Last active
April 29, 2024 15:16
-
-
Save jaysonsantos/117c1f7623a2fb2c39e47f6cf87860a3 to your computer and use it in GitHub Desktop.
rust ring example
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
extern crate ring; | |
use ring::aead::*; | |
use ring::pbkdf2::*; | |
use ring::rand::SystemRandom; | |
fn main() { | |
// The password will be used to generate a key | |
let password = b"nice password"; | |
// Usually the salt has some random data and something that relates to the user | |
// like an username | |
let salt = [0, 1, 2, 3, 4, 5, 6, 7]; | |
// Keys are sent as &[T] and must have 32 bytes | |
let mut key = [0; 32]; | |
derive(&HMAC_SHA256, 100, &salt, &password[..], &mut key); | |
// Your private data | |
let content = b"content to encrypt".to_vec(); | |
println!("Content to encrypt's size {}", content.len()); | |
// Additional data that you would like to send and it would not be encrypted but it would | |
// be signed | |
let additional_data: [u8; 0] = []; | |
// Ring uses the same input variable as output | |
let mut in_out = content.clone(); | |
// The input/output variable need some space for a suffix | |
println!("Tag len {}", CHACHA20_POLY1305.tag_len()); | |
for _ in 0..CHACHA20_POLY1305.tag_len() { | |
in_out.push(0); | |
} | |
// Opening key used to decrypt data | |
let opening_key = OpeningKey::new(&CHACHA20_POLY1305, &key).unwrap(); | |
// Sealing key used to encrypt data | |
let sealing_key = SealingKey::new(&CHACHA20_POLY1305, &key).unwrap(); | |
// Random data must be used only once per encryption | |
let mut nonce = vec![0; 12]; | |
// Fill nonce with random data | |
let rand = SystemRandom::new(); | |
rand.fill(&mut nonce).unwrap(); | |
// Encrypt data into in_out variable | |
let output_size = seal_in_place(&sealing_key, &nonce, &additional_data, &mut in_out, | |
CHACHA20_POLY1305.tag_len()).unwrap(); | |
println!("Encrypted data's size {}", output_size); | |
let decrypted_data = open_in_place(&opening_key, &nonce, &additional_data, | |
0, &mut in_out).unwrap(); | |
println!("{:?}", String::from_utf8(decrypted_data.to_vec()).unwrap()); | |
assert_eq!(content, decrypted_data); | |
} |
It is hard to say because it's been a while, but I'd say something like >=0.9,<=0.11
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Might be helpful to specify what version of ring you're using: this does not compile with the latest stable (i.e. "0.16.20").