sframe 1.2.0

pure rust implementation of SFrame (RFC 9605)
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163

//! Example demonstrating a custom crypto backend using a Caesar cipher implementation.
//!
//! This example shows how users can implement their own crypto backend by implementing
//! the `AeadEncrypt`, `AeadDecrypt`, and `KeyDerivation` traits, including a backend-specific
//! secret type (the built-in `Secret` is private to the crate).
//!
//! **Note**: Caesar cipher is NOT cryptographically secure - this is purely for demonstration
//! of the pluggable backend API. The cipher shifts each byte by a derived offset.

use sframe::{
    CipherSuite,
    crypto::{AeadDecrypt, AeadEncrypt, DecryptionBufferView, EncryptionBufferView, KeyDerivation},
    error::{Result, SframeError},
    frame::{MediaFrame, MonotonicCounter},
    header::{Counter, KeyId},
    key::crypto_key::{DecryptionKey, EncryptionKey},
};

/// The secret material produced by [`CaesarKdf`] and consumed by [`CaesarAead`].
///
/// A custom backend defines its own secret type — it can be any shape that suits the algorithm.
/// For a Caesar cipher all we need is the byte offset to shift by.
#[derive(Clone, Debug)]
pub struct CaesarSecret {
    shift: u8,
}

/// Caesar cipher AEAD implementation - shifts each byte by a derived offset.
#[derive(Clone, Debug)]
pub struct CaesarAead {
    cipher_suite: CipherSuite,
}

impl TryFrom<CipherSuite> for CaesarAead {
    type Error = SframeError;

    fn try_from(cipher_suite: CipherSuite) -> Result<Self> {
        // Accept any cipher suite for this demo
        Ok(Self { cipher_suite })
    }
}

impl AeadEncrypt for CaesarAead {
    type Secret = CaesarSecret;

    fn encrypt<'a, B>(&self, secret: &CaesarSecret, buffer: B, _counter: Counter) -> Result<()>
    where
        B: Into<EncryptionBufferView<'a>>,
    {
        let buffer_view: EncryptionBufferView = buffer.into();

        // Caesar cipher: shift each byte forward
        for byte in buffer_view.data.iter_mut() {
            *byte = byte.wrapping_add(secret.shift);
        }

        // Simple authentication tag: sum of all encrypted bytes
        let checksum = buffer_view
            .data
            .iter()
            .fold(0u8, |acc, &b| acc.wrapping_add(b));
        for tag_byte in buffer_view.tag.iter_mut() {
            *tag_byte = checksum;
        }

        Ok(())
    }
}

impl AeadDecrypt for CaesarAead {
    type Secret = CaesarSecret;

    fn decrypt<'a, B>(&self, secret: &CaesarSecret, buffer: B, _counter: Counter) -> Result<()>
    where
        B: Into<DecryptionBufferView<'a>>,
    {
        let buffer_view: DecryptionBufferView = buffer.into();

        // Split the data buffer into actual ciphertext and tag
        let tag_len = self.cipher_suite.auth_tag_len();
        let cipher_len = buffer_view.data.len().saturating_sub(tag_len);

        // Verify tag first (computed on encrypted data)
        let checksum = buffer_view.data[..cipher_len]
            .iter()
            .fold(0u8, |acc, &b| acc.wrapping_add(b));
        let tag = &buffer_view.data[cipher_len..];
        if !tag.iter().all(|&b| b == checksum) {
            return Err(SframeError::DecryptionFailure);
        }

        // Caesar cipher: shift each byte backward to decrypt
        for byte in buffer_view.data[..cipher_len].iter_mut() {
            *byte = byte.wrapping_sub(secret.shift);
        }

        Ok(())
    }
}

/// A fake key derivation that folds the key material into a single shift offset.
pub struct CaesarKdf;

impl KeyDerivation for CaesarKdf {
    type Secret = CaesarSecret;

    fn expand_from<M, K>(
        _cipher_suite: CipherSuite,
        key_material: M,
        _key_id: K,
    ) -> Result<CaesarSecret>
    where
        M: AsRef<[u8]>,
        K: Into<KeyId>,
    {
        // Simple "derivation": sum the key material bytes into a single offset.
        let shift = key_material
            .as_ref()
            .iter()
            .fold(0u8, |acc, &b| acc.wrapping_add(b));

        Ok(CaesarSecret { shift })
    }
}

fn main() -> Result<()> {
    println!("Caesar Cipher Custom Backend Example");
    println!("=====================================\n");

    // Create encryption and decryption keys using our custom backend
    let cipher_suite = CipherSuite::AesGcm128Sha256;
    let key_id = 42u64;
    let key_material = b"my-secret-key-material";

    let enc_key: EncryptionKey<CaesarAead, CaesarKdf> =
        EncryptionKey::derive_from(cipher_suite, key_id, key_material)?;

    let dec_key: DecryptionKey<CaesarAead, CaesarKdf> =
        DecryptionKey::derive_from(cipher_suite, key_id, key_material)?;

    println!("Key ID: {}", enc_key.key_id());
    println!("Cipher Suite: {:?}\n", enc_key.cipher_suite());

    // Prepare some data to encrypt
    let original_data = "Hello, SFrame with custom crypto!";
    println!("Original: {:?}", original_data);

    let mut counter = MonotonicCounter::default();
    let media_frame = MediaFrame::new(&mut counter, original_data);

    let encrypted_frame = media_frame.encrypt(&enc_key)?;
    println!(
        "Encrypted Frame Payload: {:?}",
        encrypted_frame.cipher_text()
    );

    let decrypted_frame = encrypted_frame.decrypt(&dec_key)?;
    println!("Decrypted: {:?}", decrypted_frame.payload());

    assert_eq!(original_data.as_bytes(), decrypted_frame.payload());
    println!("Success! Encryption and decryption with custom backend worked.");
    Ok(())
}