Enum Cipher 

#[non_exhaustive]
pub enum Cipher {
    None,
    Aes128Cbc,
    Aes192Cbc,
    Aes256Cbc,
    Aes128Ctr,
    Aes192Ctr,
    Aes256Ctr,
    Aes128Gcm,
    Aes256Gcm,
    ChaCha20Poly1305,
    TdesCbc,
}

Cipher algorithms.

A “cipher” within the scope of SSH was originally described in RFC4253 § 6.3 as a part of of the packet encryption protocol, where it refers to the combination of a symmetric block cipher, such as AES or 3DES, with a particular mode of operation, such as CBC or CTR.

This has been subsequently expanded by other standards documents, and now includes modern authenticated or “AEAD” modes such as AES-GCM and ChaCha20Poly1305, which we recommend and are marked with a ✅ in the table below.

Below is a table of the ciphers we support and what standards document defines them, along with which crate feature needs to be enabled to perform encryption with a given algorithm:

Cipher name	Feature	AEAD	Algorithm	Standard
3des-cbc	tdes	⛔	3DES-CBC	RFC4253 § 6.3
aes128‑cbc	aes	⛔	AES-128-CBC	RFC4253 § 6.3
aes192‑cbc	aes	⛔	AES-192-CBC	RFC4253 § 6.3
aes256‑cbc	aes	⛔	AES-256-CBC	RFC4253 § 6.3
aes128‑ctr	aes	⛔	AES-128-CTR	RFC4344
aes192‑ctr	aes	⛔	AES-192-CTR	RFC4344
aes256‑ctr	aes	⛔	AES-256-CTR	RFC4344
aes128‑gcm@openssh.com	aes	✅	AES-128-GCM	RFC5647
aes256‑gcm@openssh.com	aes	✅	AES-256-GCM	RFC5647
chacha20‑poly1305@openssh.com	chacha20poly1305	✅	ChaCha20Poly1305†	PROTOCOL.chacha20poly1305

† The construction called “ChaCha20Poly1305” as used by OpenSSH is different from other constructions with that name including the one defined in RFC8439 and the one found in NaCl variants like libsodium. See ChaCha20Poly1305 for more information.

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

None

none: no cipher.

Aes128Cbc

aes128-cbc: AES-128 in cipher block chaining (CBC) mode.

Aes192Cbc

aes192-cbc: AES-192 in cipher block chaining (CBC) mode.

Aes256Cbc

aes256-cbc: AES-256 in cipher block chaining (CBC) mode.

Aes128Ctr

aes128-ctr: AES-128 in counter (CTR) mode.

Aes192Ctr

aes192-ctr: AES-192 in counter (CTR) mode.

Aes256Ctr

aes256-ctr: AES-256 in counter (CTR) mode.

Aes128Gcm

aes128-gcm@openssh.com: AES-128 in Galois/Counter Mode (GCM).

Aes256Gcm

aes256-gcm@openssh.com: AES-256 in Galois/Counter Mode (GCM).

ChaCha20Poly1305

chacha20-poly1305@openssh.com: ChaCha20-Poly1305

TdesCbc

3des-cbc: TripleDES in block chaining (CBC) mode

Implementations

impl Cipher

pub fn new(ciphername: &str) -> Result<Self, LabelError>

Decode cipher algorithm from the given ciphername.

Supported cipher names

• aes128-cbc
• aes192-cbc
• aes256-cbc
• aes128-ctr
• aes192-ctr
• aes256-ctr
• aes128-gcm@openssh.com
• aes256-gcm@openssh.com
• chacha20-poly1305@openssh.com
• 3des-cbc

Errors

Returns LabelError if the provided ciphername is unknown.

pub fn as_str(self) -> &'static str

Get the string identifier which corresponds to this algorithm.

pub fn key_and_iv_size(self) -> Option<(usize, usize)>

Get the key and IV size for this cipher in bytes.

pub fn block_size(self) -> usize

Get the block size for this cipher in bytes.

pub fn padding_len(self, input_size: usize) -> usize

Compute the length of padding necessary to pad the given input to the block size.

pub fn has_tag(self) -> bool

Does this cipher have an authentication tag? (i.e. is it an AEAD mode?)

pub fn is_none(self) -> bool

Is this cipher none?

pub fn is_some(self) -> bool

Is the cipher anything other than none?

pub fn decrypt( self, key: &[u8], iv: &[u8], buffer: &mut [u8], tag: Option<Tag>, ) -> Result<()>

Decrypt the ciphertext in the buffer in-place using this cipher.

Errors

Returns Error::Length in the event that buffer is not a multiple of the cipher’s block size.

pub fn decryptor<C>(self, key: &[u8], iv: &[u8]) -> Result<Decryptor<C>>

where C: BlockCipher,

Available on crate features aes or tdes only.

Get a stateful block_cipher::Decryptor for the given key and IV.

Only applicable to unauthenticated modes (e.g. AES-CBC, AES-CTR). Not usable with authenticated modes which are inherently one-shot (AES-GCM, ChaCha20Poly1305).

Errors

Propagates errors from block_cipher::Decryptor::new.

pub fn encrypt( self, key: &[u8], iv: &[u8], buffer: &mut [u8], ) -> Result<Option<Tag>>

Encrypt the ciphertext in the buffer in-place using this cipher.

Errors

Returns Error::Length in the event that buffer is not a multiple of the cipher’s block size.

pub fn encryptor<C>(self, key: &[u8], iv: &[u8]) -> Result<Encryptor<C>>

where C: BlockCipher,

Available on crate features aes or tdes only.

Get a stateful block_cipher::Encryptor for the given key and IV.

Only applicable to unauthenticated modes (e.g. AES-CBC, AES-CTR). Not usable with authenticated modes which are inherently one-shot (AES-GCM, ChaCha20Poly1305).

Errors

Propagates errors from block_cipher::Encryptor::new.

Trait Implementations

impl AsRef<str> for Cipher

fn as_ref(&self) -> &str

Converts this type into a shared reference of the (usually inferred) input type.

impl Clone for Cipher

fn clone(&self) -> Cipher

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Cipher

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Display for Cipher

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl FromStr for Cipher

type Err = LabelError

The associated error which can be returned from parsing.

fn from_str(ciphername: &str) -> Result<Self, LabelError>

Parses a string s to return a value of this type.

impl Hash for Cipher

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for Cipher

fn cmp(&self, other: &Cipher) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

where Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

where Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

where Self: Sized,

Restrict a value to a certain interval.

impl PartialEq for Cipher

fn eq(&self, other: &Cipher) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for Cipher

fn partial_cmp(&self, other: &Cipher) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl Copy for Cipher

impl Eq for Cipher

impl Label for Cipher

impl StructuralPartialEq for Cipher