1*60b67249SAndroid Build Coastguard Worker // Copyright 2024 Google LLC 2*60b67249SAndroid Build Coastguard Worker // 3*60b67249SAndroid Build Coastguard Worker // Licensed under the Apache License, Version 2.0 (the "License"); you may not 4*60b67249SAndroid Build Coastguard Worker // use this file except in compliance with the License. You may obtain a copy of 5*60b67249SAndroid Build Coastguard Worker // the License at 6*60b67249SAndroid Build Coastguard Worker // 7*60b67249SAndroid Build Coastguard Worker // https://www.apache.org/licenses/LICENSE-2.0 8*60b67249SAndroid Build Coastguard Worker // 9*60b67249SAndroid Build Coastguard Worker // Unless required by applicable law or agreed to in writing, software 10*60b67249SAndroid Build Coastguard Worker // distributed under the License is distributed on an "AS IS" BASIS, WITHOUT 11*60b67249SAndroid Build Coastguard Worker // WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the 12*60b67249SAndroid Build Coastguard Worker // License for the specific language governing permissions and limitations under 13*60b67249SAndroid Build Coastguard Worker // the License. 14*60b67249SAndroid Build Coastguard Worker 15*60b67249SAndroid Build Coastguard Worker //! Defines the Crypto trait and related types. 16*60b67249SAndroid Build Coastguard Worker 17*60b67249SAndroid Build Coastguard Worker use crate::byte_array_wrapper; 18*60b67249SAndroid Build Coastguard Worker use crate::constants::*; 19*60b67249SAndroid Build Coastguard Worker use crate::error::DpeResult; 20*60b67249SAndroid Build Coastguard Worker use crate::memory::{Message, SizedMessage}; 21*60b67249SAndroid Build Coastguard Worker use zeroize::ZeroizeOnDrop; 22*60b67249SAndroid Build Coastguard Worker 23*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!(MacKey, HASH_SIZE, "MAC key"); 24*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!(EncryptionKey, ENCRYPTION_KEY_SIZE, "encryption key"); 25*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!(DhPublicKey, DH_PUBLIC_KEY_SIZE, "DH public key"); 26*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!(DhPrivateKey, DH_PRIVATE_KEY_SIZE, "DH private key"); 27*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!(Hash, HASH_SIZE, "hash"); 28*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!( 29*60b67249SAndroid Build Coastguard Worker SigningPublicKey, 30*60b67249SAndroid Build Coastguard Worker SIGNING_PUBLIC_KEY_SIZE, 31*60b67249SAndroid Build Coastguard Worker "signing public key" 32*60b67249SAndroid Build Coastguard Worker ); 33*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!( 34*60b67249SAndroid Build Coastguard Worker SigningPrivateKey, 35*60b67249SAndroid Build Coastguard Worker SIGNING_PRIVATE_KEY_SIZE, 36*60b67249SAndroid Build Coastguard Worker "signing private key" 37*60b67249SAndroid Build Coastguard Worker ); 38*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!( 39*60b67249SAndroid Build Coastguard Worker SealingPublicKey, 40*60b67249SAndroid Build Coastguard Worker SEALING_PUBLIC_KEY_SIZE, 41*60b67249SAndroid Build Coastguard Worker "sealing public key" 42*60b67249SAndroid Build Coastguard Worker ); 43*60b67249SAndroid Build Coastguard Worker byte_array_wrapper!( 44*60b67249SAndroid Build Coastguard Worker SealingPrivateKey, 45*60b67249SAndroid Build Coastguard Worker SEALING_PRIVATE_KEY_SIZE, 46*60b67249SAndroid Build Coastguard Worker "sealing private key" 47*60b67249SAndroid Build Coastguard Worker ); 48*60b67249SAndroid Build Coastguard Worker 49*60b67249SAndroid Build Coastguard Worker /// A session handshake message. 50*60b67249SAndroid Build Coastguard Worker pub type HandshakeMessage = SizedMessage<MAX_HANDSHAKE_MESSAGE_SIZE>; 51*60b67249SAndroid Build Coastguard Worker /// A session handshake payload. 