Crate redact_crypto[−][src]
Expand description
redact-crypto
The redact-crypto
crate contains all of the interfaces, data structures,
and abstractions necessary to work with cryptographic primitives.
Namely, it uses a high-levelKey
struct which contains a KeySource and a KeyExecutor
.
A KeyExecutor
represents a chunk of logic which is capable of ingesting a KeySource
and
plaintext or ciphertext and perform cryptographic operations on it. A KeySource
contains
the data and logic to interact with a secret key, whether symmetric or asymmetric.
Currently, the only KeySource
supported is a Bytes
-type source. These are sources that
can be deserialized into a raw byte array, and that byte array then used for encryption/
decryption/signing operations. In the future, other, non-Byte
key sources will be
implemented to, for example, support the use of hardware key sources where the actual value
of the key cannot be retrieved.
It also contains implementations of the storage interface for storing and retrieving redact keys with a variety of sources.
File directory:
- lib.rs: exports root-level public types from otherwise private submodules
- keys.rs: all the structs and traits for representing symmetric and asymmetric keys
- error.rs: custom errors that can arise from various key and key field operations
- key_sources.rs: all the structs for representing various types of key sourceso
- storage.rs: trait for a data type that stores
Key
- storage/error.rs: error types for the storage abstractions
- storage/mongodb.rs: storage implentation for mongodb
- storage/redact.rs: storage implementation for a redact-store server
Re-exports
pub use storage::error::StorageError; | |
pub use storage::mongodb::MongoKeyStorer; | |
pub use storage::redact::RedactKeyStorer; | |
pub use storage::KeyStorer; |
Modules
storage |
Structs
Key | The highest-level |
KeyCollection | Returned when requesting more than one |