Expand description
Hybrid public key encryption (HPKE).
Structs§
- AeadKey 🔒
- A newtype wrapper for an unbound AEAD key.
- DhKem 🔒
- A Diffie-Hellman (DH) based Key Encapsulation Mechanism (KEM).
- Hpke
AwsLc Rs HpkeAwsLcRsholds the concrete instantiations of the algorithms specified by the HpkeSuite.- KemShared
Secret 🔒 - A newtype wrapper for a DH KEM shared secret.
- KeySchedule 🔒
- KeySchedule holds the derived AEAD key, base nonce, and seq number common to both a Sealer and Opener.
- Opener 🔒
- Adapts a KeySchedule and AeadKey for the role of a HpkeOpener.
- Sealer 🔒
- Adapts a KeySchedule and AeadKey for the role of a HpkeSealer.
Enums§
- Label 🔒
- Label describes the possible labels for use with labeled_extract_for_expand and labeled_expand.
- Labeled
Suite 🔒Id - LabeledSuiteId describes the possible suite ID values for use with labeled_extract_for_expand and labeled_expand.
Constants§
Statics§
- ALL_
SUPPORTED_ SUITES - Default [RFC 9180] Hybrid Public Key Encryption (HPKE) suites supported by aws-lc-rs cryptography.
- DH_
KEM_ 🔒P256_ HKDF_ SHA256 - DH_
KEM_ P256_ HKDF_ SHA256_ AES_ 128 - HPKE suite using ECDH P-256 for agreement, HKDF SHA-256 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
- DH_
KEM_ P256_ HKDF_ SHA256_ AES_ 256 - HPKE suite using ECDH P-256 for agreement, HKDF SHA-256 for key derivation and AEAD AES-256-GCM for symmetric encryption.
- DH_
KEM_ P256_ HKDF_ SHA256_ CHACH A20_ POLY1305 - HPKE suite using ECDH P-256 for agreement, HKDF SHA-256 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
- DH_
KEM_ 🔒P384_ HKDF_ SHA384 - DH_
KEM_ P384_ HKDF_ SHA384_ AES_ 128 - HPKE suite using ECDH P-384 for agreement, HKDF SHA-384 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
- DH_
KEM_ P384_ HKDF_ SHA384_ AES_ 256 - HPKE suite using ECDH P-384 for agreement, HKDF SHA-384 for key derivation, and AEAD AES-256-GCM for symmetric encryption.
- DH_
KEM_ P384_ HKDF_ SHA384_ CHACH A20_ POLY1305 - HPKE suite using ECDH P-384 for agreement, HKDF SHA-384 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
- DH_
KEM_ 🔒P521_ HKDF_ SHA512 - DH_
KEM_ P521_ HKDF_ SHA512_ AES_ 128 - HPKE suite using ECDH P-521 for agreement, HKDF SHA-512 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
- DH_
KEM_ P521_ HKDF_ SHA512_ AES_ 256 - HPKE suite using ECDH P-521 for agreement, HKDF SHA-512 for key derivation, and AEAD AES-256-GCM for symmetric encryption.
- DH_
KEM_ P521_ HKDF_ SHA512_ CHACH A20_ POLY1305 - HPKE suite using ECDH P-521 for agreement, HKDF SHA-512 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
- DH_
KEM_ 🔒X25519_ HKDF_ SHA256 - DH_
KEM_ X25519_ HKDF_ SHA256_ AES_ 128 - HPKE suite using ECDH X25519 for agreement, HKDF SHA-256 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
- DH_
KEM_ X25519_ HKDF_ SHA256_ AES_ 256 - HPKE suite using ECDH X25519 for agreement, HKDF SHA-256 for key derivation, and AEAD AES-256-GCM for symmetric encryption.
- DH_
KEM_ X25519_ HKDF_ SHA256_ CHACH A20_ POLY1305 - HPKE suite using ECDH X25519 for agreement, HKDF SHA-256 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
- RING_
HKDF_ 🔒HMAC_ SHA256 - RING_
HKDF_ 🔒HMAC_ SHA384 - RING_
HKDF_ 🔒HMAC_ SHA512
Functions§
- generate_
key_ 🔒pair - generate_
p_ 🔒curve_ key_ pair - Generate a NIST P-256, P-384 or P-512 key pair expressed as a raw big-endian fixed-length integer.
- generate_
x25519_ 🔒key_ pair - Generate a X25519 key pair expressed as a raw big-endian fixed-length integer.
- key_
rejected_ 🔒err - labeled_
expand 🔒 - See RFC 9180 §4 “Cryptographic Dependencies”.
- labeled_
extract_ 🔒for_ expand - See RFC 9180 §4 “Cryptographic Dependencies”.
- labeled_
extract_ 🔒for_ prk - See RFC 9180 §4 “Cryptographic Dependencies”.