Skip to main content

EncryptorHandle

hardware_enclave::encryption

Struct EncryptorHandle 

Source 
pub struct EncryptorHandle { /* private fields */ }
Expand description

Handle to an encryption backend. Supports per-label multi-key operations. Obtained from create_encryptor().

Implementations§

Source§

impl EncryptorHandle

Source

pub fn generate_key(&self, label: &str, policy: AccessPolicy) -> Result<Vec<u8>>

Generate a new P-256 encryption key with the given label and policy. Returns the uncompressed SEC1 public key (0x04 || X || Y, 65 bytes).

Source

pub fn public_key(&self, label: &str) -> Result<Vec<u8>>

Return the uncompressed SEC1 public key for an existing encryption key.

Source

pub fn encrypt(&self, label: &str, plaintext: &[u8]) -> Result<Vec<u8>>

ECIES encrypt plaintext using the named key.

Wire format: [0x01 version][65B ephemeral pubkey][12B nonce][ciphertext][16B GCM tag].

§Errors
Source

pub fn decrypt( &self, label: &str, ciphertext: &[u8], ) -> Result<Zeroizing<Vec<u8>>>

ECIES decrypt ciphertext using the named key.

Returns plaintext in a Zeroizing wrapper that scrubs the buffer on drop.

§Errors
Source

pub fn list_keys(&self) -> Result<Vec<KeyInfo>>

List all encryption keys managed by this backend.

For each label, fetches the public key. Labels whose public key cannot be retrieved (transient error, key deleted between list and fetch) are silently skipped.

Source

pub fn delete_key(&self, label: &str) -> Result<()>

Delete the encryption key with the given label.

Source

pub fn key_exists(&self, label: &str) -> Result<bool>

Return whether an encryption key with the given label exists.

Source

pub fn rename_key(&self, old_label: &str, new_label: &str) -> Result<()>

Rename (move) an encryption key from old_label to new_label.

Source

pub fn backend_kind(&self) -> BackendKind

Which backend is in use.

Trait Implementations§

Source§

impl Debug for EncryptorHandle

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more