Authenticated secret-key encryption.
orion::aead can be used to encrypt data in a way that detects if the
encrypted data has been tampered with before decrypting it.
An example of this could be sending messages across networks, where confidentiality and authenticity of these messages is required.
- Both one-shot functions and a
streaming APIare provided.
- The nonce is automatically generated.
- Returns a vector where the first 24 bytes are the nonce and the rest is the authenticated ciphertext with the last 16 bytes being the corresponding Poly1305 tag.
- Uses XChaCha20Poly1305 with no additional data.
- When using
openthen the separation of tags, nonces and ciphertext are automatically handled.
plaintext: The data to be encrypted.
secret_key: The secret key used to encrypt the
ciphertext_with_tag_and_nonce: The data to be decrypted with the first 24 bytes being the nonce and the last 16 bytes being the corresponding Poly1305 tag.
An error will be returned if:
secret_keyis not 32 bytes.
ciphertext_with_tag_and_nonceis less than 41 bytes (
- The received tag does not match the calculated tag when calling
POLY1305_OUTSIZEoverflows when calling
A panic will occur if:
- More than 2^32-1 * 64 bytes of data are processed.
- Failure to generate random bytes securely.
- It is critical for security that a given nonce is not re-used with a given key. Should this happen, the security of all data that has been encrypted with that given key is compromised.
- To securely generate a strong key, use
- The length of the
plaintextis not hidden, only its contents.
use orion::aead; let secret_key = aead::SecretKey::default(); let ciphertext = aead::seal(&secret_key, "Secret message".as_bytes())?; let decrypted_data = aead::open(&secret_key, &ciphertext)?;
Streaming AEAD based on XChaCha20Poly1305.
A type to represent a secret key.
Authenticated decryption using XChaCha20Poly1305.
Authenticated encryption using XChaCha20Poly1305.