hacl 0.0.2

Crypto library using formally verified code from the HACL project
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68

use hacl::aead::{self, Aead, Algorithm};
#[test]
fn stateful() {
    // ANCHOR: stateful
    let key = [
        0x5b, 0x96, 0x04, 0xfe, 0x14, 0xea, 0xdb, 0xa9, 0x31, 0xb0, 0xcc, 0xf3, 0x48, 0x43, 0xda,
        0xb9, 0x5b, 0x96, 0x04, 0xfe, 0x14, 0xea, 0xdb, 0xa9, 0x31, 0xb0, 0xcc, 0xf3, 0x48, 0x43,
        0xda, 0xb9,
    ];
    // ANCHOR: stateful_cipher
    let cipher = Aead::new(Algorithm::Chacha20Poly1305, &key).unwrap();
    // ANCHOR_END: stateful_cipher

    let iv = [
        0x02, 0x83, 0x18, 0xab, 0xc1, 0x82, 0x40, 0x29, 0x13, 0x81, 0x41, 0xa2,
    ];
    let msg = [
        0x00, 0x1d, 0x0c, 0x23, 0x12, 0x87, 0xc1, 0x18, 0x27, 0x84, 0x55, 0x4c, 0xa3, 0xa2, 0x19,
        0x08,
    ];
    let aad = [];

    // ANCHOR: stateful_encrypt
    let (ciphertext, tag) = cipher.encrypt(&msg, &iv, &aad).unwrap();
    let msg_ = cipher.decrypt(&ciphertext, &tag, &iv, &aad).unwrap();
    // ANCHOR_END: stateful_encrypt

    assert_eq!(&msg[..], &msg_[..]);
    // ANCHOR_END: stateful
}

#[test]
fn single_shot() {
    // ANCHOR: single_shot
    let key = [
        0x5b, 0x96, 0x04, 0xfe, 0x14, 0xea, 0xdb, 0xa9, 0x31, 0xb0, 0xcc, 0xf3, 0x48, 0x43, 0xda,
        0xb9, 0x5b, 0x96, 0x04, 0xfe, 0x14, 0xea, 0xdb, 0xa9, 0x31, 0xb0, 0xcc, 0xf3, 0x48, 0x43,
        0xda, 0xb9,
    ];
    let iv = [
        0x02, 0x83, 0x18, 0xab, 0xc1, 0x82, 0x40, 0x29, 0x13, 0x81, 0x41, 0xa2,
    ];
    let msg = [
        0x00, 0x1d, 0x0c, 0x23, 0x12, 0x87, 0xc1, 0x18, 0x27, 0x84, 0x55, 0x4c, 0xa3, 0xa2, 0x19,
        0x08,
    ];
    let aad = [];

    // ANCHOR: single_shot_encrypt
    let (ciphertext, tag) =
        aead::encrypt(Algorithm::Chacha20Poly1305, &key, &msg, &iv, &aad).unwrap();
    // ANCHOR_END: single_shot_encrypt

    // ANCHOR: single_shot_decrypt
    let msg_ = aead::decrypt(
        Algorithm::Chacha20Poly1305,
        &key,
        &ciphertext,
        &tag,
        &iv,
        &aad,
    )
    .unwrap();
    // ANCHOR_END: single_shot_decrypt

    assert_eq!(&msg[..], &msg_[..]);
    // ANCHOR_END: single_shot
}