Trait openmls_traits::crypto::OpenMlsCrypto

source · []
pub trait OpenMlsCrypto {

Show 15 methods    fn supports(&self, ciphersuite: Ciphersuite) -> Result<(), CryptoError>;

    fn supported_ciphersuites(&self) -> Vec<Ciphersuite>;

    fn hkdf_extract(
        &self, 
        hash_type: HashType, 
        salt: &[u8], 
        ikm: &[u8]
    ) -> Result<Vec<u8>, CryptoError>;

    fn hkdf_expand(
        &self, 
        hash_type: HashType, 
        prk: &[u8], 
        info: &[u8], 
        okm_len: usize
    ) -> Result<Vec<u8>, CryptoError>;

    fn hash(
        &self, 
        hash_type: HashType, 
        data: &[u8]
    ) -> Result<Vec<u8>, CryptoError>;

    fn aead_encrypt(
        &self, 
        alg: AeadType, 
        key: &[u8], 
        data: &[u8], 
        nonce: &[u8], 
        aad: &[u8]
    ) -> Result<Vec<u8>, CryptoError>;

    fn aead_decrypt(
        &self, 
        alg: AeadType, 
        key: &[u8], 
        ct_tag: &[u8], 
        nonce: &[u8], 
        aad: &[u8]
    ) -> Result<Vec<u8>, CryptoError>;

    fn signature_key_gen(
        &self, 
        alg: SignatureScheme
    ) -> Result<(Vec<u8>, Vec<u8>), CryptoError>;

    fn verify_signature(
        &self, 
        alg: SignatureScheme, 
        data: &[u8], 
        pk: &[u8], 
        signature: &[u8]
    ) -> Result<(), CryptoError>;

    fn sign(
        &self, 
        alg: SignatureScheme, 
        data: &[u8], 
        key: &[u8]
    ) -> Result<Vec<u8>, CryptoError>;

    fn hpke_seal(
        &self, 
        config: HpkeConfig, 
        pk_r: &[u8], 
        info: &[u8], 
        aad: &[u8], 
        ptxt: &[u8]
    ) -> HpkeCiphertext;

    fn hpke_open(
        &self, 
        config: HpkeConfig, 
        input: &HpkeCiphertext, 
        sk_r: &[u8], 
        info: &[u8], 
        aad: &[u8]
    ) -> Result<Vec<u8>, CryptoError>;

    fn hpke_setup_sender_and_export(
        &self, 
        config: HpkeConfig, 
        pk_r: &[u8], 
        info: &[u8], 
        exporter_context: &[u8], 
        exporter_length: usize
    ) -> Result<(KemOutput, ExporterSecret), CryptoError>;

    fn hpke_setup_receiver_and_export(
        &self, 
        config: HpkeConfig, 
        enc: &[u8], 
        sk_r: &[u8], 
        info: &[u8], 
        exporter_context: &[u8], 
        exporter_length: usize
    ) -> Result<ExporterSecret, CryptoError>;

    fn derive_hpke_keypair(&self, config: HpkeConfig, ikm: &[u8]) -> HpkeKeyPair;

}

Required methods

Check whether the Ciphersuite is supported by the backend or not.

Returns a CryptoError::UnsupportedCiphersuite if the ciphersuite is not supported.

Returns the list of supported Ciphersuites.

HKDF extract.

Returns an error if the HashType is not supported.

HKDF expand.

Returns an error if the HashType is not supported or the output length is too long.

Hash the data.

Returns an error if the HashType is not supported.

AEAD encrypt with the given parameters.

Returns an error if the AeadType is not supported or an encryption error occurs.

AEAD decrypt with the given parameters.

Returns an error if the AeadType is not supported or a decryption error occurs.

Generate a signature key.

Returns an error if the SignatureScheme is not supported or the key generation fails.

Verify the signature

Returns an error if the SignatureScheme is not supported or the signature verification fails.

Sign with the given parameters.

Returns an error if the SignatureScheme is not supported or an error occurs during signature generation.

HPKE single-shot encryption of ptxt to pk_r, using info and aad.

HPKE single-shot decryption of input with sk_r, using info and aad.

HPKE single-shot setup of a sender and immediate export a secret.

The encapsulated secret is returned together with the exported secret.

HPKE single-shot setup of a receiver and immediate export a secret.

Returns the exported secret.

Derive a new HPKE keypair from a given input key material.

Implementors