// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. // Copyright by contributors to this project. // SPDX-License-Identifier: (Apache-2.0 OR MIT)
usecrate::error::IntoAnyError; use alloc::vec; use alloc::vec::Vec; use core::{
fmt::{self, Debug},
ops::Deref,
}; use mls_rs_codec::{MlsDecode, MlsEncode, MlsSize}; use zeroize::{ZeroizeOnDrop, Zeroizing};
/// The HPKE context for sender outputted by [hpke_setup_s](CipherSuiteProvider::hpke_setup_s). /// The context internally stores the secrets generated by [hpke_setup_s](CipherSuiteProvider::hpke_setup_s). /// /// This trait corresponds to ContextS from RFC 9180. #[cfg_attr(not(mls_build_async), maybe_async::must_be_sync)] #[cfg_attr(all(target_arch = "wasm32", mls_build_async), maybe_async::must_be_async(?Send))] #[cfg_attr(
all(not(target_arch = "wasm32"), mls_build_async),
maybe_async::must_be_async
)] pubtrait HpkeContextS { type Error: IntoAnyError;
/// Encrypt `data` using the cipher key of the context with optional `aad`. /// This function should internally increment the sequence number. asyncfn seal(&mutself, aad: Option<&[u8]>, data: &[u8]) -> Result<Vec<u8>, Self::Error>;
/// Export a secret from the context for the given `exporter_context`. asyncfn export(&self, exporter_context: &[u8], len: usize) -> Result<Vec<u8>, Self::Error>;
}
/// The HPKE context for receiver outputted by [hpke_setup_r](CipherSuiteProvider::hpke_setup_r). /// The context internally stores secrets received from the sender by [hpke_setup_r](CipherSuiteProvider::hpke_setup_r). /// /// This trait corresponds to ContextR from RFC 9180. #[cfg_attr(not(mls_build_async), maybe_async::must_be_sync)] #[cfg_attr(all(target_arch = "wasm32", mls_build_async), maybe_async::must_be_async(?Send))] #[cfg_attr(
all(not(target_arch = "wasm32"), mls_build_async),
maybe_async::must_be_async
)] pubtrait HpkeContextR { type Error: IntoAnyError;
/// Decrypt `ciphertext` using the cipher key of the context with optional `aad`. /// This function should internally increment the sequence number. asyncfn open(&mutself, aad: Option<&[u8]>, ciphertext: &[u8])
-> Result<Vec<u8>, Self::Error>;
/// Export a secret from the context for the given `exporter_context`. asyncfn export(&self, exporter_context: &[u8], len: usize) -> Result<Vec<u8>, Self::Error>;
}
/// Byte representation of a signature public key. For ciphersuites using elliptic curves, /// the public key should be represented in the uncompressed format. #[derive(Clone, PartialEq, Eq, Hash, Ord, PartialOrd, MlsSize, MlsEncode, MlsDecode)] #[cfg_attr(feature = "arbitrary", derive(arbitrary::Arbitrary))] // #[cfg_attr(all(feature = "ffi", not(test)), ::safer_ffi_gen::ffi_type(opaque))] #[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))] pubstruct SignaturePublicKey( #[mls_codec(with = "mls_rs_codec::byte_vec")] #[cfg_attr(feature = "serde", serde(with = "crate::vec_serde"))]
Vec<u8>,
);
/// Provides implementations for several ciphersuites via [`CipherSuiteProvider`]. pubtrait CryptoProvider: Send + Sync { type CipherSuiteProvider: CipherSuiteProvider + Clone;
/// Return the list of all supported ciphersuites. fn supported_cipher_suites(&self) -> Vec<CipherSuite>;
/// Generate a [CipherSuiteProvider] for the given `cipher_suite`. fn cipher_suite_provider(&self, cipher_suite: CipherSuite)
-> Option<Self::CipherSuiteProvider>;
}
/// Provides all cryptographic operations required by MLS for a given cipher suite. #[cfg_attr(not(mls_build_async), maybe_async::must_be_sync)] #[cfg_attr(all(target_arch = "wasm32", mls_build_async), maybe_async::must_be_async(?Send))] #[cfg_attr(
all(not(target_arch = "wasm32"), mls_build_async),
maybe_async::must_be_async
)] pubtrait CipherSuiteProvider: Send + Sync { type Error: IntoAnyError;
type HpkeContextS: HpkeContextS + Send + Sync; type HpkeContextR: HpkeContextR + Send + Sync;
/// Return the implemented MLS [CipherSuite](CipherSuite). fn cipher_suite(&self) -> CipherSuite;
