Verified Commit 392e6fd8 authored by Alyssa Ross's avatar Alyssa Ross Committed by Katharina Fey
Browse files

Switch from miscreant to aes-siv in tests

miscreant is deprecated in favour of aes-siv (according to the author --
this doesn't seem to be publicly documented yet).  Additionally,
with the version of miscreant we were using it wasn't even possible to
resolve the development dependencies, because it depended on sutble
0.3.0, which has been yanked.

One thing to note is that aes-siv enforces the nonce length (to 96
bits in our case).  Before we were passing in a whole 512-bit key,
which AFAICT miscreant happily accepted.
parent f12387f1
......@@ -20,7 +20,7 @@ serde_derive = "1.0"
serde_json = "1.0"
miscreant = "0.5.2"
aes-siv = "0.5"
rmp-serde = "0.13.7"
bincode = "1.0"
serde_cbor = "0.8"
......@@ -38,24 +38,25 @@ mod derivation {
mod workflow {
use keybob::{Key, KeyType};
extern crate miscreant;
extern crate aes_siv;
fn miscreant() {
use workflow::miscreant::{Aes256SivAead, Aead};
use workflow::aes_siv::aead::generic_array::GenericArray;
use workflow::aes_siv::aead::{Aead, NewAead};
use workflow::aes_siv::Aes256SivAead;
let key = Key::new(KeyType::Aes256);
let mut aes: Aes256SivAead = Aes256SivAead::new(key.as_slice());
let aes = Aes256SivAead::new_varkey(key.as_slice()).expect("incorrect key length");
/* Technically just random data, you can also use a "key" as iv and nonce */
let iv = Key::new(KeyType::Aes256);
let nonce = Key::new(KeyType::Aes256);
/* Technically just random data, you can also use a "key" as nonce */
let nonce = GenericArray::clone_from_slice(&Key::new(KeyType::Aes256).as_slice()[..16]);
let data_in = "This is a message!";
let encrypted = aes.encrypt(nonce.as_slice(), iv.as_slice(), data_in.as_bytes());
let decrypted = aes
.decrypt(nonce.as_slice(), iv.as_slice(), encrypted.as_slice())
let encrypted = aes
.encrypt(&nonce, data_in.as_bytes())
.expect("encryption failed");
let decrypted = aes.decrypt(&nonce, encrypted.as_slice()).unwrap();
let data_out = ::std::str::from_utf8(&decrypted.as_slice()).unwrap();
assert_eq!(data_in, data_out);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment