Skip to content

Adding traits for symmetric ciphers#44

Open
ounsworth wants to merge 10 commits into
bcgit:release/0.1.2alphafrom
ounsworth:feature/mikeo/sym_cipher_traits
Open

Adding traits for symmetric ciphers#44
ounsworth wants to merge 10 commits into
bcgit:release/0.1.2alphafrom
ounsworth:feature/mikeo/sym_cipher_traits

Conversation

@ounsworth

@ounsworth ounsworth commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

This is prep work for @officialfrancismendoza 's ASCON branch.
These are a first-pass at these traits, and will almost certainly be refined as Francis works through ASCON, and subsequently AES.

Francis, feel free to merge to release/0.1.2alpha and rebase your ASCON branch on top.

@ounsworth ounsworth mentioned this pull request Jun 26, 2026
Comment thread crypto/core/src/traits.rs Outdated
SecurityStrength::_192bit,
SecurityStrength::_256bit,
];
for ss in security_strengths.iter() {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

set_security_strength calls drop_hazardous_operations() on every success and rejects raising strength without the flag (key_material.rs: lines 406–455).

Since allow_hazardous_operations() is called only once before the loop, the 2nd iteration (None → _112bit) returns HazardousOperationNotPermitted and this .unwrap() panics. It also rejects strengths above the key length, so KEY_LEN < 32 panics regardless.

Recommend that you re-enable hazardous ops each iteration and bound tested strengths by KEY_LEN*8. (Same pattern in the BlockCipher and AEAD tests.)

@ounsworth ounsworth Jul 1, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well spotted.
Actually, I've already solved this problem on release/0.1.2alpha via #40 .
Once this PR gets rebased on top of that (or merged into it), this problem will go away.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ounsworth noted: will pull #40 so I can use their version of hazardous operations

Comment thread crypto/core-test-framework/src/symmetric_ciphers.rs
let mac_key =
KeyMaterial::<KEY_LEN>::from_bytes_as_type(&DUMMY_SEED_512[..KEY_LEN], KeyType::MACKey)
.unwrap();
match C::encrypt_out(&mac_key, msg, &mut ct) {

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we want to test the wrong key check, wouldn't we want to use aead_encrypt_out?

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: test both encrypt_out and aead_encrypt_out

Comment thread crypto/core-test-framework/src/symmetric_ciphers.rs
Comment thread crypto/core/src/traits.rs
Comment thread crypto/core/src/traits.rs
Comment thread crypto/core/src/traits.rs
/// In order for these one-shot APIs to be usable securely in all contexts, the init data will be generated
/// securely by the block cipher implementation and returned along with the ciphertext, and there is no API for the
/// user to provide the init data. If you require this functionality, see the documentation for the underlying implementation.
pub trait BlockCipher<const KEY_LEN: usize, const INIT_DATA_LEN: usize, const BLOCK_LEN: usize>:

@officialfrancismendoza officialfrancismendoza Jul 1, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Design Question: Encryption has do_encrypt_final/_out but decryption has no do_decrypt_final.

Padding modes need a decrypt-side finalization to strip/validate padding. Was this intentional, or should we add it?

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought I had added one. Maybe I just thought about adding one. Yes. We will certainly need one.

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment thread crypto/core/src/traits.rs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants