[All] - [crypto_errno] - [keypair_encoding] - [publickey_encoding] - [secretkey_encoding] - [signature_encoding] - [algorithm_type] - [version] - [size] - [timestamp] - [u64] - [array_output] - [options] - [secrets_manager] - [keypair] - [signature_state] - [signature] - [publickey] - [secretkey] - [signature_verification_state] - [symmetric_state] - [symmetric_key] - [symmetric_tag] - [opt_options_u] - [opt_options] - [opt_symmetric_key_u] - [opt_symmetric_key] - [kx_keypair] - [kx_publickey] - [kx_secretkey]
[All] - [kx_dh()] - [kx_encapsulate()] - [kx_decapsulate()]
Enumeration with tag type: u16, and the following members:
success:crypto_errnoguest_error:crypto_errnonot_implemented:crypto_errnounsupported_feature:crypto_errnoprohibited_operation:crypto_errnounsupported_encoding:crypto_errnounsupported_algorithm:crypto_errnounsupported_option:crypto_errnoinvalid_key:crypto_errnoinvalid_length:crypto_errnoverification_failed:crypto_errnorng_error:crypto_errnoalgorithm_failure:crypto_errnoinvalid_signature:crypto_errnoclosed:crypto_errnoinvalid_handle:crypto_errnooverflow:crypto_errnointernal_error:crypto_errnotoo_many_handles:crypto_errnokey_not_supported:crypto_errnokey_required:crypto_errnoinvalid_tag:crypto_errnoinvalid_operation:crypto_errnononce_required:crypto_errnoinvalid_nonce:crypto_errnooption_not_set:crypto_errnonot_found:crypto_errnoparameters_missing:crypto_errnoin_progress:crypto_errnoincompatible_keys:crypto_errnoexpired:crypto_errno
Error codes.
Enumeration with tag type: u16, and the following members:
raw:keypair_encodingpkcs8:keypair_encodingpem:keypair_encodinglocal:keypair_encoding
Encoding to use for importing or exporting a key pair.
Enumeration with tag type: u16, and the following members:
raw:publickey_encodingpkcs8:publickey_encodingpem:publickey_encodingsec:publickey_encodinglocal:publickey_encoding
Encoding to use for importing or exporting a public key.
Enumeration with tag type: u16, and the following members:
raw:secretkey_encodingpkcs8:secretkey_encodingpem:secretkey_encodingsec:secretkey_encodinglocal:secretkey_encoding
Encoding to use for importing or exporting a secret key.
Enumeration with tag type: u16, and the following members:
raw:signature_encodingder:signature_encoding
Encoding to use for importing or exporting a signature.
Enumeration with tag type: u16, and the following members:
signatures:algorithm_typesymmetric:algorithm_typekey_exchange:algorithm_type
An algorithm category.
Alias for u64.
Version of a managed key.
A version can be an arbitrary
u64integer, with the expection of some reserved values.
Alias for usize.
Size of a value.
Alias for u64.
A UNIX timestamp, in seconds since 01/01/1970.
Alias for u64.
A 64-bit value
Alias for handle.
Handle for functions returning output whose size may be large or not known in advance.
An
array_outputobject contains a host-allocated byte array.A guest can get the size of that array after a function returns in order to then allocate a buffer of the correct size. In addition, the content of such an object can be consumed by a guest in a streaming fashion.
An
array_outputhandle is automatically closed after its full content has been consumed.
Alias for handle.
A set of options.
This type is used to set non-default parameters.
The exact set of allowed options depends on the algorithm being used.
Alias for handle.
A handle to the optional secrets management facilities offered by a host.
This is used to generate, retrieve and invalidate managed keys.
Alias for handle.
A key pair.
Alias for handle.
A state to absorb data to be signed.
After a signature has been computed or verified, the state remains valid for further operations.
A subsequent signature would sign all the data accumulated since the creation of the state object.
Alias for handle.
A signature.
Alias for handle.
A public key, for key exchange and signature verification.
Alias for handle.
A secret key, for key exchange mechanisms.
Alias for handle.
A state to absorb signed data to be verified.
Alias for handle.
A state to perform symmetric operations.
The state is not reset nor invalidated after an option has been performed. Incremental updates and sessions are thus supported.
Alias for handle.
A symmetric key.
The key can be imported from raw bytes, or can be a reference to a managed key.
If it was imported, the host will wipe it from memory as soon as the handle is closed.
Alias for handle.
An authentication tag.
This is an object returned by functions computing authentication tags.
A tag can be compared against another tag (directly supplied as raw bytes) in constant time with the
symmetric_tag_verify()function.This object type can't be directly created from raw bytes. They are only returned by functions computing MACs.
The host is reponsible for securely wiping them from memory on close.
Enumeration with tag type: u8, and the following members:
some:opt_options_unone:opt_options_u
Options index, only required by the Interface Types translation layer.
Tagged union with tag type: u8 and the following possibilities:
some:optionsnone: (empty)
An optional options set.
This union simulates an
Option\<Options\>type to make theoptionsparameter of some functions optional.
Enumeration with tag type: u8, and the following members:
some:opt_symmetric_key_unone:opt_symmetric_key_u
Symmetric key index, only required by the Interface Types translation layer.
Tagged union with tag type: u8 and the following possibilities:
some:symmetric_keynone: (empty)
An optional symmetric key.
This union simulates an
Option\<SymmetricKey\>type to make thesymmetric_keyparameter of some functions optional.
Alias for handle.
$kx_keypairis just an alias for$keypairHowever, bindings may want to define a specialized type
kx_keypairas a super class ofkeypair.
Alias for handle.
$kx_publickeyis just an alias for$publickeyHowever, bindings may want to define a specialized type
kx_publickeyas a super class ofpublickey, with additional methods such asdh.
Alias for handle.
$kx_secretkeyis just an alias for$secretkeyHowever, bindings may want to define a specialized type
kx_secretkeyas a super class ofsecretkeykey, with additional methods such asdh.
Returned error type: crypto_errno
array_outputmutable pointer
Perform a simple Diffie-Hellman key exchange.
Both keys must be of the same type, or else the
$crypto_errno.incompatible_keyserror is returned. The algorithm also has to support this kind of key exchange. If this is not the case, the$crypto_errno.invalid_operationerror is returned.Otherwide, a raw shared key is returned, and can be imported as a symmetric key.
Returned error type: crypto_errno
pk:publickey
array_outputmutable pointerarray_outputmutable pointer
Create a shared secret and encrypt it for the given public key.
This operation is only compatible with specific algorithms. If a selected algorithm doesn't support it,
$crypto_errno.invalid_operationis returned.On success, both the shared secret and its encrypted version are returned.
Returned error type: crypto_errno
array_outputmutable pointer
Decapsulate an encapsulated secret crated with
kx_encapsulateReturn the secret, or
$crypto_errno.verification_failedon error.