Enum Scheme 

#[repr(u8)]
pub enum Scheme {
    Nist = 1,
    Small = 2,
    Secure = 3,
}

The type of Schemes supported by this crate.

They are divided into three categories:

• Small: Where the focus is on optimizing the size of the envelope. Underneath, it creates an envelope using
  • AES-256-GCM as the data encryption algorithm or data encryption key (DEK).
  • ClassicMcEliece348864 as the key encapsulation mechanism (KEM) to produce the key encryption key (KEK).
  • SHAKE256 as the key derivation function (KDF).
  • AES-256-KW to encrypt the DEK with the KEK.
  • The resulting envelope is 96 bytes for the KEM ciphertext, 40 bytes for the wrapped DEK and N bytes for the encrypted data, 16 bytes for the authentication tag.
• Secure: Where the focus is on optimizing security. Underneath, it creates an envelope using
  • AES-256-GCM as the data encryption algorithm or data encryption key (DEK).
  • FrodoKem1344Aes as the key encapsulation mechanism (KEM) to produce the key encryption key (KEK).
  • SHAKE256 as the key derivation function (KDF).
  • AES-256-KW to encrypt the DEK with the KEK.
  • The resulting envelope is 21632 bytes for the KEM ciphertext, 40 bytes for the wrapped DEK and N bytes for the encrypted data, 16 bytes for the authentication tag.
• Nist: Where the focus is on using NIST standardized algorithms. Underneath, it creates an envelope using
  • AES-256-GCM as the data encryption algorithm or data encryption key (DEK).
  • MLKEM768 as the key encapsulation mechanism (KEM) to produce the key encryption key (KEK).
  • SHAKE256 as the key derivation function (KDF).
  • AES-256-KW to encrypt the DEK with the KEK.
  • The resulting envelope is 1088 bytes for the KEM ciphertext, 40 bytes for the wrapped DEK and N bytes for the encrypted data, 16 bytes for the authentication tag.

Nist has a good balance between size and security, while using only NIST standardized algorithms. The key sizes are relatively small and the best performance.

Small is suitable for scenarios where envelope size is a critical factor, however, it requires the largest key sizes.

Secure offers the highest security level, but comes with a significant increase in envelope and key size, and the slowest performance.

Variants

Nist = 1

Enveloped using NIST standardized algorithms.

Small = 2

Enveloped optimized for space.

Secure = 3

Enveloped optimized for security.

Implementations

impl Scheme

pub fn key_pair(&self) -> Result<(PublicKey, SecretKey)>

Generate a new public/private key pair for the specified scheme.

Trait Implementations

impl Archive for Scheme

type Archived = ArchivedScheme

The archived representation of this type.

type Resolver = SchemeResolver

The resolver for this type. It must contain all the additional information from serializing needed to make the archived type from the normal type.

fn resolve(&self, resolver: Self::Resolver, out: Place<Self::Archived>)

Creates the archived version of this value at the given position and writes it to the given output.

const COPY_OPTIMIZATION: CopyOptimization<Self> = _

An optimization flag that allows the bytes of this type to be copied directly to a writer instead of calling serialize.

impl Clone for Scheme

fn clone(&self) -> Scheme

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Scheme

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for Scheme

fn default() -> Scheme

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for Scheme

fn deserialize<D>(d: D) -> Result<Self, D::Error>

where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl<__D: Fallible + ?Sized> Deserialize<Scheme, __D> for Archived<Scheme>

fn deserialize( &self, deserializer: &mut __D, ) -> Result<Scheme, <__D as Fallible>::Error>

Deserializes using the given deserializer

impl Display for Scheme

fn fmt(&self, __derive_more_f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<&Scheme> for Kem

fn from(value: &Scheme) -> Self

Converts to this type from the input type.

impl From<&Scheme> for u8

fn from(scheme: &Scheme) -> Self

Converts to this type from the input type.

impl From<Scheme> for Kem

fn from(scheme: Scheme) -> Self

Converts to this type from the input type.

impl From<Scheme> for u8

fn from(scheme: Scheme) -> Self

Converts to this type from the input type.

impl FromStr for Scheme

type Err = FromStrError

The associated error which can be returned from parsing.

fn from_str(src: &str) -> Result<Self, FromStrError>

Parses a string s to return a value of this type.

impl Hash for Scheme

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl Ord for Scheme

fn cmp(&self, other: &Scheme) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Self

where Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Self

where Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Self

where Self: Sized,

Restrict a value to a certain interval.

impl PartialEq for Scheme

fn eq(&self, other: &Scheme) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd for Scheme

fn partial_cmp(&self, other: &Scheme) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

Tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

Tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

Tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

Tests greater than or equal to (for self and other) and is used by the >= operator.

impl<__S: Fallible + ?Sized> Serialize<__S> for Scheme

fn serialize( &self, serializer: &mut __S, ) -> Result<<Self as Archive>::Resolver, <__S as Fallible>::Error>

Writes the dependencies for the object and returns a resolver that can create the archived type.

impl Serialize for Scheme

fn serialize<S>(&self, s: S) -> Result<S::Ok, S::Error>

where S: Serializer,

Serialize this value into the given Serde serializer.

impl TryFrom<&Kem> for Scheme

type Error = Error

The type returned in the event of a conversion error.

fn try_from(kem: &Kem) -> Result<Self, Self::Error>

Performs the conversion.

impl TryFrom<Algorithm> for Scheme

type Error = Error

The type returned in the event of a conversion error.

fn try_from(alg: Algorithm) -> Result<Self, Self::Error>

Performs the conversion.

impl TryFrom<Scheme> for ()

type Error = TryIntoError<Scheme>

The type returned in the event of a conversion error.

fn try_from(value: Scheme) -> Result<Self, TryIntoError<Scheme>>

Performs the conversion.

impl TryFrom<u8> for Scheme

type Error = TryFromReprError<u8>

The type returned in the event of a conversion error.

fn try_from(val: u8) -> Result<Self, TryFromReprError<u8>>

Performs the conversion.

impl Copy for Scheme

impl Eq for Scheme

impl StructuralPartialEq for Scheme