52*60b67249SAndroid Build Coastguard Worker pub type HandshakePayload = SizedMessage<MAX_HANDSHAKE_PAYLOAD_SIZE>; 53*60b67249SAndroid Build Coastguard Worker /// A signature. 54*60b67249SAndroid Build Coastguard Worker pub type Signature = SizedMessage<MAX_SIGNATURE_SIZE>; 55*60b67249SAndroid Build Coastguard Worker 56*60b67249SAndroid Build Coastguard Worker /// A trait for committing previously staged changes. 57*60b67249SAndroid Build Coastguard Worker pub trait Commit { 58*60b67249SAndroid Build Coastguard Worker /// Commits a previously staged changes. When used with session cipher 59*60b67249SAndroid Build Coastguard Worker /// state, the staged changes are typically counter increments that result 60*60b67249SAndroid Build Coastguard Worker /// from encrypt or decrypt operations. commit(&mut self)61*60b67249SAndroid Build Coastguard Worker fn commit(&mut self); 62*60b67249SAndroid Build Coastguard Worker } 63*60b67249SAndroid Build Coastguard Worker 64*60b67249SAndroid Build Coastguard Worker /// A trait for maintaining a counter. 65*60b67249SAndroid Build Coastguard Worker pub trait Counter { 66*60b67249SAndroid Build Coastguard Worker /// Returns the current counter value. n(&self) -> u6467*60b67249SAndroid Build Coastguard Worker fn n(&self) -> u64; 68*60b67249SAndroid Build Coastguard Worker /// Sets the counter value to `n`. set_n(&mut self, n: u64)69*60b67249SAndroid Build Coastguard Worker fn set_n(&mut self, n: u64); 70*60b67249SAndroid Build Coastguard Worker } 71*60b67249SAndroid Build Coastguard Worker 72*60b67249SAndroid Build Coastguard Worker /// Provides cryptographic operations for encrypted sessions. 73*60b67249SAndroid Build Coastguard Worker pub trait SessionCrypto { 74*60b67249SAndroid Build Coastguard Worker /// A type to represent session cipher states. These are owned by and opaque 75*60b67249SAndroid Build Coastguard Worker /// to the caller in `new_session_handshake` and `derive_session_handshake`. 76*60b67249SAndroid Build Coastguard Worker type SessionCipherState: Commit + Counter; 77*60b67249SAndroid Build Coastguard Worker 78*60b67249SAndroid Build Coastguard Worker /// Performs a session responder handshake for a new session. 79*60b67249SAndroid Build Coastguard Worker /// 80*60b67249SAndroid Build Coastguard Worker /// # Parameters 81*60b67249SAndroid Build Coastguard Worker /// 82*60b67249SAndroid Build Coastguard Worker /// * `static_dh_key`: The DPE session identity, which the client is 83*60b67249SAndroid Build Coastguard Worker /// expected to already know. 84*60b67249SAndroid Build Coastguard Worker /// * `initiator_handshake`: The handshake message received from the client. 85*60b67249SAndroid Build Coastguard Worker /// * `payload`: The payload to include in the `responder_handshake`. 86*60b67249SAndroid Build Coastguard Worker /// * `responder_handshake`: Receives the handshake message to be sent back 87*60b67249SAndroid Build Coastguard Worker /// to the client. 88*60b67249SAndroid Build Coastguard Worker /// * `decrypt_cipher_state`: Receives cipher state for decrypting incoming 89*60b67249SAndroid Build Coastguard Worker /// session messages. This is intended to be passed to 90*60b67249SAndroid Build Coastguard Worker /// [`SessionCrypto::session_decrypt`]. 91*60b67249SAndroid Build Coastguard Worker /// * `encrypt_cipher_state`: Receives cipher state for encrypting outgoing 92*60b67249SAndroid Build Coastguard Worker /// session messages. This is intended to be passed to 93*60b67249SAndroid Build Coastguard Worker /// [`SessionCrypto::session_encrypt`]. 94*60b67249SAndroid Build Coastguard Worker /// * `psk_seed`: Receives a PSK seed that can be used to construct a PSK to 95*60b67249SAndroid Build Coastguard Worker /// be used when deriving a session (see 96*60b67249SAndroid Build Coastguard Worker /// [`SessionCrypto::derive_session_handshake`]). 