1 files changed, 48 insertions, 0 deletions

diff --git a/lockchain-crypto/src/keyfold.rs b/lockchain-crypto/src/keyfold.rs
new file mode 100644
index 0000000..2339a32
--- /dev/null
+++ b/lockchain-crypto/src/keyfold.rs
@@ -0,0 +1,48 @@
+//! Keyfolds map keys to encrypted keys
+
+use lcc::crypto::{Key, KeyType};
+use lcc::traits::EncryptionHandler;
+use lcc::EncryptedBody;
+
+use AesEngine;
+
+/// Transparent key-encrypter utility
+///
+/// This structure acts as a mapper between the
+/// encrypted keys that are stored in a vault and
+/// the decrypted keys that need to exist in order
+/// for the `AesEngine` (and similar) to work.
+///
+/// This means that it is initialised with a
+/// user passphrase (and name for salt purposes)
+/// and is subsequently able to encrypt keys
+/// to be stored in a vault persistence medium
+/// or decrypt keys that are retrieved via a
+/// Vault metadata API.
+pub struct Keyfold {
+    engine: Option<AesEngine>,
+}
+
+impl Keyfold {
+    /// Take ownership of the AesEngine for transactions
+    pub fn begin(&mut self, engine: AesEngine) {
+        self.engine = Some(engine);
+    }
+
+    /// Return ownership o the AesEngine
+    pub fn end(mut self) -> AesEngine {
+        let engine = self.engine.unwrap();
+        self.engine = None;
+        engine
+    }
+}
+
+impl EncryptionHandler<Key> for Keyfold {
+    fn encrypt(&mut self, item: Key) -> EncryptedBody {
+        unimplemented!()
+    }
+
+    fn decrypt(&mut self, item: EncryptedBody) -> Option<Key> {
+        unimplemented!()
+    }
+}