Enum Ciphers

pub enum Ciphers {
    Aes256Gcm(Box<Aes256Gcm>),
    XChaCha(Box<XChaCha20Poly1305>),
    DeoxysII(Box<DeoxysII256>),
}

This enum defines all possible cipher types, for each AEAD that is supported by dexios-core

Variants

Aes256Gcm(Box<Aes256Gcm>)

XChaCha(Box<XChaCha20Poly1305>)

DeoxysII(Box<DeoxysII256>)

Implementations

impl Ciphers

pub fn initialize( key: Protected<[u8; 32]>, algorithm: &Algorithm, ) -> Result<Self>

This can be used to quickly initialise a Cipher

The returned Cipher can be used for both encryption and decryption

You just need to provide the argon2id/balloon hashed key, and the algorithm to use

Examples

// obviously the key should contain data, not be an empty vec
let raw_key = Protected::new(vec![0u8; 128]);
let salt = gen_salt();
let key = balloon_hash(raw_key, &salt, &HeaderVersion::V4).unwrap();
let cipher = Ciphers::initialize(key, &Algorithm::XChaCha20Poly1305).unwrap();

pub fn encrypt<'msg, 'aad>( &self, nonce: &[u8], plaintext: impl Into<Payload<'msg, 'aad>>, ) -> Result<Vec<u8>>

This can be used to encrypt data with a given Ciphers object

It requires the nonce, and either some plaintext, or an aead::Payload (that contains the plaintext and the AAD)

pub fn encrypt_in_place( &self, nonce: &[u8], aad: &[u8], buffer: &mut dyn Buffer, ) -> Result<(), Error>

pub fn decrypt<'msg, 'aad>( &self, nonce: &[u8], ciphertext: impl Into<Payload<'msg, 'aad>>, ) -> Result<Vec<u8>>

This can be used to decrypt data with a given Ciphers object

It requires the nonce used for encryption, and either some plaintext, or an aead::Payload (that contains the plaintext and the AAD)

NOTE: The data will not decrypt successfully if an AAD was provided for encryption, but is not present/has been modified while decrypting