Struct lock_keeper::crypto::MasterKey

source · 
pub struct MasterKey(EncryptionKey);
Expand description

The master key is a default-length symmetric encryption key for an AEAD scheme.

The master key is used by the client to securely encrypt their StorageKey. It should not be stored or saved beyond the lifetime of a single authentication session. It should never be sent to the server or passed out to the local calling application.

Tuple Fields§

§0: EncryptionKey

Implementations§

source§

impl MasterKey

source

pub fn derive_master_key( export_key: Output<Sha512> ) -> Result<Self, LockKeeperError>

Derive a uniformly distributed secret MasterKey using the export key as input key material.

§Arguments
  • export_key - the export_key as returned by opaque-ke library, which has type [Output<Sha512>]
source

pub fn create_and_encrypt_storage_key( self, rng: &mut (impl CryptoRng + RngCore), user_id: &UserId ) -> Result<Encrypted<StorageKey>, LockKeeperError>

Create an encrypted storage key. This is part of the registration flow and is executed during a registration session with the server. This key should be sent to the server for storage.

This must be run by the client. It takes the following steps:

  1. Generate a new StorageKey to encrypt stored data with
  2. Derive the decryption key from the master key, using the associated data
  3. Encrypt the storage key under the encryption key, using an AEAD scheme
  4. Return the encrypted storage key
source

fn encrypt_storage_key( self, rng: &mut (impl CryptoRng + RngCore), storage_key: StorageKey, user_id: &UserId ) -> Result<Encrypted<StorageKey>, CryptoError>

Encrypt the given StorageKey under a derivation from the MasterKey using an AEAD scheme.

source

fn derive_key( self, context: AssociatedData ) -> Result<EncryptionKey, CryptoError>

Derive a new key from MasterKey using AssociatedData as the domain separator. MasterKey should not be used directly to encrypt something, instead use this method to derive a key for a specific use-case using a domain separator.

Trait Implementations§

source§

impl Clone for MasterKey

source§

fn clone(&self) -> MasterKey

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for MasterKey

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Drop for MasterKey

source§

fn drop(&mut self)

Executes the destructor for this type. Read more
source§

impl PartialEq for MasterKey

source§

fn eq(&self, other: &MasterKey) -> bool

This method tests for self and other values to be equal, and is used by ==.
1.0.0 · source§

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
source§

impl Zeroize for MasterKey

source§

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.
source§

impl Eq for MasterKey

source§

impl StructuralPartialEq for MasterKey

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

source§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T> FromRef<T> for T
where T: Clone,

§

fn from_ref(input: &T) -> T

Converts to this type from a reference to the input type.
source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoRequest<T> for T

source§

fn into_request(self) -> Request<T>

Wrap the input message T in a tonic::Request
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more