97*60b67249SAndroid Build Coastguard Worker /// 98*60b67249SAndroid Build Coastguard Worker /// # Errors 99*60b67249SAndroid Build Coastguard Worker /// 100*60b67249SAndroid Build Coastguard Worker /// This method allows implementers to return an error but it is expected to 101*60b67249SAndroid Build Coastguard Worker /// be infallible. 102*60b67249SAndroid Build Coastguard Worker #[allow(clippy::too_many_arguments)] new_session_handshake( static_dh_key: &DhPrivateKey, initiator_handshake: &HandshakeMessage, payload: &HandshakePayload, responder_handshake: &mut HandshakeMessage, decrypt_cipher_state: &mut Self::SessionCipherState, encrypt_cipher_state: &mut Self::SessionCipherState, psk_seed: &mut Hash, ) -> DpeResult<()>103*60b67249SAndroid Build Coastguard Worker fn new_session_handshake( 104*60b67249SAndroid Build Coastguard Worker static_dh_key: &DhPrivateKey, 105*60b67249SAndroid Build Coastguard Worker initiator_handshake: &HandshakeMessage, 106*60b67249SAndroid Build Coastguard Worker payload: &HandshakePayload, 107*60b67249SAndroid Build Coastguard Worker responder_handshake: &mut HandshakeMessage, 108*60b67249SAndroid Build Coastguard Worker decrypt_cipher_state: &mut Self::SessionCipherState, 109*60b67249SAndroid Build Coastguard Worker encrypt_cipher_state: &mut Self::SessionCipherState, 110*60b67249SAndroid Build Coastguard Worker psk_seed: &mut Hash, 111*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 112*60b67249SAndroid Build Coastguard Worker 113*60b67249SAndroid Build Coastguard Worker /// Performs a session responder handshake for a derived session. In 114*60b67249SAndroid Build Coastguard Worker /// contrast to a new session handshake, a derived session does not use a 115*60b67249SAndroid Build Coastguard Worker /// static key, but a pre-shared key (PSK) derived from an existing session. 116*60b67249SAndroid Build Coastguard Worker /// 117*60b67249SAndroid Build Coastguard Worker /// # Parameters 118*60b67249SAndroid Build Coastguard Worker /// 119*60b67249SAndroid Build Coastguard Worker /// * `psk`: A PSK derived from an existing session. 120*60b67249SAndroid Build Coastguard Worker /// * `initiator_handshake`: The handshake message received from the client. 121*60b67249SAndroid Build Coastguard Worker /// * `payload`: The payload to include in the `responder_handshake`. 122*60b67249SAndroid Build Coastguard Worker /// * `responder_handshake`: Receives the handshake message to be sent back 123*60b67249SAndroid Build Coastguard Worker /// to the client. 124*60b67249SAndroid Build Coastguard Worker /// * `decrypt_cipher_state`: Receives cipher state for decrypting incoming 125*60b67249SAndroid Build Coastguard Worker /// session messages. This is intended to be passed to 126*60b67249SAndroid Build Coastguard Worker /// [`SessionCrypto::session_decrypt`]. 127*60b67249SAndroid Build Coastguard Worker /// * `encrypt_cipher_state`: Receives cipher state for encrypting outgoing 128*60b67249SAndroid Build Coastguard Worker /// session messages. This is intended to be passed to 129*60b67249SAndroid Build Coastguard Worker /// [`SessionCrypto::session_encrypt`]. 130*60b67249SAndroid Build Coastguard Worker /// * `psk_seed`: Receives a PSK seed that can be used to construct a PSK to 131*60b67249SAndroid Build Coastguard Worker /// be used when deriving another session. 132*60b67249SAndroid Build Coastguard Worker /// 133*60b67249SAndroid Build Coastguard Worker /// # Errors 134*60b67249SAndroid Build Coastguard Worker /// 135*60b67249SAndroid Build Coastguard Worker /// This method allows implementers to return an error but it is expected to 136*60b67249SAndroid Build Coastguard Worker /// be infallible. 