cas-lib 0.2.77

A function wrapper layer for RustCrypto and Dalek-Cryptography. Intended to be used in FFI situations with a global heap deallactor at the top level project.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

use aes_gcm::{Key};

use hkdf::Hkdf;
use rand::{RngCore, rngs::OsRng};

use aes_gcm::{
    aead::{Aead},
    Aes128Gcm, Aes256Gcm, KeyInit, Nonce,
};
use sha2::Sha256;

use super::cas_symmetric_encryption::{CASAES128Encryption, CASAES256Encryption};
pub struct CASAES128;
pub struct CASAES256;

impl CASAES256Encryption for CASAES256 {

    /// Generates an AES256 key from a vector
    fn key_from_vec(key_slice: Vec<u8>) -> Vec<u8> {
        let key = Key::<Aes256Gcm>::from_slice(key_slice.as_slice());
        key.to_vec()
    }

    /// Generates an AES 256 32-bit Key
    fn generate_key() -> Vec<u8> {
        let mut os_rng = OsRng;
        return Aes256Gcm::generate_key(&mut os_rng).to_vec();
    }


    /// Encrypts with AES-256-GCM taking an aes_key and aes_nonce
    fn encrypt_plaintext(aes_key: Vec<u8>, nonce: Vec<u8>, plaintext: Vec<u8>) -> Vec<u8> {
        let key = Key::<Aes256Gcm>::from_slice(aes_key.as_slice());
        let cipher = Aes256Gcm::new(key);
        let nonce = Nonce::from_slice(nonce.as_slice());
        let ciphertext = cipher.encrypt(nonce, plaintext.as_ref()).unwrap();
        ciphertext
    }


    /// Decrypts with AES-256-GCM taking an aes_key and aes_nonce
    fn decrypt_ciphertext(aes_key: Vec<u8>, nonce: Vec<u8>, ciphertext: Vec<u8>) -> Vec<u8> {
        let key = Key::<Aes256Gcm>::from_slice(aes_key.as_slice());
        let cipher = Aes256Gcm::new(key);
        let nonce = Nonce::from_slice(nonce.as_slice());
        let plaintext = cipher.decrypt(nonce, ciphertext.as_ref()).unwrap();
        plaintext
    }

    /// Creates an AES-256 key 32-byte key from an X25519 Shared Secret
    fn key_from_x25519_shared_secret(shared_secret: Vec<u8>) -> Vec<u8> {
        let hk = Hkdf::<Sha256>::new(None, &shared_secret);
        let mut aes_key: Box<[u8; 32]> = Box::new([0u8; 32]);
        hk.expand(b"aes key", &mut *aes_key).unwrap();
        aes_key.to_vec()
    }

    
    /// Generates an AES nonce
    fn generate_nonce() -> Vec<u8> {
        let mut os_rng = OsRng;
        let mut nonce = [0u8; 12];
        os_rng.fill_bytes(&mut nonce);
        nonce.to_vec()      
    }
}

impl CASAES128Encryption for CASAES128 {

    /// Generates an AES128 key from a vector
    fn key_from_vec(key_slice: Vec<u8>) -> Vec<u8> {
        let key = Key::<Aes128Gcm>::from_slice(key_slice.as_slice());
        key.to_vec()
    }

    /// Generates an AES-128 16-byte key
    fn generate_key() -> Vec<u8> {
        let mut os_rng = OsRng;
        return Aes128Gcm::generate_key(&mut os_rng).to_vec();
    }

    

    /// Encrypts with AES-128-GCM taking an aes_key and aes_nonce
    fn encrypt_plaintext(aes_key: Vec<u8>, nonce: Vec<u8>, plaintext: Vec<u8>) -> Vec<u8> {
        let key = Key::<Aes128Gcm>::from_slice(aes_key.as_slice());
        let cipher = Aes128Gcm::new(key);
        let nonce = Nonce::from_slice(nonce.as_slice());
        let ciphertext = cipher.encrypt(nonce, plaintext.as_ref()).unwrap();
        ciphertext
    }

    

    /// Decrypts with AES-128-GCM taking an aes_key and aes_nonce
    fn decrypt_ciphertext(aes_key: Vec<u8>, nonce: Vec<u8>, ciphertext: Vec<u8>) -> Vec<u8> {
        let key = Key::<Aes128Gcm>::from_slice(aes_key.as_slice());
        let cipher = Aes128Gcm::new(key);
        let nonce = Nonce::from_slice(nonce.as_slice());
        let plaintext = cipher.decrypt(nonce, ciphertext.as_ref()).unwrap();
        plaintext
    }

    

    /// Generates an AES-128 16-byte key from an X25519 shared secret
    fn key_from_x25519_shared_secret(shared_secret: Vec<u8>) -> Vec<u8> {
        let hk = Hkdf::<Sha256>::new(None, &shared_secret);
        let mut aes_key = Box::new([0u8; 16]);
        hk.expand(b"aes key", &mut *aes_key).unwrap();
        aes_key.to_vec()
    }

    
    
    /// Generates an AES nonce
    fn generate_nonce() -> Vec<u8> {
        let mut os_rng = OsRng;
        let mut nonce = [0u8; 12];
        os_rng.fill_bytes(&mut nonce);
        nonce.to_vec()
    }

    
}