Struct PrivateKey

pub struct PrivateKey<S: Suite> {
    pub scalar: NonZero<SecretScalar<S::E>>,
}

Private key is a scalar of the elliptic curve in the chosen suite.

You can obtain a private key by generating it with PrivateKey::generate, or by reading it from bytes with PrivateKey::from_bytes.

The scalars are stored as bytes in big-endian format, which might not always be compatible with other software working with this elliptic curve. For example, for EdDSA compatability we provide a method PrivateKey::from_eddsa_pkey_bytes

Fields

scalar: NonZero<SecretScalar<S::E>>

d in the standard

Implementations

impl<S> PrivateKey<S>

where S: Suite<E = Ed25519>,

pub fn from_eddsa_pkey_bytes(bytes: &[u8; 32]) -> Option<Self>

Since eddsa secret key is not a scalar, and most tools that call themselves ed25519 are actually eddsa, we need to convert from eddsa key to a scalar.

Returns None if the bytes hash to zero (this has a vanishing probability of occuring)

impl PrivateKey<Curve25519Aes128cbcHmacsha256>

pub fn decrypt_in_place<'m>( &self, message: EncryptedMessage<'m>, ) -> Result<&'m mut [u8], DecError>

Decrypt the message bytes in place; specialization for curve25519aes128_cbchmac. Uses PKCS7 padding.

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will modify the bytes in the buffer and return a slice to them.

Convenient alias for PrivateKey::block_decrypt_in_place

pub fn decrypt( &self, message: &EncryptedMessage<'_>, ) -> Result<Vec<u8>, DecError>

Decrypt the message bytes into a new buffer; specialization for curve25519aes128_cbchmac. Uses PKCS7 padding.

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will copy the message bytes into a new buffer and return a Vec containing them.

Convenient alias for PrivateKey::block_decrypt

impl PrivateKey<Curve25519Xsalsa20Hmacsha256>

pub fn decrypt_in_place<'m>( &self, message: EncryptedMessage<'m>, ) -> Result<&'m mut [u8], DecError>

Decrypt the message bytes in place; specialization for curve25519xsalsa20hmac

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will modify the bytes in the buffer and return a slice to them.

Convenient alias to PrivateKey::stream_decrypt_in_place

pub fn decrypt( &self, message: &EncryptedMessage<'_>, ) -> Result<Vec<u8>, DecError>

Decrypt the message bytes into a new buffer; specialization for curve25519xsalsa20hmac

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will copy the message bytes into a new buffer and return a Vec containing them.

Convenient alias to PrivateKey::decrypt_in_place

impl<S: Suite> PrivateKey<S>

pub fn generate(rng: &mut (impl RngCore + CryptoRng)) -> Self

Generate random key using the provided CryptoRng

pub fn from_bytes(bytes: impl AsRef<[u8]>) -> Option<Self>

Read the bytes as a big-endian number. This might not necessarily be compatible with other software for working with elliptic curves.

pub fn to_bytes(&self) -> Vec<u8>

Stores the scalar as a big-endian number. This might not necessarily be compatible with other software for working with elliptic curves.

pub fn public_key(&self) -> PublicKey<S>

Compute the associated public key Q = g * d

impl<S: Suite> PrivateKey<S>

pub fn stream_decrypt_in_place<'m>( &self, message: EncryptedMessage<'m, S>, ) -> Result<&'m mut [u8], DecError>

where S::Mac: Mac + KeyInit, S::Dec: KeyIvInit + StreamCipher,

Decrypt the message bytes in place. Variant for suites with stream ciphers.

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will modify the bytes in the buffer and return a slice to them.

pub fn stream_decrypt( &self, message: &EncryptedMessage<'_, S>, ) -> Result<Vec<u8>, DecError>

where S::Mac: Mac + KeyInit, S::Dec: KeyIvInit + StreamCipher,

Decrypt the message bytes into a new buffer. Variant for suites with stream ciphers.

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will copy the message bytes into a new buffer and return a Vec containing them.

pub fn block_decrypt_in_place<'m>( &self, message: EncryptedMessage<'m, S>, ) -> Result<&'m mut [u8], DecError>

where S::Mac: Mac + KeyInit, S::Dec: KeyIvInit + BlockDecryptMut,

Decrypt the message bytes in place. Variant for suites with block ciphers. Uses PKCS7 padding.

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will modify the bytes in the buffer and return a slice to them.

pub fn block_decrypt( &self, message: &EncryptedMessage<'_, S>, ) -> Result<Vec<u8>, DecError>

where S::Mac: Mac + KeyInit, S::Dec: KeyIvInit + BlockDecryptMut,

Decrypt the message bytes into a new buffer. Variant for suites with block ciphers. Uses PKCS7 padding.

When you have a buffer of bytes to decrypt, you first need to parse it with EncryptedMessage::from_bytes, and then decrypt the structure using this funciton. It will copy the message bytes into a new buffer and return a Vec containing them.

Trait Implementations

impl<S: Clone + Suite> Clone for PrivateKey<S>

where S::E: Clone,

fn clone(&self) -> PrivateKey<S>

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl<S: Debug + Suite> Debug for PrivateKey<S>

where S::E: Debug,

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.