137*60b67249SAndroid Build Coastguard Worker #[allow(clippy::too_many_arguments)] derive_session_handshake( psk: &Hash, initiator_handshake: &HandshakeMessage, payload: &HandshakePayload, responder_handshake: &mut HandshakeMessage, decrypt_cipher_state: &mut Self::SessionCipherState, encrypt_cipher_state: &mut Self::SessionCipherState, psk_seed: &mut Hash, ) -> DpeResult<()>138*60b67249SAndroid Build Coastguard Worker fn derive_session_handshake( 139*60b67249SAndroid Build Coastguard Worker psk: &Hash, 140*60b67249SAndroid Build Coastguard Worker initiator_handshake: &HandshakeMessage, 141*60b67249SAndroid Build Coastguard Worker payload: &HandshakePayload, 142*60b67249SAndroid Build Coastguard Worker responder_handshake: &mut HandshakeMessage, 143*60b67249SAndroid Build Coastguard Worker decrypt_cipher_state: &mut Self::SessionCipherState, 144*60b67249SAndroid Build Coastguard Worker encrypt_cipher_state: &mut Self::SessionCipherState, 145*60b67249SAndroid Build Coastguard Worker psk_seed: &mut Hash, 146*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 147*60b67249SAndroid Build Coastguard Worker 148*60b67249SAndroid Build Coastguard Worker /// Derives a PSK from session state: `psk_seed`, `decrypt_cipher_state`, 149*60b67249SAndroid Build Coastguard Worker /// and `encrypt_cipher_state`. The returned PSK is appropriate as an 150*60b67249SAndroid Build Coastguard Worker /// argument to [`derive_session_handshake`]. 151*60b67249SAndroid Build Coastguard Worker /// 152*60b67249SAndroid Build Coastguard Worker /// # Errors 153*60b67249SAndroid Build Coastguard Worker /// 154*60b67249SAndroid Build Coastguard Worker /// This method allows implementers to return an error but it is expected to 155*60b67249SAndroid Build Coastguard Worker /// be infallible. 156*60b67249SAndroid Build Coastguard Worker /// 157*60b67249SAndroid Build Coastguard Worker /// [`derive_session_handshake`]: #method.derive_session_handshake derive_psk_from_session( psk_seed: &Hash, decrypt_cipher_state: &Self::SessionCipherState, encrypt_cipher_state: &Self::SessionCipherState, ) -> DpeResult<Hash>158*60b67249SAndroid Build Coastguard Worker fn derive_psk_from_session( 159*60b67249SAndroid Build Coastguard Worker psk_seed: &Hash, 160*60b67249SAndroid Build Coastguard Worker decrypt_cipher_state: &Self::SessionCipherState, 161*60b67249SAndroid Build Coastguard Worker encrypt_cipher_state: &Self::SessionCipherState, 162*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<Hash>; 163*60b67249SAndroid Build Coastguard Worker 164*60b67249SAndroid Build Coastguard Worker /// Encrypts an outgoing session message with the given `cipher_state`. The 165*60b67249SAndroid Build Coastguard Worker /// `in_place_buffer` both provides the plaintext message and receives the 166*60b67249SAndroid Build Coastguard Worker /// corresponding ciphertext. 167*60b67249SAndroid Build Coastguard Worker /// 168*60b67249SAndroid Build Coastguard Worker /// # Errors 169*60b67249SAndroid Build Coastguard Worker /// 170*60b67249SAndroid Build Coastguard Worker /// This method fails with an OutOfMemory error if the encryption overhead 171*60b67249SAndroid Build Coastguard Worker /// does not fit in the buffer. session_encrypt( cipher_state: &mut Self::SessionCipherState, in_place_buffer: &mut Message, ) -> DpeResult<()>172*60b67249SAndroid Build Coastguard Worker fn session_encrypt( 173*60b67249SAndroid Build Coastguard Worker cipher_state: &mut Self::SessionCipherState, 174*60b67249SAndroid Build Coastguard Worker in_place_buffer: &mut Message, 175*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 176*60b67249SAndroid Build Coastguard Worker 177*60b67249SAndroid Build Coastguard Worker /// Decrypts an incoming session message with the given `cipher_state`. The 178*60b67249SAndroid Build Coastguard Worker /// `in_place_buffer` both provides the ciphertext message and receives the 179*60b67249SAndroid Build Coastguard Worker /// corresponding plaintext. 