bitwarden_crypto::safe

Struct DataEnvelope

Source 
pub struct DataEnvelope {
    envelope_data: CoseEncrypt0Bytes,
}
Expand description

DataEnvelope allows sealing structs entire structs to encrypted blobs.

Sealing a struct results in an encrypted blob, and a content-encryption-key. The content-encryption-key must be provided again when unsealing the data. A content encryption key allows easy key-rotation of the encrypting-key, as now just the content-encryption-keys need to be re-uploaded, instead of all data.

The content-encryption-key cannot be re-used for encrypting other data.

Note: This is explicitly meant for structured data, not large binary blobs (files).

Fields§

§envelope_data: CoseEncrypt0Bytes

Implementations§

Source§

impl DataEnvelope

Source

pub fn seal<Ids: KeyIds, T>( data: T, ctx: &mut KeyStoreContext<'_, Ids>, ) -> Result<(Self, Ids::Symmetric), DataEnvelopeError>
where T: Serialize + SealableVersionedData,

Seals a struct into an encrypted blob, and stores the content-encryption-key in the provided context.

Source

pub fn seal_with_wrapping_key<Ids: KeyIds, T>( data: T, wrapping_key: &Ids::Symmetric, ctx: &mut KeyStoreContext<'_, Ids>, ) -> Result<(Self, EncString), DataEnvelopeError>
where T: Serialize + SealableVersionedData,

Seals a struct into an encrypted blob. The content encryption key is wrapped with the provided wrapping key

Source

fn seal_ref<T>( data: &T, namespace: &DataEnvelopeNamespace, ) -> Result<(DataEnvelope, XChaCha20Poly1305Key), DataEnvelopeError>
where T: Serialize + SealableVersionedData,

Seals a struct into an encrypted blob, and returns the encrypted blob and the content-encryption-key.

Source

pub fn unseal<Ids: KeyIds, T>( &self, cek_keyslot: Ids::Symmetric, ctx: &mut KeyStoreContext<'_, Ids>, ) -> Result<T, DataEnvelopeError>
where T: DeserializeOwned + SealableVersionedData,

Unseals the data from the encrypted blob using a content-encryption-key stored in the context.

Source

pub fn unseal_with_wrapping_key<Ids: KeyIds, T>( &self, wrapping_key: &Ids::Symmetric, wrapped_cek: &EncString, ctx: &mut KeyStoreContext<'_, Ids>, ) -> Result<T, DataEnvelopeError>
where T: DeserializeOwned + SealableVersionedData,

Unseals the data from the encrypted blob and wrapped content-encryption-key.

Source

fn unseal_ref<T>( &self, namespace: &DataEnvelopeNamespace, cek: &XChaCha20Poly1305Key, ) -> Result<T, DataEnvelopeError>
where T: DeserializeOwned + SealableVersionedData,

Unseals the data from the encrypted blob using the provided content-encryption-key.

Trait Implementations§

Source§

impl Clone for DataEnvelope

Source§

fn clone(&self) -> DataEnvelope

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl<UT> ConvertError<UT> for DataEnvelope

Source§

fn try_convert_unexpected_callback_error( e: UnexpectedUniFFICallbackError, ) -> Result<Self>

Source§

impl Debug for DataEnvelope

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'de> Deserialize<'de> for DataEnvelope

Source§

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl Display for DataEnvelope

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<UT> FfiConverter<UT> for DataEnvelope

Source§

const TYPE_ID_META: MetadataBuffer

Type ID metadata, serialized into a [MetadataBuffer].
Source§

type FfiType = <String as Lower<UniFfiTag>>::FfiType

The low-level type used for passing values of this type over the FFI. Read more
Source§

fn lower(obj: DataEnvelope) -> Self::FfiType

Lower a rust value of the target type, into an FFI value of type Self::FfiType. Read more
Source§

fn try_lift(v: Self::FfiType) -> Result<DataEnvelope>

Lift a rust value of the target type, from an FFI value of type Self::FfiType. Read more
Source§

fn write(obj: DataEnvelope, buf: &mut Vec<u8>)

Write a rust value into a buffer, to send over the FFI in serialized form. Read more
Source§

fn try_read(buf: &mut &[u8]) -> Result<DataEnvelope>

Read a rust value from a buffer, received over the FFI in serialized form. Read more
Source§

impl From<&DataEnvelope> for Vec<u8>

Source§

fn from(val: &DataEnvelope) -> Self

Converts to this type from the input type.
Source§

impl From<DataEnvelope> for String

Source§

fn from(val: DataEnvelope) -> Self

Converts to this type from the input type.
Source§

impl From<Vec<u8>> for DataEnvelope

Source§

fn from(data: Vec<u8>) -> Self

Converts to this type from the input type.
Source§

impl FromStr for DataEnvelope

Source§

type Err = NotB64EncodedError

The associated error which can be returned from parsing.
Source§

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type. Read more
Source§

impl FromWasmAbi for DataEnvelope

Source§

type Abi = <String as FromWasmAbi>::Abi

The Wasm ABI type that this converts from when coming back out from the ABI boundary.
Source§

