Trait RecipientPluginV1

Source

pub trait RecipientPluginV1 {
    // Required methods
    fn add_recipient(
        &mut self,
        index: usize,
        plugin_name: &str,
        bytes: &[u8],
    ) -> Result<(), Error>;
    fn add_identity(
        &mut self,
        index: usize,
        plugin_name: &str,
        bytes: &[u8],
    ) -> Result<(), Error>;
    fn labels(&mut self) -> HashSet<String>;
    fn wrap_file_keys(
        &mut self,
        file_keys: Vec<FileKey>,
        callbacks: impl Callbacks<Error>,
    ) -> Result<Result<Vec<Vec<Stanza>>, Vec<Error>>>;
}

Expand description

The interface that age implementations will use to interact with an age plugin.

Implementations of this trait will be used within the recipient-v1 state machine.

The trait methods are always called in this order:

Self::add_recipient / Self::add_identity (in any order, including potentially interleaved).
Self::labels (once all recipients and identities have been added).
Self::wrap_file_keys

Required Methods§

Source

fn add_recipient( &mut self, index: usize, plugin_name: &str, bytes: &[u8], ) -> Result<(), Error>

Stores a recipient that the user would like to encrypt age files to.

plugin_name is the name of the binary that resolved to this plugin.

Returns an error if the recipient is unknown or invalid.

Source

fn add_identity( &mut self, index: usize, plugin_name: &str, bytes: &[u8], ) -> Result<(), Error>

Stores an identity that the user would like to encrypt age files to.

plugin_name is the name of the binary that resolved to this plugin.

Returns an error if the identity is unknown or invalid.

Source

fn labels(&mut self) -> HashSet<String>

Returns labels that constrain how the stanzas produced by Self::wrap_file_keys may be combined with those from other recipients.

Encryption will succeed only if every recipient returns the same set of labels. Subsets or partial overlapping sets are not allowed; all sets must be identical. Labels are compared exactly, and are case-sensitive.

Label sets can be used to ensure a recipient is only encrypted to alongside other recipients with equivalent properties, or to ensure a recipient is always used alone. A recipient with no particular properties to enforce should return an empty label set.

Labels can have any value that is a valid arbitrary string (1*VCHAR in ABNF), but usually take one of several forms:

Common public label - used by multiple recipients to permit their stanzas to be used only together. Examples include:
- postquantum - indicates that the recipient stanzas being generated are postquantum-secure, and that they can only be combined with other stanzas that are also postquantum-secure.
Common private label - used by recipients created by the same private entity to permit their recipient stanzas to be used only together. For example, private recipients used in a corporate environment could all send the same private label in order to prevent compliant age clients from simultaneously wrapping file keys with other recipients.
Random label - used by recipients that want to ensure their stanzas are not used with any other recipient stanzas. This can be used to produce a file key that is only encrypted to a single recipient stanza, for example to preserve its authentication properties.

Source

fn wrap_file_keys( &mut self, file_keys: Vec<FileKey>, callbacks: impl Callbacks<Error>, ) -> Result<Result<Vec<Vec<Stanza>>, Vec<Error>>>

Wraps each file_key to all recipients and identities previously added via add_recipient and add_identity.

Returns a set of stanzas per file key that wrap it to each recipient and identity. Plugins may return more than one stanza per “actual recipient”, e.g. to support multiple formats, to build group aliases, or to act as a proxy.

If one or more recipients or identities could not be wrapped to, Err(_) MUST be returned.

callbacks can be used to interact with the user, to have them take some physical action or request a secret value.

Dyn Compatibility§

This trait is not dyn compatible.

In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.

Implementations on Foreign Types§

Source §

RecipientPluginV1

Trait RecipientPluginV1

Required Methods§

fn add_recipient( &mut self, index: usize, plugin_name: &str, bytes: &[u8], ) -> Result<(), Error>

fn add_identity( &mut self, index: usize, plugin_name: &str, bytes: &[u8], ) -> Result<(), Error>

fn labels(&mut self) -> HashSet<String>

fn wrap_file_keys( &mut self, file_keys: Vec<FileKey>, callbacks: impl Callbacks<Error>, ) -> Result<Result<Vec<Vec<Stanza>>, Vec<Error>>>

Dyn Compatibility§

Implementations on Foreign Types§

impl RecipientPluginV1 for Infallible

fn add_recipient(&mut self, _: usize, _: &str, _: &[u8]) -> Result<(), Error>

fn add_identity(&mut self, _: usize, _: &str, _: &[u8]) -> Result<(), Error>

fn labels(&mut self) -> HashSet<String>

fn wrap_file_keys( &mut self, _: Vec<FileKey>, _: impl Callbacks<Error>, ) -> Result<Result<Vec<Vec<Stanza>>, Vec<Error>>>

Implementors§

RecipientPluginV1

Trait RecipientPluginV1 Copy item path

Required Methods§

fn add_recipient( &mut self, index: usize, plugin_name: &str, bytes: &[u8], ) -> Result<(), Error>

fn add_identity( &mut self, index: usize, plugin_name: &str, bytes: &[u8], ) -> Result<(), Error>

fn labels(&mut self) -> HashSet<String>

fn wrap_file_keys( &mut self, file_keys: Vec<FileKey>, callbacks: impl Callbacks<Error>, ) -> Result<Result<Vec<Vec<Stanza>>, Vec<Error>>>

Dyn Compatibility§

Implementations on Foreign Types§

impl RecipientPluginV1 for Infallible

fn add_recipient(&mut self, _: usize, _: &str, _: &[u8]) -> Result<(), Error>

fn add_identity(&mut self, _: usize, _: &str, _: &[u8]) -> Result<(), Error>

fn labels(&mut self) -> HashSet<String>

fn wrap_file_keys( &mut self, _: Vec<FileKey>, _: impl Callbacks<Error>, ) -> Result<Result<Vec<Vec<Stanza>>, Vec<Error>>>

Implementors§

Trait RecipientPluginV1