Struct optee_utee::crypto_op::Asymmetric

pub struct Asymmetric(_);

An operation for conducting asymmetric encryption /decryption or asymmetric sign / verify. Note that asymmetric encryption is always “single-stage”, which differs from Cipher which are always “multi-stage”.

Implementations

impl Asymmetric

pub fn encrypt(&self, params: &[Attribute], src: &[u8]) -> Result<Vec<u8>>

Encrypt a message.

Parameters

1. params: Optional operation parameters.
2. src: Input plaintext buffer.

Example

let clear = [1u8; 8];
match TransientObject::allocate(TransientObjectType::RsaKeypair, 256) {
    Ok(key) => {
        key.generate_key(256, &[])?;
        match Asymmetric::allocate(
            AlgorithmId::RsaesPkcs1V15,
            OperationMode::Encrypt,
            256) {
            Ok(operation) => {
                operation.set_key(&key)?;
                match operation.encrypt(&[], &clear) {
                    Ok(ciph_text) => {
                        // Get cipher text as a vector
                        // ...
                        Ok(())
                    }
                    Err(e) => Err(e),
                }
            }
            Err(e) => Err(e),
        }
    }
    Err(e) => Err(e),
}

Errors

1. ShortBuffer: If the output buffer is not large enough to hold the result.
2. BadParameters: If the length of the input buffer is not consistent with the algorithm or key size.
3. CiphertextInvalid: If there is an error in the packing used on the ciphertext.

Panics

1. If the algorithm is not a valid algorithm for [Encrypt](OperationMode::Encrypt] of Asymmetric.
2. If no key is programmed in the operation.
3. Hardware or cryptographic algorithm failure.
4. If the Implementation detects any other error.

pub fn decrypt(&self, params: &[Attribute], src: &[u8]) -> Result<Vec<u8>>

Decrypt a message.

Parameters

1. params: Optional operation parameters.
2. src: Input ciphertext buffer.

Errors

1. ShortBuffer: If the output buffer is not large enough to hold the result.
2. BadParameters: If the length of the input buffer is not consistent with the algorithm or key size.
3. CiphertextInvalid: If there is an error in the packing used on the ciphertext.

Panics

1. If the algorithm is not a valid algorithm for [Decrypt](OperationMode::Decrypt] of Asymmetric.
2. If no key is programmed in the operation.
3. Hardware or cryptographic algorithm failure.
4. If the Implementation detects any other error.

pub fn sign_digest(
    &self,
    params: &[Attribute],
    digest: &[u8],
    signature: &mut [u8]
) -> Result<usize>

Sign a message digest.

Parameters

1. params: Optional operation parameters.
2. digest: Input buffer containing the input message digest.
3. signature: Output buffer written with the signature of the digest.

Errors

1. ShortBuffer: If signature is not large enough to hold the result.

Panics

1. If the algorithm is not a valid algorithm for [Sign](OperationMode::Sign] of Asymmetric.
2. If no key is programmed in the operation.
3. If the mode is not set as [Sign](OperationMode::Sign].
4. If digest.len() is not equal to the hash size of the algorithm.
5. Hardware or cryptographic algorithm failure.
6. If the Implementation detects any other error.

pub fn verify_digest(
    &self,
    params: &[Attribute],
    digest: &[u8],
    signature: &[u8]
) -> Result<()>

Verify a message digest.

Parameters

1. params: Optional operation parameters.
2. digest: Input buffer containing the input message digest.
3. signature: Input buffer containing the signature to verify.

Errors

1. SignatureInvalid: If the signature is invalid.

Panics

1. If the algorithm is not a valid algorithm for [Verify](OperationMode::Verify] of Asymmetric.
2. If no key is programmed in the operation.
3. If the mode is not set as [Verify](OperationMode::Verify].
4. If digest.len() is not equal to the hash size of the algorithm.
5. Hardware or cryptographic algorithm failure.
6. If the Implementation detects any other error.

pub fn null() -> Self

Create an Asymmetric operation without any specific algorithm or other data.

pub fn allocate(
    algo: AlgorithmId,
    mode: OperationMode,
    max_key_size: usize
) -> Result<Self>

Function usage is similar to Digest::allocate.

pub fn info(&self) -> OperationInfo

Function usage is similar to Digest::info.

pub fn info_multiple(
    &self,
    info_buf: &mut [u8]
) -> Result<OperationInfoMultiple>

Function usage is similar to Digest::info_multiple.

pub fn set_key<T: ObjHandle>(&self, object: &T) -> Result<()>

Function usage is similar to Cipher::set_key.

pub fn copy<T: OpHandle>(&mut self, src: &T)

Function usage is similar to Digest::copy.

Trait Implementations

impl OpHandle for Asymmetric

fn handle(&self) -> TEE_OperationHandle

Return the handle of an operation.