Compare commits
No commits in common. "main" and "v0.1" have entirely different histories.
10 changed files with 17 additions and 53 deletions
1
.github/FUNDING.yml
vendored
1
.github/FUNDING.yml
vendored
|
|
@ -1 +0,0 @@
|
|||
github: [breard-r]
|
||||
16
.github/workflows/ci.yml
vendored
16
.github/workflows/ci.yml
vendored
|
|
@ -20,21 +20,11 @@ jobs:
|
|||
- 1.75.0
|
||||
- 1.76.0
|
||||
- 1.77.2
|
||||
- 1.78.0
|
||||
- 1.79.0
|
||||
- 1.80.0
|
||||
- 1.81.0
|
||||
- 1.82.0
|
||||
- 1.83.0
|
||||
- 1.84.1
|
||||
- 1.85.0
|
||||
- stable
|
||||
- beta
|
||||
- nightly
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Install Rust ${{ matrix.rust }}
|
||||
run: rustup toolchain install ${{ matrix.rust }}
|
||||
- name: Run cargo build
|
||||
|
|
@ -46,8 +36,6 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Update Rust
|
||||
run: rustup update stable
|
||||
- name: Run cargo fmt
|
||||
|
|
@ -57,8 +45,6 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- name: Update Rust
|
||||
run: rustup update stable
|
||||
- name: Run clippy
|
||||
|
|
@ -68,6 +54,4 @@ jobs:
|
|||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v4
|
||||
with:
|
||||
persist-credentials: false
|
||||
- uses: EmbarkStudios/cargo-deny-action@v1
|
||||
|
|
|
|||
19
CHANGELOG.md
19
CHANGELOG.md
|
|
@ -1,19 +0,0 @@
|
|||
[//]: # (Copyright 2024 Rodolphe Bréard <rodolphe@breard.tf>)
|
||||
|
||||
[//]: # (Copying and distribution of this file, with or without modification,)
|
||||
[//]: # (are permitted in any medium without royalty provided the copyright)
|
||||
[//]: # (notice and this notice are preserved. This file is offered as-is,)
|
||||
[//]: # (without any warranty.)
|
||||
|
||||
# Changelog
|
||||
All notable changes to this project will be documented in this file.
|
||||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
||||
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
||||
|
||||
|
||||
## [Unreleased] - ReleaseDate
|
||||
|
||||
### Added
|
||||
|
||||
- Initial release.
|
||||
|
|
@ -12,7 +12,7 @@ keywords = ["cryptography", "encryption"]
|
|||
categories = ["cryptography"]
|
||||
|
||||
[features]
|
||||
default = ["aes", "chacha", "ikm-management", "encrypt-at"]
|
||||
default = ["aes", "chacha", "ikm-management"]
|
||||
encryption = []
|
||||
aes = ["encryption", "aes-gcm", "hkdf", "sha2"]
|
||||
chacha = ["encryption", "chacha20poly1305", "blake3"]
|
||||
|
|
@ -22,8 +22,8 @@ benchmark = ["criterion"]
|
|||
|
||||
[dependencies]
|
||||
base64ct = { version = "1.6.0", default-features = false, features = ["std"] }
|
||||
getrandom = { version = "0.3.0", default-features = false }
|
||||
thiserror = { version = "2.0.3", default-features = false }
|
||||
getrandom = { version = "0.2.12", default-features = false }
|
||||
thiserror = { version = "1.0.57", default-features = false }
|
||||
|
||||
# chacha feature:
|
||||
# - XChaCha20Poly1305WithBlake3
|
||||
|
|
|
|||
|
|
@ -35,8 +35,8 @@ to your use case and if you are using it correctly.
|
|||
|
||||
## Should I use this crate?
|
||||
|
||||
If you have a use case covered by this crate AND you do not care about using an
|
||||
experimental crate, then you may use it.
|
||||
Although it may work, some parts are not stabilized yet. Expect breaking change
|
||||
that may result in the total loss of previously encrypted data.
