Pure Rust AEAD implementations for the OxiCrypto stack.
| Algorithm | Module | Key / Nonce |
|---|---|---|
| AES-128-GCM | (inline) | 16 / 12 bytes |
| AES-256-GCM | (inline) | 32 / 12 bytes |
| ChaCha20-Poly1305 | (inline) | 32 / 12 bytes |
| AES-128-GCM-SIV | [aes_gcm_siv] |
16 / 12 bytes |
| AES-256-GCM-SIV | [aes_gcm_siv] |
32 / 12 bytes |
| XChaCha20-Poly1305 | [xchacha20] |
32 / 24 bytes |
| AES-128-CCM | [ccm] |
16 / 13 bytes |
| AES-256-CCM | [ccm] |
32 / 13 bytes |
| AES-128-OCB3 | [ocb3_impl] |
16 / 12 bytes |
| AES-256-OCB3 | [ocb3_impl] |
32 / 12 bytes |
| Deoxys-II-128-128 | [deoxys] |
16 / 16 bytes |
Streaming AEAD (STREAM construction)
[stream::Aes256GcmStream] and [stream::ChaCha20Poly1305Stream] implement
the StreamingAead trait using the STREAM chunked construction
(Hoang-Reyhanitabar-Rogaway-Vizár 2015).
Nonce sequences
[nonce_seq::Nonce12] and [nonce_seq::Nonce24] provide monotonic nonce
generators suitable for AES-GCM / XChaCha20 respectively.
Key Wrap (RFC 3394)
[keywrap] provides AES-128-KW and AES-256-KW for wrapping key material.
This is a standalone API that does not implement the Aead trait.
SealedBox
[sealed_box] provides seal_box / open_box helpers that prepend a
randomly-generated nonce to the ciphertext as a single opaque blob.
Random-nonce helper
[seal_with_random_nonce] encrypts plaintext with an on-the-fly random
nonce and returns (nonce, ciphertext_with_tag) separately.