ssh-cipher: make Encryptor and Decryptor generic around cipher#533
Merged
Conversation
Adds a `BlockCipher` extension trait and defines it for the internally defined multi-key-size `Aes` type as well as `des::TdesEde3` which is now re-exported as `ssh_cipher::block_cipher::Tdes`. The `Decryptor` and `Encryptor` types are now generic around a sealed `BlockCipher` trait, and have `AesDecryptor`/`AesEncryptor` and `TdesDecryptor`/`TdesEncryptor` type aliases. They both support CBC mode, and AES ciphers support CTR too. The API is otherwise the same except callers need to use one of the typed `*Encryptor`/`*Decryptor` traits. The crate now implements both block cipher modes of operation internally and no longer relies on the `cbc` and `ctr` crates. This makes dynamically dispatching between the two modes easier while avoiding some monomorphization bloat, and actually doesn't add significant complexity. With `Decryptor`/`Encryptor` now well-typed and supporting typed block sizes, it should be possible to make them impelement the `BlockMode*` traits and therefore make them work like the other block modes, but that particular change is deferred for a followup PR.
tarcieri
force-pushed
the
ssh-cipher/typed-encryptor-and-decryptor
branch
from
e64a7ac to
3c89a3c
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a
BlockCipherextension trait and defines it for the internally defined multi-key-sizeAestype as well asdes::TdesEde3which is now re-exported asssh_cipher::block_cipher::Tdes.The
DecryptorandEncryptortypes are now generic around a sealedBlockCiphertrait, and haveAesDecryptor/AesEncryptorandTdesDecryptor/TdesEncryptortype aliases. They both support CBC mode, and AES ciphers support CTR too. The API is otherwise the same except callers need to use one of the typed*Encryptor/*Decryptortraits.The crate now implements both block cipher modes of operation internally and no longer relies on the
cbcandctrcrates. This makes dynamically dispatching between the two modes easier while avoiding some monomorphization bloat, and actually doesn't add significant complexity.With
Decryptor/Encryptornow well-typed and supporting typed block sizes, it should be possible to make them impelement theBlockMode*traits and therefore make them work like the other block modes, but that particular change is deferred for a followup PR.