Struct matrix_sdk_crypto::secret_storage::SecretStorageKey

source · 
pub struct SecretStorageKey { /* private fields */ }
Expand description

A secret storage key which can be used to store encrypted data in the user’s account data as defined in the spec.

The secret storage key can be initialized from a passphrase or from a base58-encoded string.

To bootstrap a new SecretStorageKey, use the SecretStorageKey::new() or SecretStorageKey::new_from_passphrase() method.

After a new SecretStorageKey has been created, the info about the key needs to be uploaded to the homeserver as a global account data event. The event and event type for this can be retrieved using the SecretStorageKey::event_content() and SecretStorageKey::event_type() methods, respectively.

Examples

use matrix_sdk_crypto::secret_storage::SecretStorageKey;

// Create a new secret storage key.
let key =
    SecretStorageKey::new_from_passphrase("It's a secret to everybody");
// Retrieve the content.
let content = key.event_content();
// Now upload the content to the server and mark the new key as the default one.

// If we want to restore the secret key, we'll need to retrieve the previously uploaded global
// account data event.
let restored_key = SecretStorageKey::from_account_data(
    "It's a secret to everybody",
    content.to_owned()
);

Implementations§

source§

impl SecretStorageKey

source

pub fn new() -> Self

Create a new random SecretStorageKey.

source

pub fn new_from_passphrase(passphrase: &str) -> Self

Create a new passphrase-based SecretStorageKey.

The passphrase will be expanded into a 32-byte key using the m.pbkdf2 algorithm described in the spec.

source

pub fn from_account_data( input: &str, content: SecretStorageKeyEventContent ) -> Result<Self, DecodeError>

Restore a SecretStorageKey from the given input and the description of the key.

The [SecretStorageKeyEventContent] will contain the description of the SecretStorageKey. The constructor will check if the provided input string matches to the description.

The input can be a passphrase or a Base58 export of the SecretStorageKey.

source

pub fn to_base58(&self) -> String

Export the SecretStorageKey as a base58-encoded string as defined in the spec.

Note: This returns a copy of the private key material of the SecretStorageKey as a string. The caller needs to ensure that this string is zeroized.

source

pub fn encrypt( &self, plaintext: Vec<u8>, secret_name: &SecretName ) -> AesHmacSha2EncryptedData

Encrypt a given secret string as a Secrets Storage secret with the given secret name.

Examples
use matrix_sdk_crypto::secret_storage::SecretStorageKey;
use ruma::events::secret::request::SecretName;

let key = SecretStorageKey::new();
let secret = "It's a secret to everybody";
let secret_name = SecretName::from("my-secret");

let encrypted_data = key.encrypt(secret.as_bytes().to_vec(), &secret_name);

let decrypted = key.decrypt(&encrypted_data, &secret_name)?;

assert_eq!(secret.as_bytes(), decrypted);
source

pub fn decrypt( &self, data: &AesHmacSha2EncryptedData, secret_name: &SecretName ) -> Result<Vec<u8>, MacError>

Decrypt the given AesHmacSha2EncryptedData containing a secret with the given secret name.

source

pub fn event_content(&self) -> &SecretStorageKeyEventContent

The info about the SecretStorageKey formatted as a [SecretStorageKeyEventContent].

The [SecretStorageKeyEventContent] contains information about the secret storage key. This information can be used to determine whether the secret the user has entered is a valid secret for unlocking the Secrets Storage (i.e. a valid SecretStorageKey).

source

pub fn key_id(&self) -> &str

The unique ID of this SecretStorageKey.

source

pub fn event_type(&self) -> GlobalAccountDataEventType

The event type of this SecretStorageKey.

Can be used when uploading the key info as a [SecretStorageKeyEventContent] to the homeserver.

The type is equal to the concatenation of the string "m.secret_storage.key." and the key ID from the SecretStorageKey::key_id() method.

Trait Implementations§

source§

impl Debug for SecretStorageKey

Available on non-tarpaulin_include only.
source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Drop for SecretStorageKey

source§

fn drop(&mut self)

Executes the destructor for this type. Read more
source§

impl Zeroize for SecretStorageKey

source§

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, W> HasTypeWitness<W> for T
where W: MakeTypeWitness<Arg = T>, T: ?Sized,

§

const WITNESS: W = W::MAKE

A constant of the type witness
§

impl<T> Identity for T
where T: ?Sized,

§

type Type = T

The same type as Self, used to emulate type equality bounds (T == U) with associated type equality constraints (T: Identity<Type = U>).
§

const TYPE_EQ: TypeEq<T, <T as Identity>::Type> = TypeEq::NEW

Proof that Self is the same type as Self::Type, provides methods for casting between Self and Self::Type.
source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> AsyncTraitDeps for T
where T: Debug + SendOutsideWasm + SyncOutsideWasm,

source§

impl<T> SendOutsideWasm for T
where T: Send,

source§

impl<T> SyncOutsideWasm for T
where T: Sync,