StreamingEncryptingKey

aws_lc_rs::cipher

Struct StreamingEncryptingKey 

Source 
pub struct StreamingEncryptingKey { /* private fields */ }
Expand description

A key for streaming encryption operations.

Implementations§

Source§

impl StreamingEncryptingKey

Source

pub fn update<'a>( &mut self, input: &[u8], output: &'a mut [u8], ) -> Result<BufferUpdate<'a>, Unspecified>

Updates the internal state of the key with the provided plaintext input, potentially writing bytes of ciphertext to output.

The number of bytes written to output can be up to input.len() plus the block length of the algorithm (e.g., Algorithm::block_len) minus one.

§Errors
  • Returns an error if the output buffer is smaller than the length of the input plus the algorithm’s block length (e.g. Algorithm::block_len) minus one.
  • May return an error if the length of input plus the algorithm’s block length is larger than i32::MAX.
Source

pub fn less_safe_update<'a>( &mut self, input: &[u8], output: &'a mut [u8], ) -> Result<BufferUpdate<'a>, Unspecified>

Updates the internal state of the key with the provided plaintext input, potentially writing bytes of ciphertext to output.

This function has looser output buffer size requirements than Self::update, calculating the minimum required size based on the total bytes of output generated and the cipher’s block length. This is considered “less safe” because it’s based on assumptions about the state of the underlying operations.

The minimum output buffer size is calculated based on how many bytes are needed to reach the next block boundary after processing the input. If next_total is the sum of bytes already generated plus input.len(), then the minimum size is: input.len() + ((block_len - (next_total % block_len)) % block_len)

§Errors

Returns an error if the output buffer is smaller than the calculated minimum size, if the total output length overflows, or if the length of input is larger than i32::MAX.

§Panics

Panics if the number of bytes written by the cipher operation exceeds the output buffer length.

Source

pub fn finish( self, output: &mut [u8], ) -> Result<(DecryptionContext, BufferUpdate<'_>), Unspecified>

Finishes the encryption operation, writing any remaining ciphertext to output.

The number of bytes written to output can be up to the block length of Algorithm::block_len.

§Errors
  • Returns an error if the output buffer is smaller than the algorithm’s block length.
Source

pub fn mode(&self) -> OperatingMode

Returns the cipher operating mode.

Source

pub fn algorithm(&self) -> &'static Algorithm

Returns the cipher algorithm.

Source

pub fn ctr(key: UnboundCipherKey) -> Result<Self, Unspecified>

Constructs a StreamingEncryptingKey for encrypting data using the CTR cipher mode. The resulting ciphertext will be the same length as the plaintext.

§Errors

Returns and error on an internal failure.

Source

pub fn less_safe_ctr( key: UnboundCipherKey, context: EncryptionContext, ) -> Result<Self, Unspecified>

Constructs a StreamingEncryptingKey for encrypting data using the CTR cipher mode. The resulting ciphertext will be the same length as the plaintext.

This is considered less safe because the caller could potentially construct an EncryptionContext from a previously used initialization vector (IV).

§Errors

Returns an error on an internal failure.

Source

pub fn cbc_pkcs7(key: UnboundCipherKey) -> Result<Self, Unspecified>

Constructs a StreamingEncryptingKey for encrypting data using the CBC cipher mode with pkcs7 padding. The resulting ciphertext will be longer than the plaintext; padding is added to fill the next block of ciphertext.

§Errors

Returns an error on an internal failure.

Source

pub fn cfb128(key: UnboundCipherKey) -> Result<Self, Unspecified>

Constructs a StreamingEncryptingKey for encrypting data using the CFB128 cipher mode. The resulting ciphertext will be the same length as the plaintext.

§Errors

Returns and error on an internal failure.

Source

pub fn ecb_pkcs7(key: UnboundCipherKey) -> Result<Self, Unspecified>

Constructs a StreamingEncryptingKey for encrypting using ECB cipher mode with PKCS7 padding. The resulting plaintext will be the same length as the ciphertext.

§☠️ ️️️DANGER ☠️

Offered for computability purposes only. This is an extremely dangerous mode, and very likely not what you want to use.

§Errors

Returns an error on an internal failure.

Source

pub fn less_safe_cfb128( key: UnboundCipherKey, context: EncryptionContext, ) -> Result<Self, Unspecified>

Constructs a StreamingEncryptingKey for encrypting data using the CFB128 cipher mode. The resulting ciphertext will be the same length as the plaintext.

This is considered less safe because the caller could potentially construct an EncryptionContext from a previously used initialization vector (IV).

§Errors

Returns an error on an internal failure.

Source

pub fn less_safe_cbc_pkcs7( key: UnboundCipherKey, context: EncryptionContext, ) -> Result<Self, Unspecified>

Constructs a StreamingEncryptingKey for encrypting data using the CBC cipher mode with pkcs7 padding. The resulting ciphertext will be longer than the plaintext; padding is added to fill the next block of ciphertext.

This is considered less safe because the caller could potentially construct an EncryptionContext from a previously used initialization vector (IV).

§Errors

Returns an error on an internal failure.

Trait Implementations§

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.