Expand description
Low level AES IGE and key wrapping functionality
AES ECB, CBC, XTS, CTR, CFB, GCM and other conventional symmetric encryption
modes are found in symm
. This is the implementation of AES IGE and key wrapping
Advanced Encryption Standard (AES) provides symmetric key cipher that
the same key is used to encrypt and decrypt data. This implementation
uses 128, 192, or 256 bit keys. This module provides functions to
create a new key with new_encrypt
and perform an encryption/decryption
using that key with aes_ige
.
The symm
module should be used in preference to this module in most cases.
The IGE block cipher is a non-traditional cipher mode. More traditional AES
encryption methods are found in the Crypter
and Cipher
structs.
Examples
AES IGE
use openssl::aes::{AesKey, aes_ige};
use openssl::symm::Mode;
let key = b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
let plaintext = b"\x12\x34\x56\x78\x90\x12\x34\x56\x12\x34\x56\x78\x90\x12\x34\x56";
let mut iv = *b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\
\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
let key = AesKey::new_encrypt(key).unwrap();
let mut output = [0u8; 16];
aes_ige(plaintext, &mut output, &key, &mut iv, Mode::Encrypt);
assert_eq!(output, *b"\xa6\xad\x97\x4d\x5c\xea\x1d\x36\xd2\xf3\x67\x98\x09\x07\xed\x32");
Key wrapping
use openssl::aes::{AesKey, unwrap_key, wrap_key};
let kek = b"\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F";
let key_to_wrap = b"\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF";
let enc_key = AesKey::new_encrypt(kek).unwrap();
let mut ciphertext = [0u8; 24];
wrap_key(&enc_key, None, &mut ciphertext, &key_to_wrap[..]).unwrap();
let dec_key = AesKey::new_decrypt(kek).unwrap();
let mut orig_key = [0u8; 16];
unwrap_key(&dec_key, None, &mut orig_key, &ciphertext[..]).unwrap();
assert_eq!(&orig_key[..], &key_to_wrap[..]);
Structs
The key used to encrypt or decrypt cipher blocks.
Provides Error handling for parsing keys.
Functions
Performs AES IGE encryption or decryption
Unwrap a key, according to RFC 3394