ssh-cipher: consolidate aes feature; extract Aes type#530
Merged
Conversation
Member
Author
|
Note: I think this approach can be further continued by making |
tarcieri
commented
May 22, 2026
Comment on lines
+9
to
+16
| /// Advanced Encryption Standard (AES) low-level block cipher. | ||
| /// | ||
| /// Supports 128-bit, 192-bit, and 256-bit key sizes. | ||
| pub(crate) enum Aes { | ||
| Aes128(Aes128), | ||
| Aes192(Aes192), | ||
| Aes256(Aes256), | ||
| } |
Member
Author
There was a problem hiding this comment.
@newpavlov I wonder if something like this would be useful in the aes crate itself (or perhaps a single type that supports all three key sizes and can dynamically select which one at runtime without having to monomorphize the full code three times)
Combines the `aes-cbc`, `aes-ctr`, and `aes-gcm` features into a single
`aes` feature which provides them all.
Additionally refactors the internals of `Encryptor` and `Decryptor`
around a new `Aes` type which provides an enum over the 128-bit,
192-bit, and 256-bit key sizes, and dynamically selects which one based
on the provided key size.
This type impls the `BlockCipherDecrypt`, `BlockCipherEncrypt`, and
`BlockSizeUser` traits which delegate to the inner cipher, since once
initialized with a key the API provided by the cipher is the same. These
delegate to the respective AES implementations for various key sizes.
Because it impls these traits, we're able to use it directly with types
like `cbc::{Encryptor, Decryptor}` and `Ctr128BE`, collapsing the
combinatorial explosion of key sizes and block modes down to just one
enum variant per block mode.
tarcieri
force-pushed
the
ssh-cipher/dynamic-aes-key-size
branch
from
408527f to
ba022d6
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Combines the
aes-cbc,aes-ctr, andaes-gcmfeatures into a singleaesfeature which provides them all.Additionally refactors the internals of
EncryptorandDecryptoraround a newAestype which provides an enum over the 128-bit, 192-bit, and 256-bit key sizes, and dynamically selects which one based on the provided key size.This type impls the
BlockCipherDecrypt,BlockCipherEncrypt, andBlockSizeUsertraits which delegate to the inner cipher, since once initialized with a key the API provided by the cipher is the same. These delegate to the respective AES implementations for various key sizes.Because it impls these traits, we're able to use it directly with types like
cbc::{Encryptor, Decryptor}andCtr128BE, collapsing the combinatorial explosion of key sizes and block modes down to just one enum variant per block mode.