Crates.io | tink-aead |
lib.rs | tink-aead |
version | 0.3.0 |
source | src |
created_at | 2021-01-21 11:17:27.317869 |
updated_at | 2024-11-28 11:35:43.270243 |
description | AEAD functionality for Rust port of Google's Tink cryptography library |
homepage | |
repository | https://github.com/project-oak/tink-rust |
max_upload_size | |
id | 344846 |
size | 90,835 |
This crate provides authenticated encryption with additional data (AEAD) functionality, as described in the upstream Tink documentation.
fn main() -> Result<(), Box<dyn Error>> {
tink_aead::init();
let kh = tink_core::keyset::Handle::new(&tink_aead::aes256_gcm_key_template())?;
let a = tink_aead::new(&kh)?;
let pt = b"this data needs to be encrypted";
let aad = b"this data needs to be authenticated, but not encrypted";
let ct = a.encrypt(pt, aad)?;
println!("'{}' => {}", String::from_utf8_lossy(pt), hex::encode(&ct));
let pt2 = a.decrypt(&ct, aad)?;
assert_eq!(&pt[..], pt2);
Ok(())
}
subtle::EncryptThenAuthenticate
implementation may be vulnerable to chosen-ciphertext attacks. An attacker can generate ciphertexts that bypass the
HMAC verification if and only if all of the following conditions are true:
usize
is a 32-bit integer. This is usually the case on 32-bit machines.This is not an officially supported Google product.