Skip to main content

PublicKeyDiscoveryInput

aws_esdk::material_providers::types

Struct PublicKeyDiscoveryInput 

Source 
#[non_exhaustive]
pub struct PublicKeyDiscoveryInput {
    pub recipient_static_private_key: Option<Blob>,
}
Expand description

Inputs for creating a PublicKeyDiscovery Configuration.

Fields (Non-exhaustive)§

This struct is marked as non-exhaustive
Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.
§recipient_static_private_key: Option<Blob>

The sender’s private key. MUST be PEM encoded.

Implementations§

Source§

impl PublicKeyDiscoveryInput

Source

pub fn recipient_static_private_key(&self) -> &Option<Blob>

The sender’s private key. MUST be PEM encoded.

Source§

impl PublicKeyDiscoveryInput

Source

pub fn builder() -> PublicKeyDiscoveryInputBuilder

Creates a new builder-style object to manufacture PublicKeyDiscoveryInput.

Examples found in repository?
examples/keyring/ecdh/public_key_discovery_raw_ecdh_keyring_example.rs (line 128)
66pub async fn decrypt_with_keyring(
67    example_data: &str,
68    ecdh_curve_spec: EcdhCurveSpec,
69) -> Result<(), crate::BoxError> {
70    // 1. Instantiate the encryption SDK client.
71    // This builds the default client with the RequireEncryptRequireDecrypt commitment policy,
72    // which enforces that this client only encrypts using committing algorithm suites and enforces
73    // that this client will only decrypt encrypted messages that were created with a committing
74    // algorithm suite.
75    let esdk_config = AwsEncryptionSdkConfig::builder().build()?;
76    let esdk_client = esdk_client::Client::from_conf(esdk_config)?;
77
78    let mpl_config = MaterialProvidersConfig::builder().build()?;
79    let mpl = mpl_client::Client::from_conf(mpl_config)?;
80
81    // 2. Create encryption context.
82    // Remember that your encryption context is NOT SECRET.
83    // For more information, see
84    // https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/concepts.html#encryption-context
85    let encryption_context = HashMap::from([
86        ("encryption".to_string(), "context".to_string()),
87        ("is not".to_string(), "secret".to_string()),
88        ("but adds".to_string(), "useful metadata".to_string()),
89        (
90            "that can help you".to_string(),
91            "be confident that".to_string(),
92        ),
93        (
94            "the data you are handling".to_string(),
95            "is what you think it is".to_string(),
96        ),
97    ]);
98
99    // 3. You may provide your own ECC keys in the files located at
100    // - EXAMPLE_ECC_PRIVATE_KEY_FILENAME_RECIPIENT
101
102    // If you do not provide these files, running this example through this
103    // class' main method will generate three files required for all raw ECDH examples
104    // EXAMPLE_ECC_PRIVATE_KEY_FILENAME_SENDER, EXAMPLE_ECC_PRIVATE_KEY_FILENAME_RECIPIENT
105    // and EXAMPLE_ECC_PUBLIC_KEY_FILENAME_RECIPIENT for you.
106
107    // Do not use these files for any other purpose.
108    if should_generate_new_ecc_key_pair_discovery_raw_ecdh()? {
109        write_raw_ecdh_ecc_keys(ecdh_curve_spec)?;
110    }
111
112    // 4. Load keys from UTF-8 encoded PEM files.
113    let mut file = File::open(Path::new(EXAMPLE_ECC_PRIVATE_KEY_FILENAME_RECIPIENT))?;
114    let mut private_key_recipient_utf8_bytes = Vec::new();
115    file.read_to_end(&mut private_key_recipient_utf8_bytes)?;
116
117    // Generate the ciphertext
118    let ciphertext = get_ciphertext(
119        example_data,
120        ecdh_curve_spec,
121        encryption_context.clone(),
122        esdk_client.clone(),
123        mpl.clone(),
124    )
125    .await?;
126
127    // 5. Create the PublicKeyDiscoveryInput
128    let discovery_raw_ecdh_static_configuration_input = PublicKeyDiscoveryInput::builder()
129        // Must be a UTF8 PEM-encoded private key
130        .recipient_static_private_key(private_key_recipient_utf8_bytes)
131        .build()?;
132
133    let discovery_raw_ecdh_static_configuration = RawEcdhStaticConfigurations::PublicKeyDiscovery(
134        discovery_raw_ecdh_static_configuration_input,
135    );
136
137    // 6. Create the Public Key Discovery Raw ECDH keyring.
138
139    // Create the keyring.
140    // This keyring uses a discovery configuration. This configuration will check on decrypt
141    // if it is meant to decrypt the message by checking if the configured public key is stored on the message.
142    // The discovery configuration can only decrypt messages and CANNOT encrypt messages.
143    let discovery_raw_ecdh_keyring = mpl
144        .create_raw_ecdh_keyring()
145        .curve_spec(ecdh_curve_spec)
146        .key_agreement_scheme(discovery_raw_ecdh_static_configuration)
147        .send()
148        .await?;
149
150    // 7. Decrypt your encrypted data using the same keyring you used on encrypt.
151    let decryption_response = esdk_client
152        .decrypt()
153        .ciphertext(ciphertext)
154        .keyring(discovery_raw_ecdh_keyring)
155        // Provide the encryption context that was supplied to the encrypt method
156        .encryption_context(encryption_context)
157        .send()
158        .await?;
159
160    let decrypted_plaintext = decryption_response
161        .plaintext
162        .expect("Unable to unwrap plaintext from decryption response");
163
164    // 8. Demonstrate that the decrypted plaintext is identical to the original plaintext.
165    // (This is an example for demonstration; you do not need to do this in your own code.)
166    let plaintext = example_data.as_bytes();
167
168    assert_eq!(
169        decrypted_plaintext,
170        aws_smithy_types::Blob::new(plaintext),
171        "Decrypted plaintext should be identical to the original plaintext. Invalid decryption"
172    );
173
174    println!("Public Key Discovery Raw ECDH Keyring Example Completed Successfully");
175
176    Ok(())
177}

Trait Implementations§

Source§

impl Clone for PublicKeyDiscoveryInput

Source§

fn clone(&self) -> PublicKeyDiscoveryInput

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for PublicKeyDiscoveryInput

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl PartialEq for PublicKeyDiscoveryInput

Source§

fn eq(&self, other: &PublicKeyDiscoveryInput) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl StructuralPartialEq for PublicKeyDiscoveryInput

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> AnyRef for T
where T: 'static,

Source§

fn as_any_ref(&self) -> &(dyn Any + 'static)

Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

Source§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> Upcast<T> for T
where T: ?Sized,

Source§

fn upcast(&self) -> Ptr<T>

Source§

impl<T> UpcastObject<T> for T
where T: ?Sized,

Source§

fn upcast(&self) -> Object<T>

Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more