SshVault

ssh_vault::vault

Struct SshVault 

Source 
pub struct SshVault { /* private fields */ }
Expand description

Main vault interface for encrypting and decrypting data using SSH keys

SshVault provides a unified interface for working with both Ed25519 and RSA encryption schemes. It handles key type detection and delegates operations to the appropriate underlying implementation.

Implementations§

Source§

impl SshVault

Source

pub fn new( key_type: &SshKeyType, public: Option<PublicKey>, private: Option<PrivateKey>, ) -> Result<Self>

Creates a new vault instance with the specified key type

§Arguments
  • key_type - The SSH key type (Ed25519 or RSA)
  • public - Optional public key for encryption operations
  • private - Optional private key for decryption operations
§Errors

Returns an error if:

  • The key type doesn’t match the provided keys
  • Both public and private keys are provided (only one should be provided)
  • The keys are invalid or encrypted without proper decryption
§Examples
use ssh_vault::vault::{SshVault, SshKeyType};
use ssh_key::PublicKey;
use std::path::Path;

let public_key = PublicKey::read_openssh_file(Path::new("id_ed25519.pub"))?;
let vault = SshVault::new(&SshKeyType::Ed25519, Some(public_key), None)?;
Source

pub fn create( &self, password: SecretSlice<u8>, data: &mut [u8], ) -> Result<String>

Encrypts data and creates a vault

§Arguments
  • password - Secret password for encrypting the data
  • data - Mutable byte slice to encrypt (will be zeroed after encryption)
§Returns

Returns the vault as a formatted string that can be stored or transmitted. The format includes the algorithm, fingerprint, and encrypted payload.

§Security

The input data is zeroed after encryption to prevent sensitive data from remaining in memory.

§Errors

Returns an error if encryption fails.

Source

pub fn view( &self, password: &[u8], data: &[u8], fingerprint: &str, ) -> Result<String>

Decrypts and views vault contents

§Arguments
  • password - Encrypted password bytes from the vault
  • data - Encrypted data bytes from the vault
  • fingerprint - Expected key fingerprint for verification
§Returns

Returns the decrypted data as a UTF-8 string.

§Errors

Returns an error if:

  • The fingerprint doesn’t match the private key
  • Decryption fails (wrong key or corrupted data)
  • The decrypted data is not valid UTF-8

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> PolicyExt for T
where T: ?Sized,

Source§

fn and<P, B, E>(self, other: P) -> And<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow only if self and other return Action::Follow. Read more
Source§

fn or<P, B, E>(self, other: P) -> Or<T, P>
where T: Policy<B, E>, P: Policy<B, E>,

Create a new Policy that returns Action::Follow if either self or other returns Action::Follow. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V

Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more