[−][src]Crate yaca
YACA - Yet Another Crypto API. Bindings for C library YACA
Examples
use std::ffi::CString; use yaca::{self, prelude::*}; use yaca::{Key, KeyType, KeyLength, KeyFormat, KeyFileFormat, EncryptContext, DecryptContext, EncryptAlgorithm, BlockCipherMode, Padding}; pub const MSG: &[u8] = b"Lorem ipsum dolor sit amet."; fn main() -> Result<(), Box<dyn std::error::Error>> { // Start yaca::initialize()?; // Key generate/export/import example: let key = Key::generate(&KeyType::RsaPrivate, &KeyLength::Bits(512))?; let p = CString::new("password")?; let data = key.export(&KeyFormat::Default, &KeyFileFormat::Pem, Some(&p))?; let key = Key::import(&data, &KeyType::RsaPrivate, Some(&p))?; println!("{:?}: {:?}", key.get_type()?, key.get_length()?); // Encrypt/decrypt example: // Prepare let algo = EncryptAlgorithm::Aes; let cbc = BlockCipherMode::Cbc; let key_len = KeyLength::Bits(256); let sym_key = Key::generate(&KeyType::Symmetric, &key_len)?; let iv_len = EncryptContext::get_iv_length(&algo, &cbc, &key_len)?; let iv = match &iv_len { None => None, Some(x) => Some(Key::generate(&KeyType::Iv, x)?), }; if let Some(x) = &iv { println!("IV_used: {:?}: {:?}", x.get_type()?, x.get_length()?); }; // Encrypt let ctx = EncryptContext::initialize(&algo, &cbc, &sym_key, iv.as_ref())?; ctx.set_property_padding(&Padding::Pkcs7)?; let mut cipher: Vec<u8> = Vec::new(); for i in MSG.chunks(5) { cipher.append(&mut ctx.update(i)?); }; cipher.append(&mut ctx.finalize()?); // Decrypt let ctx = DecryptContext::initialize(&algo, &cbc, &sym_key, iv.as_ref())?; ctx.set_property_padding(&Padding::Pkcs7)?; let mut plain: Vec<u8> = Vec::new(); for i in cipher.chunks(5) { plain.append(&mut ctx.update(i)?); }; plain.append(&mut ctx.finalize()?); // Check assert_eq!(MSG, plain); let plain = CString::new(plain)?; println!("{}", plain.to_str()?); // Finish Ok(yaca::cleanup()) }
Simple API:
Defined by functions named Yaca::simple_*
Design constraints:
- All operations are single-shot (no streaming possible)
- Context is not used
- Only digest, signatures and symmetric ciphers are supported
- Disabling PKCS#7 padding for ECB and CBC chaining is not supported
- Changing the default PKCS#1 padding for sign/verify is not supported
- GCM and CCM chaining is not supported
- RC2 effective key bits property is not supported
use std::ffi::CString; use yaca::{self, prelude::*}; use yaca::{Key, KeyType, KeyLength, EncryptAlgorithm, BlockCipherMode}; pub const MSG: &[u8] = b"Lorem ipsum dolor sit amet."; fn main() -> Result<(), Box<dyn std::error::Error>> { // Start yaca::initialize()?; // Simple encrypt/decrypt of empty data let sym_key = Key::generate(&KeyType::Symmetric, &KeyLength::Bits(256))?; let v = yaca::simple_encrypt(&EncryptAlgorithm::UnsafeRc4, &BlockCipherMode::None, &sym_key, None, &Vec::new())?; assert!(v.is_empty()); let v = yaca::simple_decrypt(&EncryptAlgorithm::UnsafeRc4, &BlockCipherMode::None, &sym_key, None, &Vec::new())?; assert!(v.is_empty()); // Simple encrypt/decrypt let iv = Key::generate(&KeyType::Iv, &KeyLength::Bits(128))?; let cipher = yaca::simple_encrypt(&EncryptAlgorithm::Aes, &BlockCipherMode::Cbc, &sym_key, Some(&iv), MSG)?; let plain = yaca::simple_decrypt(&EncryptAlgorithm::Aes, &BlockCipherMode::Cbc, &sym_key, Some(&iv), &cipher)?; // Check for simple assert_eq!(MSG, plain); let plain = CString::new(plain)?; println!("{}", plain.to_str()?); // Finish Ok(yaca::cleanup()) }
Re-exports
pub use types::KeyLengthEc::*; |
pub use types::KeyLengthDh::*; |
Modules
prelude | Include this prelude with |
Structs
DecryptContext | Context for |
DigestContext | Context for |
EncryptContext | Context for |
Key | Type representing a cryptography key, an Initialization Vector or key generation parameters |
OpenContext | Context for |
SealContext | Context for |
SignContext | Context for |
VerifyContext | Context for |
Enums
BlockCipherMode | Enumeration of YACA chaining modes for block ciphers |
DigestAlgorithm | Enumeration of YACA message digest algorithms |
EncryptAlgorithm | Enumeration of YACA symmetric encryption algorithms |
Error | Enumeration of YACA error values returned from the C library |
Kdf | Enumeration of YACA key derivation functions |
KeyFileFormat | Enumeration of YACA key file formats |
KeyFormat | Enumeration of YACA key formats |
KeyLength | Enumeration of YACA key lengths |
KeyLengthDh | Enumeration of various YACA DH parameters including RFC 5114 |
KeyLengthEc | Enumeration of YACA elliptic curve types with their bit lengths |
KeyType | Enumeration of YACA key types, Initialization Vector is considered as key |
Padding | Enumeration of YACA paddings |
Traits
ContextWithPadding | Implementation of Padding property |
ContextWithRc2Supported | Implementation of RC2 effective key bits property |
ContextWithXcmDecryptProperties | Implementation of GCM/CCM properties for |
ContextWithXcmEncryptProperties | Implementation of GCM/CCM properties for |
Functions
cleanup | Cleans up the library |
initialize | Initializes the library |
memcmp | Safely compares requested number of bytes of two buffers |
random_bytes | Generates random data |
rsa_private_decrypt | Decrypts data using a RSA private key (low-level decrypt equivalent) |
rsa_private_encrypt | Encrypts data using a RSA private key (low-level sign equivalent) |
rsa_public_decrypt | Decrypts data using a RSA public key (low-level verify equivalent) |
rsa_public_encrypt | Encrypts data using a RSA public key (low-level encrypt equivalent) |
simple_calculate_cmac | Calculates a CMAC of given message using symmetric key |
simple_calculate_digest | Calculates a digest of a message |
simple_calculate_hmac | Calculates a HMAC of given message using symmetric key |
simple_calculate_signature | Creates a signature using asymmetric private key |
simple_decrypt | Decrypts data using a symmetric cipher |
simple_encrypt | Encrypts data using a symmetric cipher |
simple_verify_signature | Verifies a signature using asymmetric public key |
Type Definitions
Result |