blob: 2339a32c97bf6fe415d52d8ec4f4795e23346321 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
//! Keyfolds map keys to encrypted keys
use lcc::crypto::{Key, KeyType};
use lcc::traits::EncryptionHandler;
use lcc::EncryptedBody;
use AesEngine;
/// Transparent key-encrypter utility
///
/// This structure acts as a mapper between the
/// encrypted keys that are stored in a vault and
/// the decrypted keys that need to exist in order
/// for the `AesEngine` (and similar) to work.
///
/// This means that it is initialised with a
/// user passphrase (and name for salt purposes)
/// and is subsequently able to encrypt keys
/// to be stored in a vault persistence medium
/// or decrypt keys that are retrieved via a
/// Vault metadata API.
pub struct Keyfold {
engine: Option<AesEngine>,
}
impl Keyfold {
/// Take ownership of the AesEngine for transactions
pub fn begin(&mut self, engine: AesEngine) {
self.engine = Some(engine);
}
/// Return ownership o the AesEngine
pub fn end(mut self) -> AesEngine {
let engine = self.engine.unwrap();
self.engine = None;
engine
}
}
impl EncryptionHandler<Key> for Keyfold {
fn encrypt(&mut self, item: Key) -> EncryptedBody {
unimplemented!()
}
fn decrypt(&mut self, item: EncryptedBody) -> Option<Key> {
unimplemented!()
}
}
|
