aead: Add in-place API based on Buffer trait
#59
Conversation
| categories = ["cryptography", "no-std"] | ||
|
|
||
| [dependencies] | ||
| generic-array = { version = "0.12", default-features = false } | ||
| heapless = { version = "0.5", optional = true } |
There was a problem hiding this comment.
Alternatively we could define our own heapless::Vec-like type which wraps a GenericArray<u8, N> and does the minimum necessary to impl the Buffer trait, which would eliminate this dependency. But heapless seems relatively popular in the embedded space.
|
@newpavlov mind taking a look at this? (and #58) |
|
@tarcieri I am a bit hesitant about this PR, looks like it will be a bit weird to work with modes which store tag in prefix. And the |
Defines a `Buffer` trait for `Vec`-like types which impl `AsRef<[u8]>`, `AsMut<[u8]>`, `extend_from_slice()`, and `truncate()`, and optionally impls it for `Vec<u8>` (when the `alloc` feature is enabled), along with the option to use `heapless::Vec` (when the `heapless` feature is enabled), providing a true `#![no_std]`-friendly option. Uses `impl Buffer` as the argument for `encrypt_in_place` and `decrypt_in_place`, with default implementations that assume a postfix authentication tag. This allows these methods to handle ciphertext assembly and parsing, after which they can invoke the `_detached` APIs.
Done
I think it will work great with the In that case, you'd extend the buffer by the tag length with e.g. zeroes for encryption, encrypt with an offset, and return the buffer. For decryption, copy the tag out to a type, and then do offset in-place decryption, offsetting the plaintext back to the beginning of the buffer, and truncating.
Not immediately. It's a proposal and I'm happy to both think about it and try some alternative designs. Perhaps |
|
(Note: the test failure looks unrelated) |
|
Hm, your arguments are reasonable. Let's merge it then and see how this API will play out. I will release v0.1.2 with both PRs right away. |
|
As for CI failure, looks like we will have to disable no-std build for the time being, since |
|
@newpavlov awesome! In that case, it will be interesting to shift the current |
|
I guess another random thought I had about these was splitting the alloc/in-place buffered/detached methods into separate traits with blanket impls, but I think having one trait and some running code which uses it might be more helpful to start with. That said, would love to have a release with these in it to update the AEAD impls to use. |
|
I think there is still a sizable room for improvements, but it will require a certain amount of deliberation and design work, ideally supported by user experience reports.
Duh, the CI failure should be fixed by simply removing |
|
@newpavlov awesome, thanks a lot! |
NOTE: This PR includes the commit which adds the detached API from #58. It might make sense to review that first.
This PR adds a
Buffertrait forVec-like types which implAsRef<[u8]>,AsMut<[u8]>,extend_from_slice(), andtruncate(), and optionally impls it forVec<u8>(when theallocfeature is enabled), along with the option to useheapless::Vec(when theheaplessfeature is enabled), providing a true#![no_std]-friendly option.Uses
impl Bufferas the argument forencrypt_in_placeanddecrypt_in_place, with default implementations that assume a postfix authentication tag. This allows these methods to handle ciphertext assembly and parsing, after which they can invoke the_detachedAPIs.