pub struct SecretStorageKey { /* private fields */ }
Expand description

A secret storage key which can be used to store encrypted data in the user’s account data as defined in the spec.

The secret storage key can be initialized from a passphrase or from a base58-encoded string.

To bootstrap a new SecretStorageKey, use the SecretStorageKey::new() or SecretStorageKey::new_from_passphrase() method.

After a new SecretStorageKey has been created, the info about the key needs to be uploaded to the homeserver as a global account data event. The event and event type for this can be retrieved using the SecretStorageKey::event_content() and SecretStorageKey::event_type() methods, respectively.

§Examples

use matrix_sdk_crypto::secret_storage::SecretStorageKey;

// Create a new secret storage key.
let key =
    SecretStorageKey::new_from_passphrase("It's a secret to everybody");
// Retrieve the content.
let content = key.event_content();
// Now upload the content to the server and mark the new key as the default one.

// If we want to restore the secret key, we'll need to retrieve the previously uploaded global
// account data event.
let restored_key = SecretStorageKey::from_account_data(
    "It's a secret to everybody",
    content.to_owned()
);

Implementations§

source§

impl SecretStorageKey

source

pub fn new() -> Self

Create a new random SecretStorageKey.

source

pub fn new_from_passphrase(passphrase: &str) -> Self

Create a new passphrase-based SecretStorageKey.

The passphrase will be expanded into a 32-byte key using the m.pbkdf2 algorithm described in the spec.

source

pub fn from_account_data( input: &str, content: SecretStorageKeyEventContent, ) -> Result<Self, DecodeError>

Restore a SecretStorageKey from the given input and the description of the key.

The SecretStorageKeyEventContent will contain the description of the SecretStorageKey. The constructor will check if the provided input string matches to the description.

The input can be a passphrase or a Base58 export of the SecretStorageKey.

source

pub fn to_base58(&self) -> String

Export the SecretStorageKey as a base58-encoded string as defined in the spec.

Note: This returns a copy of the private key material of the SecretStorageKey as a string. The caller needs to ensure that this string is zeroized.

source

pub fn encrypt( &self, plaintext: Vec<u8>, secret_name: &SecretName, ) -> AesHmacSha2EncryptedData

Encrypt a given secret string as a Secrets Storage secret with the given secret name.

§Examples
use matrix_sdk_crypto::secret_storage::SecretStorageKey;
use ruma::events::secret::request::SecretName;

let key = SecretStorageKey::new();
let secret = "It's a secret to everybody";
let secret_name = SecretName::from("my-secret");

let encrypted_data = key.encrypt(secret.as_bytes().to_vec(), &secret_name);

let decrypted = key.decrypt(&encrypted_data, &secret_name)?;

assert_eq!(secret.as_bytes(), decrypted);
source

pub fn decrypt( &self, data: &AesHmacSha2EncryptedData, secret_name: &SecretName, ) -> Result<Vec<u8>, MacError>

Decrypt the given AesHmacSha2EncryptedData containing a secret with the given secret name.

source

pub fn event_content(&self) -> &SecretStorageKeyEventContent

The info about the SecretStorageKey formatted as a SecretStorageKeyEventContent.

The SecretStorageKeyEventContent contains information about the secret storage key. This information can be used to determine whether the secret the user has entered is a valid secret for unlocking the Secrets Storage (i.e. a valid SecretStorageKey).

source

pub fn key_id(&self) -> &str

The unique ID of this SecretStorageKey.

source

pub fn event_type(&self) -> GlobalAccountDataEventType

The event type of this SecretStorageKey.

Can be used when uploading the key info as a SecretStorageKeyEventContent to the homeserver.

The type is equal to the concatenation of the string "m.secret_storage.key." and the key ID from the SecretStorageKey::key_id() method.

Trait Implementations§

source§

impl Debug for SecretStorageKey

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Drop for SecretStorageKey

source§

fn drop(&mut self)

Executes the destructor for this type. Read more
source§

impl Zeroize for SecretStorageKey

source§

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, W> HasTypeWitness<W> for T
where W: MakeTypeWitness<Arg = T>, T: ?Sized,

source§

const WITNESS: W = W::MAKE

A constant of the type witness
source§

impl<T> Identity for T
where T: ?Sized,

§

type Type = T

The same type as Self, used to emulate type equality bounds (T == U) with associated type equality constraints (T: Identity<Type = U>).
source§

const TYPE_EQ: TypeEq<T, <T as Identity>::Type> = TypeEq::NEW

Proof that Self is the same type as Self::Type, provides methods for casting between Self and Self::Type.
source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

source§

fn vzip(self) -> V

source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> AsyncTraitDeps for T

source§

impl<T> SendOutsideWasm for T
where T: Send,

source§

impl<T> SyncOutsideWasm for T
where T: Sync,