Trait ironoxide::document::advanced::DocumentAdvancedOps[][src]

pub trait DocumentAdvancedOps {
    #[must_use]
    fn document_encrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
        &'life0 self, 
        data: &'life1 [u8], 
        encrypt_opts: &'life2 DocumentEncryptOpts
    ) -> Pin<Box<dyn Future<Output = Result<DocumentEncryptUnmanagedResult>> + Send + 'async_trait>>
    where
        'life0: 'async_trait,
        'life1: 'async_trait,
        'life2: 'async_trait,
        Self: 'async_trait;

    #[must_use]
    fn document_decrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
        &'life0 self, 
        encrypted_data: &'life1 [u8], 
        encrypted_deks: &'life2 [u8]
    ) -> Pin<Box<dyn Future<Output = Result<DocumentDecryptUnmanagedResult>> + Send + 'async_trait>>
    where
        'life0: 'async_trait,
        'life1: 'async_trait,
        'life2: 'async_trait,
        Self: 'async_trait;
}

IronOxide Advanced Document Operations

Key Terms

  • EDEKs - Encrypted document encryption keys produced by unmanaged document encryption and required for unmanaged document decryption.

Required methods

#[must_use]
fn document_encrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
    &'life0 self,
    data: &'life1 [u8],
    encrypt_opts: &'life2 DocumentEncryptOpts
) -> Pin<Box<dyn Future<Output = Result<DocumentEncryptUnmanagedResult>> + Send + 'async_trait>> where
    'life0: 'async_trait,
    'life1: 'async_trait,
    'life2: 'async_trait,
    Self: 'async_trait, [src]

Encrypts the provided document bytes without being managed by the IronCore service.

The webservice is still needed for looking up public keys and evaluating policies, but no document is created and the EDEKs are not stored. An additional burden is put on the caller in that both the encrypted data and the EDEKs must be provided for decryption.

Arguments

  • data - Bytes of the document to encrypt
  • encrypt_opts - Document encryption parameters. Default values are provided with DocumentEncryptOpts::default().

#[must_use]
fn document_decrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
    &'life0 self,
    encrypted_data: &'life1 [u8],
    encrypted_deks: &'life2 [u8]
) -> Pin<Box<dyn Future<Output = Result<DocumentDecryptUnmanagedResult>> + Send + 'async_trait>> where
    'life0: 'async_trait,
    'life1: 'async_trait,
    'life2: 'async_trait,
    Self: 'async_trait, [src]

Decrypts a document not managed by the IronCore service.

Requires the encrypted data and EDEKs returned from document_encrypt_unmanaged.

The webservice is still needed to transform a chosen EDEK so it can be decrypted by the caller’s private key.

Arguments

  • encrypted_data - Bytes of the encrypted document
  • encrypted_deks - EDEKs associated with the encrypted document
Loading content...

Implementors

impl DocumentAdvancedOps for IronOxide[src]

fn document_encrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
    &'life0 self,
    data: &'life1 [u8],
    encrypt_opts: &'life2 DocumentEncryptOpts
) -> Pin<Box<dyn Future<Output = Result<DocumentEncryptUnmanagedResult>> + Send + 'async_trait>> where
    'life0: 'async_trait,
    'life1: 'async_trait,
    'life2: 'async_trait,
    Self: 'async_trait, [src]

fn document_decrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
    &'life0 self,
    encrypted_data: &'life1 [u8],
    encrypted_deks: &'life2 [u8]
) -> Pin<Box<dyn Future<Output = Result<DocumentDecryptUnmanagedResult>> + Send + 'async_trait>> where
    'life0: 'async_trait,
    'life1: 'async_trait,
    'life2: 'async_trait,
    Self: 'async_trait, [src]

Loading content...