Struct lair_keystore_api::lair_client::LairClient
source · pub struct LairClient(pub Arc<dyn AsLairClient>);
Expand description
A lair keystore client handle. Use this to make requests of the keystore.
Tuple Fields§
§0: Arc<dyn AsLairClient>
Implementations§
source§impl LairClient
impl LairClient
sourcepub fn get_enc_ctx_key(&self) -> BufReadSized<32>
pub fn get_enc_ctx_key(&self) -> BufReadSized<32>
Return the encryption context key for passphrases, etc.
sourcepub fn get_dec_ctx_key(&self) -> BufReadSized<32>
pub fn get_dec_ctx_key(&self) -> BufReadSized<32>
Return the decryption context key for passphrases, etc.
sourcepub fn shutdown(&self) -> impl Future<Output = LairResult<()>> + 'static + Send
pub fn shutdown(&self) -> impl Future<Output = LairResult<()>> + 'static + Send
Shutdown the client connection.
sourcepub fn request<R: AsLairRequest>(
&self,
request: R
) -> impl Future<Output = LairResult<R::Response>> + 'static + Send
pub fn request<R: AsLairRequest>( &self, request: R ) -> impl Future<Output = LairResult<R::Response>> + 'static + Send
Handle a generic lair client request.
sourcepub fn hello(
&self,
expected_server_pub_key: BinDataSized<32>
) -> impl Future<Output = LairResult<Arc<str>>> + 'static + Send
pub fn hello( &self, expected_server_pub_key: BinDataSized<32> ) -> impl Future<Output = LairResult<Arc<str>>> + 'static + Send
Send the hello message to establish server authenticity. Check with your implementation before invoking this… it likely handles this for you in its constructor.
sourcepub fn unlock(
&self,
passphrase: BufRead
) -> impl Future<Output = LairResult<()>> + 'static + Send
pub fn unlock( &self, passphrase: BufRead ) -> impl Future<Output = LairResult<()>> + 'static + Send
Send the unlock request to unlock / communicate with the server. (this verifies client authenticity) Check with your implementation before invoking this… it likely handles this for you in its constructor.
sourcepub fn list_entries(
&self
) -> impl Future<Output = LairResult<Vec<LairEntryInfo>>> + 'static + Send
pub fn list_entries( &self ) -> impl Future<Output = LairResult<Vec<LairEntryInfo>>> + 'static + Send
Request a list of entries from lair.
sourcepub fn get_entry(
&self,
tag: Arc<str>
) -> impl Future<Output = LairResult<LairEntryInfo>> + 'static + Send
pub fn get_entry( &self, tag: Arc<str> ) -> impl Future<Output = LairResult<LairEntryInfo>> + 'static + Send
Return the EntryInfo for a given tag, or error if no such tag.
sourcepub fn new_seed(
&self,
tag: Arc<str>,
deep_lock_passphrase: Option<BufRead>,
exportable: bool
) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send
pub fn new_seed( &self, tag: Arc<str>, deep_lock_passphrase: Option<BufRead>, exportable: bool ) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send
Instruct lair to generate a new seed from cryptographically secure random data with given tag. If the seed should be deeply locked, supply the deep_lock_passphrase as well. Respects hc_seed_bundle::PwHashLimits.
sourcepub fn export_seed_by_tag(
&self,
tag: Arc<str>,
sender_pub_key: X25519PubKey,
recipient_pub_key: X25519PubKey,
deep_lock_passphrase: Option<BufRead>
) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send
pub fn export_seed_by_tag( &self, tag: Arc<str>, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead> ) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send
Export seeds (that are marked “exportable”) by using the x25519xsalsa20poly1305 “crypto_box” algorithm.
sourcepub fn import_seed(
&self,
sender_pub_key: X25519PubKey,
recipient_pub_key: X25519PubKey,
deep_lock_passphrase: Option<BufRead>,
nonce: [u8; 24],
cipher: Arc<[u8]>,
tag: Arc<str>,
exportable: bool
) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send
pub fn import_seed( &self, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead>, nonce: [u8; 24], cipher: Arc<[u8]>, tag: Arc<str>, exportable: bool ) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send
Import a seed encrypted via x25519xsalsa20poly1305 secretbox. Note it is 100% valid to co-opt this function to allow importing seeds that have been generated via custom algorithms, but you take responsibility for those security concerns. Respects hc_seed_bundle::PwHashLimits.
sourcepub fn derive_seed(
&self,
src_tag: Arc<str>,
src_deep_lock_passphrase: Option<BufRead>,
dst_tag: Arc<str>,
dst_deep_lock_passphrase: Option<BufRead>,
derivation_path: Box<[u32]>
) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send
pub fn derive_seed( &self, src_tag: Arc<str>, src_deep_lock_passphrase: Option<BufRead>, dst_tag: Arc<str>, dst_deep_lock_passphrase: Option<BufRead>, derivation_path: Box<[u32]> ) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send
Derive a pre-existing key identified by given src_tag, with given derivation path, storing the final resulting sub-seed with the given dst_tag. Respects hc_seed_bundle::PwHashLimits.