/// Compute the hash of `data`. asyncfn hash(&self, data: &[u8]) -> Result<Vec<u8>, Self::Error>;
/// Compute the MAC tag of `data` using the `key` of length [kdf_extract_size](CipherSuiteProvider::kdf_extract_size). /// Verifying a MAC tag of `data` using `key` is done by calling this function /// and checking that the result matches the tag. asyncfn mac(&self, key: &[u8], data: &[u8]) -> Result<Vec<u8>, Self::Error>;
/// Encrypt `data` with public additional authenticated data `aad`, using additional `nonce` /// (sometimes called the initialization vector, IV). The output should include /// the authentication tag, if used by the given AEAD implementation (for example, /// the tag can be appended to the ciphertext). asyncfn aead_seal(
&self,
key: &[u8],
data: &[u8],
aad: Option<&[u8]>,
nonce: &[u8],
) -> Result<Vec<u8>, Self::Error>;
/// Decrypt the `ciphertext` generated by [aead_seal](CipherSuiteProvider::aead_seal). /// This function should return an error if any of the inputs `key`, `aad` or `nonce` does not match /// the corresponding input passed to [aead_seal](CipherSuiteProvider::aead_seal) to generate `ciphertext`. asyncfn aead_open(
&self,
key: &[u8],
ciphertext: &[u8],
aad: Option<&[u8]>,
nonce: &[u8],
) -> Result<Zeroizing<Vec<u8>>, Self::Error>;
/// Return the length of the secret key `key` passed to [aead_seal](CipherSuiteProvider::aead_seal) /// and [aead_open](CipherSuiteProvider::aead_open). fn aead_key_size(&self) -> usize;
/// Return the length of the `nonce` passed to [aead_seal](CipherSuiteProvider::aead_seal) /// and [aead_open](CipherSuiteProvider::aead_open). fn aead_nonce_size(&self) -> usize;
/// Generate a pseudo-random key `prk` extracted from the initial key /// material `ikm`, using an optional random `salt`. The outputted `prk` should have /// [kdf_extract_size](CipherSuiteProvider::kdf_extract_size) bytes. It can be used /// as input to [kdf_expand](CipherSuiteProvider::kdf_expand). /// /// This function corresponds to the HKDF-Extract function from RFC 5869. asyncfn kdf_extract(&self, salt: &[u8], ikm: &[u8])
-> Result<Zeroizing<Vec<u8>>, Self::Error>;
/// Generate key material of the desired length `len` by expanding the given pseudo-random key /// `prk` of length [kdf_extract_size](CipherSuiteProvider::kdf_extract_size). /// The additional input `info` contains optional context data. /// /// This function corresponds to the HKDF-Expand function from RFC 5869. asyncfn kdf_expand(
&self,
prk: &[u8],
info: &[u8],
len: usize,
) -> Result<Zeroizing<Vec<u8>>, Self::Error>;
/// Return the size of pseudo-random key `prk` outputted by [kdf_extract](CipherSuiteProvider::kdf_extract) /// and inputted to [kdf_expand](CipherSuiteProvider::kdf_expand). fn kdf_extract_size(&self) -> usize;
/// Encrypt the plaintext `pt` with optional public additional authenticated data `aad` to the /// public key `remote_key` using additional context information `info` (which can be empty if /// not needed). This function combines the action /// of the [hpke_setup_s](CipherSuiteProvider::hpke_setup_s) and then calling [seal](HpkeContextS::seal) /// on the resulting [HpkeContextS](self::HpkeContextS). /// /// This function corresponds to the one-shot API in base mode in RFC 9180. asyncfn hpke_seal(
&self,
remote_key: &HpkePublicKey,
info: &[u8],
aad: Option<&[u8]>,
pt: &[u8],
) -> Result<HpkeCiphertext, Self::Error>;
/// Decrypt the `ciphertext` generated by [hpke_seal](CipherSuiteProvider::hpke_seal). /// This function combines the action of the [hpke_setup_r](CipherSuiteProvider::hpke_setup_r) /// and then calling [open](HpkeContextR::open) on the resulting [HpkeContextR](self::HpkeContextR). /// /// This function corresponds to the one-shot API in base mode in RFC 9180. asyncfn hpke_open(
&self,
ciphertext: &HpkeCiphertext,
local_secret: &HpkeSecretKey,
local_public: &HpkePublicKey,
