Trait OpenMlsCrypto
pub trait OpenMlsCrypto: Send + Sync {
Show 18 methods
// Required methods
fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>;
fn supported_ciphersuites(&self) -> Vec<Ciphersuite>;
fn hkdf_extract(
&self,
hash_type: HashType,
salt: &[u8],
ikm: &[u8],
) -> Result<SecretVLBytes, CryptoError>;
fn hmac(
&self,
hash_type: HashType,
key: &[u8],
message: &[u8],
) -> Result<SecretVLBytes, CryptoError>;
fn hkdf_expand(
&self,
hash_type: HashType,
prk: &[u8],
info: &[u8],
okm_len: usize,
) -> Result<SecretVLBytes, CryptoError>;
fn hash(
&self,
hash_type: HashType,
data: &[u8],
) -> Result<Vec<u8>, CryptoError>;
fn aead_encrypt(
&self,
alg: AeadType,
key: &[u8],
data: &[u8],
nonce: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>;
fn aead_decrypt(
&self,
alg: AeadType,
key: &[u8],
ct_tag: &[u8],
nonce: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>;
fn signature_key_gen(
&self,
alg: SignatureScheme,
) -> Result<(Vec<u8>, Vec<u8>), CryptoError>;
fn verify_signature(
&self,
alg: SignatureScheme,
data: &[u8],
pk: &[u8],
signature: &[u8],
) -> Result<(), CryptoError>;
fn sign(
&self,
alg: SignatureScheme,
data: &[u8],
key: &[u8],
) -> Result<Vec<u8>, CryptoError>;
fn hpke_seal(
&self,
config: HpkeConfig,
pk_r: &[u8],
info: &[u8],
aad: &[u8],
ptxt: &[u8],
) -> Result<HpkeCiphertext, CryptoError>;
fn hpke_open(
&self,
config: HpkeConfig,
input: &HpkeCiphertext,
sk_r: &[u8],
info: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>;
fn hpke_setup_sender_and_export(
&self,
config: HpkeConfig,
pk_r: &[u8],
info: &[u8],
exporter_context: &[u8],
exporter_length: usize,
) -> Result<(Vec<u8>, ExporterSecret), CryptoError>;
fn hpke_setup_receiver_and_export(
&self,
config: HpkeConfig,
enc: &[u8],
sk_r: &[u8],
info: &[u8],
exporter_context: &[u8],
exporter_length: usize,
) -> Result<ExporterSecret, CryptoError>;
fn derive_hpke_keypair(
&self,
config: HpkeConfig,
ikm: &[u8],
) -> Result<HpkeKeyPair, CryptoError>;
fn ff1_aes128_encrypt(
&self,
key: &[u8; 16],
plaintext: u32,
) -> Result<u32, CryptoError>;
fn ff1_aes128_decrypt(
&self,
key: &[u8; 16],
ciphertext: u32,
) -> Result<u32, CryptoError>;
}Available on 32-bit or 64-bit only.
Required Methods§
fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>
fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>
Check whether the Ciphersuite is supported by the backend or not.
Returns a CryptoError::UnsupportedCiphersuite if the ciphersuite is not supported.
fn supported_ciphersuites(&self) -> Vec<Ciphersuite>
fn supported_ciphersuites(&self) -> Vec<Ciphersuite>
Returns the list of supported Ciphersuites.
fn hkdf_extract(
&self,
hash_type: HashType,
salt: &[u8],
ikm: &[u8],
) -> Result<SecretVLBytes, CryptoError>
fn hkdf_extract( &self, hash_type: HashType, salt: &[u8], ikm: &[u8], ) -> Result<SecretVLBytes, CryptoError>
HKDF extract.
Returns an error if the HashType is not supported.
fn hmac( &self, hash_type: HashType, key: &[u8], message: &[u8], ) -> Result<SecretVLBytes, CryptoError>
fn hkdf_expand(
&self,
hash_type: HashType,
prk: &[u8],
info: &[u8],
okm_len: usize,
) -> Result<SecretVLBytes, CryptoError>
fn hkdf_expand( &self, hash_type: HashType, prk: &[u8], info: &[u8], okm_len: usize, ) -> Result<SecretVLBytes, CryptoError>
HKDF expand.
Returns an error if the HashType is not supported or the output length
is too long.
fn hash(&self, hash_type: HashType, data: &[u8]) -> Result<Vec<u8>, CryptoError>
fn hash(&self, hash_type: HashType, data: &[u8]) -> Result<Vec<u8>, CryptoError>
Hash the data.
Returns an error if the HashType is not supported.
fn aead_encrypt(
&self,
alg: AeadType,
key: &[u8],
data: &[u8],
nonce: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn aead_encrypt( &self, alg: AeadType, key: &[u8], data: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
AEAD encrypt with the given parameters.
