use aes::cipher::block_padding::ZeroPadding;
use aes::cipher::crypto_common::KeyIvInit;
use aes::cipher::{BlockDecryptMut, BlockEncryptMut};
use anyhow::{ensure, Context};
use crate::error::Result;
const IV: [u8; 16] = [0u8; 16];
pub fn encode(key: &[u8], plaintext: &[u8]) -> Result<Vec<u8>> {
ensure!(key.len() == 32, "invalid key length");
let mode = cbc::Encryptor::<aes::Aes256>::new_from_slices(key, &IV).context("invalid key")?;
Ok(mode.encrypt_padded_vec_mut::<ZeroPadding>(plaintext))
}
pub fn decode(key: &[u8], ciphertext: &[u8]) -> Result<Vec<u8>> {
ensure!(key.len() == 32, "invalid key length");
let mode = cbc::Decryptor::<aes::Aes256>::new_from_slices(key, &IV).context("invalid key")?;
let res = mode
.decrypt_padded_vec_mut::<ZeroPadding>(ciphertext)
.context("failed to decrypt")?;
Ok(res)
}
#[cfg(test)]
mod tests {
use super::*;
use rand::{Rng, SeedableRng};
use rand_xorshift::XorShiftRng;
use crate::TEST_SEED;
#[test]
fn test_aes() {
let mut rng = XorShiftRng::from_seed(TEST_SEED);
for i in 0..10 {
let key: Vec<u8> = (0..32).map(|_| rng.gen()).collect();
let plaintext: Vec<u8> = (0..(i + 1) * 32).map(|_| rng.gen()).collect();
let ciphertext =
encode(key.as_slice(), plaintext.as_slice()).expect("failed to encode");
assert_ne!(
plaintext, ciphertext,
"plaintext and ciphertext are identical"
);
assert_eq!(plaintext.len(), ciphertext.len());
let roundtrip =
decode(key.as_slice(), ciphertext.as_slice()).expect("failed to decode");
assert_eq!(plaintext, roundtrip, "failed to roundtrip");
}
}
}