Skip to main content

Aead

pub(crate) trait Aead {
    type Key;
    type Ciphertext;
    type Nonce;

    // Required methods
    fn encrypt(
        key: &Self::Key,
        nonce: &Self::Nonce,
        plaintext: &[u8],
        associated_data: &[u8],
    ) -> Self::Ciphertext;
    fn decrypt(
        key: &Self::Key,
        nonce: &Self::Nonce,
        ciphertext: &Self::Ciphertext,
        associated_data: &[u8],
    ) -> Result<Vec<u8>, CryptoError>;
}
Expand description

Authenticated encryption with associated data (AEAD).

In addition to encrypting and authenticating the plaintext, a cipher implementing this trait authenticates (but does not encrypt) caller-supplied associated data. The exact same associated data must be supplied to decrypt for authentication to succeed.

Required Associated Types§

Source

type Key

Key material used by the cipher.

Source

type Ciphertext

Authenticated ciphertext (the encrypted bytes). The nonce is tracked separately, by the caller.

Source

type Nonce

The per-message nonce. A fresh nonce must be supplied for every encryption under a given key.

Required Methods§

Source

fn encrypt( key: &Self::Key, nonce: &Self::Nonce, plaintext: &[u8], associated_data: &[u8], ) -> Self::Ciphertext

Encrypts plaintext under key with nonce, authenticating associated_data along with the ciphertext.

The same nonce must be supplied to decrypt. A fresh nonce must be used for every message encrypted under a given key.

Source

fn decrypt( key: &Self::Key, nonce: &Self::Nonce, ciphertext: &Self::Ciphertext, associated_data: &[u8], ) -> Result<Vec<u8>, CryptoError>

Authenticates and decrypts ciphertext under key with nonce, verifying associated_data.

Returns CryptoError::KeyDecrypt if authentication fails (including a mismatch of associated_data or nonce) or the ciphertext is malformed.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementors§