Function encrypt_key 

pub fn encrypt_key(
    secret_key: &SecretKey,
    passphrase: &str,
) -> Result<EncryptedKey, StoreError>

Encrypt a secret key with a passphrase.

Arguments

• secret_key - The secret key to encrypt
• passphrase - The passphrase to use for key derivation

Returns

An EncryptedKey containing the encrypted key material and all data needed for decryption (salt, nonce).

Errors

Returns StoreError::EncryptionFailed if:

• Key derivation fails
• Encryption fails (should not happen with valid inputs)

Security

• Generates fresh random salt and nonce for each encryption
• Uses cryptographically secure OS random number generator
• Zeroizes the derived encryption key after use

Example

use txgate_crypto::keys::SecretKey;
use txgate_crypto::encryption::encrypt_key;

let secret_key = SecretKey::generate();
let encrypted = encrypt_key(&secret_key, "my passphrase").expect("encryption failed");

// The encrypted data can be serialized and stored
let bytes = encrypted.to_bytes();