Returns an error if the AeadType is not supported or an encryption
error occurs.
fn aead_decrypt(
&self,
alg: AeadType,
key: &[u8],
ct_tag: &[u8],
nonce: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn aead_decrypt( &self, alg: AeadType, key: &[u8], ct_tag: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
AEAD decrypt with the given parameters.
Returns an error if the AeadType is not supported or a decryption
error occurs.
fn signature_key_gen(
&self,
alg: SignatureScheme,
) -> Result<(Vec<u8>, Vec<u8>), CryptoError>
fn signature_key_gen( &self, alg: SignatureScheme, ) -> Result<(Vec<u8>, Vec<u8>), CryptoError>
Generate a signature key.
Returns an error if the SignatureScheme is not supported or the key
generation fails.
fn verify_signature(
&self,
alg: SignatureScheme,
data: &[u8],
pk: &[u8],
signature: &[u8],
) -> Result<(), CryptoError>
fn verify_signature( &self, alg: SignatureScheme, data: &[u8], pk: &[u8], signature: &[u8], ) -> Result<(), CryptoError>
Verify the signature
Returns an error if the SignatureScheme is not supported or the
signature verification fails.
fn sign(
&self,
alg: SignatureScheme,
data: &[u8],
key: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn sign( &self, alg: SignatureScheme, data: &[u8], key: &[u8], ) -> Result<Vec<u8>, CryptoError>
Sign with the given parameters.
Returns an error if the SignatureScheme is not supported or an error
occurs during signature generation.
fn hpke_seal(
&self,
config: HpkeConfig,
pk_r: &[u8],
info: &[u8],
aad: &[u8],
ptxt: &[u8],
) -> Result<HpkeCiphertext, CryptoError>
fn hpke_seal( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], aad: &[u8], ptxt: &[u8], ) -> Result<HpkeCiphertext, CryptoError>
HPKE single-shot encryption of ptxt to pk_r, using info and aad.
fn hpke_open(
&self,
config: HpkeConfig,
input: &HpkeCiphertext,
sk_r: &[u8],
info: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn hpke_open( &self, config: HpkeConfig, input: &HpkeCiphertext, sk_r: &[u8], info: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
HPKE single-shot decryption of input with sk_r, using info and
aad.
fn hpke_setup_sender_and_export(
&self,
config: HpkeConfig,
pk_r: &[u8],
info: &[u8],
exporter_context: &[u8],
exporter_length: usize,
) -> Result<(Vec<u8>, ExporterSecret), CryptoError>
fn hpke_setup_sender_and_export( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<(Vec<u8>, ExporterSecret), CryptoError>
HPKE single-shot setup of a sender and immediate export a secret.
The encapsulated secret is returned together with the exported secret.
fn hpke_setup_receiver_and_export(
&self,
config: HpkeConfig,
enc: &[u8],
sk_r: &[u8],
info: &[u8],
exporter_context: &[u8],
exporter_length: usize,
) -> Result<ExporterSecret, CryptoError>
fn hpke_setup_receiver_and_export( &self, config: HpkeConfig, enc: &[u8], sk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<ExporterSecret, CryptoError>
HPKE single-shot setup of a receiver and immediate export a secret.
Returns the exported secret.
fn derive_hpke_keypair(
&self,
config: HpkeConfig,
ikm: &[u8],
) -> Result<HpkeKeyPair, CryptoError>
fn derive_hpke_keypair( &self, config: HpkeConfig, ikm: &[u8], ) -> Result<HpkeKeyPair, CryptoError>
Derive a new HPKE keypair from a given input key material.
fn ff1_aes128_encrypt(
&self,
key: &[u8; 16],
plaintext: u32,
) -> Result<u32, CryptoError>
virtual-clients-draft only.
fn ff1_aes128_encrypt( &self, key: &[u8; 16], plaintext: u32, ) -> Result<u32, CryptoError>
virtual-clients-draft only.FF1-AES128 encryption of a 32-bit value under a 16-byte key.
FF1 (NIST SP 800-38G) instantiated with AES-128, radix 2, an empty
tweak, and an input-output space of 32-bit integers, as specified by
the mls-virtual-clients draft (Small-Space PRP section). Used to
derive PrivateMessage reuse guards. Inverse of
OpenMlsCrypto::ff1_aes128_decrypt.
fn ff1_aes128_decrypt(
&self,
key: &[u8; 16],
ciphertext: u32,
) -> Result<u32, CryptoError>
virtual-clients-draft only.
fn ff1_aes128_decrypt( &self, key: &[u8; 16], ciphertext: u32, ) -> Result<u32, CryptoError>
virtual-clients-draft only.FF1-AES128 decryption of a 32-bit value under a 16-byte key.
Inverse of OpenMlsCrypto::ff1_aes128_encrypt.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".
