KeyManager

tink_core::registry

Trait KeyManager 

Source 
pub trait KeyManager: Send + Sync {
    // Required methods
    fn primitive(&self, serialized_key: &[u8]) -> Result<Primitive, TinkError>;
    fn new_key(
        &self,
        serialized_key_format: &[u8],
    ) -> Result<Vec<u8>, TinkError>;
    fn type_url(&self) -> &'static str;
    fn key_material_type(&self) -> KeyMaterialType;

    // Provided methods
    fn does_support(&self, type_url: &str) -> bool { ... }
    fn new_key_data(
        &self,
        serialized_key_format: &[u8],
    ) -> Result<KeyData, TinkError> { ... }
    fn supports_private_keys(&self) -> bool { ... }
    fn public_key_data(
        &self,
        _serialized_key: &[u8],
    ) -> Result<KeyData, TinkError> { ... }
}
Expand description

KeyManager “understands” keys of a specific key types: it can generate keys of a supported type and create primitives for supported keys.

A key type is identified by the global name of the protocol buffer that holds the corresponding key material, and is given by type_url-field of KeyData-protocol buffer.

Required Methods§

Source

fn primitive(&self, serialized_key: &[u8]) -> Result<Primitive, TinkError>

Construct a primitive instance for the key given in serialized_key, which must be a serialized key protocol buffer handled by this manager.

Source

fn new_key(&self, serialized_key_format: &[u8]) -> Result<Vec<u8>, TinkError>

Generate a new key according to specification in serialized_key_format, which must be supported by this manager, returned as a serialized protocol buffer.

Source

fn type_url(&self) -> &'static str

Return the type URL that identifes the key type of keys managed by this key manager.

Source

fn key_material_type(&self) -> KeyMaterialType

Return the key material type handled by this key manager

Provided Methods§

Source

fn does_support(&self, type_url: &str) -> bool

Return true iff this KeyManager supports key type identified by type_url.

Source

fn new_key_data( &self, serialized_key_format: &[u8], ) -> Result<KeyData, TinkError>

Generate a new KeyData according to specification in serialized_key_format. This should be used solely by the key management API.

Source

fn supports_private_keys(&self) -> bool

Indicate whether this KeyManager understands private key types.

Source

fn public_key_data(&self, _serialized_key: &[u8]) -> Result<KeyData, TinkError>

Extract the public key data from the private key. If supports_private_keys returns false, this method will always return an error.

Implementors§