Struct proj_crypto::symmetric::State

pub struct State { /* fields omitted */ }

Stores the state of the symmetric encryption system. Memory is zeroed when this goes out of scope

Methods

impl State

fn new(encryption_key: &[u8], authentication_key: &[u8]) -> State

Create a new symmetric::State object.

fn authenticated_encryption(&self,
                            message: &[u8],
                            message_number: u16)
                            -> Vec<u8>

Perform authenticated encryption. The message number is used to select the correct encryption key and as a nonce. Returns the ciphertext.

fn authenticated_decryption(&self,
                            ciphertext: &[u8],
                            message_number: u16)
                            -> Option<Vec<u8>>

Attempt authenticated decryption. Similar semantics to encryption.

fn plain_auth_tag(&self, message: &[u8], message_number: u16) -> [u8; 32]

Un-encrypted authentication for verifying public packet metadata such as the message number and length

fn verify_auth_tag(&self,
                   auth_tag: &[u8],
                   message: &[u8],
                   message_number: u16)
                   -> bool

for verifying tags created by plain_auth_tag

fn increase_iter_to(&mut self, new_n: u16)

Destroy keys up to number n. This is done so that future compromises cannot compromise messages under the older keys and as a performance optimisation to reduce the number of hashes required. As it cannot be undone, this should not be done until the previous iterations of the keys are no-longer needed: for example their messages have all been acknowledged.