package core:crypto/aead
Overview
package aead provides a generic interface to the supported Authenticated Encryption with Associated Data algorithms.
Both a one-shot and context based interface are provided, with similar usage. If multiple messages are to be sealed/opened via the same key, the context based interface may be more efficient, depending on the algorithm.
WARNING: Reusing the same key + iv to seal (encrypt) multiple messages results in catastrophic loss of security for most algorithms.
Example:
package aead_example
import "core:bytes"
import "core:crypto"
import "core:crypto/aead"
main :: proc() {
algo := aead.Algorithm.XCHACHA20POLY1305
// The example added associated data, and plaintext.
aad_str := "Get your ass in gear boys."
pt_str := "They're immanetizing the Eschaton."
aad := transmute([]byte)aad_str
plaintext := transmute([]byte)pt_str
pt_len := len(plaintext)
// Generate a random key for the purposes of illustration.
key := make([]byte, aead.KEY_SIZES[algo])
defer delete(key)
crypto.rand_bytes(key)
// `ciphertext || tag`, is a common way data is transmitted, so
// demonstrate that.
buf := make([]byte, pt_len + aead.TAG_SIZES[algo])
defer delete(buf)
ciphertext, tag := buf[:pt_len], buf[pt_len:]
// Seal the AAD + Plaintext.
iv := make([]byte, aead.IV_SIZES[algo])
defer delete(iv)
crypto.rand_bytes(iv) // Random IVs are safe with XChaCha20-Poly1305.
aead.seal(algo, ciphertext, tag, key, iv, aad, plaintext)
// Open the AAD + Ciphertext.
opened_pt := buf[:pt_len]
if ok := aead.open(algo, opened_pt, key, iv, aad, ciphertext, tag); !ok {
panic("aead example: failed to open")
}
assert(bytes.equal(opened_pt, plaintext))
}
Index
Types (3)
Constants (1)
Variables (4)
Procedures (9)
Types
Algorithm ¶
Algorithm :: enum int { Invalid, AES_GCM_128, AES_GCM_192, AES_GCM_256, CHACHA20POLY1305, XCHACHA20POLY1305, }
Algorithm is the algorithm identifier associated with a given Context.
Related Procedures With Parameters
- init
- open_oneshot
- seal_oneshot
- open (procedure groups)
- seal (procedure groups)
Related Procedures With Returns
Context ¶
Context :: struct { _algo: Algorithm, _impl: union { aes.Context_GCM, chacha20poly1305.Context, }, }
Context is a concrete instantiation of a specific AEAD algorithm.
Related Procedures With Parameters
Implementation ¶
Implementation :: union { aes.Implementation, chacha20.Implementation, }
Implementation is an AEAD implementation. Most callers will not need to use this as the package will automatically select the most performant implementation available.
Related Procedures With Parameters
- init
- open_oneshot
- seal_oneshot
- open (procedure groups)
- seal (procedure groups)
Constants
MAX_TAG_SIZE ¶
MAX_TAG_SIZE :: 16
MAX_TAG_SIZE is the maximum size tag that can be returned by any of the Algorithms supported via this package.
Variables
ALGORITHM_NAMES ¶
ALGORITM_NAMES is the Agorithm to algorithm name string.
IV_SIZES ¶
IV_SIZES is the Algorithm to initialization vector size in bytes.
Note: Some algorithms (such as AES-GCM) support variable IV sizes.
Procedures
algorithm ¶
algorithm returns the Algorithm used by a Context instance.
init ¶
init :: proc(ctx: ^Context, algorithm: Algorithm, key: []u8, impl: Implementation = nil) {…}
init initializes a Context with a specific AEAD Algorithm.
iv_size ¶
iv_size returns the IV size of a Context instance in bytes.
open_ctx ¶
open_ctx authenticates the aad and ciphertext, and decrypts the ciphertext, with the provided Context, iv, and tag, and stores the output in dst, returning true iff the authentication was successful. If authentication fails, the destination buffer will be zeroed.
dst and plaintext MUST alias exactly or not at all.
open_oneshot ¶
open_oneshot :: proc( algo: Algorithm, dst, key, iv, aad, ciphertext, tag: []u8, impl: Implementation = nil, ) -> bool {…}
open authenticates the aad and ciphertext, and decrypts the ciphertext, with the provided algorithm, key, iv, and tag, and stores the output in dst, returning true iff the authentication was successful. If authentication fails, the destination buffer will be zeroed.
dst and plaintext MUST alias exactly or not at all.
reset ¶
reset :: proc(ctx: ^Context) {…}
reset sanitizes the Context. The Context must be re-initialized to be used again.
seal_ctx ¶
seal_ctx encrypts the plaintext and authenticates the aad and ciphertext, with the provided Context and iv, stores the output in dst and tag.
dst and plaintext MUST alias exactly or not at all.
seal_oneshot ¶
seal_oneshot :: proc( algo: Algorithm, dst, tag, key, iv, aad, plaintext: []u8, impl: Implementation = nil, ) {…}
seal_oneshot encrypts the plaintext and authenticates the aad and ciphertext, with the provided algorithm, key, and iv, stores the output in dst and tag.
dst and plaintext MUST alias exactly or not at all.
tag_size ¶
tag_size returns the tag size of a Context instance in bytes.
Procedure Groups
open ¶
open :: proc{ open_ctx, open_oneshot, }
seal ¶
seal :: proc{ seal_ctx, seal_oneshot, }
Source Files
Generation Information
Generated with odin version dev-2024-11 (vendor "odin") Windows_amd64 @ 2024-11-16 21:10:09.808901100 +0000 UTC