pub trait Crypto {
// Required methods
fn new(key: SecretSlice<u8>) -> Self;
fn encrypt(&self, data: &[u8], fingerprint: &[u8]) -> Result<Vec<u8>>;
fn decrypt(&self, data: &[u8], fingerprint: &[u8]) -> Result<Vec<u8>>;
}Expand description
Trait defining cryptographic operations for vault encryption
This trait provides a common interface for different authenticated encryption algorithms used in ssh-vault (AES-256-GCM and ChaCha20-Poly1305).
Required Methods§
Sourcefn new(key: SecretSlice<u8>) -> Self
fn new(key: SecretSlice<u8>) -> Self
Creates a new crypto instance with the given key
Sourcefn encrypt(&self, data: &[u8], fingerprint: &[u8]) -> Result<Vec<u8>>
fn encrypt(&self, data: &[u8], fingerprint: &[u8]) -> Result<Vec<u8>>
Encrypts data using authenticated encryption with associated data (AEAD)
§Arguments
data- The plaintext data to encryptfingerprint- Additional authenticated data (key fingerprint)
§Returns
Returns the encrypted data including nonce/IV prepended to the ciphertext
§Errors
Returns an error if encryption fails.
Sourcefn decrypt(&self, data: &[u8], fingerprint: &[u8]) -> Result<Vec<u8>>
fn decrypt(&self, data: &[u8], fingerprint: &[u8]) -> Result<Vec<u8>>
Decrypts data using authenticated encryption with associated data (AEAD)
§Arguments
data- The encrypted data including nonce/IVfingerprint- Additional authenticated data for verification
§Returns
Returns the decrypted plaintext data
§Errors
Returns an error if authentication fails or decryption is unsuccessful
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.