pub struct Hpke<Crypto: 'static + HpkeCrypto> { /* private fields */ }
Expand description
The HPKE configuration struct.
This holds the configuration for HPKE but no state.
To use HPKE first instantiate the configuration with
let hpke = Hpke::new(mode, kem_mode, kdf_mode, aead_mode)
.
Now one can use the hpke
configuration.
Note that cloning does NOT clone the PRNG state.
Implementations§
source§impl<Crypto: HpkeCrypto> Hpke<Crypto>
impl<Crypto: HpkeCrypto> Hpke<Crypto>
sourcepub fn new(
mode: Mode,
kem_id: KemAlgorithm,
kdf_id: KdfAlgorithm,
aead_id: AeadAlgorithm
) -> Self
pub fn new( mode: Mode, kem_id: KemAlgorithm, kdf_id: KdfAlgorithm, aead_id: AeadAlgorithm ) -> Self
Set up the configuration for HPKE.
sourcepub fn setup_sender(
&mut self,
pk_r: &HpkePublicKey,
info: &[u8],
psk: Option<&[u8]>,
psk_id: Option<&[u8]>,
sk_s: Option<&HpkePrivateKey>
) -> Result<(Vec<u8>, Context<Crypto>), HpkeError>
pub fn setup_sender( &mut self, pk_r: &HpkePublicKey, info: &[u8], psk: Option<&[u8]>, psk_id: Option<&[u8]>, sk_s: Option<&HpkePrivateKey> ) -> Result<(Vec<u8>, Context<Crypto>), HpkeError>
Set up an HPKE sender.
For the base and PSK modes this encapsulates the public key pk_r
of the receiver.
For the Auth and AuthPSK modes this encapsulates and authenticates
the public key pk_r
of the receiver with the senders secret key sk_s
.
Note that this API expects the public key to be encoded. This differs from the RFC. But the public keys will be present in encoded form rather than raw form such that it doesn’t make sense to deserialize before passing it in.
The encapsulated secret is returned together with the context. If the secret key is missing in an authenticated mode, an error is returned.
sourcepub fn setup_receiver(
&self,
enc: &[u8],
sk_r: &HpkePrivateKey,
info: &[u8],
psk: Option<&[u8]>,
psk_id: Option<&[u8]>,
pk_s: Option<&HpkePublicKey>
) -> Result<Context<Crypto>, HpkeError>
pub fn setup_receiver( &self, enc: &[u8], sk_r: &HpkePrivateKey, info: &[u8], psk: Option<&[u8]>, psk_id: Option<&[u8]>, pk_s: Option<&HpkePublicKey> ) -> Result<Context<Crypto>, HpkeError>
Set up an HPKE receiver.
For the base and PSK modes this decapsulates enc
with the secret key
sk_r
of the receiver.
For the Auth and AuthPSK modes this decapsulates and authenticates enc
with the secret key sk_r
of the receiver and the senders public key pk_s
.
Note that this API expects the public key to be encoded. This differs from the RFC. But the public keys will be present in encoded form rather than raw form such that it doesn’t make sense to deserialize before passing it in.
The context based on the decapsulated values and, if present, the PSK is returned. If the secret key is missing in an authenticated mode, an error is returned.
sourcepub fn seal(
&mut self,
pk_r: &HpkePublicKey,
info: &[u8],
aad: &[u8],
plain_txt: &[u8],
psk: Option<&[u8]>,
psk_id: Option<&[u8]>,
sk_s: Option<&HpkePrivateKey>
) -> Result<(Vec<u8>, Vec<u8>), HpkeError>
pub fn seal( &mut self, pk_r: &HpkePublicKey, info: &[u8], aad: &[u8], plain_txt: &[u8], psk: Option<&[u8]>, psk_id: Option<&[u8]>, sk_s: Option<&HpkePrivateKey> ) -> Result<(Vec<u8>, Vec<u8>), HpkeError>
- Single-Shot APIs 6.1. Encryption and Decryption
Single shot API to encrypt the bytes in plain_text
to the public key
pk_r
.
Note that this API expects the public key to be encoded. This differs from the RFC. But the public keys will be present in encoded form rather than raw form such that it doesn’t make sense to deserialize before passing it in.
