Struct lock_keeper::crypto::generic::Encrypted

source · 
pub struct Encrypted<T> {
    pub(super) ciphertext: Vec<u8>,
    pub(super) associated_data: AssociatedData,
    pub(super) nonce: Nonce,
    pub(super) original_type: PhantomData<T>,
}
Expand description

A ciphertext representing an object of type T, encrypted under the ChaCha20Poly1305 scheme for authenticated encryption with associated data (AEAD).

As implied by the scheme name, this uses the recommended 20 rounds and a standard 96-bit nonce. For more details, see the ChaCha20Poly1305 crate.

Fields§

§ciphertext: Vec<u8>§associated_data: AssociatedData§nonce: Nonce§original_type: PhantomData<T>

Implementations§

source§

impl Encrypted<Secret>

source

pub fn decrypt_secret( self, storage_key: StorageKey ) -> Result<Secret, LockKeeperError>

Decrypt a secret. This should be run as part of the subprotocol to retrieve a secret from the server.

This must be run by the client.

source§

impl Encrypted<DataBlob>

source

pub fn decrypt_data_blob( self, remote_storage_key: &RemoteStorageKey ) -> Result<DataBlob, LockKeeperError>

Decrypt data blob server-side.

source§

impl<T> Encrypted<T>
where T: TryFrom<Vec<u8>>, CryptoError: From<<T as TryFrom<Vec<u8>>>::Error> + From<<Vec<u8> as TryFrom<T>>::Error>, Vec<u8>: TryFrom<T>,

source

pub(super) fn encrypt( rng: &mut (impl CryptoRng + RngCore), enc_key: &EncryptionKey, object: T, associated_data: &AssociatedData ) -> Result<Encrypted<T>, CryptoError>

Encrypt the T and authenticate the AssociatedData under the EncryptionKey.

Raises a [CryptoError::EncryptionFailed] if encryption fails.

source

pub(super) fn decrypt_inner( self, enc_key: &EncryptionKey ) -> Result<T, CryptoError>

Decrypt the ciphertext to a T.

Raises a [CryptoError::DecryptionFailed] if decryption fails or [CryptoError::ConversionError] if the decrypted plaintext cannot be converted into T.

source§

impl Encrypted<SigningKeyPair>

source

pub fn decrypt_signing_key( self, storage_key: StorageKey, user_id: UserId, key_id: KeyId ) -> Result<SigningKeyPair, LockKeeperError>

Decrypt a signing key. This should be run as part of the subprotocol to retrieve an encrypted signing key from the server.

This must be run by the client.

source

pub fn decrypt_signing_key_by_server( self, remote_storage_key: &RemoteStorageKey, user_id: UserId, key_id: KeyId ) -> Result<SigningKeyPair, LockKeeperError>

Decrypt a signing key. This should be run by the server as part of the subprotocol to retrieve a signing key from the server.

source

fn decrypt( self, encryption_key: &EncryptionKey, user_id: UserId, key_id: KeyId, possible_context_strings: Vec<&str> ) -> Result<SigningKeyPair, LockKeeperError>

source§

impl Encrypted<StorageKey>

source

pub fn decrypt_storage_key( self, master_key: MasterKey, user_id: &UserId ) -> Result<StorageKey, LockKeeperError>

Decrypt a storage key. This should be run as part of the subprotocol to retrieve a storage key from the server.

This must be run by the client. It takes the following steps:

  1. Derive the decryption key from the master key using the associated data
  2. Decrypt the encrypted storage key using the decryption key
  3. Return the decrypted StorageKey
source§

impl Encrypted<OpaqueSessionKey>

source

pub fn decrypt_session_key( self, remote_storage_key: &RemoteStorageKey ) -> Result<OpaqueSessionKey, LockKeeperError>

Decrypt a session key server-side.

source§

impl Encrypted<Message>

source

pub fn decrypt_message( self, session_key: &OpaqueSessionKey ) -> Result<Message, LockKeeperError>

source

pub fn try_into_message(self) -> Result<Message, LockKeeperError>

Translates an Encrypted<Message> to a Message in order to be sent through an authenticated channel.

source

pub fn try_from_message(message: Message) -> Result<Self, LockKeeperError>

Translates a Message received through an authenticated channel to an Encrypted<Message>.

Trait Implementations§

source§

impl<T: Clone> Clone for Encrypted<T>

source§

fn clone(&self) -> Encrypted<T>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<T: Debug> Debug for Encrypted<T>

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<'de, T> Deserialize<'de> for Encrypted<T>

source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
source§

impl<T: PartialEq> PartialEq for Encrypted<T>

source§

fn eq(&self, other: &Encrypted<T>) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl<T> Serialize for Encrypted<T>

source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
source§

impl TryFrom<RetrievedSecret> for Encrypted<Secret>

§

type Error = LockKeeperError

The type returned in the event of a conversion error.
source§

fn try_from(secret: RetrievedSecret) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl TryFrom<StoredSecret> for Encrypted<SigningKeyPair>

§

type Error = LockKeeperError

The type returned in the event of a conversion error.
source§

fn try_from(secret: StoredSecret) -> Result<Self, Self::Error>

Performs the conversion.
source§

impl<T: Eq> Eq for Encrypted<T>

source§

impl<T> StructuralPartialEq for Encrypted<T>

Auto Trait Implementations§

§

impl<T> Freeze for Encrypted<T>

§

impl<T> RefUnwindSafe for Encrypted<T>
where T: RefUnwindSafe,

§

impl<T> Send for Encrypted<T>
where T: Send,

§

impl<T> Sync for Encrypted<T>
where T: Sync,

§

impl<T> Unpin for Encrypted<T>
where T: Unpin,

§

impl<T> UnwindSafe for Encrypted<T>
where T: UnwindSafe,

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> ConvertMessage for T
where T: for<'a> Deserialize<'a> + Serialize,

source§

fn from_message(value: Message) -> Result<Self, LockKeeperError>

source§

fn to_message(self) -> Result<Message, LockKeeperError>

source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoRequest<T> for T

source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,