[−]Trait recrypt::api::CryptoOps
Encrypt, Decrypt, Transform, and supporting operations.
Required methods
pub fn gen_plaintext(&self) -> Plaintext
Using the random_bytes, generate a random element of G_T, which is one of the rth roots of unity in FP12.
What it means to be an rth root (for Fp256): let curve_order = 6500054969564660373279643874235990574257040605390378638988106296904416679996; (this is "r" -- also defined as the prime for Fr256) let rth_pow = plaintext.pow(curve_order); assert_eq!(rth_pow, Fp12Elem::one()); Note that this cannot be implemented here as we do not define a way to do: Fp12.pow(Fp256)
pub fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
Convert our plaintext into a DecryptedSymmetricKey by hashing it.
Typically you either use derive_private_key
or derive_symmetric_key
but not both.
pub fn derive_private_key(&self, plaintext: &Plaintext) -> PrivateKey
Derive a private key for a plaintext by hashing it and modding it by the prime.
Typically you either use derive_private_key
or derive_symmetric_key
but not both.
pub fn encrypt(
&self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
Encrypt the plaintext to the to_public_key
.
Arguments
plaintext
- value to encrypt.to_public_key
- identity to encrypt to.signing_keypair
- signing keypair of the person (or device) who is encrypting this value
Return
EncryptedValue which can be decrypted by the matching private key of to_public_key
or RecryptErr.
pub fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
Decrypt the value using private_key
.
Arguments
encrypted_value
- value we want to decrypt.private_key
- PrivateKey which we want to use to decrypt the EncryptedValue.
Return
An error if the key didn't match or something was corrupted in the EncryptedValue, otherwise the recovered plaintext.
pub fn transform(
&self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
Transform the value encrypted_value
using the transform_key
.
The returned value can be decrypted by the private key associated to the to_public_key
in the transform_key
.
The transformed value will be signed using the private_signing_key
and will embed
the public_signing_key
into the returned value.
Implementors
impl<R: RandomBytesGen, H: Sha256Hashing, S: Ed25519Signing> CryptoOps for Recrypt<H, S, R>
pub fn gen_plaintext(&self) -> Plaintext
pub fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
pub fn derive_private_key(&self, plaintext: &Plaintext) -> PrivateKey
pub fn encrypt(
&self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
pub fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
pub fn transform(
&self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>