Returns the encapsulated secret and the ciphertext, or an error.
sourcepub fn open(
&self,
enc: &[u8],
sk_r: &HpkePrivateKey,
info: &[u8],
aad: &[u8],
ct: &[u8],
psk: Option<&[u8]>,
psk_id: Option<&[u8]>,
pk_s: Option<&HpkePublicKey>
) -> Result<Vec<u8>, HpkeError>
pub fn open( &self, enc: &[u8], sk_r: &HpkePrivateKey, info: &[u8], aad: &[u8], ct: &[u8], psk: Option<&[u8]>, psk_id: Option<&[u8]>, pk_s: Option<&HpkePublicKey> ) -> Result<Vec<u8>, HpkeError>
- Single-Shot APIs 6.1. Encryption and Decryption
Single shot API to decrypt the bytes in ct
with the private key sk_r
.
Note that this API expects the public key to be encoded. This differs from the RFC. But the public keys will be present in encoded form rather than raw form such that it doesn’t make sense to deserialize before passing it in.
Returns the decrypted plain text, or an error.
sourcepub fn send_export(
&mut self,
pk_r: &HpkePublicKey,
info: &[u8],
psk: Option<&[u8]>,
psk_id: Option<&[u8]>,
sk_s: Option<&HpkePrivateKey>,
exporter_context: &[u8],
length: usize
) -> Result<(Vec<u8>, Vec<u8>), HpkeError>
pub fn send_export( &mut self, pk_r: &HpkePublicKey, info: &[u8], psk: Option<&[u8]>, psk_id: Option<&[u8]>, sk_s: Option<&HpkePrivateKey>, exporter_context: &[u8], length: usize ) -> Result<(Vec<u8>, Vec<u8>), HpkeError>
- Single-Shot APIs 6.2. Secret Export
Single shot API to derive an exporter secret for receiver with public key
pk_r
.
Note that this API expects the public key to be encoded. This differs from the RFC. But the public keys will be present in encoded form rather than raw form such that it doesn’t make sense to deserialize before passing it in.
Returns the encapsulated secret and the exporter secret for the given exporter context and length.
sourcepub fn receiver_export(
&self,
enc: &[u8],
sk_r: &HpkePrivateKey,
info: &[u8],
psk: Option<&[u8]>,
psk_id: Option<&[u8]>,
pk_s: Option<&HpkePublicKey>,
exporter_context: &[u8],
length: usize
) -> Result<Vec<u8>, HpkeError>
pub fn receiver_export( &self, enc: &[u8], sk_r: &HpkePrivateKey, info: &[u8], psk: Option<&[u8]>, psk_id: Option<&[u8]>, pk_s: Option<&HpkePublicKey>, exporter_context: &[u8], length: usize ) -> Result<Vec<u8>, HpkeError>
- Single-Shot APIs 6.2. Secret Export
Single shot API to derive an exporter secret for receiver with private key
sk_r
.
Note that this API expects the public key to be encoded. This differs from the RFC. But the public keys will be present in encoded form rather than raw form such that it doesn’t make sense to deserialize before passing it in.
Returns the exporter secret for the given exporter context and length.
sourcepub fn key_schedule(
&self,
shared_secret: &[u8],
info: &[u8],
psk: &[u8],
psk_id: &[u8]
) -> Result<Context<Crypto>, HpkeError>
pub fn key_schedule( &self, shared_secret: &[u8], info: &[u8], psk: &[u8], psk_id: &[u8] ) -> Result<Context<Crypto>, HpkeError>
Creating the Encryption Context Generate the HPKE context from the given input.
sourcepub fn generate_key_pair(&mut self) -> Result<HpkeKeyPair, HpkeError>
pub fn generate_key_pair(&mut self) -> Result<HpkeKeyPair, HpkeError>
- Cryptographic Dependencies
Randomized algorithm to generate a key pair
(skX, pkX)
for the KEM. This is equivalent toderive_key_pair(random_vector(sk.len()))
Returns an HpkeKeyPair
.
sourcepub fn derive_key_pair(&self, ikm: &[u8]) -> Result<HpkeKeyPair, HpkeError>
pub fn derive_key_pair(&self, ikm: &[u8]) -> Result<HpkeKeyPair, HpkeError>
7.1.2. DeriveKeyPair Derive a key pair for the used KEM with the given input key material.
Returns an HpkeKeyPair
result or an HpkeError
if key derivation fails.