Crate radicle_keystore

radicle-keystore aims to become the sole abstraction over storage of key material in the Radicle ecosystem.

Radicle employs two kinds of keys: ones which may leave your device (e.g. onto an HSM), and ones that shouldn’t. For the first kind, we will eventually provide an implementation of Keystore which interfaces directly with system keychains or hardware devices, while for the second kind matters are a bit more complicated: we recommend to use the file::FileStorage implementation, which stores keys in encrypted form on the filesystem. This is to discourage (accidental) key sharing via backup or cross-device syncing setups the user might have.

The choice of crypto::Crypto (and relatedly pinentry::Pinentry) may however be used to store the passphrase for a key-derivation scheme (as employed by crypto::Pwhash) in some system keychain, or offload encryption entirely to an external system (such as GPG, or a password manager).

Re-exports

• pub use file::FileStorage;
• pub use memory::MemoryStorage;

Modules

• crypto
• file
• memory
• pinentry
• sign

Structs

• Keypair
  Named pair of public / secret key.

Traits

• Keystore
  Abstraction over secure storage for private key material.
• SecretKeyExt

Type Aliases

• SecStr
  Type alias for a vector that stores just bytes