pub trait Hpke:
Debug
+ Send
+ Sync {
// Required methods
fn seal(
&self,
info: &[u8],
aad: &[u8],
plaintext: &[u8],
pub_key: &HpkePublicKey,
) -> Result<(EncapsulatedSecret, Vec<u8>), Error>;
fn setup_sealer(
&self,
info: &[u8],
pub_key: &HpkePublicKey,
) -> Result<(EncapsulatedSecret, Box<dyn HpkeSealer + 'static>), Error>;
fn open(
&self,
enc: &EncapsulatedSecret,
info: &[u8],
aad: &[u8],
ciphertext: &[u8],
secret_key: &HpkePrivateKey,
) -> Result<Vec<u8>, Error>;
fn setup_opener(
&self,
enc: &EncapsulatedSecret,
info: &[u8],
secret_key: &HpkePrivateKey,
) -> Result<Box<dyn HpkeOpener + 'static>, Error>;
fn generate_key_pair(
&self,
) -> Result<(HpkePublicKey, HpkePrivateKey), Error>;
fn suite(&self) -> HpkeSuite;
// Provided method
fn fips(&self) -> bool { ... }
}展开描述
An HPKE instance that can be 用 用于 base-mode single-shot encryption 并 decryption.
必需方法§
Sourcefn seal(
&self,
info: &[u8],
aad: &[u8],
plaintext: &[u8],
pub_key: &HpkePublicKey,
) -> Result<(EncapsulatedSecret, Vec<u8>), Error>
fn seal( &self, info: &[u8], aad: &[u8], plaintext: &[u8], pub_key: &HpkePublicKey, ) -> Result<(EncapsulatedSecret, Vec<u8>), Error>
Seal the provided 明文 到 the recipient 公钥 pub_key with application supplied
info, 并 additional data aad。
Returns ciphertext that can be 用 with Self::open by the recipient 到 recover 明文
using the same info 并 aad 并 the 私钥 corresponding 到 pub_key。 RFC 9180
refers 到 pub_key as pkR。
Sourcefn setup_sealer(
&self,
info: &[u8],
pub_key: &HpkePublicKey,
) -> Result<(EncapsulatedSecret, Box<dyn HpkeSealer + 'static>), Error>
fn setup_sealer( &self, info: &[u8], pub_key: &HpkePublicKey, ) -> Result<(EncapsulatedSecret, Box<dyn HpkeSealer + 'static>), Error>
Set up 一个 sealer context 用于 the receiver 公钥 pub_key with application supplied info。
Returns both an encapsulated ciphertext 并 一个 sealer context that 可用于 seal
messages 到 the recipient. RFC 9180 refers 到 pub_key as pkR。
Sourcefn open(
&self,
enc: &EncapsulatedSecret,
info: &[u8],
aad: &[u8],
ciphertext: &[u8],
secret_key: &HpkePrivateKey,
) -> Result<Vec<u8>, Error>
fn open( &self, enc: &EncapsulatedSecret, info: &[u8], aad: &[u8], ciphertext: &[u8], secret_key: &HpkePrivateKey, ) -> Result<Vec<u8>, Error>
Open the provided ciphertext using the encapsulated secret enc, with application
supplied info, 并 additional data aad。
Returns 明文 if the info 并 aad match those 用 with Self::seal, 并
decryption with secret_key succeeds. RFC 9180 refers 到 secret_key as skR。
Sourcefn setup_opener(
&self,
enc: &EncapsulatedSecret,
info: &[u8],
secret_key: &HpkePrivateKey,
) -> Result<Box<dyn HpkeOpener + 'static>, Error>
fn setup_opener( &self, enc: &EncapsulatedSecret, info: &[u8], secret_key: &HpkePrivateKey, ) -> Result<Box<dyn HpkeOpener + 'static>, Error>
Set up an opener context 用于 密钥 key secret_key with application supplied info。
Returns an opener context that 可用于 open sealed messages encrypted 到 the
公钥 corresponding 到 secret_key。 RFC 9180 refers 到 secret_key as skR。
Sourcefn generate_key_pair(&self) -> Result<(HpkePublicKey, HpkePrivateKey), Error>
fn generate_key_pair(&self) -> Result<(HpkePublicKey, HpkePrivateKey), Error>
Generate 新 公钥 并 私钥 pair compatible with this HPKE instance.
Key pairs should be encoded as raw big endian fixed length integers sized based on the suite’s DH KEM 算法.