pub struct SealingKey<N: NonceSequence> { /* private fields */ }
Expand description
An AEAD key for encrypting and signing (“sealing”), bound to a nonce sequence.
Intentionally not Clone
or Copy
since cloning would allow duplication
of the nonce sequence.
Implementations§
Source§impl<N: NonceSequence> SealingKey<N>
impl<N: NonceSequence> SealingKey<N>
Sourcepub fn seal_in_place_append_tag<A, InOut>(
&mut self,
aad: Aad<A>,
in_out: &mut InOut,
) -> Result<(), Unspecified>
pub fn seal_in_place_append_tag<A, InOut>( &mut self, aad: Aad<A>, in_out: &mut InOut, ) -> Result<(), Unspecified>
Encrypts and signs (“seals”) data in place, appending the tag to the resulting ciphertext.
key.seal_in_place_append_tag(aad, in_out)
is equivalent to:
key.seal_in_place_separate_tag(aad, in_out.as_mut())
.map(|tag| in_out.extend(tag.as_ref()))
Sourcepub fn seal_in_place_separate_tag<A>(
&mut self,
aad: Aad<A>,
in_out: &mut [u8],
) -> Result<Tag, Unspecified>
pub fn seal_in_place_separate_tag<A>( &mut self, aad: Aad<A>, in_out: &mut [u8], ) -> Result<Tag, Unspecified>
Encrypts and signs (“seals”) data in place.
aad
is the additional authenticated data (AAD), if any. This is
authenticated but not encrypted. The type A
could be a byte slice
&[u8]
, a byte array [u8; N]
for some constant N
, Vec<u8>
, etc.
If there is no AAD then use Aad::empty()
.
The plaintext is given as the input value of in_out
. seal_in_place()
will overwrite the plaintext with the ciphertext and return the tag.
For most protocols, the caller must append the tag to the ciphertext.
The tag will be self.algorithm.tag_len()
bytes long.