8 releases
| 0.2.5 | Mar 14, 2023 |
|---|---|
| 0.2.4 | Mar 25, 2022 |
| 0.2.3 | Jan 3, 2022 |
| 0.2.1 | Oct 8, 2021 |
| 0.1.0 | Jan 21, 2021 |
#139 in Cryptography
30,382 downloads per month
Used in 3 crates
335KB
5.5K
SLoC
Tink-Rust: Authenticated Encryption with Additional Data
This crate provides authenticated encryption with additional data (AEAD) functionality, as described in the upstream Tink documentation.
Usage
fn main() -> Result<(), Box<dyn Error>> {
tink_aead::init();
let kh = tink_core::keyset::Handle::new(&tink_aead::aes256_gcm_key_template())?;
let a = tink_aead::new(&kh)?;
let pt = b"this data needs to be encrypted";
let aad = b"this data needs to be authenticated, but not encrypted";
let ct = a.encrypt(pt, aad)?;
println!("'{}' => {}", String::from_utf8_lossy(pt), hex::encode(&ct));
let pt2 = a.decrypt(&ct, aad)?;
assert_eq!(&pt[..], pt2);
Ok(())
}
License
Known Issues
- Before version 0.2.4, AES-CTR-HMAC-AEAD keys and the
subtle::EncryptThenAuthenticateimplementation may be vulnerable to chosen-ciphertext attacks. An attacker can generate ciphertexts that bypass the HMAC verification if and only if all of the following conditions are true:- Tink is used on systems where
usizeis a 32-bit integer. This is usually the case on 32-bit machines. - The attacker can specify long (>= 2^29 bytes ~ 536MB) associated data
- Tink is used on systems where
Disclaimer
This is not an officially supported Google product.
Dependencies
~3.5–6MB
~100K SLoC