encrypted_message/config.rs
1//! Contains the [`Config`] trait used to define the configuration for an [`EncryptedMessage`](crate::EncryptedMessage).
2
3use std::fmt::Debug;
4
5pub use secrecy::{Secret, ExposeSecret};
6
7/// A trait to define the configuration for an [`EncryptedMessage`](crate::EncryptedMessage).
8/// This allows you to effectively define different keys for different kinds of data if needed.
9pub trait Config: Debug {
10 type Strategy: crate::strategy::Strategy;
11
12 /// Returns a list of keys to use for encryption.
13 ///
14 /// The first key is considered the primary key, & is always used for encryption.
15 /// The next keys are used in the order provided when the primary key can't decrypt
16 /// an [`EncryptedMessage`](crate::EncryptedMessage). This allows for key rotation.
17 fn keys(&self) -> Vec<Secret<[u8; 32]>>;
18
19 /// Returns the primary key, which is the first key in [`Config::keys`].
20 fn primary_key(&self) -> Secret<[u8; 32]> {
21 let mut keys = self.keys();
22 assert!(!keys.is_empty(), "Must provide at least one key.");
23
24 keys.remove(0)
25 }
26}
27
28#[cfg(test)]
29mod tests {
30 use super::*;
31
32 use crate::testing::TestConfigRandomized as TestConfig;
33
34 #[test]
35 fn primary_key_returns_first_key() {
36 let config = TestConfig;
37 assert_eq!(config.primary_key().expose_secret(), config.keys()[0].expose_secret());
38 }
39}