rustls/
cipher.rs

1use crate::error::Error;
2use crate::msgs::codec;
3use crate::msgs::message::{BorrowedPlainMessage, OpaqueMessage, PlainMessage};
4
5use ring::{aead, hkdf};
6
7/// Objects with this trait can decrypt TLS messages.
8pub trait MessageDecrypter: Send + Sync {
9    /// Perform the decryption over the concerned TLS message.
10
11    fn decrypt(&self, m: OpaqueMessage, seq: u64) -> Result<PlainMessage, Error>;
12}
13
14/// Objects with this trait can encrypt TLS messages.
15pub(crate) trait MessageEncrypter: Send + Sync {
16    fn encrypt(&self, m: BorrowedPlainMessage, seq: u64) -> Result<OpaqueMessage, Error>;
17}
18
19impl dyn MessageEncrypter {
20    pub(crate) fn invalid() -> Box<dyn MessageEncrypter> {
21        Box::new(InvalidMessageEncrypter {})
22    }
23}
24
25impl dyn MessageDecrypter {
26    pub(crate) fn invalid() -> Box<dyn MessageDecrypter> {
27        Box::new(InvalidMessageDecrypter {})
28    }
29}
30
31/// A write or read IV.
32#[derive(Default)]
33pub(crate) struct Iv(pub(crate) [u8; aead::NONCE_LEN]);
34
35impl Iv {
36    #[cfg(feature = "tls12")]
37    fn new(value: [u8; aead::NONCE_LEN]) -> Self {
38        Self(value)
39    }
40
41    #[cfg(feature = "tls12")]
42    pub(crate) fn copy(value: &[u8]) -> Self {
43        debug_assert_eq!(value.len(), aead::NONCE_LEN);
44        let mut iv = Self::new(Default::default());
45        iv.0.copy_from_slice(value);
46        iv
47    }
48
49    #[cfg(test)]
50    pub(crate) fn value(&self) -> &[u8; 12] {
51        &self.0
52    }
53}
54
55pub(crate) struct IvLen;
56
57impl hkdf::KeyType for IvLen {
58    fn len(&self) -> usize {
59        aead::NONCE_LEN
60    }
61}
62
63impl From<hkdf::Okm<'_, IvLen>> for Iv {
64    fn from(okm: hkdf::Okm<IvLen>) -> Self {
65        let mut r = Self(Default::default());
66        okm.fill(&mut r.0[..]).unwrap();
67        r
68    }
69}
70
71pub(crate) fn make_nonce(iv: &Iv, seq: u64) -> aead::Nonce {
72    let mut nonce = [0u8; aead::NONCE_LEN];
73    codec::put_u64(seq, &mut nonce[4..]);
74
75    nonce
76        .iter_mut()
77        .zip(iv.0.iter())
78        .for_each(|(nonce, iv)| {
79            *nonce ^= *iv;
80        });
81
82    aead::Nonce::assume_unique_for_key(nonce)
83}
84
85/// A `MessageEncrypter` which doesn't work.
86struct InvalidMessageEncrypter {}
87
88impl MessageEncrypter for InvalidMessageEncrypter {
89    fn encrypt(&self, _m: BorrowedPlainMessage, _seq: u64) -> Result<OpaqueMessage, Error> {
90        Err(Error::EncryptError)
91    }
92}
93
94/// A `MessageDecrypter` which doesn't work.
95struct InvalidMessageDecrypter {}
96
97impl MessageDecrypter for InvalidMessageDecrypter {
98    fn decrypt(&self, _m: OpaqueMessage, _seq: u64) -> Result<PlainMessage, Error> {
99        Err(Error::DecryptError)
100    }
101}