pub trait DeviceCrypto {
// Required methods
fn gen_random(&self, len: usize) -> Result<Vec<u8>>;
fn set_symmetric_key(
&self,
alg_id: u32,
key: &[u8],
) -> Result<Box<dyn ManagedKey>>;
fn ext_ecc_encrypt(
&self,
key: &ECCPublicKeyBlob,
data: &[u8],
) -> Result<ECCEncryptedData>;
fn ext_ecc_decrypt(
&self,
key: &ECCPrivateKeyBlob,
cipher: &ECCEncryptedData,
) -> Result<Vec<u8>>;
fn ext_ecc_sign(
&self,
key: &ECCPrivateKeyBlob,
data: &[u8],
) -> Result<ECCSignatureBlob>;
fn ext_ecc_verify(
&self,
key: &ECCPublicKeyBlob,
data: &[u8],
signature: &ECCSignatureBlob,
) -> Result<()>;
fn ecc_verify(
&self,
key: &ECCPublicKeyBlob,
hash: &[u8],
signature: &ECCSignatureBlob,
) -> Result<()>;
fn ecc_gen_session_key(
&self,
agreement_key: &dyn ManagedKey,
responder_key: &ECCPublicKeyBlob,
responder_tmp_key: &ECCPublicKeyBlob,
responder_id: &[u8],
) -> Result<Box<dyn ManagedKey>>;
}Expand description
Cryptographic services provided by SKF device objects
Required Methods§
Sourcefn gen_random(&self, len: usize) -> Result<Vec<u8>>
fn gen_random(&self, len: usize) -> Result<Vec<u8>>
Generate random data
[len] - The random data length to generate,in bytes
Sourcefn set_symmetric_key(
&self,
alg_id: u32,
key: &[u8],
) -> Result<Box<dyn ManagedKey>>
fn set_symmetric_key( &self, alg_id: u32, key: &[u8], ) -> Result<Box<dyn ManagedKey>>
Sourcefn ext_ecc_encrypt(
&self,
key: &ECCPublicKeyBlob,
data: &[u8],
) -> Result<ECCEncryptedData>
fn ext_ecc_encrypt( &self, key: &ECCPublicKeyBlob, data: &[u8], ) -> Result<ECCEncryptedData>
Encrypt data,using external ecc public key
[key] - The public key
[data] - The data to encrypt
Sourcefn ext_ecc_decrypt(
&self,
key: &ECCPrivateKeyBlob,
cipher: &ECCEncryptedData,
) -> Result<Vec<u8>>
fn ext_ecc_decrypt( &self, key: &ECCPrivateKeyBlob, cipher: &ECCEncryptedData, ) -> Result<Vec<u8>>
Decrypt data,using external ecc private key
[key] - The private key
[cipher] - The encrypted data,returned by ext_ecc_encrypt
Sourcefn ext_ecc_sign(
&self,
key: &ECCPrivateKeyBlob,
data: &[u8],
) -> Result<ECCSignatureBlob>
fn ext_ecc_sign( &self, key: &ECCPrivateKeyBlob, data: &[u8], ) -> Result<ECCSignatureBlob>
Sign data,using external ecc private key
[key] - The private key
[data] - The data to sign
Sourcefn ext_ecc_verify(
&self,
key: &ECCPublicKeyBlob,
data: &[u8],
signature: &ECCSignatureBlob,
) -> Result<()>
fn ext_ecc_verify( &self, key: &ECCPublicKeyBlob, data: &[u8], signature: &ECCSignatureBlob, ) -> Result<()>
Verify signature,using external ecc public key
[key] - The public key
[data] - The data to verify
[signature] - The signature,returned by ext_ecc_sign
Sourcefn ecc_verify(
&self,
key: &ECCPublicKeyBlob,
hash: &[u8],
signature: &ECCSignatureBlob,
) -> Result<()>
fn ecc_verify( &self, key: &ECCPublicKeyBlob, hash: &[u8], signature: &ECCSignatureBlob, ) -> Result<()>
Verify signature
[key] - The public key
[hash] - The hash value of data.
When using the SM2 algorithm, the data is the result of pre-processing the data to be
signed through the SM2 signature pre-processing. The pre-processing procedure follows GM/T 0009.
[signature] - The signature,returned by ext_ecc_sign
Sourcefn ecc_gen_session_key(
&self,
agreement_key: &dyn ManagedKey,
responder_key: &ECCPublicKeyBlob,
responder_tmp_key: &ECCPublicKeyBlob,
responder_id: &[u8],
) -> Result<Box<dyn ManagedKey>>
fn ecc_gen_session_key( &self, agreement_key: &dyn ManagedKey, responder_key: &ECCPublicKeyBlob, responder_tmp_key: &ECCPublicKeyBlob, responder_id: &[u8], ) -> Result<Box<dyn ManagedKey>>
Key exchange step: generate session key for initiator
see [SKF_GenerateKeyWithECC] for more details
[agreement_key] - The agreement key,returned by SkfContainer::sk_gen_agreement_data
[responder_key] - The responder’s public key
[responder_tmp_key] - The responder’s temporary public key,returned by SkfContainer::sk_gen_agreement_data_and_key
[responder_id] - Responder’s ID,max 32 bytes