Expand description
This crate provides all the cryptographic primitives required by
this workspace, backed by the NSS library.
The exposed API is pretty much the same as the ring crate.
Structs§
- Aad
- The additional authenticated data (AAD) for an opening or sealing operation. This data is authenticated but is not encrypted. This is a type-safe wrapper around the raw bytes designed to encourage correct use of the API.
- Algorithm
- Nonce
- The nonce for an opening or sealing operation. This is a type-safe wrapper around the raw bytes designed to encourage correct use of the API.
- Opening
Key - Sealing
Key
Statics§
- AES_
128_ GCM - AES-128 in GCM mode with 128-bit tags and 96 bit nonces.
- AES_
256_ GCM - AES-256 in GCM mode with 128-bit tags and 96 bit nonces.
- LEGACY_
SYNC_ AES_ 256_ CBC_ HMAC_ SHA256 - AES-256 in CBC mode with HMAC-SHA256 tags and 128 bit nonces. This is a Sync 1.5 specific encryption scheme, do not use for new applications, there are better options out there nowadays. Important note: The HMAC tag verification is done against the base64 representation of the ciphertext. More details here: https://mozilla-services.readthedocs.io/en/latest/sync/storageformat5.html#record-encryption