Struct GenerateDataKeyRequest

pub struct GenerateDataKeyRequest {
    pub mount: String,
    pub key_type: DataKeyType,
    pub name: String,
    pub context: Option<String>,
    pub nonce: Option<String>,
    pub bits: Option<u16>,
}

Generate Data Key

This endpoint generates a new high-entropy key and the value encrypted with the named key. Optionally return the plaintext of the key as well. Whether plaintext is returned depends on the path; as a result, you can use Vault ACL policies to control whether a user is allowed to retrieve the plaintext value of a key. This is useful if you want an untrusted user or operation to generate keys that are then made available to trusted users.

• Path: {self.mount}/datakey/{self.key_type}/{self.name}
• Method: POST
• Response: GenerateDataKeyResponse
• Reference: https://developer.hashicorp.com/vault/api-docs/secret/transit#generate-data-key

Fields

mount: String

key_type: DataKeyType

Specifies the type of key to generate. If plaintext, the plaintext key will be returned along with the ciphertext. If wrapped, only the ciphertext value will be returned.

name: String

Specifies the name of the encryption key to use to encrypt the datakey.

context: Option<String>

Specifies the key derivation context, provided as a base64-encoded string. This must be provided if derivation is enabled.

nonce: Option<String>

Specifies a nonce value, provided as base64 encoded. Must be provided if convergent encryption is enabled for this key and the key was generated with Vault 0.6.1. Not required for keys created in 0.6.2+. The value must be exactly 96 bits (12 bytes) long and the user must ensure that for any given context (and thus, any given encryption key) this nonce value is never reused.

bits: Option<u16>

Specifies the number of bits in the desired key. Can be 128, 256, or 512. Default is 256 bits.

Implementations

impl GenerateDataKeyRequest

pub fn builder() -> GenerateDataKeyRequestBuilder

Trait Implementations

impl Debug for GenerateDataKeyRequest

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for GenerateDataKeyRequest

fn default() -> GenerateDataKeyRequest

Returns the “default value” for a type.

impl Endpoint for GenerateDataKeyRequest

const REQUEST_BODY_TYPE: RequestType = RequestType::JSON

The content type of the request body

const RESPONSE_BODY_TYPE: ResponseType = ResponseType::JSON

The content type of the response body

type Response = GenerateDataKeyResponse

The type that the raw response from executing this endpoint will deserialized into. This type is passed on to the EndpointResult and is used to determine the type returned when the parse() method is called.

fn path(&self) -> String

The relative URL path that represents the location of this Endpoint. This is combined with the base URL from a Client instance to create the fully qualified URL.

fn method(&self) -> RequestMethod

The HTTP method to be used when executing this Endpoint.

fn body(&self) -> Result<Option<Vec<u8>>, ClientError>

Optional data to add to the body of the request.

fn query(&self) -> Result<Option<String>, ClientError>

Optional query parameters to add to the request.

fn url(&self, base: &str) -> Result<Uri, ClientError>

Returns the full URL address of the endpoint using the base address.

fn request(&self, base: &str) -> Result<Request<Vec<u8>>, ClientError>

Returns a Request containing all data necessary to execute against this endpoint.

fn exec<'life0, 'life1, 'async_trait>( &'life0 self, client: &'life1 (impl Client + 'async_trait), ) -> Pin<Box<dyn Future<Output = Result<EndpointResult<Self::Response>, ClientError>> + Send + 'async_trait>>

where 'life0: 'async_trait, 'life1: 'async_trait, Self: 'async_trait,

Executes the Endpoint using the given Client.

fn with_middleware<M>(self, middleware: &M) -> MutatedEndpoint<'_, Self, M>

where M: MiddleWare,