Skip to main content

Crate aesp

Crate aesp 

Source
Expand description

This crate provides an intuitive interface for AES-128, AES-192, and AES-256 encryption and decryption. The following modes of operation are supported:

  • Galois/counter mode (GCM), with optional additional authenticated data (AAD). Encrypts using CTR mode and generates an authentication tag from the AAD + ciphertext. This tag is recomputed at decryption and compared with the received tag.
  • Counter mode (CTR). A 16-byte counter is repeatedly incremented and encrypted. The result is XOR’d with the plaintext to produce the ciphertext. This turns AES into a stream cipher, which removes vulnerabilities present in modes such as ECB.
  • Electronic codebook mode (ECB). Encrypts each block of plaintext seperately and appends to the output. Vulnerable to pattern emergence in larger inputs. Use a stream cipher mode (CTR or GCM) if security is important.

§Examples

Below is an example of a string being encrypted under a random key using AES-256-CTR, then decrypted back to plaintext.

use aesp::{Key, Cipher};
 
// generate a random 256-bit key.
let key = Key::rand_key_256()?;
 
// instantiate a cipher object using that key.
let cipher = Cipher::new(&key);
 
// instantiate sample plaintext (cipher encrypts raw bytes).
let plaintext = ("Hello, World!").as_bytes();
 
// encrypt the plaintext bytes using AES-256-CTR.
// note that the key size does not need to be explicitly stated.
let ciphertext = cipher.encrypt_ctr(&plaintext)?;
 
// decrypt the resultant ciphertext.
let decrypted_ct = cipher.decrypt_ctr(&ciphertext)?;
 
// round trip results in the same plaintext as the original message.
assert_eq!(plaintext, decrypted_ct);

Structs§

Cipher
Provides encryption and decryption functions for AES in modes ECB, CTR, and GCM. Instantiated with an AES Key, which is expanded into round keys and stored in the instance.
Key
Contains a valid AES key. Can be instantiated with a random key, or built from a slice of bytes that is 16, 24, or 32 bytes long. A key object is required to instantiate a Cipher.

Enums§

Error
AES Error type.

Type Aliases§

Result
AES Result type.