[WIP] pkcs5: encryption

Implements PKCS#5 encryption support, presently targeting only support
for PBES2 with PBKDF2-SHA-256 and AES-CBC (with 128 or 256-bit key size)

Note that these are presently the best options supported by PKCS#5 v2.1.

Support for legacy algorithms like DES, 3DES, MD2, and SHA-1 is
deliberately ommitted. We can revisit potentially adding these upon
request if there is demand, however since these algorithms are insecure
we don't support them in this initial implementation.

Author: tarcieri

.github/workflows/pkcs5.yml

@@ -25,7 +25,7 @@ jobs:
     strategy:
       matrix:
         rust:
-          - 1.47.0 # MSRV
+          - 1.49.0 # MSRV
           - stable
         target:
           - thumbv7em-none-eabi
@@ -38,14 +38,15 @@ jobs:
           toolchain: ${{ matrix.rust }}
           target: ${{ matrix.target }}
           override: true
-      - run: cargo build --release --target ${{ matrix.target }}
+      - run: cargo build --target ${{ matrix.target }} --release
+      - run: cargo build --target ${{ matrix.target }} --release --features pbes2
 
   test:
     runs-on: ubuntu-latest
     strategy:
       matrix:
         rust:
-          - 1.47.0 # MSRV
+          - 1.49.0 # MSRV
           - stable
     steps:
       - uses: actions/checkout@v1
@@ -55,3 +56,4 @@ jobs:
           toolchain: ${{ matrix.rust }}
           override: true
       - run: cargo test --release
+      - run: cargo test --release --all-features

.github/workflows/workspace.yml

@@ -16,7 +16,7 @@ jobs:
     - uses: actions/checkout@v1
     - uses: actions-rs/toolchain@v1
       with:
-        toolchain: 1.46.0 # MSRV
+        toolchain: 1.49.0 # Highest MSRV in repo
         components: clippy
         override: true
         profile: minimal

Cargo.lock

@@ -16,3 +16,7 @@ members = [
     "pkcs8",
     "spki",
 ]
+
+[patch.crates-io]
+aes = { git = "https://github.com/RustCrypto/block-ciphers" }
+block-modes = { git = "https://github.com/RustCrypto/block-ciphers" }

Cargo.toml

@@ -231,6 +231,7 @@ impl<T: Variant> Encoding for T {
 
     fn encoded_len(bytes: &[u8]) -> usize {
         // TODO: replace with `unwrap_or` on stabilization
+        #[allow(clippy::manual_unwrap_or)]
         match encoded_len_inner(bytes.len(), T::PADDED) {
             Some(v) => v,
             None => 0,

base64ct/src/encoding.rs

@@ -17,9 +17,18 @@ readme = "README.md"
 der = { version = "0.2.7", features = ["oid"], path = "../der" }
 spki = { version = "0.2", path = "../spki" }
 
+aes = { version = "=0.7.0-pre", optional = true }
+block-modes = { version = "=0.8.0-pre", optional = true, default-features = false }
+hmac = { version = "0.10", optional = true, default-features = false }
+pbkdf2 = { version = "0.7", optional = true, default-features = false }
+sha2 = { version = "0.9", optional = true, default-features = false }
+
 [dev-dependencies]
 hex-literal = "0.3"
 
+[features]
+pbes2 = ["aes", "block-modes", "hmac", "pbkdf2", "sha2"]
+
 [package.metadata.docs.rs]
 all-features = true
 rustdoc-args = ["--cfg", "docsrs"]

pkcs5/Cargo.toml

@@ -34,7 +34,7 @@ dual licensed as above, without any additional terms or conditions.
 [docs-image]: https://docs.rs/pkcs5/badge.svg
 [docs-link]: https://docs.rs/pkcs5/
 [license-image]: https://img.shields.io/badge/license-Apache2.0/MIT-blue.svg
-[rustc-image]: https://img.shields.io/badge/rustc-1.47+-blue.svg
+[rustc-image]: https://img.shields.io/badge/rustc-1.49+-blue.svg
 [chat-image]: https://img.shields.io/badge/zulip-join_chat-blue.svg
 [chat-link]: https://rustcrypto.zulipchat.com/#narrow/stream/260052-utils
 [build-image]: https://github.com/RustCrypto/utils/workflows/pkcs5/badge.svg?branch=master&event=push

pkcs5/README.md

@@ -4,7 +4,7 @@
 //!
 //! # Minimum Supported Rust Version
 //!
-//! This crate requires **Rust 1.47** at a minimum.
+//! This crate requires **Rust 1.49** at a minimum.
 //!
 //! # Usage
 //!
@@ -25,7 +25,7 @@
 #![forbid(unsafe_code)]
 #![warn(missing_docs, rust_2018_idioms, unused_qualifications)]
 
