Skip to main content

KeyStore

txgate_crypto::store

Trait KeyStore 

Source 
pub trait KeyStore: Send + Sync {
    // Required methods
    fn store(
        &self,
        name: &str,
        key: &SecretKey,
        passphrase: &str,
    ) -> Result<(), StoreError>;
    fn load(
        &self,
        name: &str,
        passphrase: &str,
    ) -> Result<SecretKey, StoreError>;
    fn list(&self) -> Result<Vec<String>, StoreError>;
    fn delete(&self, name: &str) -> Result<(), StoreError>;
    fn exists(&self, name: &str) -> bool;
}
Expand description

Trait for secure key storage.

Implementations must ensure:

  • Keys are encrypted at rest
  • File permissions prevent unauthorized access
  • Atomic operations prevent corruption
  • Thread-safe operations (Send + Sync)

§Example

use txgate_crypto::store::{KeyStore, FileKeyStore};
use txgate_crypto::keys::SecretKey;

fn example<S: KeyStore>(store: &S) -> Result<(), txgate_core::error::StoreError> {
    let key = SecretKey::generate();
    store.store("my-key", &key, "passphrase")?;

    if store.exists("my-key") {
        let loaded = store.load("my-key", "passphrase")?;
    }

    Ok(())
}

Required Methods§

Source

fn store( &self, name: &str, key: &SecretKey, passphrase: &str, ) -> Result<(), StoreError>

Store a secret key with the given name.

§Arguments
  • name - A unique identifier for the key (e.g., “default”, “hot-wallet”)
  • key - The secret key to store
  • passphrase - The passphrase to encrypt the key with
§Errors
  • StoreError::KeyExists if a key with this name already exists
  • StoreError::EncryptionFailed if encryption fails
  • StoreError::IoError if file operations fail
  • StoreError::InvalidFormat if the name is invalid
Source

fn load(&self, name: &str, passphrase: &str) -> Result<SecretKey, StoreError>

Load a secret key by name.

§Arguments
  • name - The identifier of the key to load
  • passphrase - The passphrase to decrypt the key with
§Errors
  • StoreError::KeyNotFound if no key exists with this name
  • StoreError::DecryptionFailed if the passphrase is wrong
  • StoreError::IoError if file operations fail
  • StoreError::InvalidFormat if the name or file format is invalid
Source

fn list(&self) -> Result<Vec<String>, StoreError>

List all stored key names.

§Returns

A vector of key names (without the .enc extension), sorted alphabetically.

§Errors
  • StoreError::IoError if directory operations fail
Source

fn delete(&self, name: &str) -> Result<(), StoreError>

Delete a key by name.

§Arguments
  • name - The identifier of the key to delete
§Errors
  • StoreError::KeyNotFound if no key exists with this name
  • StoreError::IoError if file operations fail
  • StoreError::InvalidFormat if the name is invalid
Source

fn exists(&self, name: &str) -> bool

Check if a key exists.

§Arguments
  • name - The identifier of the key to check
§Returns

true if a key with this name exists, false otherwise. Returns false if the name is invalid.

Implementors§