objc/TINKHybridDecrypt.h - third_party/tink - Git at Google

 /**
  * Copyright 2017 Google Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  *
  **************************************************************************
  */

 #import <Foundation/Foundation.h>

 NS_ASSUME_NONNULL_BEGIN

 /**
  * The protocol for hybrid decryption.
  *
  * Implementations of this protocol are secure against adaptive chosen ciphertext attacks. In
  * addition to @c ciphertext the encryption takes an extra parameter @c contextInfo, which usually
  * is public data implicit from the context, but should be bound to the resulting ciphertext: upon
  * decryption the ciphertext allows for checking the integrity of @c contextInfo (but there are no
  * guarantees with regard to secrecy or authenticity of @c contextInfo).
  *
  * WARNING: Hybrid Encryption does not provide authenticity, that is the recipient of an encrypted
  * message does not know the identity of the sender. Similar to general public-key encryption
  * schemes the security goal of Hybrid Encryption is to provide privacy only. In other words,
  * Hybrid Encryption is secure if and only if the recipient can accept anonymous messages or can
  * rely on other mechanisms to authenticate the sender.
  *
  * @c contextInfo can be empty or nil, but to ensure the correct decryption of the ciphertext the
  * same value must be provided as was used during encryption operation.
  *
  * A concrete instantiation of this interface can implement the binding of @c contextInfo to the
  * ciphertext in various ways, for example:
  *
  * - Use @c contextInfo as "associated data"-input for the employed AEAD symmetric encryption
  *   (https://tools.ietf.org/html/rfc5116).
  * - Use @c contextInfo as "CtxInfo"-input for HKDF (if the implementation uses HKDF as key
  *   derivation function: https://tools.ietf.org/html/rfc5869).
  */
 @protocol TINKHybridDecrypt <NSObject>

 /* Decrypts @c ciphertext verifying the integrity of @c contextInfo. */
 - (nullable NSData *)decrypt:(NSData *)ciphertext
              withContextInfo:(nullable NSData *)contextInfo
                        error:(NSError **)error;

 @end

 NS_ASSUME_NONNULL_END
	/**
	* Copyright 2017 Google Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*
	**************************************************************************
	*/

	#import <Foundation/Foundation.h>

	NS_ASSUME_NONNULL_BEGIN

	/**
	* The protocol for hybrid decryption.
	*
	* Implementations of this protocol are secure against adaptive chosen ciphertext attacks. In
	* addition to @c ciphertext the encryption takes an extra parameter @c contextInfo, which usually
	* is public data implicit from the context, but should be bound to the resulting ciphertext: upon
	* decryption the ciphertext allows for checking the integrity of @c contextInfo (but there are no
	* guarantees with regard to secrecy or authenticity of @c contextInfo).
	*
	* WARNING: Hybrid Encryption does not provide authenticity, that is the recipient of an encrypted
	* message does not know the identity of the sender. Similar to general public-key encryption
	* schemes the security goal of Hybrid Encryption is to provide privacy only. In other words,
	* Hybrid Encryption is secure if and only if the recipient can accept anonymous messages or can
	* rely on other mechanisms to authenticate the sender.
	*
	* @c contextInfo can be empty or nil, but to ensure the correct decryption of the ciphertext the
	* same value must be provided as was used during encryption operation.
	*
	* A concrete instantiation of this interface can implement the binding of @c contextInfo to the
	* ciphertext in various ways, for example:
	*
	* - Use @c contextInfo as "associated data"-input for the employed AEAD symmetric encryption
	* (https://tools.ietf.org/html/rfc5116).
	* - Use @c contextInfo as "CtxInfo"-input for HKDF (if the implementation uses HKDF as key
	* derivation function: https://tools.ietf.org/html/rfc5869).
	*/
	@protocol TINKHybridDecrypt <NSObject>

	/* Decrypts @c ciphertext verifying the integrity of @c contextInfo. */
	- (nullable NSData )decrypt:(NSData )ciphertext
	withContextInfo:(nullable NSData *)contextInfo
	error:(NSError **)error;

	@end

	NS_ASSUME_NONNULL_END