Skip to main content

open_armored_bundle

Function open_armored_bundle 

Source
pub fn open_armored_bundle(
    bundle_path: &Path,
    config_dir: &Path,
    expect_digest: Option<&str>,
    no_verify_digest: bool,
) -> Result<OpenedArmored, Box<dyn Error>>
Expand description

Read an armored sealed bundle from bundle_path, load the corresponding secret from config_dir, open and verify. The caller is responsible for passing an expect_digest unless no_verify_digest is set.

Best-effort removal of the used secret file on success — the bundle id is single-use, and keeping the secret around only widens blast radius.