Skip to main content

crypto_dispatch/algorithms/
aes256_gcm.rs

1// SPDX-FileCopyrightText: Copyright © 2026 ReallyMe LLC. All rights reserved
2//
3// SPDX-License-Identifier: Apache-2.0
4
5use zeroize::Zeroizing;
6
7use crate::traits::{AeadCipherAlgorithm, AeadParams};
8use crate::AlgorithmError;
9use crypto_core::AeadAlgorithm;
10
11/// AES-128-GCM AEAD adapter.
12pub struct Aes128GcmAlgo;
13
14impl AeadCipherAlgorithm for Aes128GcmAlgo {
15    const ALG: AeadAlgorithm = AeadAlgorithm::Aes128Gcm;
16
17    fn encrypt(params: &AeadParams<'_>, plaintext: &[u8]) -> Result<Vec<u8>, AlgorithmError> {
18        #[cfg(any(feature = "native", all(feature = "wasm", target_arch = "wasm32")))]
19        {
20            let key = crypto_aes256_gcm::Aes128GcmKey::from_slice(params.key)?;
21            let nonce = crypto_aes256_gcm::Aes128GcmNonce::from_slice(params.nonce)?;
22            let request = crypto_aes256_gcm::Aes128GcmEncryptRequest {
23                key: &key,
24                nonce,
25                aad: params.aad,
26                plaintext,
27            };
28            let sealed = crypto_aes256_gcm::encrypt_aes128_gcm(&request)?;
29            Ok(sealed.into_vec())
30        }
31
32        #[cfg(not(any(feature = "native", all(feature = "wasm", target_arch = "wasm32"))))]
33        {
34            let _ = (params, plaintext);
35            Err(AlgorithmError::UnsupportedAeadAlgorithm(Self::ALG))
36        }
37    }
38
39    fn decrypt(
40        params: &AeadParams<'_>,
41        ciphertext_with_tag: &[u8],
42    ) -> Result<Zeroizing<Vec<u8>>, AlgorithmError> {
43        #[cfg(any(feature = "native", all(feature = "wasm", target_arch = "wasm32")))]
44        {
45            let key = crypto_aes256_gcm::Aes128GcmKey::from_slice(params.key)?;
46            let nonce = crypto_aes256_gcm::Aes128GcmNonce::from_slice(params.nonce)?;
47            let ciphertext =
48                crypto_aes256_gcm::CiphertextWithTag::from_vec(ciphertext_with_tag.to_vec())?;
49            let request = crypto_aes256_gcm::Aes128GcmDecryptRequest {
50                key: &key,
51                nonce,
52                aad: params.aad,
53                ciphertext: &ciphertext,
54            };
55            let plaintext = crypto_aes256_gcm::decrypt_aes128_gcm(&request)?;
56            Ok(Zeroizing::new(plaintext))
57        }
58
59        #[cfg(not(any(feature = "native", all(feature = "wasm", target_arch = "wasm32"))))]
60        {
61            let _ = (params, ciphertext_with_tag);
62            Err(AlgorithmError::UnsupportedAeadAlgorithm(Self::ALG))
63        }
64    }
65}
66
67/// AES-192-GCM AEAD adapter.
