RustCrypto: CTS

Generic implementation of the ciphertext stealing block cipher modes of operation.

Example

use aes::Aes128;
use cts::{Decrypt, Encrypt, KeyIvInit};
use hex_literal::hex;

type Aes128CbcCs3 = cts::CbcCs3<Aes128>;

let key = [0x42; 16];
let iv = [0x24; 16];

// Message must be bigger than block size (16 bytes for AES-128)
let msg = b"Lorem ipsum dolor sit amet";
let mut buf = [0u8; 26];

Aes128CbcCs3::new(&key.into(), &iv.into())
    .encrypt_b2b(msg, &mut buf).unwrap();
assert_eq!(buf, hex!("68ec97f172e322fdd38e74fca65cee52658ae2124beb5e4e5315"));

Aes128CbcCs3::new(&key.into(), &iv.into())
    .decrypt(&mut buf).unwrap();
assert_eq!(&buf, msg);

If you wan to encrypt many messages with one key, you can use a block cipher reference to create CTS modes:

use aes::Aes128;
use cts::{
    cipher::{InnerIvInit, KeyInit},
    Encrypt,
};
use hex_literal::hex;

let key = [0x42; 16];
let cipher = Aes128::new(&key.into());

let iv1 = [0x24; 16];
let msg1 = b"Lorem ipsum dolor sit amet";
let mut buf1 = [0u8; 26];

let iv2 = [0x25; 16];
let msg2 = b"Lorem ipsum dolor sit";
let mut buf2 = [0u8; 21];

cts::CbcCs3::inner_iv_init(&cipher, &iv1.into())
    .encrypt_b2b(msg1, &mut buf1).unwrap();
assert_eq!(buf1, hex!("68ec97f172e322fdd38e74fca65cee52658ae2124beb5e4e5315"));

cts::CbcCs3::inner_iv_init(&cipher, &iv2.into())
    .encrypt_b2b(msg2, &mut buf2).unwrap();
assert_eq!(buf2, hex!("69ebd2059e69c6e416a67351982267a26bf5672934"));

License

Licensed under either of:

• Apache License, Version 2.0
• MIT license

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.