From d49d1ceff3a40fa1072cd3847aedbf5916f86632 Mon Sep 17 00:00:00 2001 From: Direktor799 Date: Tue, 10 Oct 2023 14:24:38 +0800 Subject: [PATCH] feat(aes-siv): generic nonce sizes for SivAead --- aes-siv/src/lib.rs | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/aes-siv/src/lib.rs b/aes-siv/src/lib.rs index 8e8e6677..22feddca 100644 --- a/aes-siv/src/lib.rs +++ b/aes-siv/src/lib.rs @@ -96,7 +96,7 @@ use aead::{ Buffer, }; use aes::{Aes128, Aes256}; -use cipher::{BlockCipher, BlockEncryptMut}; +use cipher::{ArrayLength, BlockCipher, BlockEncryptMut}; use cmac::Cmac; use core::{marker::PhantomData, ops::Add}; use digest::{FixedOutputReset, Mac}; @@ -105,7 +105,7 @@ use digest::{FixedOutputReset, Mac}; use pmac::Pmac; /// AES-SIV nonces -pub type Nonce = GenericArray; +pub type Nonce = GenericArray; /// AES-SIV tags (i.e. the Synthetic Initialization Vector value) pub type Tag = GenericArray; @@ -113,12 +113,13 @@ pub type Tag = GenericArray; /// The `SivAead` type wraps the more powerful `Siv` interface in a more /// commonly used Authenticated Encryption with Associated Data (AEAD) API, /// which accepts a key, nonce, and associated data when encrypting/decrypting. -pub struct SivAead +pub struct SivAead where Self: KeySizeUser, C: BlockCipher + BlockEncryptMut + KeyInit + KeySizeUser, M: Mac + FixedOutputReset + KeyInit, ::KeySize: Add, + NonceSize: ArrayLength, { key: GenericArray::KeySize>, mac: PhantomData, // TODO(tarcieri): include `M` in `KeySize` calculation @@ -148,23 +149,26 @@ pub type Aes128PmacSivAead = PmacSivAead; #[cfg_attr(docsrs, doc(cfg(feature = "pmac")))] pub type Aes256PmacSivAead = PmacSivAead; -impl KeySizeUser for SivAead +impl KeySizeUser for SivAead where M: Mac + FixedOutputReset + KeyInit, + NonceSize: ArrayLength, { type KeySize = U32; } -impl KeySizeUser for SivAead +impl KeySizeUser for SivAead where M: Mac + FixedOutputReset + KeyInit, + NonceSize: ArrayLength, { type KeySize = U64; } -impl KeyInit for SivAead +impl KeyInit for SivAead where M: Mac + FixedOutputReset + KeyInit, + NonceSize: ArrayLength, { fn new(key: &GenericArray) -> Self { Self { @@ -174,9 +178,10 @@ where } } -impl KeyInit for SivAead +impl KeyInit for SivAead where M: Mac + FixedOutputReset + KeyInit, + NonceSize: ArrayLength, { fn new(key: &GenericArray) -> Self { Self { @@ -186,28 +191,29 @@ where } } -impl AeadCore for SivAead +impl AeadCore for SivAead where Self: KeySizeUser, C: BlockCipher + BlockEncryptMut + KeyInit + KeySizeUser, M: Mac + FixedOutputReset + KeyInit, ::KeySize: Add, + NonceSize: ArrayLength, { // "If the nonce is random, it SHOULD be at least 128 bits in length" // https://tools.ietf.org/html/rfc5297#section-3 - // TODO(tarcieri): generic nonce sizes - type NonceSize = U16; + type NonceSize = NonceSize; type TagSize = U16; type CiphertextOverhead = U0; } -impl AeadInPlace for SivAead +impl AeadInPlace for SivAead where Self: KeySizeUser, Siv: KeyInit + KeySizeUser::KeySize>, C: BlockCipher + BlockEncryptMut + KeyInit + KeySizeUser, M: Mac + FixedOutputReset + KeyInit, ::KeySize: Add, + NonceSize: ArrayLength, { fn encrypt_in_place( &self,