[−][src]Struct secret_keeper::keepers::env::EnvKeeper
EnvKeeper generates encryption key from a passphrase in environment variable.
The passphrase from the environment is combined wih a nonce plus salt through PBKDF2+HMAC+SHA256 to generate the key. (Implementation by RustCrypto)
Uri formats:
env:
uses the default environment variableVAULT_PASSWORD
env:VARNAME
- variableVARNAME
contains the passphraseenv://VARNAME
- alternate syntax
Implementations
impl EnvKeeper
[src]
Trait Implementations
impl Debug for EnvKeeper
[src]
impl SecretKeeper for EnvKeeper
[src]
fn get_scheme(&self) -> &str
[src]
returns the uri scheme
fn wrap<'life0, 'life1, 'life2, 'life3, 'async_trait>(
&'life0 self,
uri: &'life1 str,
nonce: &'life2 [u8],
key: &'life3 [u8]
) -> Pin<Box<dyn Future<Output = Result<WrappedKey, Error>> + Send + 'async_trait>> where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait,
Self: 'async_trait,
[src]
&'life0 self,
uri: &'life1 str,
nonce: &'life2 [u8],
key: &'life3 [u8]
) -> Pin<Box<dyn Future<Output = Result<WrappedKey, Error>> + Send + 'async_trait>> where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
'life3: 'async_trait,
Self: 'async_trait,
Encrypts key with a passphrase-generated key Passphrase is retrieved from enviornment variable (default VAULT_PASSWORD, or the name in the key uri "env:<VAR_NAME>"). Returned encrypted key is stringified with bech32. Applications using envelope encryption don't call this function directly, but instead use Cipher.export. Cipher.export invokes SecretKeeper.wrap to encrypt the key and generate the WrappedKey.
fn unwrap<'life0, 'life1, 'life2, 'async_trait>(
&'life0 self,
nonce: &'life1 [u8],
wk: &'life2 WrappedKey
) -> Pin<Box<dyn Future<Output = Result<Bytes, Error>> + Send + 'async_trait>> where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
Self: 'async_trait,
[src]
&'life0 self,
nonce: &'life1 [u8],
wk: &'life2 WrappedKey
) -> Pin<Box<dyn Future<Output = Result<Bytes, Error>> + Send + 'async_trait>> where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
Self: 'async_trait,
Unwraps and decrypts key with a passphrase-generated key Passphrase is retrieved from enviornment variable (default VAULT_PASSWORD, or the name in the key uri "env:<VAR_NAME>").
#[must_use]fn init_cipher<'life0, 'life1, 'life2, 'async_trait>(
&'life0 self,
ckind: CipherKind,
nonce: &'life1 [u8],
wrapped: Option<&'life2 WrappedKey>
) -> Pin<Box<dyn Future<Output = Result<Box<dyn Cipher>, Error>> + Send + 'async_trait>> where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
Self: 'async_trait,
[src]
&'life0 self,
ckind: CipherKind,
nonce: &'life1 [u8],
wrapped: Option<&'life2 WrappedKey>
) -> Pin<Box<dyn Future<Output = Result<Box<dyn Cipher>, Error>> + Send + 'async_trait>> where
'life0: 'async_trait,
'life1: 'async_trait,
'life2: 'async_trait,
Self: 'async_trait,
fn as_create(&self) -> Result<&dyn Create, Error>
[src]
Auto Trait Implementations
impl RefUnwindSafe for EnvKeeper
impl Send for EnvKeeper
impl Sync for EnvKeeper
impl Unpin for EnvKeeper
impl UnwindSafe for EnvKeeper
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Same<T> for T
[src]
type Output = T
Should always be Self
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,