Trait openmls::prelude::OpenMlsCrypto

pub trait OpenMlsCrypto {
    // Required methods
    fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>;
    fn supported_ciphersuites(&self) -> Vec<Ciphersuite, Global>;
    fn hkdf_extract(
        &self,
        hash_type: HashType,
        salt: &[u8],
        ikm: &[u8]
    ) -> Result<SecretVLBytes, CryptoError>;
    fn hkdf_expand(
        &self,
        hash_type: HashType,
        prk: &[u8],
        info: &[u8],
        okm_len: usize
    ) -> Result<SecretVLBytes, CryptoError>;
    fn hash(
        &self,
        hash_type: HashType,
        data: &[u8]
    ) -> Result<Vec<u8, Global>, CryptoError>;
    fn aead_encrypt(
        &self,
        alg: AeadType,
        key: &[u8],
        data: &[u8],
        nonce: &[u8],
        aad: &[u8]
    ) -> Result<Vec<u8, Global>, CryptoError>;
    fn aead_decrypt(
        &self,
        alg: AeadType,
        key: &[u8],
        ct_tag: &[u8],
        nonce: &[u8],
        aad: &[u8]
    ) -> Result<Vec<u8, Global>, CryptoError>;
    fn signature_key_gen(
        &self,
        alg: SignatureScheme
    ) -> Result<(Vec<u8, Global>, Vec<u8, Global>), CryptoError>;
    fn verify_signature(
        &self,
        alg: SignatureScheme,
        data: &[u8],
        pk: &[u8],
        signature: &[u8]
    ) -> Result<(), CryptoError>;
    fn sign(
        &self,
        alg: SignatureScheme,
        data: &[u8],
        key: &[u8]
    ) -> Result<Vec<u8, Global>, CryptoError>;
    fn hpke_seal(
        &self,
        config: HpkeConfig,
        pk_r: &[u8],
        info: &[u8],
        aad: &[u8],
        ptxt: &[u8]
    ) -> HpkeCiphertext;
    fn hpke_open(
        &self,
        config: HpkeConfig,
        input: &HpkeCiphertext,
        sk_r: &[u8],
        info: &[u8],
        aad: &[u8]
    ) -> Result<Vec<u8, Global>, CryptoError>;
    fn hpke_setup_sender_and_export(
        &self,
        config: HpkeConfig,
        pk_r: &[u8],
        info: &[u8],
        exporter_context: &[u8],
        exporter_length: usize
    ) -> Result<(Vec<u8, Global>, ExporterSecret), CryptoError>;
    fn hpke_setup_receiver_and_export(
        &self,
        config: HpkeConfig,
        enc: &[u8],
        sk_r: &[u8],
        info: &[u8],
        exporter_context: &[u8],
        exporter_length: usize
    ) -> Result<ExporterSecret, CryptoError>;
    fn derive_hpke_keypair(&self, config: HpkeConfig, ikm: &[u8]) -> HpkeKeyPair;
}

Required Methods

fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>

Check whether the Ciphersuite is supported by the backend or not.

Returns a CryptoError::UnsupportedCiphersuite if the ciphersuite is not supported.

fn supported_ciphersuites(&self) -> Vec<Ciphersuite, Global>

Returns the list of supported Ciphersuites.

fn hkdf_extract( &self, hash_type: HashType, salt: &[u8], ikm: &[u8] ) -> Result<SecretVLBytes, CryptoError>

HKDF extract.

Returns an error if the HashType is not supported.

fn hkdf_expand( &self, hash_type: HashType, prk: &[u8], info: &[u8], okm_len: usize ) -> Result<SecretVLBytes, CryptoError>

HKDF expand.

Returns an error if the HashType is not supported or the output length is too long.

fn hash( &self, hash_type: HashType, data: &[u8] ) -> Result<Vec<u8, Global>, CryptoError>

Hash the data.

Returns an error if the HashType is not supported.

fn aead_encrypt( &self, alg: AeadType, key: &[u8], data: &[u8], nonce: &[u8], aad: &[u8] ) -> Result<Vec<u8, Global>, CryptoError>

AEAD encrypt with the given parameters.

Returns an error if the AeadType is not supported or an encryption error occurs.

fn aead_decrypt( &self, alg: AeadType, key: &[u8], ct_tag: &[u8], nonce: &[u8], aad: &[u8] ) -> Result<Vec<u8, Global>, CryptoError>

AEAD decrypt with the given parameters.

Returns an error if the AeadType is not supported or a decryption error occurs.

fn signature_key_gen( &self, alg: SignatureScheme ) -> Result<(Vec<u8, Global>, Vec<u8, Global>), CryptoError>

Generate a signature key.

Returns an error if the SignatureScheme is not supported or the key generation fails.

fn verify_signature( &self, alg: SignatureScheme, data: &[u8], pk: &[u8], signature: &[u8] ) -> Result<(), CryptoError>

Verify the signature

Returns an error if the SignatureScheme is not supported or the signature verification fails.

fn sign( &self, alg: SignatureScheme, data: &[u8], key: &[u8] ) -> Result<Vec<u8, Global>, CryptoError>

Sign with the given parameters.

Returns an error if the SignatureScheme is not supported or an error occurs during signature generation.

fn hpke_seal( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], aad: &[u8], ptxt: &[u8] ) -> HpkeCiphertext

HPKE single-shot encryption of ptxt to pk_r, using info and aad.

fn hpke_open( &self, config: HpkeConfig, input: &HpkeCiphertext, sk_r: &[u8], info: &[u8], aad: &[u8] ) -> Result<Vec<u8, Global>, CryptoError>

HPKE single-shot decryption of input with sk_r, using info and aad.

fn hpke_setup_sender_and_export( &self, config: HpkeConfig, pk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize ) -> Result<(Vec<u8, Global>, ExporterSecret), CryptoError>

HPKE single-shot setup of a sender and immediate export a secret.

The encapsulated secret is returned together with the exported secret.

fn hpke_setup_receiver_and_export( &self, config: HpkeConfig, enc: &[u8], sk_r: &[u8], info: &[u8], exporter_context: &[u8], exporter_length: usize ) -> Result<ExporterSecret, CryptoError>

HPKE single-shot setup of a receiver and immediate export a secret.

Returns the exported secret.

fn derive_hpke_keypair(&self, config: HpkeConfig, ikm: &[u8]) -> HpkeKeyPair

Derive a new HPKE keypair from a given input key material.

Implementors