Struct KeyEncryptionKey

Source

pub struct KeyEncryptionKey<Cipher: BlockCipher> { /* private fields */ }

Expand description

The key-encryption key used with the selected cipher algorithn to wrap or unwrap a key.

Implements the NIST SP 800-38F key wrapping algoirthm.

The NIST specification is similar to that of RFC 3394 but with the following caveats:

Specifies a maxiumum plaintext length that can be accepted.
Allows implementations to specify a subset of valid lengths accepted.
Allows for the usage of other 128-bit block ciphers other than AES.

Implementations§

Source §

impl<Cipher: BlockCipher> KeyEncryptionKey<Cipher>

Source

pub fn new(cipher: &'static Cipher, key: &[u8]) -> Result<Self, Unspecified>

Construct a new Key Encryption Key.

§Errors

Unspecified: Any error that occurs constructing the key encryption key.

Source

pub fn block_cipher_id(&self) -> BlockCipherId

Returns the block cipher algorithm identifier configured for the key.

Trait Implementations§

Source §

impl<Cipher: BlockCipher> Debug for KeyEncryptionKey<Cipher>

Source §

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Source §

impl KeyWrap for KeyEncryptionKey<AesBlockCipher>

Source §

fn wrap<'output>( self, plaintext: &[u8], output: &'output mut [u8], ) -> Result<&'output mut [u8], Unspecified>

Peforms the key wrap encryption algorithm using KeyEncryptionKey’s configured block cipher. It wraps plaintext and writes the corresponding ciphertext to output.

§Validation

plaintext.len() must be a multiple of eight
output.len() >= (input.len() + 8)

§Errors

Unspecified: An error occurred either due to output being insufficiently sized, input exceeding the allowed input size, or for other unspecified reasons.

Source §

fn unwrap<'output>( self, ciphertext: &[u8], output: &'output mut [u8], ) -> Result<&'output mut [u8], Unspecified>

Peforms the key wrap decryption algorithm using KeyEncryptionKey’s configured block cipher. It unwraps ciphertext and writes the corresponding plaintext to output.

§Validation

ciphertext.len() must be a multiple of 8
output.len() >= (input.len() - 8)

§Errors

Unspecified: An error occurred either due to output being insufficiently sized, input exceeding the allowed input size, or for other unspecified reasons.

Source §

impl KeyWrapPadded for KeyEncryptionKey<AesBlockCipher>

Source §

fn wrap_with_padding<'output>( self, plaintext: &[u8], output: &'output mut [u8], ) -> Result<&'output mut [u8], Unspecified>

Peforms the key wrap padding encryption algorithm using KeyEncryptionKey’s configured block cipher. It wraps and pads plaintext writes the corresponding ciphertext to output.

§Validation

output.len() >= (input.len() + 15)

§Errors

Unspecified: An error occurred either due to output being insufficiently sized, input exceeding the allowed input size, or for other unspecified reasons.

Source §

fn unwrap_with_padding<'output>( self, ciphertext: &[u8], output: &'output mut [u8], ) -> Result<&'output mut [u8], Unspecified>

Peforms the key wrap padding decryption algorithm using KeyEncryptionKey’s configured block cipher. It unwraps the padded ciphertext and writes the corresponding plaintext to output.

§Sizing `output`

output.len() >= input.len().

§Errors

Unspecified: An error occurred either due to output being insufficiently sized, input exceeding the allowed input size, or for other unspecified reasons.