Rodolphe Bréard
4b4d7e0fd6
Document the Coffio struct
2024-06-24 11:20:19 +02:00
Rodolphe Bréard
cbdb9fdda2
Documenting errors
2024-06-23 10:20:57 +02:00
Rodolphe Bréard
0955da7e09
Regroup the benchmarks by input size
2024-06-22 12:47:10 +02:00
Rodolphe Bréard
682a9d579b
Update the benchmarks
2024-06-22 10:46:00 +02:00
Rodolphe Bréard
2fca9ac904
Add missing comma
2024-06-22 09:53:14 +02:00
Rodolphe Bréard
4889d6b9b2
Use a specific error type for each invalid version error
2024-06-19 17:15:53 +02:00
Rodolphe Bréard
44cc9179ca
Add a version number for exported IKML and encrypted data
2024-06-19 17:08:11 +02:00
Rodolphe Bréard
aa56e5d032
Add a GitHub CI
2024-04-20 19:03:27 +02:00
Rodolphe Bréard
f1660e212e
Add the key length to the key context
2024-04-20 19:02:55 +02:00
Rodolphe Bréard
434b3b8bd6
Move criterion out of dev-dependencies so it can be optional
2024-04-20 18:28:47 +02:00
Rodolphe Bréard
1b95ba7edd
Enforce word wrapping in the README
2024-04-20 18:26:21 +02:00
Rodolphe Bréard
d7ee6667f9
Update the benchmarks
2024-04-20 18:24:30 +02:00
Rodolphe Bréard
7cc204f046
Refer to the coffio module in an explicit way
2024-04-20 18:23:57 +02:00
Rodolphe Bréard
c836f1d572
Update the Cargo.toml
2024-04-20 13:03:15 +02:00
Rodolphe Bréard
8162fadf19
Hide schemes behind features
2024-04-20 11:48:58 +02:00
Rodolphe Bréard
76ef9a6820
Enforce line wrapping
2024-04-20 11:43:53 +02:00
Rodolphe Bréard
a5a917cfe2
Add a few assert
2024-04-07 22:46:14 +02:00
Rodolphe Bréard
1ebbef58e2
Add missing ?
2024-04-07 22:39:39 +02:00
Rodolphe Bréard
ba5c5d7dd0
Return the IKM id when adding, revoking or deleting an IKM
2024-04-07 22:32:55 +02:00
Rodolphe Bréard
67f1c247cc
Have .delete_ikm()
return an error if the requested id is not found
2024-04-07 22:23:25 +02:00
Rodolphe Bréard
af2c83f934
Set DEFAULT_SCHEME public
2024-04-07 22:17:01 +02:00
Rodolphe Bréard
51d543a064
Add more documentation
2024-04-07 22:10:40 +02:00
Rodolphe Bréard
a6a7e31459
Add documentation for the KeyContext
2024-04-07 17:41:41 +02:00
Rodolphe Bréard
224171c6d5
Allow to encrypt at a specific timestamp
2024-04-07 12:22:04 +02:00
Rodolphe Bréard
fd7dccddea
Allow to compare errors
2024-04-07 12:21:23 +02:00
Rodolphe Bréard
5dec70af92
Rename the CipherBox as Coffio
2024-04-07 11:48:33 +02:00
Rodolphe Bréard
71647c31c5
Allow to spefify not_before and not_after when generating a custom IKM
2024-04-07 11:32:03 +02:00
Rodolphe Bréard
c22756a2c0
Hide the InputKeyMaterial properties and add accessors
2024-04-07 11:20:01 +02:00
Rodolphe Bréard
d47f68944a
Rename created_at and expire_at as not_before and not_after
2024-04-07 11:12:23 +02:00
Rodolphe Bréard
3690351c13
Use the DOI Foundation links
2024-04-07 11:01:46 +02:00
Rodolphe Bréard
cba3c3946b
Remove a nightly feature
2024-04-07 10:39:06 +02:00
Rodolphe Bréard
de9d4777aa
Add some basic documentation
2024-04-05 00:17:01 +02:00
Rodolphe Bréard
0aac6402eb
Change the randomly generated benchmark input
...
The xz backdoor relied on obfuscated test files that contained malicious
code instead of a real test. Since then, test and benchmark input that
cannot be explained should be considered suspicious.
Out of laziness, the input for the xl test (05) was generated through
the `openssl rand -hex` command, which outputs random data as an
hexadecimal string. Although I generated it myself and know there is
nothing hidden in there, I cannot prove it to someone else. Therefore, I
chose to stop using random data for this test and changed it to a
readable "lorem ipsum" string of the same size, like the other tests.
For more information about the xz backdoor and the context in which this
commit take place, please read:
CVE-2024-3094
https://www.openwall.com/lists/oss-security/2024/03/29/4
https://gynvael.coldwind.pl/?lang=en&id=782
https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
2024-04-01 16:25:37 +02:00
Rodolphe Bréard
b41772c045
Document the reason for the AES-GCM noce size
2024-03-29 22:11:39 +01:00
Rodolphe Bréard
360917adb8
Add AES128-GCM to the benchmark
2024-03-24 14:38:03 +01:00
Rodolphe Bréard
747163f433
Check the size of the nonce
2024-03-24 12:17:29 +01:00
Rodolphe Bréard
ca86747862
Add support for AES128-GCM using HKDF-SHA256 to derive keys
2024-03-24 12:16:54 +01:00
Rodolphe Bréard
56db45cbad
Add comments
2024-03-24 10:59:48 +01:00
Rodolphe Bréard
ae19a16531
Improve the context and IKM list APIs
2024-03-24 09:47:36 +01:00
Rodolphe Bréard
90c8a2aa87
API change: pass the data after the context
2024-03-24 09:25:27 +01:00
Rodolphe Bréard
c62029ee91
Add a benchmark
2024-03-23 19:23:14 +01:00
Rodolphe Bréard
16b2087627
Update cargo-deny
2024-03-23 11:41:45 +01:00
Rodolphe Bréard
e6f7167525
Move the EncryptedData struct to a dedicated module
2024-03-17 14:45:18 +01:00
Rodolphe Bréard
5803e2971d
Remove the protection feature
2024-03-17 14:38:29 +01:00
Rodolphe Bréard
8cefe7c16b
Move the scheme return fn type definitions to the scheme module
2024-03-17 14:35:26 +01:00
Rodolphe Bréard
b8539602f0
Move the context objects to a dedicated module
2024-03-17 14:31:01 +01:00
Rodolphe Bréard
749dc03f71
Replace the encrypt and decrypt function by the CipherBox struct
2024-03-17 14:23:03 +01:00
Rodolphe Bréard
47557fe350
Fix the features
2024-03-16 11:22:08 +01:00
Rodolphe Bréard
94b1809ffa
Do not use expired IKMs
2024-03-16 10:29:06 +01:00
Rodolphe Bréard
66271877dc
Return an error if the IKM list ID is invalid
2024-03-16 10:28:25 +01:00