Struct miscreant::siv::Siv

pub struct Siv<C: Ctr, M: Mac> { /* fields omitted */ }

The SIV misuse resistant block cipher mode of operation

Methods

impl<C: Ctr, M: Mac<OutputSize = U16>> Siv<C, M>

fn new(key: &[u8]) -> Self

Create a new AES-SIV instance

Panics if the key is the wrong length

fn seal_in_place<I, T>(&mut self, associated_data: I, plaintext: &mut [u8]) where
    I: IntoIterator<Item = T>,
    T: AsRef<[u8]>, 

Encrypt the given plaintext in-place, replacing it with the SIV tag and ciphertext. Requires a buffer with 16-bytes additional space.

Usage

It's important to note that only the end of the buffer will be treated as the input plaintext:

let buffer = [0u8; 21];
let plaintext = &buffer[..buffer.len() - 16];

In this case, only the last 5 bytes are treated as the plaintext, since 21 - 16 = 5 (the AES block size is 16-bytes).

The buffer must include an additional 16-bytes of space in which to write the SIV tag (at the beginning of the buffer). Failure to account for this will leave you with plaintext messages that are missing their first 16-bytes!

Panics

Panics if plaintext.len() is less than M::OutputSize. Panics if associated_data.len() is greater than MAX_ASSOCIATED_DATA.

fn open_in_place<'a, I, T>(
    &mut self,
    associated_data: I,
    ciphertext: &'a mut [u8]
) -> Result<&'a [u8], Error> where
    I: IntoIterator<Item = T>,
    T: AsRef<[u8]>, 

Decrypt the given ciphertext in-place, authenticating it against the synthetic IV included in the message.

Returns a slice containing a decrypted message on success.

fn seal<I, T>(&mut self, associated_data: I, plaintext: &[u8]) -> Vec<u8> where
    I: IntoIterator<Item = T>,
    T: AsRef<[u8]>, 

Encrypt the given plaintext, allocating and returning a Vec for the ciphertext

fn open<I, T>(
    &mut self,
    associated_data: I,
    ciphertext: &[u8]
) -> Result<Vec<u8>, Error> where
    I: IntoIterator<Item = T>,
    T: AsRef<[u8]>, 

Decrypt the given ciphertext, allocating and returning a Vec for the plaintext