Module aead

This crate provides all the cryptographic primitives required by this workspace, backed by the NSS library. The exposed API is pretty much the same as the ring crate.

Structs

• Aad
  The additional authenticated data (AAD) for an opening or sealing operation. This data is authenticated but is not encrypted. This is a type-safe wrapper around the raw bytes designed to encourage correct use of the API.
• Algorithm
• Nonce
  The nonce for an opening or sealing operation. This is a type-safe wrapper around the raw bytes designed to encourage correct use of the API.
• OpeningKey
• SealingKey

Statics

• AES_128_GCM
  AES-128 in GCM mode with 128-bit tags and 96 bit nonces.
• AES_256_GCM
  AES-256 in GCM mode with 128-bit tags and 96 bit nonces.
• LEGACY_SYNC_AES_256_CBC_HMAC_SHA256
  AES-256 in CBC mode with HMAC-SHA256 tags and 128 bit nonces. This is a Sync 1.5 specific encryption scheme, do not use for new applications, there are better options out there nowadays. Important note: The HMAC tag verification is done against the base64 representation of the ciphertext. More details here: https://mozilla-services.readthedocs.io/en/latest/sync/storageformat5.html#record-encryption

Functions

• open
• seal