aranya-crypto 0.14.1

The Aranya Cryptography Engine
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123

/// Wraps a KDF with a specific OID.
#[macro_export]
macro_rules! kdf_with_oid {
    (
        $(#[$meta:meta])*
        $vis:vis struct $name:ident($inner:ty) => $oid:expr
    ) => {
        $(#[$meta])*
        $vis struct $name($inner);

        impl $crate::dangerous::spideroak_crypto::kdf::Kdf for $name {
            type MaxOutput = <$inner as $crate::dangerous::spideroak_crypto::kdf::Kdf>::MaxOutput;

            type PrkSize = <$inner as $crate::dangerous::spideroak_crypto::kdf::Kdf>::PrkSize;

            fn extract(ikm: &[u8], salt: &[u8]) -> $crate::dangerous::spideroak_crypto::kdf::Prk<Self::PrkSize> {
                <$inner as $crate::dangerous::spideroak_crypto::kdf::Kdf>::extract(ikm, salt)
            }

            fn extract_multi<I>(ikm: I, salt: &[u8]) -> $crate::dangerous::spideroak_crypto::kdf::Prk<Self::PrkSize>
            where
                I: ::core::iter::IntoIterator,
                I::Item: ::core::convert::AsRef<[u8]>,
            {
                <$inner as $crate::dangerous::spideroak_crypto::kdf::Kdf>::extract_multi(ikm, salt)
            }

            fn expand(out: &mut [u8], prk: &Prk<Self::PrkSize>, info: &[u8]) -> ::core::result::Result<(), $crate::dangerous::spideroak_crypto::kdf::KdfError> {
                <$inner as $crate::dangerous::spideroak_crypto::kdf::Kdf>::expand(out, prk, info)
            }

            fn expand_multi<I>(out: &mut [u8], prk: &Prk<Self::PrkSize>, info: I) -> ::core::result::Result<(), $crate::dangerous::spideroak_crypto::kdf::KdfError>
            where
                I: ::core::iter::IntoIterator,
                I::Item: ::core::convert::AsRef<[u8]>,
                I::IntoIter: ::core::clone::Clone,
            {
                <$inner as $crate::dangerous::spideroak_crypto::kdf::Kdf>::expand_multi(out, prk, info)
            }
        }

        impl $crate::dangerous::spideroak_crypto::hpke::HpkeKdf for $name {
            const ID: $crate::dangerous::spideroak_crypto::hpke::KdfId = <$inner as $crate::dangerous::spideroak_crypto::hpke::HpkeKdf>::ID;
        }

        impl $crate::dangerous::spideroak_crypto::oid::Identified for $name {
            const OID: &'static $crate::dangerous::spideroak_crypto::oid::Oid = $oid;
        }
    };
}

/// Wraps a KEM with a specific OID.
#[macro_export]
macro_rules! kem_with_oid {
    (
        $(#[$meta:meta])*
        $vis:vis struct $name:ident($inner:ty) => $oid:expr
    ) => {
        $(#[$meta])*
        $vis struct $name($inner);

        #[allow(non_snake_case)]
        impl $crate::dangerous::spideroak_crypto::kem::Kem for $name {
            type DecapKey = <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::DecapKey;
            type EncapKey = <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::EncapKey;
            type Secret = <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::Secret;
            type Encap = <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::Encap;

            fn encap<R: $crate::dangerous::spideroak_crypto::csprng::Csprng>(
                rng: R,
                pkR: &Self::EncapKey,
            ) -> Result<(Self::Secret, Self::Encap), $crate::dangerous::spideroak_crypto::kem::KemError> {
                <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::encap(rng, pkR)
            }

            fn encap_deterministically(
                pkR: &Self::EncapKey,
                skE: Self::DecapKey,
            ) -> Result<(Self::Secret, Self::Encap), $crate::dangerous::spideroak_crypto::kem::KemError> {
                <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::encap_deterministically(pkR, skE)
            }

            fn decap(
                enc: &Self::Encap,
                skR: &Self::DecapKey,
            ) -> Result<Self::Secret, $crate::dangerous::spideroak_crypto::kem::KemError> {
                <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::decap(enc, skR)
            }

            fn auth_encap<R: $crate::dangerous::spideroak_crypto::csprng::Csprng>(
                rng: R,
                pkR: &Self::EncapKey,
                skS: &Self::DecapKey,
            ) -> Result<(Self::Secret, Self::Encap), $crate::dangerous::spideroak_crypto::kem::KemError> {
                <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::auth_encap(rng, pkR, skS)
            }

            fn auth_encap_deterministically(
                pkR: &Self::EncapKey,
                skS: &Self::DecapKey,
                skE: Self::DecapKey,
            ) -> Result<(Self::Secret, Self::Encap), $crate::dangerous::spideroak_crypto::kem::KemError> {
                <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::auth_encap_deterministically(pkR, skS, skE)
            }

            fn auth_decap(
                enc: &Self::Encap,
                skR: &Self::DecapKey,
                pkS: &Self::EncapKey,
            ) -> Result<Self::Secret, $crate::dangerous::spideroak_crypto::kem::KemError> {
                <$inner as $crate::dangerous::spideroak_crypto::kem::Kem>::auth_decap(enc, skR, pkS)
            }
        }

        impl $crate::dangerous::spideroak_crypto::hpke::HpkeKem for $name {
            const ID: $crate::dangerous::spideroak_crypto::hpke::KemId = <$inner as $crate::dangerous::spideroak_crypto::hpke::HpkeKem>::ID;
        }

        impl $crate::dangerous::spideroak_crypto::oid::Identified for $name {
            const OID: &'static $crate::dangerous::spideroak_crypto::oid::Oid = $oid;
        }
    };
}