pub fn open_armored_bundle(
bundle_path: &Path,
config_dir: &Path,
expect_digest: Option<&str>,
no_verify_digest: bool,
) -> Result<OpenedArmored, Box<dyn Error>>Expand description
Read an armored sealed bundle from bundle_path, load the corresponding
secret from config_dir, open and verify. The caller is responsible for
passing an expect_digest unless no_verify_digest is set.
Best-effort removal of the used secret file on success — the bundle id is single-use, and keeping the secret around only widens blast radius.