



@deftypefun {int} {gnutls_hpke_seal} (gnutls_hpke_context_t @var{ctx}, const gnutls_datum_t * @var{aad}, const gnutls_datum_t * @var{plaintext}, gnutls_datum_t * @var{ciphertext})
@var{ctx}: The HPKE context to use for sealing.

@var{aad}: The associated data (AAD) to be authenticated but not encrypted.

@var{plaintext}: The plaintext data to be encrypted and authenticated.

@var{ciphertext}: A pointer to a gnutls_datum_t structure where the resulting ciphertext will be stored.

This function performs the sealing operation of HPKE. It encrypts
the plaintext and computes an authentication tag using the AEAD
algorithm specified in the HPKE context. The resulting ciphertext
includes both the encrypted plaintext and the authentication tag.

This function can be used multiple times with the same HPKE
context, but the encapsulation function (@code{gnutls_hpke_encap()} ) must
be called once before the first call to this function to set up the
necessary keys and nonces in the context. Each call to this
function will increment the sequence number in the context, which
is used to derive unique nonces for each encryption operation.

The function will allocate memory for the  @code{ciphertext} , and the
caller is responsible for freeing this memory using @code{gnutls_free()} 
when it is no longer needed.

@strong{Returns:} 0 on success, or a negative error code on failure

@strong{Since:} 3.8.13
@end deftypefun
