Expand description
YACA - Yet Another Crypto API. Bindings for C library YACA
§Examples
use std::ffi::CString;
use yaca::{self, prelude::*};
use yaca::{Key, KeyType, KeyLength, KeyFormat, KeyFileFormat, EncryptContext,
DecryptContext, EncryptAlgorithm, BlockCipherMode, Padding};
pub const MSG: &[u8] = b"Lorem ipsum dolor sit amet.";
fn main() -> Result<(), Box<dyn std::error::Error>>
{
// Start
yaca::initialize()?;
// Key generate/export/import example:
let key = Key::generate(&KeyType::RsaPrivate,
&KeyLength::Bits(512))?;
let p = CString::new("password")?;
let data = key.export(&KeyFormat::Default, &KeyFileFormat::Pem, Some(&p))?;
let key = Key::import(&data, &KeyType::RsaPrivate, Some(&p))?;
println!("{:?}: {:?}", key.get_type()?, key.get_length()?);
// Encrypt/decrypt example:
// Prepare
let algo = EncryptAlgorithm::Aes;
let cbc = BlockCipherMode::Cbc;
let key_len = KeyLength::Bits(256);
let sym_key = Key::generate(&KeyType::Symmetric, &key_len)?;
let iv_len = EncryptContext::get_iv_length(&algo, &cbc, &key_len)?;
let iv = match &iv_len {
None => None,
Some(x) => Some(Key::generate(&KeyType::Iv, x)?),
};
if let Some(x) = &iv {
println!("IV_used: {:?}: {:?}", x.get_type()?, x.get_length()?);
};
// Encrypt
let ctx = EncryptContext::initialize(&algo, &cbc, &sym_key, iv.as_ref())?;
ctx.set_property_padding(&Padding::Pkcs7)?;
let mut cipher: Vec<u8> = Vec::new();
for i in MSG.chunks(5) {
cipher.append(&mut ctx.update(i)?);
};
cipher.append(&mut ctx.finalize()?);
// Decrypt
let ctx = DecryptContext::initialize(&algo, &cbc, &sym_key, iv.as_ref())?;
ctx.set_property_padding(&Padding::Pkcs7)?;
let mut plain: Vec<u8> = Vec::new();
for i in cipher.chunks(5) {
plain.append(&mut ctx.update(i)?);
};
plain.append(&mut ctx.finalize()?);
// Check
assert_eq!(MSG, plain);
let plain = CString::new(plain)?;
println!("{}", plain.to_str()?);
// Finish
Ok(yaca::cleanup())
}§Simple API:
Defined by functions named Yaca::simple_*
Design constraints:
- All operations are single-shot (no streaming possible)
- Context is not used
- Only digest, signatures and symmetric ciphers are supported
- Disabling PKCS#7 padding for ECB and CBC chaining is not supported
- Changing the default PKCS#1 padding for sign/verify is not supported
- GCM and CCM chaining is not supported
- RC2 effective key bits property is not supported
use std::ffi::CString;
use yaca::{self, prelude::*};
use yaca::{Key, KeyType, KeyLength, EncryptAlgorithm, BlockCipherMode};
pub const MSG: &[u8] = b"Lorem ipsum dolor sit amet.";
fn main() -> Result<(), Box<dyn std::error::Error>>
{
// Start
yaca::initialize()?;
// Simple encrypt/decrypt of empty data
let sym_key = Key::generate(&KeyType::Symmetric, &KeyLength::Bits(256))?;
let v = yaca::simple_encrypt(&EncryptAlgorithm::UnsafeRc4, &BlockCipherMode::None,
&sym_key, None, &Vec::new())?;
assert!(v.is_empty());
let v = yaca::simple_decrypt(&EncryptAlgorithm::UnsafeRc4, &BlockCipherMode::None,
&sym_key, None, &Vec::new())?;
assert!(v.is_empty());
// Simple encrypt/decrypt
let iv = Key::generate(&KeyType::Iv, &KeyLength::Bits(128))?;
let cipher = yaca::simple_encrypt(&EncryptAlgorithm::Aes, &BlockCipherMode::Cbc,
&sym_key, Some(&iv), MSG)?;
let plain = yaca::simple_decrypt(&EncryptAlgorithm::Aes, &BlockCipherMode::Cbc,
&sym_key, Some(&iv), &cipher)?;
// Check for simple
assert_eq!(MSG, plain);
let plain = CString::new(plain)?;
println!("{}", plain.to_str()?);
// Finish
Ok(yaca::cleanup())
}Re-exports§
pub use types::KeyLengthEc::*;pub use types::KeyLengthDh::*;
Modules§
- prelude
- Include this prelude with
use yaca::prelude::*to access required traits.
Structs§
- Decrypt
Context - Context for
Decryptoperations - Digest
Context - Context for
Digestoperations - Encrypt
Context - Context for
Encryptoperations - Key
- Type representing a cryptography key, an Initialization Vector or key generation parameters
- Open
Context - Context for
Openoperations - Seal
Context - Context for
Sealoperations - Sign
Context - Context for
Signoperations - Verify
Context - Context for
Verifyoperations
Enums§
- Block
Cipher Mode - Enumeration of YACA chaining modes for block ciphers
- Digest
Algorithm - Enumeration of YACA message digest algorithms
- Encrypt
Algorithm - Enumeration of YACA symmetric encryption algorithms
- Error
- Enumeration of YACA error values returned from the C library
- Kdf
- Enumeration of YACA key derivation functions
- KeyFile
Format - Enumeration of YACA key file formats
- KeyFormat
- Enumeration of YACA key formats
- KeyLength
- Enumeration of YACA key lengths
- KeyLength
Dh - Enumeration of various YACA DH parameters including RFC 5114
- KeyLength
Ec - Enumeration of YACA elliptic curve types with their bit lengths
- KeyType
- Enumeration of YACA key types, Initialization Vector is considered as key
- Padding
- Enumeration of YACA paddings
Traits§
- Context
With Padding - Implementation of Padding property
- Context
With Rc2Supported - Implementation of RC2 effective key bits property
- Context
With XcmDecrypt Properties - Implementation of GCM/CCM properties for
Decrypt/Open - Context
With XcmEncrypt Properties - Implementation of GCM/CCM properties for
Encrypt/Seal
Functions§
- cleanup
- Cleans up the library
- initialize
- Initializes the library
- memcmp
- Safely compares requested number of bytes of two buffers
- random_
bytes - Generates random data
- rsa_
private_ decrypt - Decrypts data using a RSA private key (low-level decrypt equivalent)
- rsa_
private_ encrypt - Encrypts data using a RSA private key (low-level sign equivalent)
- rsa_
public_ decrypt - Decrypts data using a RSA public key (low-level verify equivalent)
- rsa_
public_ encrypt - Encrypts data using a RSA public key (low-level encrypt equivalent)
- simple_
calculate_ cmac - Calculates a CMAC of given message using symmetric key
- simple_
calculate_ digest - Calculates a digest of a message
- simple_
calculate_ hmac - Calculates a HMAC of given message using symmetric key
- simple_
calculate_ signature - Creates a signature using asymmetric private key
- simple_
decrypt - Decrypts data using a symmetric cipher
- simple_
encrypt - Encrypts data using a symmetric cipher
- simple_
verify_ signature - Verifies a signature using asymmetric public key