S2K

sequoia_openpgp::crypto

Enum S2K 

Source 
#[non_exhaustive]
pub enum S2K {
    Argon2 {
        salt: [u8; 16],
        t: u8,
        p: u8,
        m: u8,
    },
    Iterated {
        hash: HashAlgorithm,
        salt: [u8; 8],
        hash_bytes: u32,
    },
    Salted {
        hash: HashAlgorithm,
        salt: [u8; 8],
    },
    Simple {
        hash: HashAlgorithm,
    },
    Implicit,
    Private {
        tag: u8,
        parameters: Option<Box<[u8]>>,
    },
    Unknown {
        tag: u8,
        parameters: Option<Box<[u8]>>,
    },
}
Expand description

String-to-Key (S2K) specifiers.

String-to-key (S2K) specifiers are used to convert password strings into symmetric-key encryption/decryption keys. See Section 3.7 of RFC 9580. This is used to encrypt messages with a password (see SKESK), and to protect secret keys (see key::Encrypted).

Variants (Non-exhaustive)§

This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
§

Argon2

Argon2 Memory-Hard Password Hashing Function.

Fields

§salt: [u8; 16]

The salt.

§t: u8

Number of passes.

§p: u8

Degree of parallelism.

§m: u8

Exponent of memory size.

§

Iterated

Repeatently hashes the password with a public salt value.

Fields

§hash: HashAlgorithm

Hash used for key derivation.

§salt: [u8; 8]

Public salt value mixed into the password.

§hash_bytes: u32

Number of bytes to hash.

This parameter increases the workload for an attacker doing a dictionary attack. Note that not all values are representable. See S2K::new_iterated.

§

Salted

👎Deprecated: Use S2K::Iterated.

Hashes the password with a public salt value.

This mechanism does not use iteration to increase the time it takes to derive the key from the password. This makes dictionary attacks more feasible. Do not use this variant.

Fields

§hash: HashAlgorithm
👎Deprecated: Use S2K::Iterated.

Hash used for key derivation.

§salt: [u8; 8]
👎Deprecated: Use S2K::Iterated.

Public salt value mixed into the password.

§

Simple

👎Deprecated: Use S2K::Iterated.

Simply hashes the password.

This mechanism uses neither iteration to increase the time it takes to derive the key from the password nor does it salt the password. This makes dictionary attacks more feasible.

This mechanism has been deprecated in RFC 4880. Do not use this variant.

Fields

§hash: HashAlgorithm
👎Deprecated: Use S2K::Iterated.

Hash used for key derivation.

§

Implicit

👎Deprecated: Use S2K::Iterated.

Simply hashes the password using MD5

This mechanism uses neither iteration to increase the time it takes to derive the key from the password nor does it salt the password, as well as using a very weak and fast hash algorithm. This makes dictionary attacks more feasible.

This mechanism has been deprecated in RFC 2440. Do not use this variant.

§

Private

Private S2K algorithm.

Fields

§tag: u8

Tag identifying the private algorithm.

Tags 100 to 110 are reserved for private use.

§parameters: Option<Box<[u8]>>

The parameters for the private algorithm.

This is optional, because when we parse a packet containing an unknown S2K algorithm, we do not know how many octets to attribute to the S2K’s parameters. In this case, parameters is set to None. Note that the information is not lost, but stored in the packet. If the packet is serialized again, it is written out.

§

Unknown

Unknown S2K algorithm.

Fields

§tag: u8

Tag identifying the unknown algorithm.

§parameters: Option<Box<[u8]>>

The parameters for the unknown algorithm.

This is optional, because when we parse a packet containing an unknown S2K algorithm, we do not know how many octets to attribute to the S2K’s parameters. In this case, parameters is set to None. Note that the information is not lost, but stored in the packet. If the packet is serialized again, it is written out.

Implementations§

Source§

impl S2K

Source

pub fn new_iterated(hash: HashAlgorithm, approx_hash_bytes: u32) -> Result<Self>

Creates a new iterated S2K object.

Usually, you should use S2Ks Default implementation to create S2K objects with sane default parameters. The parameters are chosen with contemporary machines in mind, and should also be usable on lower-end devices like smartphones.

Using this method, you can tune the parameters for embedded devices. Note, however, that this also decreases the work factor for attackers doing dictionary attacks.

Source

pub fn derive_key( &self, password: &Password, key_size: usize, ) -> Result<SessionKey>

Derives a key of the given size from a password.

Source

pub fn is_supported(&self) -> bool

Returns whether this S2K mechanism is supported.

Trait Implementations§

Source§

impl Clone for S2K

Source§

fn clone(&self) -> S2K

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for S2K

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for S2K

Source§

fn default() -> Self

Returns the “default value” for a type. Read more
Source§

impl Display for S2K

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Hash for S2K

Source§

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher. Read more
1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more
Source§

impl Marshal for S2K

Source§

fn serialize(&self, w: &mut dyn Write) -> Result<()>

Writes a serialized version of the object to o.
Source§

fn export(&self, o: &mut dyn Write) -> Result<()>

Exports a serialized version of the object to o. Read more
Source§

impl MarshalInto for S2K

Source§

fn serialized_len(&self) -> usize

Computes the maximal length of the serialized representation. Read more
Source§

fn serialize_into(&self, buf: &mut [u8]) -> Result<usize>

Serializes into the given buffer. Read more
Source§

fn to_vec(&self) -> Result<Vec<u8>>

Serializes the packet to a vector.
Source§

fn export_into(&self, buf: &mut [u8]) -> Result<usize>

Exports into the given buffer. Read more
Source§

fn export_to_vec(&self) -> Result<Vec<u8>>

Exports to a vector. Read more
Source§

impl<'a> Parse<'a, S2K> for S2K

Source§

fn from_buffered_reader<R>(reader: R) -> Result<Self>
where R: BufferedReader<Cookie> + 'a,

Reads from the given buffered reader. Read more
Source§

fn from_reader<R: 'a + Read + Send + Sync>(reader: R) -> Result<T>

Reads from the given reader. Read more
Source§

fn from_file<P: AsRef<Path>>(path: P) -> Result<T>

Reads from the given file. Read more
Source§

fn from_bytes<D: AsRef<[u8]> + ?Sized + Send + Sync>(data: &'a D) -> Result<T>

Reads from the given slice. Read more
Source§

impl PartialEq for S2K

Source§

fn eq(&self, other: &S2K) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Eq for S2K

Source§

impl StructuralPartialEq for S2K

Auto Trait Implementations§

§

impl Freeze for S2K

§

impl RefUnwindSafe for S2K

§

impl Send for S2K

§

impl Sync for S2K

§

impl Unpin for S2K

§

impl UnwindSafe for S2K

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> MaybeSendSync for T