1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
pub
pub
pub
/// Encryption provider — abstracts the encryption operations needed
/// by [`EncryptedBlobStore`](store::EncryptedBlobStore).
///
/// This trait allows the blob store to work with any encryption backend
/// that supports detached-header stream encryption.
///
/// For full documentation see the
/// [Encryption guide](https://github.com/cz-jcode/xtax/blob/main/crates/xtax-blob-storage/docs/encryption.md).
///
/// # Example (custom provider)
///
/// ```rust,no_run
/// use async_trait::async_trait;
/// use tokio::io::{AsyncRead, AsyncWrite, AsyncWriteExt, AsyncReadExt};
/// use xtax_encryption::{EncryptionProvider, EncryptionResult};
///
/// struct NoopEncryption;
///
/// #[async_trait]
/// impl EncryptionProvider for NoopEncryption {
/// async fn encrypt_stream(
/// &self,
/// input: &mut (dyn AsyncRead + Send + Unpin),
/// output: &mut (dyn AsyncWrite + Send + Unpin),
/// ) -> EncryptionResult<Vec<u8>> {
/// let mut buf = Vec::new();
/// input.read_to_end(&mut buf).await.unwrap();
/// output.write_all(&buf).await.unwrap();
/// Ok(vec![])
/// }
///
/// async fn decrypt_stream(
/// &self,
/// input: &mut (dyn AsyncRead + Send + Unpin),
/// output: &mut (dyn AsyncWrite + Send + Unpin),
/// _header_bytes: &[u8],
/// ) -> EncryptionResult<()> {
/// let mut buf = Vec::new();
/// input.read_to_end(&mut buf).await.unwrap();
/// output.write_all(&buf).await.unwrap();
/// Ok(())
/// }
///
/// async fn rekey_header(&self, _header_bytes: &[u8]) -> EncryptionResult<Option<Vec<u8>>> {
/// Ok(None)
/// }
/// }
/// ```
pub use ;