Implementations on Foreign Types§
§impl OpenMlsCrypto for CryptoProvider
impl OpenMlsCrypto for CryptoProvider
fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>
fn supported_ciphersuites(&self) -> Vec<Ciphersuite>
fn hkdf_extract( &self, hash_type: HashType, salt: &[u8], ikm: &[u8], ) -> Result<SecretVLBytes, CryptoError>
fn hmac( &self, hash_type: HashType, key: &[u8], message: &[u8], ) -> Result<SecretVLBytes, CryptoError>
fn hkdf_expand( &self, hash_type: HashType, prk: &[u8], info: &[u8], okm_len: usize, ) -> Result<SecretVLBytes, CryptoError>
fn hash(&self, hash_type: HashType, data: &[u8]) -> Result<Vec<u8>, CryptoError>
fn aead_encrypt( &self, alg: AeadType, key: &[u8], data: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn aead_decrypt( &self, alg: AeadType, key: &[u8], ct_tag: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn signature_key_gen( &self, alg: SignatureScheme, ) -> Result<(Vec<u8>, Vec<u8>), CryptoError>
fn verify_signature( &self, alg: SignatureScheme, data: &[u8], pk: &[u8], signature: &[u8], ) -> Result<(), CryptoError>
fn sign( &self, alg: SignatureScheme, data: &[u8], key: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn hpke_seal( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], aad: &[u8], ptxt: &[u8], ) -> Result<HpkeCiphertext, CryptoError>
fn hpke_open( &self, config: HpkeConfig, input: &HpkeCiphertext, sk_r: &[u8], info: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn hpke_setup_sender_and_export( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<(Vec<u8>, ExporterSecret), CryptoError>
fn hpke_setup_receiver_and_export( &self, config: HpkeConfig, enc: &[u8], sk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<ExporterSecret, CryptoError>
fn derive_hpke_keypair( &self, config: HpkeConfig, ikm: &[u8], ) -> Result<HpkeKeyPair, CryptoError>
§fn ff1_aes128_encrypt(
&self,
key: &[u8; 16],
plaintext: u32,
) -> Result<u32, CryptoError>
fn ff1_aes128_encrypt( &self, key: &[u8; 16], plaintext: u32, ) -> Result<u32, CryptoError>
Available on crate feature
virtual-clients-draft only.§fn ff1_aes128_decrypt(
&self,
key: &[u8; 16],
ciphertext: u32,
) -> Result<u32, CryptoError>
fn ff1_aes128_decrypt( &self, key: &[u8; 16], ciphertext: u32, ) -> Result<u32, CryptoError>
Available on crate feature
virtual-clients-draft only.§impl OpenMlsCrypto for RustCrypto
impl OpenMlsCrypto for RustCrypto
fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>
fn supported_ciphersuites(&self) -> Vec<Ciphersuite>
fn hkdf_extract( &self, hash_type: HashType, salt: &[u8], ikm: &[u8], ) -> Result<SecretVLBytes, CryptoError>
fn hmac( &self, hash_type: HashType, key: &[u8], message: &[u8], ) -> Result<SecretVLBytes, CryptoError>
fn hkdf_expand( &self, hash_type: HashType, prk: &[u8], info: &[u8], okm_len: usize, ) -> Result<SecretVLBytes, CryptoError>
fn hash(&self, hash_type: HashType, data: &[u8]) -> Result<Vec<u8>, CryptoError>
fn aead_encrypt( &self, alg: AeadType, key: &[u8], data: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn aead_decrypt( &self, alg: AeadType, key: &[u8], ct_tag: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn signature_key_gen( &self, alg: SignatureScheme, ) -> Result<(Vec<u8>, Vec<u8>), CryptoError>
fn verify_signature( &self, alg: SignatureScheme, data: &[u8], pk: &[u8], signature: &[u8], ) -> Result<(), CryptoError>
fn sign( &self, alg: SignatureScheme, data: &[u8], key: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn hpke_seal( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], aad: &[u8], ptxt: &[u8], ) -> Result<HpkeCiphertext, CryptoError>
fn hpke_open( &self, config: HpkeConfig, input: &HpkeCiphertext, sk_r: &[u8], info: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
fn hpke_setup_sender_and_export( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<(Vec<u8>, ExporterSecret), CryptoError>
fn hpke_setup_receiver_and_export( &self, config: HpkeConfig, enc: &[u8], sk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<ExporterSecret, CryptoError>
fn derive_hpke_keypair( &self, config: HpkeConfig, ikm: &[u8], ) -> Result<HpkeKeyPair, CryptoError>
§fn ff1_aes128_encrypt(
&self,
key: &[u8; 16],
plaintext: u32,
) -> Result<u32, CryptoError>
fn ff1_aes128_encrypt( &self, key: &[u8; 16], plaintext: u32, ) -> Result<u32, CryptoError>
Available on crate feature
virtual-clients-draft only.§fn ff1_aes128_decrypt(
&self,
key: &[u8; 16],
ciphertext: u32,
) -> Result<u32, CryptoError>
fn ff1_aes128_decrypt( &self, key: &[u8; 16], ciphertext: u32, ) -> Result<u32, CryptoError>
Available on crate feature
virtual-clients-draft only.