1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
use ockam_core::compat::vec::Vec;
/// Implementation-specific arbitrary vector of bytes that allows a concrete Vault implementation
/// to address a specific secret that it stores.
#[derive(Debug, Clone, Ord, PartialOrd, Eq, PartialEq)]
pub struct HandleToSecret(Vec<u8>);
impl HandleToSecret {
/// Constructor.
pub fn new(value: Vec<u8>) -> Self {
Self(value)
}
/// Get value.
pub fn value(&self) -> &Vec<u8> {
&self.0
}
/// Take value.
pub fn take_value(self) -> Vec<u8> {
self.0
}
}
/// A handle to signing secret key inside a vault.
#[derive(Debug, Clone, Ord, PartialOrd, Eq, PartialEq)]
pub enum SigningSecretKeyHandle {
/// Curve25519 key that is only used for EdDSA signatures.
EdDSACurve25519(HandleToSecret),
/// Curve P-256 key that is only used for ECDSA SHA256 signatures.
ECDSASHA256CurveP256(HandleToSecret),
}
impl SigningSecretKeyHandle {
/// [`HandleToSecret`]
pub fn handle(&self) -> &HandleToSecret {
match self {
SigningSecretKeyHandle::EdDSACurve25519(handle) => handle,
SigningSecretKeyHandle::ECDSASHA256CurveP256(handle) => handle,
}
}
}
/// Key type for Signing. See [`super::signatures::Signature`].
#[derive(Debug, Eq, PartialEq)]
pub enum SigningKeyType {
/// See [`super::signatures::EdDSACurve25519Signature`]
EdDSACurve25519,
/// See [`super::signatures::ECDSASHA256CurveP256Signature`]
ECDSASHA256CurveP256,
}
/// A handle to a X25519 Secret Key.
#[derive(Debug, Clone, Ord, PartialOrd, Eq, PartialEq)]
pub struct X25519SecretKeyHandle(pub HandleToSecret);
/// A handle to a secret Buffer (like an HKDF output).
#[derive(Debug, Clone, Ord, PartialOrd, Eq, PartialEq)]
pub struct SecretBufferHandle(pub HandleToSecret);