Trait recrypt::api::CryptoOps [−]
pub trait CryptoOps {
fn gen_plaintext(&self) -> Plaintext;
fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey;
fn derive_private_key(&self, plaintext: &Plaintext) -> PrivateKey;
fn encrypt(
&self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>;
fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>;
fn transform(
&self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>;
}
Expand description
Encrypt, Decrypt, Transform, and supporting operations.
Required methods
fn gen_plaintext(&self) -> Plaintext
fn gen_plaintext(&self) -> Plaintext
Using the random_bytes, generate a random element of G_T, which is one of the rth roots of unity in FP12.
What it means to be an rth root (for Fp256): let curve_order = 6500054969564660373279643874235990574257040605390378638988106296904416679996; (this is “r” – also defined as the prime for Fr256) let rth_pow = plaintext.pow(curve_order); assert_eq!(rth_pow, Fp12Elem::one()); Note that this cannot be implemented here as we do not define a way to do: Fp12.pow(Fp256)
fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
Convert our plaintext into a DecryptedSymmetricKey by hashing it.
Typically you either use derive_private_key
or derive_symmetric_key
but not both.
fn derive_private_key(&self, plaintext: &Plaintext) -> PrivateKey
fn derive_private_key(&self, plaintext: &Plaintext) -> PrivateKey
Derive a private key for a plaintext by hashing it and modding it by the prime.
Typically you either use derive_private_key
or derive_symmetric_key
but not both.
fn encrypt(
&self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
fn encrypt(
&self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
Encrypt the plaintext to the to_public_key
.
Arguments
plaintext
- value to encrypt.to_public_key
- identity to encrypt to.signing_keypair
- signing keypair of the person (or device) who is encrypting this value
Return
EncryptedValue which can be decrypted by the matching private key of to_public_key
or RecryptErr.
fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
fn transform(
&self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
fn transform(
&self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
Transform the value encrypted_value
using the transform_key
.
The returned value can be decrypted by the private key associated to the to_public_key
in the transform_key
.
The transformed value will be signed using the private_signing_key
and will embed
the public_signing_key
into the returned value.