pub trait VolumeCipher: Send + Sync {
// Required methods
fn encrypt_sector(&self, rel_sector: u64, sector: &mut [u8]);
fn decrypt_sector(&self, rel_sector: u64, sector: &mut [u8]);
fn encrypt_area(
&self,
buf: &mut [u8],
sector_size: usize,
first_rel_sector: u64,
);
fn decrypt_area(
&self,
buf: &mut [u8],
sector_size: usize,
first_rel_sector: u64,
);
// Provided method
fn destroy(&mut self) { ... }
}Expand description
A full-volume sector cipher.
All sector numbers are data-region relative (rel = lba - offset_sector);
callers MUST map absolute LBAs before invoking these methods and MUST NOT
call them for sectors inside header/footer metadata regions.
Required Methods§
Sourcefn encrypt_sector(&self, rel_sector: u64, sector: &mut [u8])
fn encrypt_sector(&self, rel_sector: u64, sector: &mut [u8])
Encrypt one sector in place.
Sourcefn decrypt_sector(&self, rel_sector: u64, sector: &mut [u8])
fn decrypt_sector(&self, rel_sector: u64, sector: &mut [u8])
Decrypt one sector in place.
Sourcefn encrypt_area(
&self,
buf: &mut [u8],
sector_size: usize,
first_rel_sector: u64,
)
fn encrypt_area( &self, buf: &mut [u8], sector_size: usize, first_rel_sector: u64, )
Encrypt a contiguous buffer of sector_size-byte sectors starting at
data-region-relative sector first_rel_sector.
Sourcefn decrypt_area(
&self,
buf: &mut [u8],
sector_size: usize,
first_rel_sector: u64,
)
fn decrypt_area( &self, buf: &mut [u8], sector_size: usize, first_rel_sector: u64, )
Decrypt a contiguous buffer (inverse of
encrypt_area).
Provided Methods§
Sourcefn destroy(&mut self)
fn destroy(&mut self)
Explicitly zeroize key material before the cipher is dropped.
Called by the framework at the end of each I/O burst and sweep batch
immediately before drop. The default no-op is safe for ciphers that
hold key schedules in ordinary memory; override to release/zeroize
protected key material (RAM-encryption use case).
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".