encrypted-message 0.3.0

Safely encrypt & store serializable data using AES-256-GCM.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39

//! Contains the [`Config`] trait used to define the configuration for an [`EncryptedMessage`](crate::EncryptedMessage).

use std::fmt::Debug;

pub use secrecy::{Secret, ExposeSecret};

/// A trait to define the configuration for an [`EncryptedMessage`](crate::EncryptedMessage).
/// This allows you to effectively define different keys for different kinds of data if needed.
pub trait Config: Debug {
    type Strategy: crate::strategy::Strategy;

    /// Returns a list of keys to use for encryption.
    ///
    /// The first key is considered the primary key, & is always used for encryption.
    /// The next keys are used in the order provided when the primary key can't decrypt
    /// an [`EncryptedMessage`](crate::EncryptedMessage). This allows for key rotation.
    fn keys(&self) -> Vec<Secret<[u8; 32]>>;

    /// Returns the primary key, which is the first key in [`Config::keys`].
    fn primary_key(&self) -> Secret<[u8; 32]> {
        let mut keys = self.keys();
        assert!(!keys.is_empty(), "Must provide at least one key.");

        keys.remove(0)
    }
}

#[cfg(test)]
mod tests {
    use super::*;

    use crate::testing::TestConfigRandomized as TestConfig;

    #[test]
    fn primary_key_returns_first_key() {
        let config = TestConfig;
        assert_eq!(config.primary_key().expose_secret(), config.keys()[0].expose_secret());
    }
}