180*60b67249SAndroid Build Coastguard Worker /// 181*60b67249SAndroid Build Coastguard Worker /// # Errors 182*60b67249SAndroid Build Coastguard Worker /// 183*60b67249SAndroid Build Coastguard Worker /// This method fails with an InvalidArgument error if the ciphertext cannot 184*60b67249SAndroid Build Coastguard Worker /// be decrypted (e.g. if tag authentication fails). session_decrypt( cipher_state: &mut Self::SessionCipherState, in_place_buffer: &mut Message, ) -> DpeResult<()>185*60b67249SAndroid Build Coastguard Worker fn session_decrypt( 186*60b67249SAndroid Build Coastguard Worker cipher_state: &mut Self::SessionCipherState, 187*60b67249SAndroid Build Coastguard Worker in_place_buffer: &mut Message, 188*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 189*60b67249SAndroid Build Coastguard Worker } 190*60b67249SAndroid Build Coastguard Worker 191*60b67249SAndroid Build Coastguard Worker /// Provides cryptographic operations. These operations are specifically for DPE 192*60b67249SAndroid Build Coastguard Worker /// concepts, defined by a DPE profile, and to be invoked by a DPE instance. 193*60b67249SAndroid Build Coastguard Worker pub trait Crypto { 194*60b67249SAndroid Build Coastguard Worker /// An associated [`SessionCrypto`] type. 195*60b67249SAndroid Build Coastguard Worker type S: SessionCrypto; 196*60b67249SAndroid Build Coastguard Worker 197*60b67249SAndroid Build Coastguard Worker /// Returns a hash of `input`. 198*60b67249SAndroid Build Coastguard Worker /// 199*60b67249SAndroid Build Coastguard Worker /// # Errors 200*60b67249SAndroid Build Coastguard Worker /// 201*60b67249SAndroid Build Coastguard Worker /// This method is infallible. hash(input: &[u8]) -> Hash202*60b67249SAndroid Build Coastguard Worker fn hash(input: &[u8]) -> Hash; 203*60b67249SAndroid Build Coastguard Worker 204*60b67249SAndroid Build Coastguard Worker /// Returns a hash over all items in `iter`, in order. 205*60b67249SAndroid Build Coastguard Worker /// 206*60b67249SAndroid Build Coastguard Worker /// # Errors 207*60b67249SAndroid Build Coastguard Worker /// 208*60b67249SAndroid Build Coastguard Worker /// This method is infallible. hash_iter<'a>(iter: impl Iterator<Item = &'a [u8]>) -> Hash209*60b67249SAndroid Build Coastguard Worker fn hash_iter<'a>(iter: impl Iterator<Item = &'a [u8]>) -> Hash; 210*60b67249SAndroid Build Coastguard Worker 211*60b67249SAndroid Build Coastguard Worker /// Runs a key derivation function (KDF) to derive a key the length of the 212*60b67249SAndroid Build Coastguard Worker /// `derived_key` buffer. The inputs are interpreted as documented by the 213*60b67249SAndroid Build Coastguard Worker /// [HKDF](<https://datatracker.ietf.org/doc/html/rfc5869>) scheme. The 214*60b67249SAndroid Build Coastguard Worker /// implementation doesn't need to be HKDF specifically but needs to work 215*60b67249SAndroid Build Coastguard Worker /// with HKDF-style inputs. 216*60b67249SAndroid Build Coastguard Worker /// 217*60b67249SAndroid Build Coastguard Worker /// # Parameters 218*60b67249SAndroid Build Coastguard Worker /// 219*60b67249SAndroid Build Coastguard Worker /// * `kdf_ikm`: input keying material 220*60b67249SAndroid Build Coastguard Worker /// * `kdf_info`: HKDF-style info (optional) 221*60b67249SAndroid Build Coastguard Worker /// * `kdf_salt`: HKDF-style salt (optional) 222*60b67249SAndroid Build Coastguard Worker /// * `derived_key`: Receives the derived key 223*60b67249SAndroid Build Coastguard Worker /// 224*60b67249SAndroid Build Coastguard Worker /// # Errors 225*60b67249SAndroid Build Coastguard Worker /// 226*60b67249SAndroid Build Coastguard Worker /// Fails with an `InternalError` if `derived_key` is too large. kdf( kdf_ikm: &[u8], kdf_info: &[u8], kdf_salt: &[u8], derived_key: &mut [u8], ) -> DpeResult<()>227*60b67249SAndroid Build Coastguard Worker fn kdf( 228*60b67249SAndroid Build Coastguard Worker kdf_ikm: &[u8], 229*60b67249SAndroid Build Coastguard Worker kdf_info: &[u8], 230*60b67249SAndroid Build Coastguard Worker kdf_salt: &[u8], 231*60b67249SAndroid Build Coastguard Worker derived_key: &mut [u8], 232*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 233*60b67249SAndroid Build Coastguard Worker 234*60b67249SAndroid Build Coastguard Worker /// Derives an asymmetric key pair for signing from a given `seed`. 