seal_crypto_wrapper::algorithms::asymmetric::key_agreement

Enum KeyAgreementAlgorithm

pub enum KeyAgreementAlgorithm {
    EcdhP256,
}

Expand description

Key agreement algorithm enumeration.

密钥协商算法枚举。

§Algorithm Selection | 算法选择

Currently supports ECDH P-256, which provides:

High performance on modern hardware
Wide compatibility and standardization
128-bit security level
Efficient implementation

目前支持 ECDH P-256，它提供：

在现代硬件上的高性能
广泛的兼容性和标准化
128 位安全级别
高效的实现

Variants§

EcdhP256

Elliptic Curve Diffie-Hellman over NIST P-256 curve.

基于 NIST P-256 曲线的椭圆曲线 Diffie-Hellman。

§Properties | 属性

Curve: NIST P-256 (secp256r1)
Field Size: 256 bits
Security Level: 128-bit
Key Size: 32 bytes
Shared Secret Size: 32 bytes

§Use Cases | 使用场景

TLS/SSL key exchange
Secure messaging protocols
VPN key establishment
IoT device pairing
TLS/SSL 密钥交换
安全消息协议
VPN 密钥建立
IoT 设备配对

Implementations§

impl KeyAgreementAlgorithm

pub fn build() -> KeyAgreementAlgorithmBuilder

Creates a new key agreement algorithm builder.

创建新的密钥协商算法构建器。

§Returns | 返回值

A builder that provides access to different key agreement algorithms. Use the builder methods to select the specific algorithm needed.

提供访问不同密钥协商算法的构建器。使用构建器方法选择所需的特定算法。

§Examples | 示例

use seal_crypto_wrapper::algorithms::asymmetric::key_agreement::KeyAgreementAlgorithm;

let ecdh = KeyAgreementAlgorithm::build().ecdh_p256();

impl KeyAgreementAlgorithm

pub fn into_wrapper(self) -> KeyAgreementAlgorithmWrapper

Converts the algorithm enum into a concrete wrapper implementation.

将算法枚举转换为具体的包装器实现。

§Purpose | 目的

This method creates a wrapper that implements the key agreement algorithm trait, enabling actual cryptographic operations like key pair generation and shared secret derivation with type safety guarantees.

此方法创建一个实现密钥协商算法 trait 的包装器，启用实际的密码操作，如密钥对生成和共享密钥派生，并提供类型安全保证。

§Returns | 返回值

A KeyAgreementAlgorithmWrapper that can perform:

Key pair generation
Shared secret derivation (key agreement)
Public key validation
Algorithm introspection

可以执行以下操作的 KeyAgreementAlgorithmWrapper：

密钥对生成
共享密钥派生（密钥协商）
公钥验证
算法内省

§Examples | 示例

use seal_crypto_wrapper::algorithms::asymmetric::key_agreement::KeyAgreementAlgorithm;

let algorithm = KeyAgreementAlgorithm::build().ecdh_p256();
let ka = algorithm.into_wrapper();

// Generate key pairs for two parties
let alice_keypair = ka.generate_keypair()?;
let bob_keypair = ka.generate_keypair()?;

// Extract keys
let (alice_public, alice_private) = alice_keypair.into_keypair();
let (bob_public, bob_private) = bob_keypair.into_keypair();

// Both parties derive the same shared secret
let alice_shared = ka.agree(&alice_private, &bob_public)?;
let bob_shared = ka.agree(&bob_private, &alice_public)?;

// Verify they match
assert_eq!(alice_shared, bob_shared);

// Use shared secret for key derivation
// (In practice, use a proper KDF like HKDF)
let encryption_key = &alice_shared[..32]; // First 32 bytes

§Security Best Practices | 安全最佳实践

When using the wrapper:

Validate Public Keys: Always validate received public keys
Use Ephemeral Keys: Generate new keys for each session
Proper Key Derivation: Use HKDF or similar to derive actual keys
Authentication: Combine with signatures for authenticated key exchange

使用包装器时：

验证公钥: 始终验证接收到的公钥
使用临时密钥: 为每个会话生成新密钥
适当的密钥派生: 使用 HKDF 或类似方法派生实际密钥
认证: 结合签名进行认证密钥交换

Trait Implementations§

impl<'de, Context> BorrowDecode<'de, Context> for KeyAgreementAlgorithm

fn borrow_decode<D: BorrowDecoder<'de, Context = Context>>( decoder: &mut D, ) -> Result<Self, DecodeError>

Attempt to decode this type with the given BorrowDecode.

impl Clone for KeyAgreementAlgorithm

fn clone(&self) -> KeyAgreementAlgorithm

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for KeyAgreementAlgorithm

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

impl<Context> Decode<Context> for KeyAgreementAlgorithm

fn decode<D: Decoder<Context = Context>>( decoder: &mut __D, ) -> Result<Self, DecodeError>

Attempt to decode this type with the given Decode.

impl<'de> Deserialize<'de> for KeyAgreementAlgorithm

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

impl Encode for KeyAgreementAlgorithm

fn encode<E: Encoder>(&self, encoder: &mut E) -> Result<(), EncodeError>

Encode a given type.

impl From<KeyAgreementAlgorithm> for KeyAgreementAlgorithmWrapper

fn from(value: KeyAgreementAlgorithm) -> Self

Converts to this type from the input type.

impl Hash for KeyAgreementAlgorithm

fn hash<H: Hasher>(&self, state: &mut H)

Feeds this value into the given Hasher. Read more

1.3.0 · Source§

fn hash_slice<H>(data: &[Self], state: &mut H)
where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher. Read more

impl PartialEq for KeyAgreementAlgorithm

fn eq(&self, other: &KeyAgreementAlgorithm) -> bool

Tests for self and other values to be equal, and is used by ==.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for KeyAgreementAlgorithm

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more

impl Copy for KeyAgreementAlgorithm

impl Eq for KeyAgreementAlgorithm

impl StructuralPartialEq for KeyAgreementAlgorithm

Auto Trait Implementations§

impl Freeze for KeyAgreementAlgorithm

impl RefUnwindSafe for KeyAgreementAlgorithm

impl Send for KeyAgreementAlgorithm

impl Sync for KeyAgreementAlgorithm

impl Unpin for KeyAgreementAlgorithm

impl UnwindSafe for KeyAgreementAlgorithm

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

fn vzip(self) -> V

impl<T> ConditionallySerde for T
where T: Serialize + for<'de> Deserialize<'de>,

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,