Crate ockam_vault

Expand description

In order to support a variety of cryptographically capable hardware we maintain loose coupling between our protocols and how a specific building block is invoked in a specific hardware. This is achieved using an abstract Vault trait.

A concrete implementation of the Vault trait is called an Ockam Vault. Over time, and with help from the Ockam open source community, we plan to add vaults for several TEEs, TPMs, HSMs, and Secure Enclaves.

This crate provides a software-only Vault implementation that can be used when no cryptographic hardware is available. The primary Ockam crate uses this as the default Vault implementation.

The main [Ockam][main-ockam-crate-link] has optional dependency on this crate.

Re-exports

pub use constants;
pub use traits::*;
pub use vault::*;

Modules

constants
Curve constants
storage
Storage
traits
Traits and types defining the behaviour of a Vault
vault
Default Vault implementation Core types and traits of the Ockam vault.

Structs

KeyPair
A key pair with a public key and a reference to the private key (which should be stored in a Vault)
PublicKey
A public key.
Secret
Binary representation of a Secret.
Signature
Binary representation of Signature.
StoredSecret
Stored secret: binary data + secret metadata

Enums

SecretAttributes
Attributes for secrets
SecretType
All possible SecretTypes

Type Definitions

Buffer
Buffer for large binaries. (e.g. encrypted data)
PublicKeyVec
Public Key Vector.
SecretKeyVec
Secret Key Vector.
SignatureVec
Signature Vector.
SmallBuffer
Buffer for small vectors. (e.g. an array of attributes)