Trait lakers_shared::Crypto
source · pub trait Crypto: Debug {
// Required methods
fn sha256_digest(
&mut self,
message: &BytesMaxBuffer,
message_len: usize
) -> BytesHashLen;
fn hkdf_expand(
&mut self,
prk: &BytesHashLen,
info: &BytesMaxInfoBuffer,
info_len: usize,
length: usize
) -> BytesMaxBuffer;
fn hkdf_extract(
&mut self,
salt: &BytesHashLen,
ikm: &BytesP256ElemLen
) -> BytesHashLen;
fn aes_ccm_encrypt_tag_8(
&mut self,
key: &BytesCcmKeyLen,
iv: &BytesCcmIvLen,
ad: &[u8],
plaintext: &BufferPlaintext3
) -> BufferCiphertext3;
fn aes_ccm_decrypt_tag_8(
&mut self,
key: &BytesCcmKeyLen,
iv: &BytesCcmIvLen,
ad: &[u8],
ciphertext: &BufferCiphertext3
) -> Result<BufferPlaintext3, EDHOCError>;
fn p256_ecdh(
&mut self,
private_key: &BytesP256ElemLen,
public_key: &BytesP256ElemLen
) -> BytesP256ElemLen;
fn get_random_byte(&mut self) -> u8;
fn p256_generate_key_pair(&mut self) -> (BytesP256ElemLen, BytesP256ElemLen);
}Expand description
Interface between the lakers crate and any implementations of the required crypto primitives.
Sending cryptographic operations through a trait gives the library the flexibility to use hardware acceleration on microcontrollers, implementations that facilitate hacspec/hax verification, or software implementations.
The crypto trait itself operates on an exclusive reference, which is useful for the hardware implementations that can only perform a single operation at a time.
Many implementations will have a Default constructor or will be Clone (even Copy); either facilitates storing multiple EDHOC exchanges at a time. When neither is an option, the remaining options are to wrap a Crypto implementation into interior mutability using the platform’s mutex, or to refactor the main initiator and responder objects into a form where the cryptography implementation can be taken out and stored separately.