encrypt method - PqForgeSecureSession class - pqforge library

encrypt method

Uint8List payload, {
Uint8List? associatedData,

})

Encrypts payload into a nonce || ciphertext || tag wire packet.

A fresh, cryptographically secure nonce is generated for every call — the caller must never supply or reuse one. associatedData (AAD) is bound into the authentication tag (protecting routing headers, session IDs, sequence numbers, …) but is not encrypted and is not included in the packet; the peer must supply the identical AAD to decrypt.

Throws StateError if the session has been disposed.

Implementation

Future<Uint8List> encrypt(
  Uint8List payload, {
  Uint8List? associatedData,
}) async {
  _ensureNotDisposed();
  final nonce = PqBytes.randomBytes(cipherSuite.nonceLength);
  final body = await _engine.seal(
    key: _secretKey,
    nonce: nonce,
    plaintext: payload,
    aad: associatedData ?? _emptyAad,
  );
  return Uint8List(nonce.length + body.length)
    ..setRange(0, nonce.length, nonce)
    ..setRange(nonce.length, nonce.length + body.length, body);
}