[−]Trait recrypt::api::CryptoOps
Encrypt, Decrypt, Transform, and supporting operations.
Required methods
fn gen_plaintext(&mut self) -> Plaintext
Using the random_bytes, generate a random element of G_T, which is one of the rth roots of unity in FP12.
What it means to be an rth root (for Fp256): let curve_order = 6500054969564660373279643874235990574257040605390378638988106296904416679996; (this is "r" -- also defined as the prime for Fr256) let rth_pow = plaintext.pow(curve_order); assert_eq!(rth_pow, Fp12Elem::one()); Note that this cannot be implemented here as we do not define a way to do: Fp12.pow(Fp256)
fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
Convert our plaintext into a DecryptedSymmetricKey by hashing it.
Typically you either use derive_private_key
or derive_symmetric_key
but not both.
fn derive_private_key(&self, plaintext: &Plaintext) -> PrivateKey
Derive a private key for a plaintext by hashing it and modding it by the prime.
Typically you either use derive_private_key
or derive_symmetric_key
but not both.
fn encrypt(
&mut self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&mut self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
Encrypt the plaintext to the to_public_key
.
Arguments
plaintext
- value to encrypt.to_public_key
- identity to encrypt to.signing_keypair
- signing keypair of the person (or device) who is encrypting this value
Return
EncryptedValue which can be decrypted by the matching private key of to_public_key
or RecryptErr.
fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
Decrypt the value using private_key
.
Arguments
encrypted_value
- value we want to decrypt.private_key
- PrivateKey which we want to use to decrypt the EncryptedValue.
Return
An error if the key didn't match or something was corrupted in the EncryptedValue, otherwise the recovered plaintext.
fn transform(
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
Transform the value encrypted_value
using the transform_key
.
The returned value can be decrypted by the private key associated to the to_public_key
in the transform_key
.
The transformed value will be signed using the private_signing_key
and will embed
the public_signing_key
into the returned value.
Implementors
impl<R: RandomBytesGen, H: Sha256Hashing, S: Ed25519Signing> CryptoOps for Recrypt<H, S, R>
fn gen_plaintext(&mut self) -> Plaintext
fn derive_symmetric_key(
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
&self,
decrypted_value: &Plaintext
) -> DerivedSymmetricKey
fn derive_private_key(&self, plaintext: &Plaintext) -> PrivateKey
fn encrypt(
&mut self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&mut self,
plaintext: &Plaintext,
to_public_key: &PublicKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
fn decrypt(
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
&self,
encrypted_value: EncryptedValue,
private_key: &PrivateKey
) -> Result<Plaintext, RecryptErr>
fn transform(
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>
&mut self,
encrypted_value: EncryptedValue,
transform_key: TransformKey,
signing_keypair: &SigningKeypair
) -> Result<EncryptedValue, RecryptErr>