-pub use der::{self, Error, ObjectIdentifier, Result};
+pub use der::{self, Error, ObjectIdentifier};
 pub use spki::AlgorithmIdentifier;
 
 use core::convert::{TryFrom, TryInto};
@@ -34,6 +34,10 @@ use der::{sequence, Any, Encodable, Encoder, Length};
 pub mod pbes1;
 pub mod pbes2;
 
+/// Cryptographic errors
+#[derive(Copy, Clone, Debug, Eq, PartialEq)]
+pub struct CryptoError;
+
 /// Supported PKCS#5 password-based encryption schemes.
 #[derive(Clone, Debug, Eq, PartialEq)]
 #[non_exhaustive]
@@ -51,6 +55,25 @@ pub enum EncryptionScheme<'a> {
 }
 
 impl<'a> EncryptionScheme<'a> {
+    /// Attempt to decrypt the given ciphertext in-place using a key derived
+    /// from the provided password and this scheme's parameters.
+    ///
+    /// Returns an error if the algorithm specified in this scheme's parameters
+    /// is unsupported, or if the ciphertext is malformed (e.g. not a multiple
+    /// of a block mode's padding)
+    #[cfg(feature = "pbes2")]
+    #[cfg_attr(docsrs, doc(cfg(feature = "pbes2")))]
+    pub fn decrypt_in_place<'b>(
+        &self,
+        password: impl AsRef<[u8]>,
+        buffer: &'b mut [u8],
+    ) -> Result<&'b [u8], CryptoError> {
+        match self {
+            Self::Pbes2(params) => pbes2::encryption::decrypt_in_place(params, password, buffer),
+            _ => Err(CryptoError),
+        }
+    }
+
     /// Get the [`ObjectIdentifier`] (a.k.a OID) for this algorithm.
     pub fn oid(&self) -> ObjectIdentifier {
         match self {
@@ -79,23 +102,23 @@ impl<'a> EncryptionScheme<'a> {
 impl<'a> TryFrom<&'a [u8]> for EncryptionScheme<'a> {
     type Error = Error;
 
-    fn try_from(bytes: &'a [u8]) -> Result<EncryptionScheme<'a>> {
+    fn try_from(bytes: &'a [u8]) -> der::Result<EncryptionScheme<'a>> {
         AlgorithmIdentifier::try_from(bytes).and_then(TryInto::try_into)
     }
 }
 
 impl<'a> TryFrom<Any<'a>> for EncryptionScheme<'a> {
     type Error = Error;
 
-    fn try_from(any: Any<'a>) -> Result<EncryptionScheme<'a>> {
+    fn try_from(any: Any<'a>) -> der::Result<EncryptionScheme<'a>> {
         AlgorithmIdentifier::try_from(any).and_then(TryInto::try_into)
     }
 }
 
 impl<'a> TryFrom<AlgorithmIdentifier<'a>> for EncryptionScheme<'a> {
     type Error = Error;
 
-    fn try_from(alg: AlgorithmIdentifier<'a>) -> Result<EncryptionScheme<'_>> {
+    fn try_from(alg: AlgorithmIdentifier<'a>) -> der::Result<EncryptionScheme<'_>> {
         match alg.oid {
             pbes2::PBES2_OID => pbes2::Parameters::try_from(alg.parameters_any()?).map(Into::into),
             _ => pbes1::Parameters::try_from(alg).map(Into::into),
@@ -116,14 +139,14 @@ impl<'a> From<pbes2::Parameters<'a>> for EncryptionScheme<'a> {
 }
 
 impl<'a> Encodable for EncryptionScheme<'a> {
-    fn encoded_len(&self) -> Result<Length> {
+    fn encoded_len(&self) -> der::Result<Length> {
         match self {
             Self::Pbes1(pbes1) => pbes1.encoded_len(),
             Self::Pbes2(pbes2) => sequence::encoded_len(&[&pbes2::PBES2_OID, pbes2]),
         }
     }
 
-    fn encode(&self, encoder: &mut Encoder<'_>) -> Result<()> {
+    fn encode(&self, encoder: &mut Encoder<'_>) -> der::Result<()> {
         match self {
             Self::Pbes1(pbes1) => pbes1.encode(encoder),
             Self::Pbes2(pbes2) => encoder.sequence(&[&pbes2::PBES2_OID, pbes2]),