68pub struct Aes192GcmAlgo;
69
70impl AeadCipherAlgorithm for Aes192GcmAlgo {
71    const ALG: AeadAlgorithm = AeadAlgorithm::Aes192Gcm;
72
73    fn encrypt(params: &AeadParams<'_>, plaintext: &[u8]) -> Result<Vec<u8>, AlgorithmError> {
74        #[cfg(any(feature = "native", all(feature = "wasm", target_arch = "wasm32")))]
75        {
76            let key = crypto_aes256_gcm::Aes192GcmKey::from_slice(params.key)?;
77            let nonce = crypto_aes256_gcm::Aes192GcmNonce::from_slice(params.nonce)?;
78            let request = crypto_aes256_gcm::Aes192GcmEncryptRequest {
79                key: &key,
80                nonce,
81                aad: params.aad,
82                plaintext,
83            };
84            let sealed = crypto_aes256_gcm::encrypt_aes192_gcm(&request)?;
85            Ok(sealed.into_vec())
86        }
87
88        #[cfg(not(any(feature = "native", all(feature = "wasm", target_arch = "wasm32"))))]
89        {
90            let _ = (params, plaintext);
91            Err(AlgorithmError::UnsupportedAeadAlgorithm(Self::ALG))
92        }
93    }
94
95    fn decrypt(
96        params: &AeadParams<'_>,
97        ciphertext_with_tag: &[u8],
98    ) -> Result<Zeroizing<Vec<u8>>, AlgorithmError> {
99        #[cfg(any(feature = "native", all(feature = "wasm", target_arch = "wasm32")))]
100        {
101            let key = crypto_aes256_gcm::Aes192GcmKey::from_slice(params.key)?;
102            let nonce = crypto_aes256_gcm::Aes192GcmNonce::from_slice(params.nonce)?;
103            let ciphertext =
104                crypto_aes256_gcm::CiphertextWithTag::from_vec(ciphertext_with_tag.to_vec())?;
105            let request = crypto_aes256_gcm::Aes192GcmDecryptRequest {
106                key: &key,
107                nonce,
108                aad: params.aad,
109                ciphertext: &ciphertext,
110            };
111            let plaintext = crypto_aes256_gcm::decrypt_aes192_gcm(&request)?;
112            Ok(Zeroizing::new(plaintext))
113        }
114
115        #[cfg(not(any(feature = "native", all(feature = "wasm", target_arch = "wasm32"))))]
116        {
117            let _ = (params, ciphertext_with_tag);
118            Err(AlgorithmError::UnsupportedAeadAlgorithm(Self::ALG))
119        }
120    }
121}
122
123/// AES-256-GCM AEAD adapter.
124pub struct Aes256GcmAlgo;
125
126impl AeadCipherAlgorithm for Aes256GcmAlgo {
127    const ALG: AeadAlgorithm = AeadAlgorithm::Aes256Gcm;
128
129    fn encrypt(params: &AeadParams<'_>, plaintext: &[u8]) -> Result<Vec<u8>, AlgorithmError> {
130        #[cfg(any(feature = "native", all(feature = "wasm", target_arch = "wasm32")))]
131        {
132            let key = crypto_aes256_gcm::Aes256GcmKey::from_slice(params.key)?;
133            let nonce = crypto_aes256_gcm::Aes256GcmNonce::from_slice(params.nonce)?;
134            let request = crypto_aes256_gcm::EncryptRequest {
135                key: &key,
136                nonce,
137                aad: params.aad,
138                plaintext,
139            };
140            let sealed = crypto_aes256_gcm::encrypt(&request)?;
141            Ok(sealed.into_vec())
142        }
143
144        #[cfg(not(any(feature = "native", all(feature = "wasm", target_arch = "wasm32"))))]
145        {
146            let _ = (params, plaintext);
147            Err(AlgorithmError::UnsupportedAeadAlgorithm(Self::ALG))
148        }
149    }
150
151    fn decrypt(
152        params: &AeadParams<'_>,
153        ciphertext_with_tag: &[u8],
154    ) -> Result<Zeroizing<Vec<u8>>, AlgorithmError> {
155        #[cfg(any(feature = "native", all(feature = "wasm", target_arch = "wasm32")))]
156        {
157            let key = crypto_aes256_gcm::Aes256GcmKey::from_slice(params.key)?;
158            let nonce = crypto_aes256_gcm::Aes256GcmNonce::from_slice(params.nonce)?;
159            let ciphertext =
160                crypto_aes256_gcm::CiphertextWithTag::from_vec(ciphertext_with_tag.to_vec())?;
161            let request = crypto_aes256_gcm::DecryptRequest {
162                key: &key,
163                nonce,
164                aad: params.aad,
165                ciphertext: &ciphertext,
166            };
167            let plaintext = crypto_aes256_gcm::decrypt(&request)?;
168            Ok(Zeroizing::new(plaintext))
169        }
170
171        #[cfg(not(any(feature = "native", all(feature = "wasm", target_arch = "wasm32"))))]
172        {
173            let _ = (params, ciphertext_with_tag);
174            Err(AlgorithmError::UnsupportedAeadAlgorithm(Self::ALG))
175        }
176    }
177}