Struct fog_crypto::lock::LockKey
source · pub struct LockKey { /* private fields */ }
Expand description
A key that allows decrypting data meant for a particular LockId
.
This acts as a wrapper for a specific cryptographic private decryption key,
Example
// Make a new temporary key
let key = LockKey::new();
let id = key.id().clone();
println!("LockId(Base58): {}", key.id());
// ...
// Wait for encrypted data to show up
// ...
// Decrypt Some received data
let lockbox = DataLockboxRef::from_bytes(received.as_ref())?;
let data = key.decrypt_data(&lockbox)?;
Implementations§
source§impl LockKey
impl LockKey
sourcepub fn from_interface(interface: Arc<dyn LockInterface>) -> Self
pub fn from_interface(interface: Arc<dyn LockInterface>) -> Self
Create a new LockKey
to hold a LockInterface
implementation. Can be used by implementors of
a vault when making new LockKey
instances.
sourcepub fn with_rng<R>(csprng: &mut R) -> LockKeywhere
R: CryptoRng + RngCore,
pub fn with_rng<R>(csprng: &mut R) -> LockKeywhere R: CryptoRng + RngCore,
Generate a temporary LockKey
that exists only in program memory, using
the provided cryptographic RNG.
sourcepub fn with_rng_and_version<R>(
csprng: &mut R,
version: u8
) -> Result<LockKey, CryptoError>where
R: CryptoRng + RngCore,
pub fn with_rng_and_version<R>( csprng: &mut R, version: u8 ) -> Result<LockKey, CryptoError>where R: CryptoRng + RngCore,
Generate a temporary LockKey
that exists only in program memory. Uses the specified
version instead of the default, and fails if the version is unsupported.
sourcepub fn decrypt_lock_key(
&self,
lockbox: &LockLockboxRef
) -> Result<LockKey, CryptoError>
pub fn decrypt_lock_key( &self, lockbox: &LockLockboxRef ) -> Result<LockKey, CryptoError>
Attempt to decrypt a LockLockboxRef
with this key. On success, the returned LockKey
is
temporary and not associated with any Vault.
sourcepub fn decrypt_identity_key(
&self,
lockbox: &IdentityLockboxRef
) -> Result<IdentityKey, CryptoError>
pub fn decrypt_identity_key( &self, lockbox: &IdentityLockboxRef ) -> Result<IdentityKey, CryptoError>
Attempt to decrypt a IdentityLockboxRef
with this key. On success, the returned
IdentityKey
is temporary and not associated with any Vault.
sourcepub fn decrypt_stream_key(
&self,
lockbox: &StreamLockboxRef
) -> Result<StreamKey, CryptoError>
pub fn decrypt_stream_key( &self, lockbox: &StreamLockboxRef ) -> Result<StreamKey, CryptoError>
Attempt to decrypt a StreamLockboxRef
with this key. On success, the returned
StreamKey
is temporary and not associated with any Vault.
sourcepub fn decrypt_data(
&self,
lockbox: &DataLockboxRef
) -> Result<Vec<u8>, CryptoError>
pub fn decrypt_data( &self, lockbox: &DataLockboxRef ) -> Result<Vec<u8>, CryptoError>
Attempt to decrypt a DataLockboxRef
with this key.
sourcepub fn export_for_lock(&self, lock: &LockId) -> Option<LockLockbox>
pub fn export_for_lock(&self, lock: &LockId) -> Option<LockLockbox>
Export the signing key in a LockLockbox
, with receive_lock
as the recipient. If
the key cannot be exported, this should return None.
sourcepub fn export_for_lock_with_rng<R: CryptoRng + RngCore>(
&self,
csprng: &mut R,
lock: &LockId
) -> Option<LockLockbox>
pub fn export_for_lock_with_rng<R: CryptoRng + RngCore>( &self, csprng: &mut R, lock: &LockId ) -> Option<LockLockbox>
Export the signing key in an LockLockbox
, with receive_lock
as the recipient. If
the key cannot be exported, this should return None.
sourcepub fn export_for_stream(&self, stream: &StreamKey) -> Option<LockLockbox>
pub fn export_for_stream(&self, stream: &StreamKey) -> Option<LockLockbox>
Export the private key in a LockLockbox
, with receive_stream
as the recipient. If
the key cannot be exported, this should return None. Additionally, if the underlying
implementation does not allow moving the raw key into memory (i.e. it cannot call
StreamInterface::encrypt
or
lock_id_encrypt
) then None can also be returned.
sourcepub fn export_for_stream_with_rng<R: CryptoRng + RngCore>(
&self,
csprng: &mut R,
stream: &StreamKey
) -> Option<LockLockbox>
pub fn export_for_stream_with_rng<R: CryptoRng + RngCore>( &self, csprng: &mut R, stream: &StreamKey ) -> Option<LockLockbox>
Export the private key in a LockLockbox
, with receive_stream
as the recipient. If
the key cannot be exported, this should return None. Additionally, if the underlying
implementation does not allow moving the raw key into memory (i.e. it cannot call
StreamInterface::encrypt
or
lock_id_encrypt
) then None can also be returned.