Module hpke

Hybrid public key encryption (HPKE).

Structs

• AeadKey 🔒
  A newtype wrapper for an unbound AEAD key.
• DhKem 🔒
  A Diffie-Hellman (DH) based Key Encapsulation Mechanism (KEM).
• HpkeAwsLcRs
  HpkeAwsLcRs holds the concrete instantiations of the algorithms specified by the HpkeSuite.
• KemSharedSecret 🔒
  A newtype wrapper for a DH KEM shared secret.
• KeySchedule 🔒
  KeySchedule holds the derived AEAD key, base nonce, and seq number common to both a Sealer and Opener.
• Opener 🔒
  Adapts a KeySchedule and AeadKey for the role of a HpkeOpener.
• Sealer 🔒
  Adapts a KeySchedule and AeadKey for the role of a HpkeSealer.

Enums

• Label 🔒
  Label describes the possible labels for use with labeled_extract_for_expand and labeled_expand.
• LabeledSuiteId 🔒
  LabeledSuiteId describes the possible suite ID values for use with labeled_extract_for_expand and labeled_expand.

Constants

• CHACHA_KEY_LEN 🔒

Statics

• ALL_SUPPORTED_SUITES
  Default [RFC 9180] Hybrid Public Key Encryption (HPKE) suites supported by aws-lc-rs cryptography.
• DH_KEM_P256_HKDF_SHA256 🔒
• DH_KEM_P256_HKDF_SHA256_AES_128
  HPKE suite using ECDH P-256 for agreement, HKDF SHA-256 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
• DH_KEM_P256_HKDF_SHA256_AES_256
  HPKE suite using ECDH P-256 for agreement, HKDF SHA-256 for key derivation and AEAD AES-256-GCM for symmetric encryption.
• DH_KEM_P256_HKDF_SHA256_CHACHA20_POLY1305
  HPKE suite using ECDH P-256 for agreement, HKDF SHA-256 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
• DH_KEM_P384_HKDF_SHA384 🔒
• DH_KEM_P384_HKDF_SHA384_AES_128
  HPKE suite using ECDH P-384 for agreement, HKDF SHA-384 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
• DH_KEM_P384_HKDF_SHA384_AES_256
  HPKE suite using ECDH P-384 for agreement, HKDF SHA-384 for key derivation, and AEAD AES-256-GCM for symmetric encryption.
• DH_KEM_P384_HKDF_SHA384_CHACHA20_POLY1305
  HPKE suite using ECDH P-384 for agreement, HKDF SHA-384 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
• DH_KEM_P521_HKDF_SHA512 🔒
• DH_KEM_P521_HKDF_SHA512_AES_128
  HPKE suite using ECDH P-521 for agreement, HKDF SHA-512 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
• DH_KEM_P521_HKDF_SHA512_AES_256
  HPKE suite using ECDH P-521 for agreement, HKDF SHA-512 for key derivation, and AEAD AES-256-GCM for symmetric encryption.
• DH_KEM_P521_HKDF_SHA512_CHACHA20_POLY1305
  HPKE suite using ECDH P-521 for agreement, HKDF SHA-512 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
• DH_KEM_X25519_HKDF_SHA256 🔒
• DH_KEM_X25519_HKDF_SHA256_AES_128
  HPKE suite using ECDH X25519 for agreement, HKDF SHA-256 for key derivation, and AEAD AES-128-GCM for symmetric encryption.
• DH_KEM_X25519_HKDF_SHA256_AES_256
  HPKE suite using ECDH X25519 for agreement, HKDF SHA-256 for key derivation, and AEAD AES-256-GCM for symmetric encryption.
• DH_KEM_X25519_HKDF_SHA256_CHACHA20_POLY1305
  HPKE suite using ECDH X25519 for agreement, HKDF SHA-256 for key derivation, and AEAD CHACHA20-POLY-1305 for symmetric encryption.
• RING_HKDF_HMAC_SHA256 🔒
• RING_HKDF_HMAC_SHA384 🔒
• RING_HKDF_HMAC_SHA512 🔒

Functions

• generate_key_pair 🔒
• generate_p_curve_key_pair 🔒
  Generate a NIST P-256, P-384 or P-512 key pair expressed as a raw big-endian fixed-length integer.
• generate_x25519_key_pair 🔒
  Generate a X25519 key pair expressed as a raw big-endian fixed-length integer.
• key_rejected_err 🔒
• labeled_expand 🔒
  See RFC 9180 §4 “Cryptographic Dependencies”.
• labeled_extract_for_expand 🔒
  See RFC 9180 §4 “Cryptographic Dependencies”.
• labeled_extract_for_prk 🔒
  See RFC 9180 §4 “Cryptographic Dependencies”.