pub struct SealingKey<N: NonceSequence> { /* private fields */ }Expand description
An AEAD key for encrypting and signing (“sealing”), bound to a nonce sequence.
Intentionally not Clone or Copy since cloning would allow duplication
of the nonce sequence.
Prefer RandomizedNonceKey for sealing operations.
Implementations§
Source§impl<N: NonceSequence> SealingKey<N>
impl<N: NonceSequence> SealingKey<N>
Sourcepub fn seal_in_place<A, InOut>(
&mut self,
aad: Aad<A>,
in_out: &mut InOut,
) -> Result<(), Unspecified>
👎Deprecated: Renamed to seal_in_place_append_tag.
pub fn seal_in_place<A, InOut>( &mut self, aad: Aad<A>, in_out: &mut InOut, ) -> Result<(), Unspecified>
seal_in_place_append_tag.Deprecated. Renamed to seal_in_place_append_tag.
Prefer RandomizedNonceKey::seal_in_place_append_tag.
§Errors
See seal_in_place_append_tag
Sourcepub fn seal_in_place_append_tag<A, InOut>(
&mut self,
aad: Aad<A>,
in_out: &mut InOut,
) -> Result<(), Unspecified>
pub fn seal_in_place_append_tag<A, InOut>( &mut self, aad: Aad<A>, in_out: &mut InOut, ) -> Result<(), Unspecified>
Encrypts and signs (“seals”) data in place, appending the tag to the resulting ciphertext.
key.seal_in_place_append_tag(aad, in_out) is equivalent to:
key.seal_in_place_separate_tag(aad, in_out.as_mut())
.map(|tag| in_out.extend(tag.as_ref()))Prefer RandomizedNonceKey::seal_in_place_append_tag.
§Errors
error::Unspecified when nonce_sequence cannot be advanced.
Sourcepub fn seal_in_place_separate_tag<A>(
&mut self,
aad: Aad<A>,
in_out: &mut [u8],
) -> Result<Tag, Unspecified>
pub fn seal_in_place_separate_tag<A>( &mut self, aad: Aad<A>, in_out: &mut [u8], ) -> Result<Tag, Unspecified>
Encrypts and signs (“seals”) data in place.
aad is the additional authenticated data (AAD), if any. This is
authenticated but not encrypted. The type A could be a byte slice
&[u8], a byte array [u8; N] for some constant N, Vec<u8>, etc.
If there is no AAD then use Aad::empty().
The plaintext is given as the input value of in_out. seal_in_place()
will overwrite the plaintext with the ciphertext and return the tag.
For most protocols, the caller must append the tag to the ciphertext.
The tag will be self.algorithm.tag_len() bytes long.
Prefer RandomizedNonceKey::seal_in_place_separate_tag.
§Errors
error::Unspecified when nonce_sequence cannot be advanced.
Sourcepub fn prepare_nonce(
&mut self,
) -> Result<SealingKeyPreparedNonce<'_, N>, Unspecified>
pub fn prepare_nonce( &mut self, ) -> Result<SealingKeyPreparedNonce<'_, N>, Unspecified>
Returns a SealingKeyPreparedNonce containing the next computed Nonce consumed from NonceSequence.
The encapsulated Nonce will be used if and only if either
SealingKeyPreparedNonce::seal_in_place_append_tag or SealingKeyPreparedNonce::seal_in_place_separate_tag
are invoked. Dropping SealingKeyPreparedNonce without invoking either method results in the nonce remaining
consumed and unused within the associated NonceSequence. Subsequent calls to SealingKey methods will
always use a proceeding nonce from the NonceSequence regardless of whether
a SealingKeyPreparedNonce is consumed or not.
§Errors
Unspecified if there is a failure computing the nonce for the next operation, i.e. NonceSequence exhausted.