Struct lair_keystore_api::lair_client::LairClient

source · 
pub struct LairClient(pub Arc<dyn AsLairClient>);
Expand description

A lair keystore client handle. Use this to make requests of the keystore.

Tuple Fields§

§0: Arc<dyn AsLairClient>

Implementations§

source§

impl LairClient

source

pub fn get_enc_ctx_key(&self) -> BufReadSized<32>

Return the encryption context key for passphrases, etc.

source

pub fn get_dec_ctx_key(&self) -> BufReadSized<32>

Return the decryption context key for passphrases, etc.

source

pub fn shutdown(&self) -> impl Future<Output = LairResult<()>> + 'static + Send

Shutdown the client connection.

source

pub fn request<R: AsLairRequest>( &self, request: R ) -> impl Future<Output = LairResult<R::Response>> + 'static + Send
where OneErr: From<<<R as AsLairRequest>::Response as TryFrom<LairApiEnum>>::Error>,

Handle a generic lair client request.

source

pub fn hello( &self, expected_server_pub_key: BinDataSized<32> ) -> impl Future<Output = LairResult<Arc<str>>> + 'static + Send

Send the hello message to establish server authenticity. Check with your implementation before invoking this… it likely handles this for you in its constructor.

source

pub fn unlock( &self, passphrase: BufRead ) -> impl Future<Output = LairResult<()>> + 'static + Send

Send the unlock request to unlock / communicate with the server. (this verifies client authenticity) Check with your implementation before invoking this… it likely handles this for you in its constructor.

source

pub fn list_entries( &self ) -> impl Future<Output = LairResult<Vec<LairEntryInfo>>> + 'static + Send

Request a list of entries from lair.

source

pub fn get_entry( &self, tag: Arc<str> ) -> impl Future<Output = LairResult<LairEntryInfo>> + 'static + Send

Return the EntryInfo for a given tag, or error if no such tag.

source

pub fn new_seed( &self, tag: Arc<str>, deep_lock_passphrase: Option<BufRead>, exportable: bool ) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send

Instruct lair to generate a new seed from cryptographically secure random data with given tag. If the seed should be deeply locked, supply the deep_lock_passphrase as well. Respects hc_seed_bundle::PwHashLimits.

source

pub fn export_seed_by_tag( &self, tag: Arc<str>, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead> ) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send

Export seeds (that are marked “exportable”) by using the x25519xsalsa20poly1305 “crypto_box” algorithm.

source

pub fn import_seed( &self, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead>, nonce: [u8; 24], cipher: Arc<[u8]>, tag: Arc<str>, exportable: bool ) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send

Import a seed encrypted via x25519xsalsa20poly1305 secretbox. Note it is 100% valid to co-opt this function to allow importing seeds that have been generated via custom algorithms, but you take responsibility for those security concerns. Respects hc_seed_bundle::PwHashLimits.

source

pub fn derive_seed( &self, src_tag: Arc<str>, src_deep_lock_passphrase: Option<BufRead>, dst_tag: Arc<str>, dst_deep_lock_passphrase: Option<BufRead>, derivation_path: Box<[u32]> ) -> impl Future<Output = LairResult<SeedInfo>> + 'static + Send

Derive a pre-existing key identified by given src_tag, with given derivation path, storing the final resulting sub-seed with the given dst_tag. Respects hc_seed_bundle::PwHashLimits.

source

pub fn sign_by_pub_key( &self, pub_key: Ed25519PubKey, deep_lock_passphrase: Option<BufRead>, data: Arc<[u8]> ) -> impl Future<Output = LairResult<Ed25519Signature>> + 'static + Send

Generate a signature for given data, with the ed25519 keypair derived from seed identified by the given ed25519 pubkey.

source

pub fn crypto_box_xsalsa_by_pub_key( &self, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead>, data: Arc<[u8]> ) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send

Encrypt data for a target recipient using the x25519xsalsa20poly1305 “crypto_box” algorithm.

source

pub fn crypto_box_xsalsa_open_by_pub_key( &self, sender_pub_key: X25519PubKey, recipient_pub_key: X25519PubKey, deep_lock_passphrase: Option<BufRead>, nonce: [u8; 24], cipher: Arc<[u8]> ) -> impl Future<Output = LairResult<Arc<[u8]>>> + 'static + Send

Decrypt data from a target sender using the x25519xsalsa20poly1305 “crypto_box_open” algorithm.

source

pub fn crypto_box_xsalsa_by_sign_pub_key( &self, sender_pub_key: Ed25519PubKey, recipient_pub_key: Ed25519PubKey, deep_lock_passphrase: Option<BufRead>, data: Arc<[u8]> ) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send

Encrypt data for a target recipient using the x25519xsalsa20poly1305 “crypto_box” algorithm. WARNING: This function actually translates the ed25519 signing keys into encryption keys. Please understand the downsides of doing this before using this function: https://doc.libsodium.org/advanced/ed25519-curve25519

source

pub fn crypto_box_xsalsa_open_by_sign_pub_key( &self, sender_pub_key: Ed25519PubKey, recipient_pub_key: Ed25519PubKey, deep_lock_passphrase: Option<BufRead>, nonce: [u8; 24], cipher: Arc<[u8]> ) -> impl Future<Output = LairResult<Arc<[u8]>>> + 'static + Send

Decrypt data from a target sender using the x25519xsalsa20poly1305 “crypto_box_open” algorithm. WARNING: This function actually translates the ed25519 signing keys into encryption keys. Please understand the downsides of doing this before using this function: https://doc.libsodium.org/advanced/ed25519-curve25519

source

pub fn new_wka_tls_cert( &self, tag: Arc<str> ) -> impl Future<Output = LairResult<CertInfo>> + 'static + Send

Instruct lair to generate a new well-known-authority signed TLS cert. This is a lot like a self-signed certificate, but slightly easier to work with in that it allows registering a single well-known-authority as a certificate authority which will respect multiple certs.

source

pub fn get_wka_tls_cert_priv_key( &self, tag: Arc<str> ) -> impl Future<Output = LairResult<BufRead>> + 'static + Send

Fetch the private key associated with a wka_tls_cert entry. Will error if the entry specified by ‘tag’ is not a wka_tls_cert.

source

pub fn secretbox_xsalsa_by_tag( &self, tag: Arc<str>, deep_lock_passphrase: Option<BufRead>, data: Arc<[u8]> ) -> impl Future<Output = LairResult<([u8; 24], Arc<[u8]>)>> + 'static + Send

Shared secret encryption using the libsodium xsalsa20poly1305 “secretbox” algorithm.

source

pub fn secretbox_xsalsa_open_by_tag( &self, tag: Arc<str>, deep_lock_passphrase: Option<BufRead>, nonce: [u8; 24], cipher: Arc<[u8]> ) -> impl Future<Output = LairResult<Arc<[u8]>>> + 'static + Send

Shared secret decryption using the libsodium xsalsa20poly1305 “secretbox_open” algorithm.

Trait Implementations§

source§

impl Clone for LairClient

source§

fn clone(&self) -> LairClient

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more