info: &[u8],
aad: Option<&[u8]>,
) -> Result<Vec<u8>, Self::Error>;
/// Generate a tuple containing the ciphertext `kem_output` that can /// be used as the input to [hpke_setup_r](CipherSuiteProvider::hpke_setup_r), /// as well as the sender context [HpkeContextS](self::HpkeContextS) that can be /// used to generate AEAD ciphertexts and export keys. /// /// The inputted `remote_key` will normally be generated using /// [kem_derive](CipherSuiteProvider::kem_derive) or /// [kem_generate](CipherSuiteProvider::kem_generate). However, the function /// should return an error if the format is incorrect. /// /// This function corresponds to the SetupBaseS function from RFC 9180. asyncfn hpke_setup_s(
&self,
remote_key: &HpkePublicKey,
info: &[u8],
) -> Result<(Vec<u8>, Self::HpkeContextS), Self::Error>;
/// Receive the ciphertext `kem_output` generated by [hpke_setup_s](CipherSuiteProvider::hpke_setup_s) /// and the `local_secret` corresponding to the `remote_key` used as input to /// [hpke_setup_s](CipherSuiteProvider::hpke_setup_s). The ouput is the receiver context /// [HpkeContextR](self::HpkeContextR) that can be used to decrypt AEAD ciphertexts /// generated by the sender context [HpkeContextS](self::HpkeContextS) outputted by /// [hpke_setup_r](CipherSuiteProvider::hpke_setup_r) /// and export the same keys as that context. /// /// The inputted `local_secret` will normally be generated using /// [kem_derive](CipherSuiteProvider::kem_derive) or /// [kem_generate](CipherSuiteProvider::kem_generate). However, the function /// should return an error if the format is incorrect. /// /// This function corresponds to the SetupBaseR function from RFC 9180. asyncfn hpke_setup_r(
&self,
kem_output: &[u8],
local_secret: &HpkeSecretKey,
local_public: &HpkePublicKey,
/// Derive from the initial key material `ikm` the KEM keys used as inputs to /// [hpke_setup_r](CipherSuiteProvider::hpke_setup_r), /// [hpke_setup_s](CipherSuiteProvider::hpke_setup_s), [hpke_seal](CipherSuiteProvider::hpke_seal) /// and [hpke_open](CipherSuiteProvider::hpke_open). asyncfn kem_derive(&self, ikm: &[u8]) -> Result<(HpkeSecretKey, HpkePublicKey), Self::Error>;
/// Generate fresh KEM keys to be used as inputs to [hpke_setup_r](CipherSuiteProvider::hpke_setup_r), /// [hpke_setup_s](CipherSuiteProvider::hpke_setup_s), [hpke_seal](CipherSuiteProvider::hpke_seal) /// and [hpke_open](CipherSuiteProvider::hpke_open). asyncfn kem_generate(&self) -> Result<(HpkeSecretKey, HpkePublicKey), Self::Error>;
/// Verify that the given byte vector `key` can be decoded as an HPKE public key. fn kem_public_key_validate(&self, key: &HpkePublicKey) -> Result<(), Self::Error>;
/// Fill `out` with random bytes. fn random_bytes(&self, out: &mut [u8]) -> Result<(), Self::Error>;
/// Generate `count` bytes of pseudorandom bytes as a vector. This is a shortcut for /// creating a `Vec<u8>` of `count` bytes and calling [random_bytes](CipherSuiteProvider::random_bytes). fn random_bytes_vec(&self, count: usize) -> Result<Vec<u8>, Self::Error> { letmut vec = vec![0u8; count]; self.random_bytes(&mut vec)?;
Ok(vec)
}
/// Generate fresh signature keys to be used as inputs to [sign](CipherSuiteProvider::sign) /// and [verify](CipherSuiteProvider::verify) asyncfn signature_key_generate(
&self,
) -> Result<(SignatureSecretKey, SignaturePublicKey), Self::Error>;
/// Output a public key corresponding to `secret_key`. asyncfn signature_key_derive_public(
&self,
secret_key: &SignatureSecretKey,
) -> Result<SignaturePublicKey, Self::Error>;
/// Verify that the secret key corresponding to `public_key` created the `signature` over `data`. asyncfn verify(
&self,
public_key: &SignaturePublicKey,
signature: &[u8],
data: &[u8],
) -> Result<(), Self::Error>;
}
Messung V0.5 in Prozent
¤ Dauer der Verarbeitung: 0.29 Sekunden
(vorverarbeitet am 2026-06-19)
¤
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.