[−][src]Struct bdrck::crypto::keystore::KeyStore
A KeyStore is a structure which contains a single "master key", wrapped with one or more other keys. This is useful in cases where we want to encrypt data with a single key, while allowing users to add or remove keys at will, without having to a) re-encrypt the data when the keys change, or b) store multiple copies of the plaintext encrypted with the various different keys.
For example, users may want to be able to access a resource with either a password or a hardware authentication key, and the data they want to encrypt is relatively large (so re-encryption is expensive).
A KeyStore essentially contains a set of one or more wrapped keys, which it automatically loads from / persists to disk.
Methods
impl KeyStore[src]
pub fn new<K: AbstractKey>(key: &K) -> Result<Self>[src]
Construct a new KeyStore. A new master key is generated from scratch, and the given key is added to the KeyStore (wrapping the new master key).
pub fn open_slice<K: AbstractKey>(data: &[u8], key: &K) -> Result<Self>[src]
Open the KeyStore (attempt to unwrap the master key) by deserializing the given KeyStore bytes.
pub fn open_read<R: Read, K: AbstractKey>(rd: R, key: &K) -> Result<Self>[src]
Open the KeyStore (attempt to unwrap the master key) by deserializing the KeyStore bytes read from the given reader.
pub fn to_vec(&self) -> Result<Vec<u8>>[src]
Serialize this KeyStore, so it can be persisted and then reloaded later.
pub fn get_master_key(&self) -> &Key[src]
Return the unwrapped master key from this KeyStore.
pub fn add_key<K: AbstractKey>(&mut self, key: &K) -> Result<bool>[src]
Add the given wrapping key to this KeyStore. When the KeyStore is opened in the future, this key can be used. Returns true if the key was successfully added, or false if it was already present in the KeyStore.
pub fn remove_key<K: AbstractKey>(&mut self, key: &K) -> Result<bool>[src]
Remove the given key from this KeyStore, so it can no longer be used to open the KeyStore. Returns true if the key was removed, or false if the given key wasn't found in this KeyStore. It is an error to remove the last wrapping key from a KeyStore (doing so would leave it unopenable in the future).
Trait Implementations
impl<'de> Deserialize<'de> for KeyStore[src]
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>, [src]
__D: Deserializer<'de>,
impl Serialize for KeyStore[src]
Auto Trait Implementations
impl RefUnwindSafe for KeyStore
impl Send for KeyStore
impl Sync for KeyStore
impl Unpin for KeyStore
impl UnwindSafe for KeyStore
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized, [src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized, [src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized, [src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T[src]
impl<T> DeserializeOwned for T where
T: Deserialize<'de>, [src]
T: Deserialize<'de>,
impl<T> From<T> for T[src]
impl<T, U> Into<U> for T where
U: From<T>, [src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>, [src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>, [src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>[src]
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
V: MultiLane<T>,