sourcepub fn sign_by_pub_key(
&self,
pub_key: Ed25519PubKey,
deep_lock_passphrase: Option<BufRead>,
data: Arc<[u8]>
) -> impl Future<Output = LairResult<Ed25519Signature>> + 'static + Send
pub fn sign_by_pub_key( &self, pub_key: Ed25519PubKey, deep_lock_passphrase: Option<BufRead>, data: Arc<[u8]> ) -> impl Future<Output = LairResult<Ed25519Signature>> + 'static + Send
Generate a signature for given data, with the ed25519 keypair derived from seed identified by the given ed25519 pubkey.
sourcepub fn crypto_box_xsalsa_by_pub_key(
&self,
sender_pub_key: X25519PubKey,
recipient_pub_key: X25519PubKey,
deep_lock_passphrase: Option<BufRead>,
data: Arc<[u8]>
) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send
pub fn crypto_box_xsalsa_by_pub_key( &self, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead>, data: Arc<[u8]> ) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send
Encrypt data for a target recipient using the x25519xsalsa20poly1305 “crypto_box” algorithm.
sourcepub fn crypto_box_xsalsa_open_by_pub_key(
&self,
sender_pub_key: X25519PubKey,
recipient_pub_key: X25519PubKey,
deep_lock_passphrase: Option<BufRead>,
nonce: [u8; 24],
cipher: Arc<[u8]>
) -> impl Future<Output = LairResult<Arc<[u8]>>> + 'static + Send
pub fn crypto_box_xsalsa_open_by_pub_key( &self, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead>, nonce: [u8; 24], cipher: Arc<[u8]> ) -> impl Future<Output = LairResult<Arc<[u8]>>> + 'static + Send
Decrypt data from a target sender using the x25519xsalsa20poly1305 “crypto_box_open” algorithm.
sourcepub fn crypto_box_xsalsa_by_sign_pub_key(
&self,
sender_pub_key: Ed25519PubKey,
recipient_pub_key: Ed25519PubKey,
deep_lock_passphrase: Option<BufRead>,
data: Arc<[u8]>
) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send
pub fn crypto_box_xsalsa_by_sign_pub_key( &self, sender_pub_key: Ed25519PubKey, recipient_pub_key: Ed25519PubKey, deep_lock_passphrase: Option<BufRead>, data: Arc<[u8]> ) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send
Encrypt data for a target recipient using the x25519xsalsa20poly1305 “crypto_box” algorithm. WARNING: This function actually translates the ed25519 signing keys into encryption keys. Please understand the downsides of doing this before using this function: https://doc.libsodium.org/advanced/ed25519-curve25519
sourcepub fn crypto_box_xsalsa_open_by_sign_pub_key(
&self,
sender_pub_key: Ed25519PubKey,
recipient_pub_key: Ed25519PubKey,
deep_lock_passphrase: Option<BufRead>,
nonce: [u8; 24],
cipher: Arc<[u8]>
) -> impl Future<Output = LairResult<Arc<[u8]>>> + 'static + Send
pub fn crypto_box_xsalsa_open_by_sign_pub_key( &self, sender_pub_key: Ed25519PubKey, recipient_pub_key: Ed25519PubKey, deep_lock_passphrase: Option<BufRead>, nonce: [u8; 24], cipher: Arc<[u8]> ) -> impl Future<Output = LairResult<Arc<[u8]>>> + 'static + Send
Decrypt data from a target sender using the x25519xsalsa20poly1305 “crypto_box_open” algorithm. WARNING: This function actually translates the ed25519 signing keys into encryption keys. Please understand the downsides of doing this before using this function: https://doc.libsodium.org/advanced/ed25519-curve25519
sourcepub fn new_wka_tls_cert(
&self,
tag: Arc<str>
) -> impl Future<Output = LairResult<CertInfo>> + 'static + Send
pub fn new_wka_tls_cert( &self, tag: Arc<str> ) -> impl Future<Output = LairResult<CertInfo>> + 'static + Send
Instruct lair to generate a new well-known-authority signed TLS cert. This is a lot like a self-signed certificate, but slightly easier to work with in that it allows registering a single well-known-authority as a certificate authority which will respect multiple certs.
sourcepub fn get_wka_tls_cert_priv_key(
&self,
tag: Arc<str>
) -> impl Future<Output = LairResult<BufRead>> + 'static + Send
pub fn get_wka_tls_cert_priv_key( &self, tag: Arc<str> ) -> impl Future<Output = LairResult<BufRead>> + 'static + Send
Fetch the private key associated with a wka_tls_cert entry. Will error if the entry specified by ‘tag’ is not a wka_tls_cert.
Trait Implementations§
source§impl Clone for LairClient
impl Clone for LairClient
source§fn clone(&self) -> LairClient
fn clone(&self) -> LairClient
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read more