Struct LessSafeKey

Source

pub struct LessSafeKey { /* private fields */ }

Expand description

Immutable keys for use in situations where OpeningKey/SealingKey and NonceSequence cannot reasonably be used.

Prefer RandomizedNonceKey when practical.

Implementations§

Source §

impl LessSafeKey

Source

pub fn new(key: UnboundKey) -> Self

Constructs a LessSafeKey from an UnboundKey.

Source

pub fn open_in_place<'in_out, A>( &self, nonce: Nonce, aad: Aad<A>, in_out: &'in_out mut [u8], ) -> Result<&'in_out mut [u8], Unspecified>
where A: AsRef<[u8]>,

Like OpeningKey::open_in_place(), except it accepts an arbitrary nonce.

nonce must be unique for every use of the key to open data.

Prefer RandomizedNonceKey::open_in_place.

§Errors

error::Unspecified when ciphertext is invalid.

Source

pub fn open_within<'in_out, A>( &self, nonce: Nonce, aad: Aad<A>, in_out: &'in_out mut [u8], ciphertext_and_tag: RangeFrom<usize>, ) -> Result<&'in_out mut [u8], Unspecified>
where A: AsRef<[u8]>,

Like OpeningKey::open_within(), except it accepts an arbitrary nonce.

nonce must be unique for every use of the key to open data.

Prefer RandomizedNonceKey::open_in_place.

§Errors

error::Unspecified when ciphertext is invalid.

Source

pub fn open_separate_gather<A>( &self, nonce: Nonce, aad: Aad<A>, in_ciphertext: &[u8], in_tag: &[u8], out_plaintext: &mut [u8], ) -> Result<(), Unspecified>
where A: AsRef<[u8]>,

Authenticates and decrypts (“opens”) data into another provided slice.

aad is the additional authenticated data (AAD), if any.

On input, in_ciphertext must be the ciphertext. The tag must be provided in in_tag.

The out_plaintext length must match the provided in_ciphertext.

§Errors

error::Unspecified when ciphertext is invalid. In this case, out_plaintext may have been overwritten in an unspecified way.

Source

pub fn seal_in_place<A, InOut>( &self, nonce: Nonce, aad: Aad<A>, in_out: &mut InOut, ) -> Result<(), Unspecified>
where A: AsRef<[u8]>, InOut: AsMut<[u8]> + for<'in_out> Extend<&'in_out u8>,

👎Deprecated: Renamed to seal_in_place_append_tag.

Deprecated. Renamed to seal_in_place_append_tag().

Prefer RandomizedNonceKey::seal_in_place_append_tag.

Source

pub fn seal_in_place_append_tag<A, InOut>( &self, nonce: Nonce, aad: Aad<A>, in_out: &mut InOut, ) -> Result<(), Unspecified>
where A: AsRef<[u8]>, InOut: AsMut<[u8]> + for<'in_out> Extend<&'in_out u8>,

Like SealingKey::seal_in_place_append_tag(), except it accepts an arbitrary nonce.

nonce must be unique for every use of the key to seal data.

Prefer RandomizedNonceKey::seal_in_place_append_tag.

§Errors

error::Unspecified if encryption operation fails.

Source

pub fn seal_in_place_separate_tag<A>( &self, nonce: Nonce, aad: Aad<A>, in_out: &mut [u8], ) -> Result<Tag, Unspecified>
where A: AsRef<[u8]>,

Like SealingKey::seal_in_place_separate_tag(), except it accepts an arbitrary nonce.

nonce must be unique for every use of the key to seal data.

Prefer RandomizedNonceKey::seal_in_place_separate_tag.

§Errors

error::Unspecified if encryption operation fails.

Source

pub fn seal_in_place_scatter<A>( &self, nonce: Nonce, aad: Aad<A>, in_out: &mut [u8], extra_in: &[u8], extra_out_and_tag: &mut [u8], ) -> Result<(), Unspecified>
where A: AsRef<[u8]>,

Encrypts and signs (“seals”) data in place with extra plaintext.

aad is the additional authenticated data (AAD), if any. This is authenticated but not encrypted. The type A could be a byte slice &[u8], a byte array [u8; N] for some constant N, Vec<u8>, etc. If there is no AAD then use Aad::empty().

The plaintext is given as the input value of in_out and extra_in. seal_in_place() will overwrite the plaintext contained in in_out with the ciphertext. The extra_in will be encrypted into the extra_out_and_tag, along with the tag. The extra_out_and_tag length must be equal to the extra_len and self.algorithm.tag_len().

nonce must be unique for every use of the key to seal data.