[−][src]Crate radicle_keystore
radicle-keystore aims to become the sole abstraction over storage of key
material in the Radicle ecosystem.
Radicle employs two kinds of keys: ones which may leave your device (e.g.
onto an HSM), and ones that shouldn't. For the first kind, we will
eventually provide an implementation of Keystore which interfaces
directly with system keychains or hardware devices, while for the second
kind matters are a bit more complicated: we recommend to use the
file::FileStorage implementation, which stores keys in encrypted form on
the filesystem. This is to discourage (accidental) key sharing via backup or
cross-device syncing setups the user might have.
The choice of crypto::Crypto (and relatedly pinentry::Pinentry) may
however be used to store the passphrase for a key-derivation scheme (as
employed by crypto::Pwhash) in some system keychain, or offload
encryption entirely to an external system (such as GPG, or a password
manager).
Re-exports
pub use file::FileStorage; |
pub use memory::MemoryStorage; |
Modules
| crypto | |
| file | |
| memory | |
| pinentry | |
| sign |
Structs
| Keypair | Named pair of public / secret key. |
Traits
| Keystore | Abstraction over secure storage for private key material. |
| SecretKeyExt |
Type Definitions
| SecStr | Type alias for a vector that stores just bytes |