[][src]Struct secret_keeper_hashivault::HashivaultKeeper

pub struct HashivaultKeeper {}

HashivaultKeeper - hashicorp vault

Implementations

impl HashivaultKeeper[src]

pub async fn new_default() -> Result<Self, Error>[src]

Constructs a new hashivault keeper with default options

pub async fn new<'_>(opt: HashivaultOptions<'_>) -> Result<Self, Error>[src]

Constructs a new hashivault keeper

pub async fn register(self) -> Result<(), Error>[src]

register with SecretKeeper so it can be discovered with SecretKeeper::for_uri

Trait Implementations

impl Create for HashivaultKeeper[src]

fn create_key<'life0, 'life1, 'life2, 'async_trait>(
    &'life0 self,
    key_name: &'life1 str,
    params: &'life2 str
) -> Pin<Box<dyn Future<Output = Result<(), Error>> + Send + 'async_trait>> where
    'life0: 'async_trait,
    'life1: 'async_trait,
    'life2: 'async_trait,
    Self: 'async_trait, [src]

Creates the key. key_name is any valid key name params are url-encoded parameters that can be created with serde_urlencoded

Params:

  • 'key_type' type of key (see vault documentation). If not specified, uses "aes256-gcm96".
  • 'token' vault auth token. If not specified, uses value from env variable VAULT_TOKEN.
  • 'addr' vault address. If not specified, uses value from env variable VAULT_ADDR.

For the code sample below to work, you need VAULT_ADDR and VAULT_TOKEN set in environment and vault server running.

use secret_keeper::keepers::Create;
use secret_keeper_hashivault::{HashivaultKeeper, HashivaultOptions};
// create 256-bit AES-GCM key in hashivault
let params = [ ("key_type", "aes256-gcm96") ];
let key_name = "my-super-secret-key";
let keeper = HashivaultKeeper::new(HashivaultOptions::defaults()).await
             .expect("hashivault constructor");
let form = serde_urlencoded::to_string(&params).expect("invalid param syntax");
let _ = keeper.create_key(key_name, &form).await.expect("create key error");

impl Debug for HashivaultKeeper[src]

impl SecretKeeper for HashivaultKeeper[src]

fn wrap<'life0, 'life1, 'life2, 'life3, 'async_trait>(
    &'life0 self,
    uri: &'life1 str,
    _nonce: &'life2 [u8],
    key: &'life3 [u8]
) -> Pin<Box<dyn Future<Output = Result<WrappedKey, Error>> + Send + 'async_trait>> where
    'life0: 'async_trait,
    'life1: 'async_trait,
    'life2: 'async_trait,
    'life3: 'async_trait,
    Self: 'async_trait, [src]

Sends key to hashicorp vault to be encrypted. key-encryption-key never leavs the Hashicorp vault. Returned encrypted key is a string

fn unwrap<'life0, 'life1, 'life2, 'async_trait>(
    &'life0 self,
    _nonce: &'life1 [u8],
    wk: &'life2 WrappedKey
) -> Pin<Box<dyn Future<Output = Result<Bytes, Error>> + Send + 'async_trait>> where
    'life0: 'async_trait,
    'life1: 'async_trait,
    'life2: 'async_trait,
    Self: 'async_trait, [src]

Sends key to hashicorp vault to be decrypted. key-encryption-key never leavs the Hashicorp vault.

fn get_scheme(&self) -> &str[src]

Returns the scheme 'hashivault'

fn as_create(&self) -> Result<&dyn Create, Error>[src]

Returns instance of Create

Auto Trait Implementations

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized[src]

impl<T> Borrow<T> for T where
    T: ?Sized[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized[src]

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, [src]

impl<T> Same<T> for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T where
    U: Into<T>, [src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, [src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.