cbc/lib.rs
1//! [Cipher Block Chaining][1] (CBC) mode.
2//!
3//! <img src="https://raw.githubusercontent.com/RustCrypto/media/26acc39f/img/block-modes/cbc_enc.svg" width="49%" />
4//! <img src="https://raw.githubusercontent.com/RustCrypto/media/26acc39f/img/block-modes/cbc_dec.svg" width="49%"/>
5//!
6//! Mode functionality is accessed using traits from re-exported [`cipher`] crate.
7//!
8//! # ⚠️ Security Warning: Hazmat!
9//!
10//! This crate does not ensure ciphertexts are authentic! Thus ciphertext integrity
11//! is not verified, which can lead to serious vulnerabilities!
12//!
13//! # Example
14//! ```
15//! # #[cfg(feature = "block-padding")] {
16//! use aes::cipher::{block_padding::Pkcs7, BlockDecryptMut, BlockEncryptMut, KeyIvInit};
17//! use hex_literal::hex;
18//!
19//! type Aes128CbcEnc = cbc::Encryptor<aes::Aes128>;
20//! type Aes128CbcDec = cbc::Decryptor<aes::Aes128>;
21//!
22//! let key = [0x42; 16];
23//! let iv = [0x24; 16];
24//! let plaintext = *b"hello world! this is my plaintext.";
25//! let ciphertext = hex!(
26//! "c7fe247ef97b21f07cbdd26cb5d346bf"
27//! "d27867cb00d9486723e159978fb9a5f9"
28//! "14cfb228a710de4171e396e7b6cf859e"
29//! );
30//!
31//! // encrypt/decrypt in-place
32//! // buffer must be big enough for padded plaintext
33//! let mut buf = [0u8; 48];
34//! let pt_len = plaintext.len();
35//! buf[..pt_len].copy_from_slice(&plaintext);
36//! let ct = Aes128CbcEnc::new(&key.into(), &iv.into())
37//! .encrypt_padded_mut::<Pkcs7>(&mut buf, pt_len)
38//! .unwrap();
39//! assert_eq!(ct, &ciphertext[..]);
40//!
41//! let pt = Aes128CbcDec::new(&key.into(), &iv.into())
42//! .decrypt_padded_mut::<Pkcs7>(&mut buf)
43//! .unwrap();
44//! assert_eq!(pt, &plaintext);
45//!
46//! // encrypt/decrypt from buffer to buffer
47//! let mut buf = [0u8; 48];
48//! let ct = Aes128CbcEnc::new(&key.into(), &iv.into())
49//! .encrypt_padded_b2b_mut::<Pkcs7>(&plaintext, &mut buf)
50//! .unwrap();
51//! assert_eq!(ct, &ciphertext[..]);
52//!
53//! let mut buf = [0u8; 48];
54//! let pt = Aes128CbcDec::new(&key.into(), &iv.into())
55//! .decrypt_padded_b2b_mut::<Pkcs7>(&ct, &mut buf)
56//! .unwrap();
57//! assert_eq!(pt, &plaintext);
58//! # }
59//! ```
60//!
61//! With enabled `alloc` (or `std`) feature you also can use allocating
62//! convinience methods:
63//! ```
64//! # #[cfg(all(feature = "alloc", feature = "block-padding"))] {
65//! # use aes::cipher::{block_padding::Pkcs7, BlockDecryptMut, BlockEncryptMut, KeyIvInit};
66//! # use hex_literal::hex;
67//! # type Aes128CbcEnc = cbc::Encryptor<aes::Aes128>;
68//! # type Aes128CbcDec = cbc::Decryptor<aes::Aes128>;
69//! # let key = [0x42; 16];
70//! # let iv = [0x24; 16];
71//! # let plaintext = *b"hello world! this is my plaintext.";
72//! # let ciphertext = hex!(
73//! # "c7fe247ef97b21f07cbdd26cb5d346bf"
74//! # "d27867cb00d9486723e159978fb9a5f9"
75//! # "14cfb228a710de4171e396e7b6cf859e"
76//! # );
77//! let res = Aes128CbcEnc::new(&key.into(), &iv.into())
78//! .encrypt_padded_vec_mut::<Pkcs7>(&plaintext);
79//! assert_eq!(res[..], ciphertext[..]);
80//! let res = Aes128CbcDec::new(&key.into(), &iv.into())
81//! .decrypt_padded_vec_mut::<Pkcs7>(&res)
82//! .unwrap();
83//! assert_eq!(res[..], plaintext[..]);
84//! # }
85//! ```
86//!
87//! [1]: https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC
88
89#![no_std]
90#![doc(
91 html_logo_url = "https://raw.githubusercontent.com/RustCrypto/media/26acc39f/logo.svg",
92 html_favicon_url = "https://raw.githubusercontent.com/RustCrypto/media/26acc39f/logo.svg",
93 html_root_url = "https://docs.rs/cbc/0.1.2"
94)]
95#![forbid(unsafe_code)]
96#![cfg_attr(docsrs, feature(doc_cfg))]
97#![warn(missing_docs, rust_2018_idioms)]
98
99mod decrypt;
100mod encrypt;
101
102pub use cipher;
103pub use decrypt::Decryptor;
104pub use encrypt::Encryptor;
105
106use cipher::generic_array::{ArrayLength, GenericArray};
107
108#[inline(always)]
109fn xor<N: ArrayLength<u8>>(out: &mut GenericArray<u8, N>, buf: &GenericArray<u8, N>) {
110 for (a, b) in out.iter_mut().zip(buf) {
111 *a ^= *b;
112 }
113}