235*60b67249SAndroid Build Coastguard Worker /// 236*60b67249SAndroid Build Coastguard Worker /// # Errors 237*60b67249SAndroid Build Coastguard Worker /// 238*60b67249SAndroid Build Coastguard Worker /// This method allows implementers to return an error but it is expected to 239*60b67249SAndroid Build Coastguard Worker /// be infallible. signing_keypair_from_seed( seed: &Hash, ) -> DpeResult<(SigningPublicKey, SigningPrivateKey)>240*60b67249SAndroid Build Coastguard Worker fn signing_keypair_from_seed( 241*60b67249SAndroid Build Coastguard Worker seed: &Hash, 242*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<(SigningPublicKey, SigningPrivateKey)>; 243*60b67249SAndroid Build Coastguard Worker 244*60b67249SAndroid Build Coastguard Worker /// Derives an asymmetric key pair for sealing from a given `seed`. 245*60b67249SAndroid Build Coastguard Worker /// 246*60b67249SAndroid Build Coastguard Worker /// # Errors 247*60b67249SAndroid Build Coastguard Worker /// 248*60b67249SAndroid Build Coastguard Worker /// This method allows implementers to return an error but it is expected to 249*60b67249SAndroid Build Coastguard Worker /// be infallible. sealing_keypair_from_seed( seed: &Hash, ) -> DpeResult<(SealingPublicKey, SealingPrivateKey)>250*60b67249SAndroid Build Coastguard Worker fn sealing_keypair_from_seed( 251*60b67249SAndroid Build Coastguard Worker seed: &Hash, 252*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<(SealingPublicKey, SealingPrivateKey)>; 253*60b67249SAndroid Build Coastguard Worker 254*60b67249SAndroid Build Coastguard Worker /// Computes a MAC over `data` using the given `key`. 255*60b67249SAndroid Build Coastguard Worker /// 256*60b67249SAndroid Build Coastguard Worker /// # Errors 257*60b67249SAndroid Build Coastguard Worker /// 258*60b67249SAndroid Build Coastguard Worker /// This method allows implementers to return an error but it is expected to 259*60b67249SAndroid Build Coastguard Worker /// be infallible. mac(key: &MacKey, data: &[u8]) -> DpeResult<Hash>260*60b67249SAndroid Build Coastguard Worker fn mac(key: &MacKey, data: &[u8]) -> DpeResult<Hash>; 261*60b67249SAndroid Build Coastguard Worker 262*60b67249SAndroid Build Coastguard Worker /// Generates a signature over `tbs` using the given `key`. 263*60b67249SAndroid Build Coastguard Worker /// 264*60b67249SAndroid Build Coastguard Worker /// # Errors 265*60b67249SAndroid Build Coastguard Worker /// 266*60b67249SAndroid Build Coastguard Worker /// This method allows implementers to return an error but it is expected to 267*60b67249SAndroid Build Coastguard Worker /// be infallible. sign(key: &SigningPrivateKey, tbs: &[u8]) -> DpeResult<Signature>268*60b67249SAndroid Build Coastguard Worker fn sign(key: &SigningPrivateKey, tbs: &[u8]) -> DpeResult<Signature>; 269*60b67249SAndroid Build Coastguard Worker 270*60b67249SAndroid Build Coastguard Worker /// Encrypts data using the given `key` in a way that it can be decrypted by 271*60b67249SAndroid Build Coastguard Worker /// the `unseal` method with the same `key`. The `in_place_buffer` both 272*60b67249SAndroid Build Coastguard Worker /// provides the plaintext input and receives the ciphertext output. 