Skip to main content

Module modes

cryptography

Module modes 

Source
Expand description

Generic block-cipher modes of operation.

Implemented in this layer:

  • SP 800-38A confidentiality modes: ECB, CBC, CFB (full-block), CFB8, OFB, CTR
  • SP 800-38B authentication mode: CMAC
  • SP 800-38C authenticated mode: CCM
  • SP 800-38D authenticated mode: GCM / GMAC
  • SP 800-38E storage mode: XTS (128-bit block ciphers only)
  • RFC 3394 / SP 800-38F key wrap mode: AES Key Wrap (no padding)
  • EAX authenticated mode
  • OCB3 authenticated mode (RFC 7253)
  • AES-GCM-SIV misuse-resistant mode (RFC 8452)
  • RFC 5297 misuse-resistant mode: SIV
  • RFC 8439 AEAD: ChaCha20-Poly1305

These adapters are generic over any BlockCipher in the crate, so the same wrapper works with AES, DES, Camellia, PRESENT, and the other block primitives exposed here.

The point of this layer is to separate primitive choice from mode choice: one block cipher implementation can be dropped into several standardized operating modes without duplicating the mode logic in every cipher module.

Re-exports§

pub use chacha20_poly1305::ChaCha20Poly1305;
pub use eax::Eax;
pub use gcm_siv::Aes128GcmSiv;
pub use gcm_siv::Aes256GcmSiv;
pub use ocb::Ocb;
pub use poly1305::Poly1305;
pub use siv::Siv;

Modules§

chacha20_poly1305
ChaCha20-Poly1305 AEAD (RFC 8439).
eax
EAX authenticated encryption mode.
gcm_siv
AES-GCM-SIV (RFC 8452).
ocb
OCB authenticated encryption (RFC 7253, OCB3).
poly1305
Poly1305 one-time authenticator (RFC 8439 / RFC 7539 profile).
siv
Synthetic IV (SIV) authenticated encryption (RFC 5297).

Structs§

AesKeyWrap
AES Key Wrap (RFC 3394) over 64-bit semiblocks with the default IV.
Cbc
Cipher Block Chaining (CBC) mode.
Ccm
Counter with CBC-MAC (CCM) with compile-time detached tag length.
Cfb
Cipher Feedback (CFB) mode with a segment size equal to the full block.
Cfb8
Cipher Feedback (CFB) mode with an 8-bit segment size (CFB8).
Cmac
Cipher-based Message Authentication Code (CMAC).
Ctr
Counter (CTR) mode with a big-endian incrementing counter block.
Ecb
Electronic Codebook (ECB) mode.
Gcm
Galois/Counter Mode (GCM) with a full 128-bit authentication tag.
GcmVt
Variable-time Galois/Counter Mode (GCM) reference path.
Gmac
Galois Message Authentication Code (GMAC).
GmacVt
Variable-time Galois Message Authentication Code (GMAC) reference path.
Ofb
Output Feedback (OFB) mode.
Xts
XEX-based Tweaked CodeBook mode with ciphertext Stealing (XTS).