fn encrypt_in_place_detached(&self, position: Self::Counter, last_block: bool, associated_data: &[u8], buffer: &mut dyn Buffer) -> Result> { + let nonce = self.aead_nonce(position, last_block)?; + self.aead.encrypt_in_place_detached(&nonce, associated_data, buffer.as_mut()) + } + fn decrypt_in_place( &self, position: Self::Counter, From 541d16971ccc583cf05950e7934bcf231f371ef2 Mon Sep 17 00:00:00 2001 From: Claudia Richoux Date: Thu, 12 Jan 2023 22:58:43 -0800 Subject: [PATCH 2/3] formatter --- aead/src/stream.rs | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/aead/src/stream.rs b/aead/src/stream.rs index 93a69d458..97d6251d5 100644 --- a/aead/src/stream.rs +++ b/aead/src/stream.rs @@ -356,7 +356,7 @@ impl_stream_object!( ); impl Encryptor - where +where A: AeadInPlace, S: StreamPrimitive, A::NonceSize: Sub<>::NonceOverhead>, @@ -373,7 +373,8 @@ impl Encryptor associated_data: &[u8], buffer: &mut dyn Buffer, ) -> Result> { - self.stream.encrypt_in_place_detached(self.position, true, associated_data, buffer) + self.stream + .encrypt_in_place_detached(self.position, true, associated_data, buffer) } } @@ -464,9 +465,9 @@ where buffer: &mut dyn Buffer, ) -> Result> { let nonce = self.aead_nonce(position, last_block); - self.aead.encrypt_in_place_detached(&nonce, associated_data, buffer.as_mut()) + self.aead + .encrypt_in_place_detached(&nonce, associated_data, buffer.as_mut()) } - } impl StreamBE32 @@ -546,9 +547,16 @@ where self.aead.encrypt_in_place(&nonce, associated_data, buffer) } - fn encrypt_in_place_detached(&self, position: Self::Counter, last_block: bool, associated_data: &[u8], buffer: &mut dyn Buffer) -> Result> { + fn encrypt_in_place_detached( + &self, + position: Self::Counter, + last_block: bool, + associated_data: &[u8], + buffer: &mut dyn Buffer, + ) -> Result> { let nonce = self.aead_nonce(position, last_block)?; - self.aead.encrypt_in_place_detached(&nonce, associated_data, buffer.as_mut()) + self.aead + .encrypt_in_place_detached(&nonce, associated_data, buffer.as_mut()) } fn decrypt_in_place( From 9e97d6bf15e75fe31f73fc3b8639e72711290e76 Mon Sep 17 00:00:00 2001 From: Claudia Richoux Date: Fri, 13 Jan 2023 16:19:36 -0600 Subject: [PATCH 3/3] decrypt detach girlboss --- aead/src/stream.rs | 62 +++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 61 insertions(+), 1 deletion(-) diff --git a/aead/src/stream.rs b/aead/src/stream.rs index 97d6251d5..8fbe28d4e 100644 --- a/aead/src/stream.rs +++ b/aead/src/stream.rs @@ -128,7 +128,7 @@ where buffer: &mut dyn Buffer, ) -> Result<()>; - /// Encrypt an AEAD message in-place at the given position in the STREAM. + /// Encrypt an AEAD message in-place at the given position in the STREAM. Return tag separately. fn encrypt_in_place_detached( &self, position: Self::Counter, @@ -137,6 +137,16 @@ where buffer: &mut dyn Buffer, ) -> Result>; + /// Decrypt an AEAD message in-place at the given position in the STREAM. Accept tag separately. + fn decrypt_in_place_detached( + &self, + position: Self::Counter, + last_block: bool, + associated_data: &[u8], + buffer: &mut dyn Buffer, + tag: &Tag, + ) -> Result<()>; + /// Encrypt the given plaintext payload, and return the resulting /// ciphertext as a vector of bytes. #[cfg(feature = "alloc")] @@ -390,6 +400,30 @@ impl_stream_object!( "𝒟 STREAM decryptor" ); +impl Decryptor +where + A: AeadInPlace, + S: StreamPrimitive, + A::NonceSize: Sub<>::NonceOverhead>, + NonceSize: ArrayLength, +{ + #[doc = "Use the underlying AEAD to decrypt"] + #[doc = "the last AEAD message in this STREAM in-place,"] + #[doc = "consuming the "] + #[doc = "𝒟 STREAM decryptor"] + #[doc = "object in order to prevent further use."] + #[doc = "Accepts the tag separately."] + pub fn decrypt_last_in_place_detached( + self, + associated_data: &[u8], + buffer: &mut dyn Buffer, + tag: &Tag, + ) -> Result<()> { + self.stream + .decrypt_in_place_detached(self.position, true, associated_data, buffer, tag) + } +} + /// The original "Rogaway-flavored" STREAM as described in the paper /// [Online Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance][1]. /// @@ -468,6 +502,19 @@ where self.aead .encrypt_in_place_detached(&nonce, associated_data, buffer.as_mut()) } + + fn decrypt_in_place_detached( + &self, + position: Self::Counter, + last_block: bool, + associated_data: &[u8], + buffer: &mut dyn Buffer, + tag: &Tag, + ) -> Result<()> { + let nonce = self.aead_nonce(position, last_block); + self.aead + .decrypt_in_place_detached(&nonce, associated_data, buffer.as_mut(), tag) + } } impl StreamBE32 @@ -569,6 +616,19 @@ where let nonce = self.aead_nonce(position, last_block)?; self.aead.decrypt_in_place(&nonce, associated_data, buffer) } + + fn decrypt_in_place_detached( + &self, + position: Self::Counter, + last_block: bool, + associated_data: &[u8], + buffer: &mut dyn Buffer, + tag: &Tag, + ) -> Result<()> { + let nonce = self.aead_nonce(position, last_block)?; + self.aead + .decrypt_in_place_detached(&nonce, associated_data, buffer.as_mut(), tag) + } } impl StreamLE31