Skip to main content

encrypt_cose

Function encrypt_cose 

Source
pub(crate) fn encrypt_cose(
    algorithm: CoseContentEncryptionAlgorithm,
    builder: CoseEncryptBuilder,
    protected_header: Header,
    plaintext: &[u8],
    cek: &[u8],
) -> Result<CoseEncrypt, CryptoError>
Expand description

Encrypts plaintext into a multi-recipient COSE [CoseEncrypt] message, dispatching to the CoseEncryptCipher selected by algorithm.

The chosen cipher declares its algorithm in the (authenticated) protected header, so decrypt_cose can recover it from the message without the caller specifying it. The caller is expected to have configured the recipient(s) on builder; cek is the content-encryption key and must match the selected cipher’s key length.

If the protected_header declares a ContentFormat::Utf8 content type, the plaintext is padded to a block boundary before encryption to hide its exact length. The corresponding decrypt_cose removes the padding transparently.