bitwarden_crypto::safe::password_protected_key_envelope

Struct PasswordProtectedKeyEnvelope

Source 
pub struct PasswordProtectedKeyEnvelope {
    cose_encrypt: CoseEncrypt,
}
Expand description

A password-protected key envelope can seal a symmetric key, and protect it with a password. It does so by using a Key Derivation Function (KDF), to increase the difficulty of brute-forcing the password.

The KDF parameters such as iterations and salt are stored in the envelope and do not have to be provided.

Internally, Argon2 is used as the KDF and XChaCha20-Poly1305 is used to encrypt the key.

Fields§

§cose_encrypt: CoseEncrypt

Implementations§

Source§

impl PasswordProtectedKeyEnvelope

Source

pub fn seal<Ids: KeyIds>( key_to_seal: Ids::Symmetric, password: &str, ctx: &KeyStoreContext<'_, Ids>, ) -> Result<Self, PasswordProtectedKeyEnvelopeError>

Seals a symmetric key with a password, using the current default KDF parameters and a random salt.

This should never fail, except for memory allocation error, when running the KDF.

Source

fn seal_ref( key_to_seal: &SymmetricCryptoKey, password: &str, ) -> Result<Self, PasswordProtectedKeyEnvelopeError>

Seals a key reference with a password. This function is not public since callers are expected to only work with key store references.

Source

fn seal_ref_with_settings( key_to_seal: &SymmetricCryptoKey, password: &str, kdf_settings: &Argon2RawSettings, ) -> Result<Self, PasswordProtectedKeyEnvelopeError>

Seals a key reference with a password and custom provided settings. This function is not public since callers are expected to only work with key store references, and to not control the KDF difficulty where possible.

Source

pub fn unseal<Ids: KeyIds>( &self, password: &str, ctx: &mut KeyStoreContext<'_, Ids>, ) -> Result<Ids::Symmetric, PasswordProtectedKeyEnvelopeError>

Unseals a symmetric key from the password-protected envelope, and stores it in the key store context.

Source

fn unseal_ref( &self, password: &str, ) -> Result<SymmetricCryptoKey, PasswordProtectedKeyEnvelopeError>

Source

pub fn reseal( &self, password: &str, new_password: &str, ) -> Result<Self, PasswordProtectedKeyEnvelopeError>

Re-seals the key with new KDF parameters (updated settings, salt), and a new password

Trait Implementations§

Source§

impl Debug for PasswordProtectedKeyEnvelope

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for PasswordProtectedKeyEnvelope

Source§

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl From<&PasswordProtectedKeyEnvelope> for Vec<u8>

Source§

fn from(val: &PasswordProtectedKeyEnvelope) -> Self

Converts to this type from the input type.
Source§

impl From<PasswordProtectedKeyEnvelope> for String

Source§

fn from(val: PasswordProtectedKeyEnvelope) -> Self

Converts to this type from the input type.
Source§

impl FromStr for PasswordProtectedKeyEnvelope

Source§

type Err = PasswordProtectedKeyEnvelopeError

The associated error which can be returned from parsing.
Source§

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type. Read more
Source§

impl FromWasmAbi for PasswordProtectedKeyEnvelope

Source§

type Abi = <String as FromWasmAbi>::Abi

The Wasm ABI type that this converts from when coming back out from the ABI boundary.
Source§

unsafe fn from_abi(abi: Self::Abi) -> Self

Recover a Self from Self::Abi. Read more
Source§

impl Serialize for PasswordProtectedKeyEnvelope

Source§

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl TryFrom<&Vec<u8>> for PasswordProtectedKeyEnvelope

Source§

type Error = CoseError

The type returned in the event of a conversion error.
Source§

fn try_from(value: &Vec<u8>) -> Result<Self, Self::Error>

Performs the conversion.
Source§

impl WasmDescribe for PasswordProtectedKeyEnvelope

Source§

fn describe()

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> CompatExt for T

§

fn compat(self) -> Compat<T>

Applies the [Compat] adapter by value. Read more
§

fn compat_ref(&self) -> Compat<&T>

Applies the [Compat] adapter by shared reference. Read more
§

fn compat_mut(&mut self) -> Compat<&mut T>

Applies the [Compat] adapter by mutable reference. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, UT> HandleAlloc<UT> for T
where T: Send + Sync,

§

fn new_handle(value: Arc<T>) -> Handle

Create a new handle for an Arc value Read more
§

unsafe fn clone_handle(handle: Handle) -> Handle

Clone a handle Read more
§

unsafe fn consume_handle(handle: Handle) -> Arc<T>

Consume a handle, getting back the initial Arc<> Read more
§

unsafe fn get_arc(handle: Handle) -> Arc<Self>

Get a clone of the Arc<> using a “borrowed” handle. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<I> IntoResettable<String> for I
where I: Into<String>,

§

fn into_resettable(self) -> Resettable<String>

Convert to the intended resettable type
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,