Struct bonsaidb::local::vault::LocalVaultKeyStorage
pub struct LocalVaultKeyStorage { /* private fields */ }
Expand description
Stores vault key locally on disk. This is in general considered insecure, and shouldn’t be used without careful consideration.
The primary goal of encryption within BonsaiDb is to offer limited encryption at-rest. Within these goals, the primary attack vector being protected against is an attacker being able to copy the data off of the disks, either by physically gaining access to the drives or having filesystem access. By storing the vault key on the same physical media, the encryption should be considered insecure because if you can gain access to the data, you have access to the keys as well.
For production environments, it is much more secure to store the vault key in a separate location. We recommand any S3-compatible backend.
Implementations§
Trait Implementations§
§impl Clone for LocalVaultKeyStorage
impl Clone for LocalVaultKeyStorage
§fn clone(&self) -> LocalVaultKeyStorage
fn clone(&self) -> LocalVaultKeyStorage
Returns a copy of the value. Read more
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source
. Read more§impl Debug for LocalVaultKeyStorage
impl Debug for LocalVaultKeyStorage
§impl VaultKeyStorage for LocalVaultKeyStorage
impl VaultKeyStorage for LocalVaultKeyStorage
§type Error = LocalVaultKeyStorageError
type Error = LocalVaultKeyStorageError
The error type that the functions return.
§fn vault_key_for(
&self,
server_id: StorageId
) -> Result<Option<KeyPair>, <LocalVaultKeyStorage as VaultKeyStorage>::Error>
fn vault_key_for( &self, server_id: StorageId ) -> Result<Option<KeyPair>, <LocalVaultKeyStorage as VaultKeyStorage>::Error>
Retrieve all previously stored vault key for a given storage id.
§fn set_vault_key_for(
&self,
server_id: StorageId,
key: KeyPair
) -> Result<(), <LocalVaultKeyStorage as VaultKeyStorage>::Error>
fn set_vault_key_for( &self, server_id: StorageId, key: KeyPair ) -> Result<(), <LocalVaultKeyStorage as VaultKeyStorage>::Error>
Store a key. Each server id should have unique storage.
Auto Trait Implementations§
impl RefUnwindSafe for LocalVaultKeyStorage
impl Send for LocalVaultKeyStorage
impl Sync for LocalVaultKeyStorage
impl Unpin for LocalVaultKeyStorage
impl UnwindSafe for LocalVaultKeyStorage
Blanket Implementations§
§impl<T> AnyVaultKeyStorage for Twhere
T: VaultKeyStorage + 'static,
impl<T> AnyVaultKeyStorage for Twhere T: VaultKeyStorage + 'static,
§impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedExplicit<'a, E> for Twhere T: 'a,
§impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere
T: 'a,
impl<'a, T, E> AsTaggedImplicit<'a, E> for Twhere T: 'a,
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more