Struct ockam_vault::Vault

source · 
pub struct Vault { /* private fields */ }
Expand description

Vault implementation that stores secrets in memory and uses software crypto.

Examples

use ockam_vault::Vault;
use ockam_core::Result;
use ockam_core::vault::{SecretAttributes, SecretType, SecretPersistence, CURVE25519_SECRET_LENGTH_U32, SecretVault, Signer, Verifier};

async fn example() -> Result<()> {
    let mut vault = Vault::default();

    let mut attributes = SecretAttributes::new(
        SecretType::X25519,
        SecretPersistence::Ephemeral,
        CURVE25519_SECRET_LENGTH_U32,
    );

    let secret = vault.secret_generate(attributes).await?;
    let public = vault.secret_public_key_get(&secret).await?;

    let data = "Very important stuff".as_bytes();

    let signature = vault.sign(&secret, data).await?;
    assert!(vault.verify(&signature, &public, data).await?);

    Ok(())
}

Implementations§

Validate secret key.

Create a new SoftwareVault

Same as Vault::new()

Trait Implementations§

Compute Elliptic-Curve Diffie-Hellman using this secret key and the specified uncompressed public key.
Compute and return the KeyId for a given public key.
Returns a copy of the value. Read more
Performs copy-assignment from source. Read more
Returns the “default value” for a type. Read more

Compute sha256. Salt and Ikm should be of Buffer type. Output secrets should be only of type Buffer or AES

Compute the SHA-256 digest given input data.

Generate fresh secret. Only Curve25519 and Buffer types are supported

Extract public key from secret. Only Curve25519 type is supported

Remove secret from memory

Import a secret with the given attributes from binary form into the vault.
Export a secret key to the binary form represented as [SecretKey].
Return the attributes for a secret.

Sign data.

Encrypt a payload using AES-GCM.
Decrypt a payload using AES-GCM.

Verify signature

Auto Trait Implementations§

Blanket Implementations§

Gets the TypeId of self. Read more
Try cloning a object and return an Err in case of failure.
Immutably borrows from an owned value. Read more
Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Instruments this type with the current Span, returning an Instrumented wrapper. Read more

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Should always be Self
The resulting type after obtaining ownership.
Creates owned data from borrowed data, usually by cloning. Read more
Uses borrowed data to replace owned data, usually by cloning. Read more
The type returned in the event of a conversion error.
Performs the conversion.
The type returned in the event of a conversion error.
Performs the conversion.
Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more