oblivion 2.2.1

A fast, lightweight, and secure end-to-end encryption protocol based on ECDHE
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46

//! # Oblivion Encryptor
extern crate ring;

use ring::aead::Aad;
use ring::aead::BoundKey;
use ring::aead::SealingKey;
use ring::aead::UnboundKey;
use ring::aead::AES_128_GCM;
use ring::aead::NONCE_LEN;
use ring::rand::SecureRandom;
use ring::rand::SystemRandom;

use crate::exceptions::Exception;
use crate::types::EncryptedData;

use super::gear::AbsoluteNonceSequence;

/// Encrypt plaintext using AES
pub fn encrypt_plaintext(string: String, aes_key: &[u8]) -> Result<EncryptedData, Exception> {
    let data = string.as_bytes().to_owned();
    encrypt_bytes(data, aes_key)
}

/// Encrypt binary data using AES
pub fn encrypt_bytes(mut bytes: Vec<u8>, aes_key: &[u8]) -> Result<EncryptedData, Exception> {
    let unbound_key = match UnboundKey::new(&AES_128_GCM, aes_key) {
        Ok(key) => key,
        Err(error) => return Err(Exception::EncryptError { error }),
    };

    let mut nonce_bytes = vec![0; NONCE_LEN];
    let rand = SystemRandom::new();
    rand.fill(&mut nonce_bytes).unwrap();

    let nonce_sequence = AbsoluteNonceSequence::new(&nonce_bytes);
    let mut sealing_key = SealingKey::new(unbound_key, nonce_sequence);

    let associated_data = Aad::empty();

    let tag = match sealing_key.seal_in_place_separate_tag(associated_data, &mut bytes) {
        Ok(result) => result,
        Err(error) => return Err(Exception::EncryptError { error }),
    };

    Ok((bytes, tag.as_ref().to_owned(), nonce_bytes))
}