-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathaead_example.rs
More file actions
120 lines (87 loc) · 3.6 KB
/
aead_example.rs
File metadata and controls
120 lines (87 loc) · 3.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
//! Example: Authenticated encryption with AES-GCM and ChaCha20-Poly1305
use crabgraph::{
aead::{AesGcm256, ChaCha20Poly1305, CrabAead},
CrabResult,
};
fn main() -> CrabResult<()> {
println!("=== Authenticated Encryption Example ===\n");
// Example 1: AES-256-GCM
println!("1. AES-256-GCM Encryption:");
aes_gcm_example()?;
println!("\n2. ChaCha20-Poly1305 Encryption:");
chacha20_example()?;
println!("\n3. Encryption with Associated Data:");
aead_with_aad_example()?;
println!("\n4. Serialization Example:");
serialization_example()?;
Ok(())
}
fn aes_gcm_example() -> CrabResult<()> {
// Generate a random 256-bit key
let key = AesGcm256::generate_key()?;
println!(" Generated key: {} bytes", key.len());
// Create cipher instance
let cipher = AesGcm256::new(&key)?;
// Encrypt some data
let plaintext = b"This is a secret message!";
println!(" Plaintext: {}", String::from_utf8_lossy(plaintext));
let ciphertext = cipher.encrypt(plaintext, None)?;
println!(" Nonce: {} bytes", ciphertext.nonce.len());
println!(" Ciphertext: {} bytes", ciphertext.ciphertext.len());
println!(" Tag: {} bytes", ciphertext.tag.len());
// Decrypt
let decrypted = cipher.decrypt(&ciphertext, None)?;
println!(" Decrypted: {}", String::from_utf8_lossy(&decrypted));
assert_eq!(decrypted, plaintext);
println!(" ✓ Encryption/decryption successful!");
Ok(())
}
fn chacha20_example() -> CrabResult<()> {
let key = ChaCha20Poly1305::generate_key()?;
let cipher = ChaCha20Poly1305::new(&key)?;
let plaintext = b"ChaCha20-Poly1305 is fast!";
println!(" Plaintext: {}", String::from_utf8_lossy(plaintext));
let ciphertext = cipher.encrypt(plaintext, None)?;
let decrypted = cipher.decrypt(&ciphertext, None)?;
assert_eq!(decrypted, plaintext);
println!(" ✓ ChaCha20-Poly1305 encryption successful!");
Ok(())
}
fn aead_with_aad_example() -> CrabResult<()> {
let key = AesGcm256::generate_key()?;
let cipher = AesGcm256::new(&key)?;
let plaintext = b"Secret payload";
let associated_data = b"version=1,user=alice,timestamp=1234567890";
println!(" Plaintext: {}", String::from_utf8_lossy(plaintext));
println!(" AAD: {}", String::from_utf8_lossy(associated_data));
// Encrypt with AAD
let ciphertext = cipher.encrypt(plaintext, Some(associated_data))?;
// Decrypt with correct AAD
let decrypted = cipher.decrypt(&ciphertext, Some(associated_data))?;
assert_eq!(decrypted, plaintext);
println!(" ✓ Decryption with correct AAD succeeded");
// Try to decrypt with wrong AAD (should fail)
let wrong_aad = b"tampered_aad";
let result = cipher.decrypt(&ciphertext, Some(wrong_aad));
assert!(result.is_err());
println!(" ✓ Decryption with wrong AAD failed (as expected)");
Ok(())
}
fn serialization_example() -> CrabResult<()> {
let key = AesGcm256::generate_key()?;
let cipher = AesGcm256::new(&key)?;
let plaintext = b"Data to store";
let ciphertext = cipher.encrypt(plaintext, None)?;
// Serialize to bytes
let bytes = ciphertext.to_bytes();
println!(" Serialized to {} bytes", bytes.len());
// Serialize to base64 (for text storage)
let base64 = ciphertext.to_base64();
println!(" Base64: {}...", &base64[..20]);
// Deserialize from base64
let recovered = crabgraph::aead::Ciphertext::from_base64(&base64, 12, 16)?;
let decrypted = cipher.decrypt(&recovered, None)?;
assert_eq!(decrypted, plaintext);
println!(" ✓ Serialization/deserialization successful!");
Ok(())
}