Skip to main content

CommitReader

void_core::crypto::reader

Struct CommitReader 

Source 
pub struct CommitReader { /* private fields */ }
Expand description

Encapsulates the key derivation chain for reading a commit’s objects.

Created by decrypting a commit blob, which extracts the envelope nonce and derives the content key. The content key is then used to decrypt metadata and shards.

Implementations§

Source§

impl CommitReader

Source

pub fn from_share_key(key: ShareKey) -> Self

Create a CommitReader from a share key (for share-based unseal).

In share-based unseal the derived key serves directly as the content key — there is no commit envelope involved.

Source

pub fn from_content_key(content_key: ContentKey) -> Self

Create a CommitReader from a content key directly (for scoped-key clone).

Used when cloning from a published repo with --content-key. The content key is the only key available – no root key exists in scoped mode.

Source

pub fn open_with_vault( vault: &KeyVault, commit_blob: &EncryptedCommit, ) -> Result<(CommitPlaintext, Self)>

Decrypt a commit blob using a KeyVault, routing key material through the vault rather than accepting raw bytes.

This is the preferred constructor. The vault decrypts the commit and produces a crypto-layer CommitReader, whose parts are transferred into this core-layer reader. Callers never handle raw key bytes.

Source

pub fn decrypt_metadata<T>(&self, blob: &EncryptedMetadata) -> Result<T>
where T: DeserializeOwned,

Decrypt a metadata bundle blob and deserialize from CBOR.

Source

pub fn decrypt_shard( &self, blob: &EncryptedShard, wrapped_key: Option<&WrappedKey>, ancestor_keys: &[ContentKey], ) -> Result<DecryptedShard>

Decrypt a shard blob. Handles wrapped keys, content key, and optional ancestor key fallback.

Fallback chain:

  1. If wrapped_key is Some, try unwrapping with content_key, then each ancestor key
  2. Try content_key directly
  3. Try each ancestor key directly
Source

pub fn decrypt_repo_manifest( &self, blob: &EncryptedRepoManifest, ) -> Result<Manifest>

Decrypt a repo manifest blob into a typed Manifest.

Source

pub fn decrypt_envelope_body( &self, blob: &EncryptedCommit, ) -> Result<(CommitPlaintext, KeyNonce)>

Decrypt a VD01 envelope body of a commit blob using the content key.

Returns the commit plaintext and the envelope nonce. Used by share-based unseal where the share key IS the content key.

Source

pub fn content_key(&self) -> &ContentKey

Get the content key (derived key for envelope commits).

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

impl<T> Pointable for T

Source§

const ALIGN: usize

The alignment of pointer.
Source§

type Init = T

The type for initializers.
Source§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
Source§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
Source§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
Source§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V