Expand description
HPKE
An implementation of HPKE (RFC 9180) with flexible crypto backends.
From the RFC:
This scheme provides a variant of public-key encryption of arbitrary-sized plaintexts for a recipient public key. It also includes three authenticated variants, including one which authenticates possession of a pre-shared key, and two optional ones which authenticate possession of a KEM private key.
Supported HPKE modes
- Base
- PSK
- Auth
- AuthPSK
Supported cipher suites
KEM
- DH KEM x25519
- DH KEM P256
AEAD
- AES GCM 128
- AES GCM 256
- ChaCha20 Poly1305
- Exporter only
KDF
- HKDF SHA-256
- HKDF SHA-384
- HKDF SHA-512
Crypto Backends
This crate does not implement the cryptographic primitives itself. Instead it expects an implementation of the HpkeCrypto trait.
Modules
- Prelude for HPKE. Include this to get access to all the public functions of HPKE.
Structs
- The HPKE context. Note that the RFC currently doesn’t define this. Also see https://github.com/cfrg/draft-irtf-cfrg-hpke/issues/161.
- The HPKE configuration struct. This holds the configuration for HPKE but no state. To use HPKE first instantiate the configuration with
let hpke = Hpke::new(mode, kem_mode, kdf_mode, aead_mode)
. Now one can use thehpke
configuration. - An HPKE key pair has an HPKE private and public key.
- An HPKE private key is a byte vector.
- An HPKE public key is a byte vector.
Enums
- HPKE Error types.
- HPKE supports four modes.
Type Aliases
- HPKEKeyPairDeprecated
- HPKEPrivateKeyDeprecated
- HPKEPublicKeyDeprecated