pub struct RestrictedCrypto { /* private fields */ }Available on (32-bit or 64-bit) and (crate features
test-utils) only.Expand description
A crypto provider that performs all operations via [RustCrypto] but only
claims support for an explicit allowlist of ciphersuites.
Trait Implementations§
Source§impl OpenMlsCrypto for RestrictedCrypto
impl OpenMlsCrypto for RestrictedCrypto
Source§fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>
fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>
Check whether the
Ciphersuite is supported by the backend or not. Read moreSource§fn supported_ciphersuites(&self) -> Vec<Ciphersuite>
fn supported_ciphersuites(&self) -> Vec<Ciphersuite>
Returns the list of supported
Ciphersuites.Source§fn hkdf_extract(
&self,
hash_type: HashType,
salt: &[u8],
ikm: &[u8],
) -> Result<SecretVLBytes, CryptoError>
fn hkdf_extract( &self, hash_type: HashType, salt: &[u8], ikm: &[u8], ) -> Result<SecretVLBytes, CryptoError>
HKDF extract. Read more
fn hmac( &self, hash_type: HashType, key: &[u8], message: &[u8], ) -> Result<SecretVLBytes, CryptoError>
Source§fn hkdf_expand(
&self,
hash_type: HashType,
prk: &[u8],
info: &[u8],
okm_len: usize,
) -> Result<SecretVLBytes, CryptoError>
fn hkdf_expand( &self, hash_type: HashType, prk: &[u8], info: &[u8], okm_len: usize, ) -> Result<SecretVLBytes, CryptoError>
HKDF expand. Read more
Source§fn hash(&self, hash_type: HashType, data: &[u8]) -> Result<Vec<u8>, CryptoError>
fn hash(&self, hash_type: HashType, data: &[u8]) -> Result<Vec<u8>, CryptoError>
Hash the
data. Read moreSource§fn aead_encrypt(
&self,
alg: AeadType,
key: &[u8],
data: &[u8],
nonce: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn aead_encrypt( &self, alg: AeadType, key: &[u8], data: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
AEAD encrypt with the given parameters. Read more
Source§fn aead_decrypt(
&self,
alg: AeadType,
key: &[u8],
ct_tag: &[u8],
nonce: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn aead_decrypt( &self, alg: AeadType, key: &[u8], ct_tag: &[u8], nonce: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
AEAD decrypt with the given parameters. Read more
Source§fn signature_key_gen(
&self,
alg: SignatureScheme,
) -> Result<(Vec<u8>, Vec<u8>), CryptoError>
fn signature_key_gen( &self, alg: SignatureScheme, ) -> Result<(Vec<u8>, Vec<u8>), CryptoError>
Generate a signature key. Read more
Source§fn verify_signature(
&self,
alg: SignatureScheme,
data: &[u8],
pk: &[u8],
signature: &[u8],
) -> Result<(), CryptoError>
fn verify_signature( &self, alg: SignatureScheme, data: &[u8], pk: &[u8], signature: &[u8], ) -> Result<(), CryptoError>
Verify the signature Read more
Source§fn sign(
&self,
alg: SignatureScheme,
data: &[u8],
key: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn sign( &self, alg: SignatureScheme, data: &[u8], key: &[u8], ) -> Result<Vec<u8>, CryptoError>
Sign with the given parameters. Read more
Source§fn hpke_seal(
&self,
config: HpkeConfig,
pk_r: &[u8],
info: &[u8],
aad: &[u8],
ptxt: &[u8],
) -> Result<HpkeCiphertext, CryptoError>
fn hpke_seal( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], aad: &[u8], ptxt: &[u8], ) -> Result<HpkeCiphertext, CryptoError>
HPKE single-shot encryption of
ptxt to pk_r, using info and aad.Source§fn hpke_open(
&self,
config: HpkeConfig,
input: &HpkeCiphertext,
sk_r: &[u8],
info: &[u8],
aad: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn hpke_open( &self, config: HpkeConfig, input: &HpkeCiphertext, sk_r: &[u8], info: &[u8], aad: &[u8], ) -> Result<Vec<u8>, CryptoError>
HPKE single-shot decryption of
input with sk_r, using info and
aad.Source§fn hpke_setup_sender_and_export(
&self,
config: HpkeConfig,
pk_r: &[u8],
info: &[u8],
exporter_context: &[u8],
exporter_length: usize,
) -> Result<(KemOutput, ExporterSecret), CryptoError>
fn hpke_setup_sender_and_export( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<(KemOutput, ExporterSecret), CryptoError>
HPKE single-shot setup of a sender and immediate export a secret. Read more
Source§fn hpke_setup_receiver_and_export(
&self,
config: HpkeConfig,
enc: &[u8],
sk_r: &[u8],
info: &[u8],
exporter_context: &[u8],
exporter_length: usize,
) -> Result<ExporterSecret, CryptoError>
fn hpke_setup_receiver_and_export( &self, config: HpkeConfig, enc: &[u8], sk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize, ) -> Result<ExporterSecret, CryptoError>
HPKE single-shot setup of a receiver and immediate export a secret. Read more
Source§fn derive_hpke_keypair(
&self,
config: HpkeConfig,
ikm: &[u8],
) -> Result<HpkeKeyPair, CryptoError>
fn derive_hpke_keypair( &self, config: HpkeConfig, ikm: &[u8], ) -> Result<HpkeKeyPair, CryptoError>
Derive a new HPKE keypair from a given input key material.