|
||||
|
||||
## Why should I use this crate instead of a symmetric encryption function?
|
||||
|
||||
|
|
|
|||
|
|
@ -93,7 +93,7 @@ allow = [
|
|||
"BSD-2-Clause",
|
||||
"BSD-3-Clause",
|
||||
"MIT",
|
||||
"Unicode-3.0",
|
||||
"Unicode-DFS-2016",
|
||||
]
|
||||
# The confidence threshold for detecting a license from license text.
|
||||
# The higher the value, the more closely the license text must be to the
|
||||
|
|
|
|||
|
|
@ -243,7 +243,7 @@ impl InputKeyMaterialList {
|
|||
) -> Result<IkmId> {
|
||||
let ikm_len = scheme.get_ikm_size();
|
||||
let mut content: Vec<u8> = vec![0; ikm_len];
|
||||
getrandom::fill(content.as_mut_slice())?;
|
||||
getrandom::getrandom(content.as_mut_slice())?;
|
||||
self.id_counter += 1;
|
||||
self.ikm_lst.push(InputKeyMaterial {
|
||||
id: self.id_counter,
|
||||
|
|
@ -696,7 +696,7 @@ mod encryption {
|
|||
}
|
||||
|
||||
#[test]
|
||||
#[cfg(feature = "aes")]
|
||||
#[cfg(feature = "sha")]
|
||||
fn get_latest_ikm_aes128gcm_sha256() {
|
||||
let mut lst = InputKeyMaterialList::new();
|
||||
let _ = lst.add_ikm();
|
||||
|
|
|
|||
|
|
@ -35,13 +35,13 @@ pub(crate) type SchemeSerializeType = u32;
|
|||
///
|
||||
/// In the following scheme description, the following terms are used:
|
||||
/// - `Max data size` describes the maximal size of data that can safely be encrypted using a
|
||||
/// single key and nonce, which means you should never pass a `data` parameter to
|
||||
/// [encrypt][crate::Coffio::encrypt] that has a higher size. Coffio will not enforce this
|
||||
/// limit, it is your responsibility to do so.
|
||||
/// single key and nonce, which means you should never pass a `data` parameter to
|
||||
/// [encrypt][crate::Coffio::encrypt] that has a higher size. Coffio will not enforce this
|
||||
/// limit, it is your responsibility to do so.
|
||||
/// - `Max invocations` describes the maximal number of times you can safely call
|
||||
/// [encrypt][crate::Coffio::encrypt] with a single key, which means you should either rotate
|
||||
/// your IKM or use an appropriate key periodicity before reaching this number. Coffio will neither
|
||||
/// enforce this limit nor count the number of invocations, it is your responsibility to do so.
|
||||
/// [encrypt][crate::Coffio::encrypt] with a single key, which means you should either rotate
|
||||
/// your IKM or use an appropriate key periodicity before reaching this number. Coffio will neither
|
||||
/// enforce this limit nor count the number of invocations, it is your responsibility to do so.
|
||||
#[derive(Copy, Clone, Debug, PartialEq)]
|
||||
pub enum Scheme {
|
||||
/// `default`
|
||||
|
|
@ -52,7 +52,7 @@ pub enum Scheme {
|
|||
/// - Max data size: 256 GB
|
||||
/// - Max invocations: no limitation
|
||||
/// - Resources: [RFC 7539](https://doi.org/10.17487/RFC7539),
|
||||
/// [draft-irtf-cfrg-xchacha](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha)
|
||||
/// [draft-irtf-cfrg-xchacha](https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-xchacha)
|
||||
#[cfg(feature = "chacha")]
|
||||
XChaCha20Poly1305WithBlake3 = 1,
|
||||
/// - Key derivation: HKDF-SHA256
|
||||
|
|
|
|||
|
|
@ -13,7 +13,7 @@ const NONCE_SIZE: usize = 12;
|
|||
|
||||
pub(crate) fn aes128gcm_gen_nonce() -> Result<Vec<u8>> {
|
||||
let mut nonce: [u8; NONCE_SIZE] = [0; NONCE_SIZE];
|
||||
getrandom::fill(&mut nonce)?;
|
||||
getrandom::getrandom(&mut nonce)?;
|
||||
Ok(nonce.to_vec())
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ const NONCE_SIZE: usize = 24;
|
|||
|
||||
pub(crate) fn xchacha20poly1305_gen_nonce() -> Result<Vec<u8>> {
|
||||
let mut nonce: [u8; NONCE_SIZE] = [0; NONCE_SIZE];
|
||||
getrandom::fill(&mut nonce)?;
|
||||
getrandom::getrandom(&mut nonce)?;
|
||||
Ok(nonce.to_vec())
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue