crypto::aes::xts+x86_64 +linux

xts implements the AES-XTS cipher mode as defined in the IEEE Std 1619-2007.

AES-XTS is an unauthenticated transparent encryption scheme designed for use cases like disk encryption. Transparent in the sense that the output size is the same as the input size, and that blocks can be written or read in an arbitrary order. Similarly to the ECB mode, XTS operates in blocks which are a multiple of the AES block size.

The security guarantees can be compared to the ECB ones, but with a different key for each block. That means following vulnerabilities exist:

This is a low-level module which implements cryptographic primitives. Direct use of cryptographic primitives is not recommended for non-experts, as incorrect use of these primitives can easily lead to the introduction of security vulnerabilities. Non-experts are advised to use the high-level operations available in the top-level crypto module.

Be advised that Hare's cryptography implementations have not been audited.



// Undocumented types:
type block;


fn decrypt(*block, []u8, []u8, u64) void;
fn encrypt(*block, []u8, []u8, u64) void;
fn finish(*block) void;
fn init(*block, []u8) void;
fn xts() block;


type block[link]

Show undocumented member
type block = struct {
	b1: aes::block,
	b2: aes::block,
	x: [aes::BLOCKSZ]u8,


fn decrypt[link]

fn decrypt(b: *block, dest: []u8, src: []u8, sector: u64) void;

Decrypts a block given its 'sector' number.

fn encrypt[link]

fn encrypt(b: *block, dest: []u8, src: []u8, sector: u64) void;

Encrypts a block given its 'sector' number. The block must be a multiple of crypto::aes::BLOCKSZ (16 bytes) in length.

fn finish[link]

fn finish(b: *block) void;

Clears the sensible data of AES-XTS instance off the memory.

fn init[link]

fn init(b: *block, key: []u8) void;

Initializes the AES-XTS instance. The key length must be 64, 48, or 32 bytes (the size of two valid AES keys).

fn xts[link]

fn xts() block;

Creates a AES-XTS instance. Must be initialized with init and always be finished using finish to erase sensitive state from memory.