Struct ssh_cipher::ChaCha20Poly1305

source · 
pub struct ChaCha20Poly1305 { /* private fields */ }
Available on crate feature chacha20poly1305 only.
Expand description

OpenSSH variant of ChaCha20Poly1305: chacha20-poly1305@openssh.com as described in PROTOCOL.chacha20poly1305.

Differences from ChaCha20Poly1305-IETF as described in RFC8439:

  • Nonce is 64-bit instead of 96-bit (i.e. uses legacy “djb” ChaCha20 variant).
  • The AAD and ciphertext inputs of Poly1305 are not padded.
  • The lengths of ciphertext and AAD are not authenticated using Poly1305.

Implementations§

source§

impl ChaCha20Poly1305

source

pub fn encrypt( &self, nonce: &ChaChaNonce, buffer: &mut [u8], aad_len: usize, ) -> Result<Tag>

Encrypt the provided buffer in-place, returning the Poly1305 authentication tag.

The input buffer should contain the concatenation of any additional associated data (AAD) and the plaintext to be encrypted, where in the context of the SSH packet encryption protocol the AAD represents an encrypted packet length, which is itself 4-bytes / 64-bits.

aad_len is the length of the AAD in bytes:

  • In the context of SSH packet encryption, this should be 4.
  • In the context of SSH key encryption, aad_len should be 0.

The first aad_len bytes of buffer will be unmodified after encryption is completed. Only the data after aad_len will be encrypted.

The resulting Tag authenticates both the AAD and the ciphertext in the buffer.

source

pub fn decrypt( &self, nonce: &ChaChaNonce, buffer: &mut [u8], tag: Tag, aad_len: usize, ) -> Result<()>

Decrypt the provided buffer in-place, verifying it against the provided Poly1305 authentication tag.

The input buffer should contain the concatenation of any additional associated data (AAD) and the ciphertext to be authenticated, where in the context of the SSH packet encryption protocol the AAD represents an encrypted packet length, which is itself 4-bytes / 64-bits.

aad_len is the length of the AAD in bytes:

  • In the context of SSH packet encryption, this should be 4.
  • In the context of SSH key encryption, aad_len should be 0.

The first aad_len bytes of buffer will be unmodified after decryption completes successfully. Only data after aad_len will be decrypted.

Trait Implementations§

source§

impl AeadCore for ChaCha20Poly1305

§

type NonceSize = UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>

The length of a nonce.
§

type TagSize = UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>

The maximum length of the tag.
§

type CiphertextOverhead = UTerm

The upper bound amount of additional space required to support a ciphertext vs. a plaintext.
source§

impl Clone for ChaCha20Poly1305

source§

fn clone(&self) -> ChaCha20Poly1305

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl KeyInit for ChaCha20Poly1305

source§

fn new(key: &ChaChaKey) -> Self

Create new value from fixed size key.
source§

fn new_from_slice(key: &[u8]) -> Result<Self, InvalidLength>

Create new value from variable size key.
source§

impl KeySizeUser for ChaCha20Poly1305

§

type KeySize = UInt<UInt<UInt<UInt<UInt<UInt<UTerm, B1>, B0>, B0>, B0>, B0>, B0>

Key size in bytes.
source§

fn key_size() -> usize

Return key size in bytes.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

default unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.