diff options
Diffstat (limited to 'lockchain-crypto/src/keyfold.rs')
-rw-r--r-- | lockchain-crypto/src/keyfold.rs | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/lockchain-crypto/src/keyfold.rs b/lockchain-crypto/src/keyfold.rs new file mode 100644 index 0000000..2339a32 --- /dev/null +++ b/lockchain-crypto/src/keyfold.rs @@ -0,0 +1,48 @@ +//! Keyfolds map keys to encrypted keys + +use lcc::crypto::{Key, KeyType}; +use lcc::traits::EncryptionHandler; +use lcc::EncryptedBody; + +use AesEngine; + +/// Transparent key-encrypter utility +/// +/// This structure acts as a mapper between the +/// encrypted keys that are stored in a vault and +/// the decrypted keys that need to exist in order +/// for the `AesEngine` (and similar) to work. +/// +/// This means that it is initialised with a +/// user passphrase (and name for salt purposes) +/// and is subsequently able to encrypt keys +/// to be stored in a vault persistence medium +/// or decrypt keys that are retrieved via a +/// Vault metadata API. +pub struct Keyfold { + engine: Option<AesEngine>, +} + +impl Keyfold { + /// Take ownership of the AesEngine for transactions + pub fn begin(&mut self, engine: AesEngine) { + self.engine = Some(engine); + } + + /// Return ownership o the AesEngine + pub fn end(mut self) -> AesEngine { + let engine = self.engine.unwrap(); + self.engine = None; + engine + } +} + +impl EncryptionHandler<Key> for Keyfold { + fn encrypt(&mut self, item: Key) -> EncryptedBody { + unimplemented!() + } + + fn decrypt(&mut self, item: EncryptedBody) -> Option<Key> { + unimplemented!() + } +} |