Trait ironoxide::document::advanced::DocumentAdvancedOps
source · pub trait DocumentAdvancedOps {
// Required methods
fn document_encrypt_unmanaged<'life0, 'life1, 'async_trait>(
&'life0 self,
data: Vec<u8>,
encrypt_opts: &'life1 DocumentEncryptOpts
) -> Pin<Box<dyn Future<Output = Result<DocumentEncryptUnmanagedResult>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait;
fn document_decrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
&'life0 self,
encrypted_data: &'life1 [u8],
encrypted_deks: &'life2 [u8]
) -> Pin<Box<dyn Future<Output = Result<DocumentDecryptUnmanagedResult>> + Send + 'async_trait>>
where Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait;
}Expand description
IronOxide Advanced Document Operations
Key Terms
- EDEKs - Encrypted document encryption keys produced by unmanaged document encryption and required for unmanaged document decryption.
Required Methods§
sourcefn document_encrypt_unmanaged<'life0, 'life1, 'async_trait>(
&'life0 self,
data: Vec<u8>,
encrypt_opts: &'life1 DocumentEncryptOpts
) -> Pin<Box<dyn Future<Output = Result<DocumentEncryptUnmanagedResult>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
fn document_encrypt_unmanaged<'life0, 'life1, 'async_trait>( &'life0 self, data: Vec<u8>, encrypt_opts: &'life1 DocumentEncryptOpts ) -> Pin<Box<dyn Future<Output = Result<DocumentEncryptUnmanagedResult>> + Send + 'async_trait>>where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait,
Encrypts the provided document bytes without being managed by the IronCore service.
The webservice is still needed for looking up public keys and evaluating policies, but no document is created and the EDEKs are not stored. An additional burden is put on the caller in that both the encrypted data and the EDEKs must be provided for decryption.
Arguments
data- Bytes of the document to encryptencrypt_opts- Document encryption parameters. Default values are provided with DocumentEncryptOpts::default().
sourcefn document_decrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>(
&'life0 self,
encrypted_data: &'life1 [u8],
encrypted_deks: &'life2 [u8]
) -> Pin<Box<dyn Future<Output = Result<DocumentDecryptUnmanagedResult>> + Send + 'async_trait>>where
Self: 'async_trait,
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
fn document_decrypt_unmanaged<'life0, 'life1, 'life2, 'async_trait>( &'life0 self, encrypted_data: &'life1 [u8], encrypted_deks: &'life2 [u8] ) -> Pin<Box<dyn Future<Output = Result<DocumentDecryptUnmanagedResult>> + Send + 'async_trait>>where Self: 'async_trait, 'life0: 'async_trait, 'life1: 'async_trait, 'life2: 'async_trait,
Decrypts a document not managed by the IronCore service.
Requires the encrypted data and EDEKs returned from document_encrypt_unmanaged.
The webservice is still needed to transform a chosen EDEK so it can be decrypted by the caller’s private key.
Arguments
encrypted_data- Bytes of the encrypted documentencrypted_deks- EDEKs associated with the encrypted document