unsafe fn from_abi(abi: Self::Abi) -> Self

Recover a Self from Self::Abi. Read more
Source§

impl<UT> Lift<UT> for DataEnvelope

Source§

type FfiType = <DataEnvelope as FfiConverter<UT>>::FfiType

Source§

fn try_lift(v: Self::FfiType) -> Result<Self>

Source§

fn try_read(buf: &mut &[u8]) -> Result<Self>

§

fn try_lift_from_rust_buffer(v: RustBuffer) -> Result<Self, Error>

Convenience method
Source§

impl<UT> LiftRef<UT> for DataEnvelope

Source§

type LiftType = DataEnvelope

Source§

impl<UT> LiftReturn<UT> for DataEnvelope

Source§

type ReturnType = <DataEnvelope as Lift<UT>>::FfiType

FFI return type for trait interfaces
Source§

fn try_lift_successful_return(v: Self::ReturnType) -> Result<Self>

Lift a successfully returned value from a trait interface
§

fn lift_foreign_return( ffi_return: Self::ReturnType, call_status: RustCallStatus, ) -> Self

Lift a foreign returned value from a trait interface Read more
§

fn lift_error(_buf: RustBuffer) -> Self

Lift a Rust value for a callback interface method error result Read more
§

fn handle_callback_unexpected_error(e: UnexpectedUniFFICallbackError) -> Self

Lift a Rust value for an unexpected callback interface error Read more
Source§

impl<UT> Lower<UT> for DataEnvelope

Source§

type FfiType = <DataEnvelope as FfiConverter<UT>>::FfiType

Source§

fn lower(obj: Self) -> Self::FfiType

Source§

fn write(obj: Self, buf: &mut Vec<u8>)

§

fn lower_into_rust_buffer(obj: Self) -> RustBuffer

Convenience method
Source§

impl<UT> LowerError<UT> for DataEnvelope

Source§

fn lower_error(obj: Self) -> RustBuffer

Lower this value for scaffolding function return Read more
Source§

impl<UT> LowerReturn<UT> for DataEnvelope

Source§

type ReturnType = <DataEnvelope as Lower<UT>>::FfiType

The type that should be returned by scaffolding functions for this type. Read more
Source§

fn lower_return(v: Self) -> Result<Self::ReturnType, RustCallError>

Lower the return value from an scaffolding call Read more
§

fn handle_failed_lift( error: LiftArgsError, ) -> Result<Self::ReturnType, RustCallError>

Lower the return value for failed argument lifts Read more
Source§

impl Serialize for DataEnvelope

Source§

fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl<UT> TypeId<UT> for DataEnvelope

Source§

const TYPE_ID_META: MetadataBuffer

Source§

impl WasmDescribe for DataEnvelope

Source§

fn describe()

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
§

impl<T> CompatExt for T

§

fn compat(self) -> Compat<T>

Applies the [Compat] adapter by value. Read more
§

fn compat_ref(&self) -> Compat<&T>

Applies the [Compat] adapter by shared reference. Read more
§

fn compat_mut(&mut self) -> Compat<&mut T>

Applies the [Compat] adapter by mutable reference. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

§

impl<T, UT> HandleAlloc<UT> for T
where T: Send + Sync,

§

fn new_handle(value: Arc<T>) -> Handle

Create a new handle for an Arc value Read more
§

unsafe fn clone_handle(handle: Handle) -> Handle

Clone a handle Read more
§

unsafe fn consume_handle(handle: Handle) -> Arc<T>

Consume a handle, getting back the initial Arc<> Read more
§

unsafe fn get_arc(handle: Handle) -> Arc<Self>

Get a clone of the Arc<> using a “borrowed” handle. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> IntoEither for T

Source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
Source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
§

impl<I> IntoResettable<String> for I
where I: Into<String>,

§

fn into_resettable(self) -> Resettable<String>

Convert to the intended resettable type
§

impl<T> Pointable for T

§

const ALIGN: usize

The alignment of pointer.
§

type Init = T

The type for initializers.
§

unsafe fn init(init: <T as Pointable>::Init) -> usize

Initializes a with the given initializer. Read more
§

unsafe fn deref<'a>(ptr: usize) -> &'a T

Dereferences the given pointer. Read more
§

unsafe fn deref_mut<'a>(ptr: usize) -> &'a mut T

Mutably dereferences the given pointer. Read more
§

unsafe fn drop(ptr: usize)

Drops the object pointed to by the given pointer. Read more
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T> ToString for T
where T: Display + ?Sized,

Source§

fn to_string(&self) -> String

Converts the given value to a String. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,