[−]Trait recrypt::api::CryptoOps
Encrypt, Decrypt, Transform, and supporting operations.
Required methods
fn gen_plaintext(&mut self) -> Plaintext
Using the random_bytes, generate a random element of G_T, which is one of the rth roots of unity in FP12.
What it means to be an rth root (for Fp256): let curve_order = 6500054969564660373279643874235990574257040605390378638988106296904416679996; (this is "r" -- also defined as the prime for Fr256) let rth_pow = plaintext.pow(curve_order); assert_eq!(rth_pow, Fp12Elem::one()); Note that this cannot be implemented here as we do not define a way to do: Fp12.pow(Fp256)
fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
Convert our plaintext into a DecryptedSymmetricKey by hashing it.
fn hash_256<T: Hashable>(&self, to_hash: &T) -> [u8; 32]
Compute the stable hash of a value. This can be used to hash a Plaintext into a symmetric key or to generate a PrivateKey from a Plaintext which you're encrypting to someone else.
fn encrypt(
&mut self,
plaintext: &Plaintext,
to_public_key: PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>
&mut self,
plaintext: &Plaintext,
to_public_key: PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>
Encrypt the plaintext to the to_public_key
.
Arguments
plaintext
- value to encrypt.to_public_key
- identity to encrypt to.signing_keypair
- signing keypair of the person (or device) who is encrypting this value
Return
EncryptedValue which can be decrypted by the matching private key of to_public_key
or ApiErr.
fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, ApiErr>
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, ApiErr>
Decrypt the value using private_key
.
Arguments
encrypted_value
- value we want to decrypt.private_key
- PrivateKey which we want to use to decrypt the EncryptedValue.
Return
An error if the key didn't match or something was corrupted in the EncryptedValue, otherwise the recovered plaintext.
fn transform(
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>
Transform the value encrypted_value
using the transform_key
.
The returned value can be decrypted by the private key associated to the to_public_key
in the transform_key
.
The transformed value will be signed using the private_signing_key
and will embed
the public_signing_key
into the returned value.
Implementors
impl<R: RandomBytesGen, H: Sha256Hashing, S: Ed25519Signing> CryptoOps for Api<H, S, R>
fn gen_plaintext(&mut self) -> Plaintext
fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
fn hash_256<T: Hashable>(&self, to_hash: &T) -> [u8; 32]
fn encrypt(
&mut self,
plaintext: &Plaintext,
to_public_key: PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>
&mut self,
plaintext: &Plaintext,
to_public_key: PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>
fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, ApiErr>
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, ApiErr>
fn transform(
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, ApiErr>