273*60b67249SAndroid Build Coastguard Worker /// 274*60b67249SAndroid Build Coastguard Worker /// # Errors 275*60b67249SAndroid Build Coastguard Worker /// 276*60b67249SAndroid Build Coastguard Worker /// Fails with OutOfMemory if the ciphertext, including overhead, does not 277*60b67249SAndroid Build Coastguard Worker /// fit in the buffer. seal( key: &EncryptionKey, in_place_buffer: &mut Message, ) -> DpeResult<()>278*60b67249SAndroid Build Coastguard Worker fn seal( 279*60b67249SAndroid Build Coastguard Worker key: &EncryptionKey, 280*60b67249SAndroid Build Coastguard Worker in_place_buffer: &mut Message, 281*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 282*60b67249SAndroid Build Coastguard Worker 283*60b67249SAndroid Build Coastguard Worker /// Decrypts and authenticates data previously generated by the `seal` 284*60b67249SAndroid Build Coastguard Worker /// method using the given 'key'. The `in_place_buffer` both provides the 285*60b67249SAndroid Build Coastguard Worker /// ciphertext input and receives the plaintext output. 286*60b67249SAndroid Build Coastguard Worker /// 287*60b67249SAndroid Build Coastguard Worker /// # Errors 288*60b67249SAndroid Build Coastguard Worker /// 289*60b67249SAndroid Build Coastguard Worker /// Fails with InvalidArgument if authenticated decryption fails. unseal( key: &EncryptionKey, in_place_buffer: &mut Message, ) -> DpeResult<()>290*60b67249SAndroid Build Coastguard Worker fn unseal( 291*60b67249SAndroid Build Coastguard Worker key: &EncryptionKey, 292*60b67249SAndroid Build Coastguard Worker in_place_buffer: &mut Message, 293*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 294*60b67249SAndroid Build Coastguard Worker 295*60b67249SAndroid Build Coastguard Worker /// Encrypts data using an asymmetric scheme and the given `public_key` in 296*60b67249SAndroid Build Coastguard Worker /// a way that it can be decrypted by the `unseal_asymmetric` method given 297*60b67249SAndroid Build Coastguard Worker /// the corresponding private key. While this method is useful for testing, 298*60b67249SAndroid Build Coastguard Worker /// a DPE does not use this during normal operation. The `in_place_buffer` 299*60b67249SAndroid Build Coastguard Worker /// both provides the plaintext input and receives the ciphertext output. 300*60b67249SAndroid Build Coastguard Worker /// 301*60b67249SAndroid Build Coastguard Worker /// # Errors 302*60b67249SAndroid Build Coastguard Worker /// 303*60b67249SAndroid Build Coastguard Worker /// Fails with OutOfMemory if the ciphertext, including overhead, does not 304*60b67249SAndroid Build Coastguard Worker /// fit in the buffer. seal_asymmetric( public_key: &SealingPublicKey, in_place_buffer: &mut Message, ) -> DpeResult<()>305*60b67249SAndroid Build Coastguard Worker fn seal_asymmetric( 306*60b67249SAndroid Build Coastguard Worker public_key: &SealingPublicKey, 307*60b67249SAndroid Build Coastguard Worker in_place_buffer: &mut Message, 308*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 309*60b67249SAndroid Build Coastguard Worker 310*60b67249SAndroid Build Coastguard Worker /// Decrypts data using an asymmetric scheme and the give `key`. The 311*60b67249SAndroid Build Coastguard Worker /// `in_place_buffer` both provides the ciphertext input and receives the 312*60b67249SAndroid Build Coastguard Worker /// plaintext output. 313*60b67249SAndroid Build Coastguard Worker /// 314*60b67249SAndroid Build Coastguard Worker /// # Errors 315*60b67249SAndroid Build Coastguard Worker /// 316*60b67249SAndroid Build Coastguard Worker /// Fails with InvalidArgument if the ciphertext cannot be decrypted. unseal_asymmetric( key: &SealingPrivateKey, in_place_buffer: &mut Message, ) -> DpeResult<()>317*60b67249SAndroid Build Coastguard Worker fn unseal_asymmetric( 318*60b67249SAndroid Build Coastguard Worker key: &SealingPrivateKey, 319*60b67249SAndroid Build Coastguard Worker in_place_buffer: &mut Message, 320*60b67249SAndroid Build Coastguard Worker ) -> DpeResult<()>; 321*60b67249SAndroid Build Coastguard Worker } 322