Struct aes_kw::Kek

source · 
pub struct Kek<Aes>
where
    Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,
{
    pub(crate) cipher: Aes,
}
Expand description

A Key-Encrypting-Key (KEK) that can be used to wrap and unwrap other keys.

Fields§

§cipher: Aes

Initialized cipher

Implementations§

source§

impl<Aes> Kek<Aes>
where Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,

source

pub fn new(key: &GenericArray<u8, Aes::KeySize>) -> Self

Constructs a new Kek based on the appropriate raw key material.

source

pub fn wrap(&self, data: &[u8], out: &mut [u8]) -> Result<()>

AES Key Wrap, as defined in RFC 3394.

The out buffer will be overwritten, and must be exactly IV_LEN bytes (i.e. 8 bytes) longer than the length of data.

source

pub fn wrap_vec(&self, data: &[u8]) -> Result<Vec<u8>>

Computes Self::wrap, allocating a Vec for the return value.

source

pub fn unwrap(&self, data: &[u8], out: &mut [u8]) -> Result<()>

AES Key Unwrap, as defined in RFC 3394.

The out buffer will be overwritten, and must be exactly IV_LEN bytes (i.e. 8 bytes) shorter than the length of data.

source

pub fn unwrap_vec(&self, data: &[u8]) -> Result<Vec<u8>>

Computes Self::unwrap, allocating a Vec for the return value.

source

pub fn wrap_with_padding(&self, data: &[u8], out: &mut [u8]) -> Result<()>

AES Key Wrap with Padding, as defined in RFC 5649.

The out buffer will be overwritten, and must be the smallest multiple of SEMIBLOCK_SIZE (i.e. 8) which is at least IV_LEN bytes (i.e. 8 bytes) longer than the length of data.

source

pub fn wrap_with_padding_vec(&self, data: &[u8]) -> Result<Vec<u8>>

Computes Self::wrap, allocating a Vec for the return value.

source

pub fn unwrap_with_padding<'a>( &self, data: &[u8], out: &'a mut [u8], ) -> Result<&'a [u8]>

AES Key Wrap with Padding, as defined in RFC 5649.

The out buffer will be overwritten, and must be exactly IV_LEN bytes (i.e. 8 bytes) shorter than the length of data. This method returns a slice of out, truncated to the appropriate length by removing the padding.

source

pub fn unwrap_with_padding_vec(&self, data: &[u8]) -> Result<Vec<u8>>

Computes Self::unwrap, allocating a Vec for the return value.

Trait Implementations§

source§

impl<Aes> Clone for Kek<Aes>
where Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt + Clone,

source§

fn clone(&self) -> Kek<Aes>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<Aes> Debug for Kek<Aes>
where Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt + Debug,

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<Aes> PartialEq for Kek<Aes>
where Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt + PartialEq,

source§

fn eq(&self, other: &Kek<Aes>) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl<Aes> TryFrom<&[u8]> for Kek<Aes>
where Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,

source§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(value: &[u8]) -> Result<Self>

Performs the conversion.
source§

impl<Aes> Copy for Kek<Aes>
where Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt + Copy,

source§

impl<Aes> StructuralPartialEq for Kek<Aes>
where Aes: KeyInit + BlockCipher + BlockSizeUser<BlockSize = U16> + BlockEncrypt + BlockDecrypt,

Auto Trait Implementations§

§

impl<Aes> Freeze for Kek<Aes>
where Aes: Freeze,

§

impl<Aes> RefUnwindSafe for Kek<Aes>
where Aes: RefUnwindSafe,

§

impl<Aes> Send for Kek<Aes>
where Aes: Send,

§

impl<Aes> Sync for Kek<Aes>
where Aes: Sync,

§

impl<Aes> Unpin for Kek<Aes>
where Aes: Unpin,

§

impl<Aes> UnwindSafe for Kek<Aes>
where Aes: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

source§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

source§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.