vaultrs::api::transit::requests

Struct EncryptDataRequest

source 
pub struct EncryptDataRequest {
    pub mount: String,
    pub name: String,
    pub plaintext: String,
    pub context: Option<String>,
    pub key_version: Option<u64>,
    pub nonce: Option<String>,
    pub key_type: Option<KeyType>,
    pub convergent_encryption: Option<String>,
}
Expand description

§Encrypt Data

This endpoint encrypts the provided plaintext using the named key. This path supports the create and update policy capabilities as follows: if the user has the create capability for this endpoint in their policies, and the key does not exist, it will be upserted with default values (whether the key requires derivation depends on whether the context parameter is empty or not). If the user only has update capability and the key does not exist, an error will be returned.

Fields§

§mount: String§name: String

Specifies the name of the encryption key to encrypt against.

§plaintext: String

Specifies base64 encoded plaintext to be encoded. NOTE: All plaintext data must be base64-encoded. The reason for this requirement is that Vault does not require that the plaintext is “text”. It could be a binary file such as a PDF or image. The easiest safe transport mechanism for this data as part of a JSON payload is to base64-encode it.

§context: Option<String>

Specifies the base64 encoded context for key derivation. This is required if key derivation is enabled for this key.

§key_version: Option<u64>

Specifies the version of the key to use for encryption. If not set, uses the latest version. Must be greater than or equal to the key’s min_encryption_version, if set.

§nonce: Option<String>

Specifies the base64 encoded nonce value. This must be provided if convergent encryption is enabled for this key and the key was generated with Vault 0.6.1. Not required for keys created in 0.6.2+. The value must be exactly 96 bits (12 bytes) long and the user must ensure that for any given context (and thus, any given encryption key) this nonce value is never reused.

§key_type: Option<KeyType>

This parameter is required when encryption key is expected to be created. When performing an upsert operation, the type of key to create.

§convergent_encryption: Option<String>

This parameter will only be used when a key is expected to be created. Whether to support convergent encryption. This is only supported when using a key with key derivation enabled and will require all requests to carry both a context and 96-bit (12-byte) nonce. The given nonce will be used in place of a randomly generated nonce. As a result, when the same context and nonce are supplied, the same ciphertext is generated. It is very important when using this mode that you ensure that all nonces are unique for a given context. Failing to do so will severely impact the ciphertext’s security.

Implementations§

Trait Implementations§

source§

impl Debug for EncryptDataRequest

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Default for EncryptDataRequest

source§

fn default() -> EncryptDataRequest

Returns the “default value” for a type. Read more
source§

impl Endpoint for EncryptDataRequest

source§

const REQUEST_BODY_TYPE: RequestType = RequestType::JSON

The content type of the request body
source§

const RESPONSE_BODY_TYPE: ResponseType = ResponseType::JSON

The content type of the response body
source§

type Response = EncryptDataResponse

The type that the raw response from executing this endpoint will deserialized into. This type is passed on to the EndpointResult and is used to determine the type returned when the parse() method is called.
source§

fn path(&self) -> String

The relative URL path that represents the location of this Endpoint. This is combined with the base URL from a Client instance to create the fully qualified URL.
source§

fn method(&self) -> RequestMethod

The HTTP method to be used when executing this Endpoint.
source§

fn body(&self) -> Result<Option<Vec<u8>>, ClientError>

Optional data to add to the body of the request.
source§

fn query(&self) -> Result<Option<String>, ClientError>

Optional query parameters to add to the request.
source§

fn url(&self, base: &str) -> Result<Uri, ClientError>

Returns the full URL address of the endpoint using the base address.
source§

fn request(&self, base: &str) -> Result<Request<Vec<u8>>, ClientError>

Returns a Request containing all data necessary to execute against this endpoint.
source§

fn exec<'life0, 'life1, 'async_trait>( &'life0 self, client: &'life1 (impl Client + 'async_trait), ) -> Pin<Box<dyn Future<Output = Result<EndpointResult<Self::Response>, ClientError>> + Send + 'async_trait>>
where 'life0: 'async_trait, 'life1: 'async_trait, Self: 'async_trait,

Executes the Endpoint using the given Client.
source§

fn with_middleware<M>(self, middleware: &M) -> MutatedEndpoint<'_, Self, M>
where M: MiddleWare,

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<E> ResponseWrapper for E
where E: Endpoint,

source§

fn wrap<'life0, 'async_trait>( self, client: &'life0 (impl 'async_trait + Client), ) -> Pin<Box<dyn Future<Output = Result<WrappedResponse<Self>, ClientError>> + Send + 'async_trait>>
where Self: Send + 'async_trait, 'life0: 'async_trait,

source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

source§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

impl<T> ErasedDestructor for T
where T: 'static,

source§

impl<T> MaybeSendSync for T