Source§fn hpke_open_psk(
&self,
config: HpkeConfig,
input: &HpkeCiphertext,
sk_r: &[u8],
info: &[u8],
aad: &[u8],
psk: &[u8],
psk_id: &[u8],
) -> Result<Vec<u8>, CryptoError>
fn hpke_open_psk( &self, config: HpkeConfig, input: &HpkeCiphertext, sk_r: &[u8], info: &[u8], aad: &[u8], psk: &[u8], psk_id: &[u8], ) -> Result<Vec<u8>, CryptoError>
Available on crate feature
targeted-messages-draft only.HPKE single-shot decryption in PSK mode of
input with sk_r, using
info, aad, psk, and psk_id.Source§fn hpke_seal_psk_resolved_aad<F, E>(
&self,
config: HpkeConfig,
pk_r: &[u8],
info: &[u8],
ptxt: &[u8],
psk: &[u8],
psk_id: &[u8],
aad_builder: F,
) -> Result<HpkeCiphertext, HpkeSealPskResolvedAadError<E>>
fn hpke_seal_psk_resolved_aad<F, E>( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], ptxt: &[u8], psk: &[u8], psk_id: &[u8], aad_builder: F, ) -> Result<HpkeCiphertext, HpkeSealPskResolvedAadError<E>>
Available on crate feature
targeted-messages-draft only.HPKE PSK encryption where the AAD depends on the KEM output. Read more
Source§fn ff1_aes128_encrypt(
&self,
key: &[u8; 16],
plaintext: u32,
) -> Result<u32, CryptoError>
fn ff1_aes128_encrypt( &self, key: &[u8; 16], plaintext: u32, ) -> Result<u32, CryptoError>
Available on crate feature
virtual-clients-draft only.FF1-AES128 encryption of a 32-bit value under a 16-byte key. Read more
Source§fn ff1_aes128_decrypt(
&self,
key: &[u8; 16],
ciphertext: u32,
) -> Result<u32, CryptoError>
fn ff1_aes128_decrypt( &self, key: &[u8; 16], ciphertext: u32, ) -> Result<u32, CryptoError>
Available on crate feature
virtual-clients-draft only.FF1-AES128 decryption of a 32-bit value under a 16-byte key. Read more
Auto Trait Implementations§
impl !Freeze for RestrictedCrypto
impl RefUnwindSafe for RestrictedCrypto
impl Send for RestrictedCrypto
impl Sync for RestrictedCrypto
impl Unpin for RestrictedCrypto
impl UnsafeUnpin for RestrictedCrypto
impl UnwindSafe for RestrictedCrypto
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
impl<ST, DT> CastableFrom<ST, Initialized, Initialized> for DT
impl<ST, DT> CastableFrom<ST, Uninit, Uninit> for DT
§impl<T> Classify for T
impl<T> Classify for T
type Classified = T
fn classify(self) -> T
§impl<T> Declassify for T
impl<T> Declassify for T
type Declassified = T
fn declassify(self) -> T
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more