1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
use sodiumoxide::crypto::secretbox;
pub const CYPHER_HEADER_SIZE: usize = secretbox::MACBYTES + 2 + secretbox::MACBYTES;
pub const MAX_PACKET_SIZE: u16 = 4096;
pub const MAX_PACKET_USIZE: usize = MAX_PACKET_SIZE as usize;
#[repr(C)]
#[derive(Debug)]
pub struct PlainHeader {
packet_len: u16,
packet_mac: [u8; secretbox::MACBYTES],
}
impl PlainHeader {
pub fn new() -> PlainHeader {
PlainHeader {
packet_len: 0,
packet_mac: [0u8; secretbox::MACBYTES],
}
}
pub fn get_packet_len(&self) -> u16 {
self.packet_len
}
pub fn get_packet_mac(&self) -> [u8; secretbox::MACBYTES] {
self.packet_mac
}
pub fn is_final_header(&self) -> bool {
unsafe { bs_is_final_header(self) }
}
}
extern "C" {
fn bs_encrypt_packet(out: *mut u8,
plain_packet: *const u8,
packet_len: u16,
encryption_key: *const [u8; secretbox::KEYBYTES],
nonce: *mut [u8; secretbox::NONCEBYTES]);
fn bs_final_header(out: *mut [u8; CYPHER_HEADER_SIZE],
encryption_key: *const [u8; secretbox::KEYBYTES],
nonce: *const [u8; secretbox::NONCEBYTES]);
fn bs_is_final_header(plain_header: *const PlainHeader) -> bool;
fn bs_decrypt_header(out: *mut PlainHeader,
cypher_header: *const [u8; CYPHER_HEADER_SIZE],
decryption_key: *const [u8; secretbox::KEYBYTES],
nonce: *mut [u8; secretbox::NONCEBYTES])
-> bool;
fn bs_decrypt_header_inplace(cypher_header: *mut [u8; CYPHER_HEADER_SIZE],
decryption_key: *const [u8; secretbox::KEYBYTES],
nonce: *mut [u8; secretbox::NONCEBYTES])
-> bool;
fn bs_decrypt_packet(out: *mut u8,
cypher_packet: *const u8,
plain_header: *const PlainHeader,
decryption_key: *const [u8; secretbox::KEYBYTES],
nonce: *mut [u8; secretbox::NONCEBYTES])
-> bool;
fn bs_decrypt_packet_inplace(cypher_packet: *mut u8,
plain_header: *const PlainHeader,
decryption_key: *const [u8; secretbox::KEYBYTES],
nonce: *mut [u8; secretbox::NONCEBYTES])
-> bool;
}
pub unsafe fn encrypt_packet(out: *mut u8,
plain_packet: *const u8,
packet_len: u16,
encryption_key: &[u8; secretbox::KEYBYTES],
nonce: &mut [u8; secretbox::NONCEBYTES]) {
debug_assert!(packet_len <= MAX_PACKET_SIZE);
bs_encrypt_packet(out, plain_packet, packet_len, encryption_key, nonce);
}
pub unsafe fn final_header(out: &mut [u8; CYPHER_HEADER_SIZE],
encryption_key: &[u8; secretbox::KEYBYTES],
nonce: &[u8; secretbox::NONCEBYTES]) {
bs_final_header(out, encryption_key, nonce);
}
#[must_use]
pub unsafe fn decrypt_header(out: &mut PlainHeader,
cypher_header: &[u8; CYPHER_HEADER_SIZE],
decryption_key: &[u8; secretbox::KEYBYTES],
nonce: &mut [u8; secretbox::NONCEBYTES])
-> bool {
bs_decrypt_header(out, cypher_header, decryption_key, nonce)
}
#[must_use]
pub unsafe fn decrypt_header_inplace(cypher_header: &mut [u8; CYPHER_HEADER_SIZE],
decryption_key: &[u8; secretbox::KEYBYTES],
nonce: &mut [u8; secretbox::NONCEBYTES])
-> bool {
bs_decrypt_header_inplace(cypher_header, decryption_key, nonce)
}
#[must_use]
pub unsafe fn decrypt_packet(out: *mut u8,
cypher_packet: *const u8,
plain_header: &PlainHeader,
decryption_key: &[u8; secretbox::KEYBYTES],
nonce: &mut [u8; secretbox::NONCEBYTES])
-> bool {
bs_decrypt_packet(out, cypher_packet, plain_header, decryption_key, nonce)
}
#[must_use]
pub unsafe fn decrypt_packet_inplace(cypher_packet: *mut u8,
plain_header: &PlainHeader,
decryption_key: &[u8; secretbox::KEYBYTES],
nonce: &mut [u8; secretbox::NONCEBYTES])
-> bool {
bs_decrypt_packet_inplace(cypher_packet, plain_header, decryption_key, nonce)
}