tor_keymgr/keystore.rs
1//! The [`Keystore`] trait and its implementations.
2
3pub(crate) mod arti;
4#[cfg(feature = "ctor-keystore")]
5pub(crate) mod ctor;
6pub(crate) mod fs_utils;
7
8#[cfg(feature = "ephemeral-keystore")]
9pub(crate) mod ephemeral;
10
11use tor_key_forge::{EncodableItem, ErasedKey, KeystoreItemType};
12
13use crate::{KeyPath, KeySpecifier, KeystoreId, Result};
14
15/// A generic key store.
16pub trait Keystore: Send + Sync + 'static {
17 /// An identifier for this key store instance.
18 ///
19 /// This identifier is used by some [`KeyMgr`](crate::KeyMgr) APIs to identify a specific key
20 /// store.
21 fn id(&self) -> &KeystoreId;
22
23 /// Check if the key identified by `key_spec` exists in this key store.
24 fn contains(&self, key_spec: &dyn KeySpecifier, item_type: &KeystoreItemType) -> Result<bool>;
25
26 /// Retrieve the key identified by `key_spec`.
27 ///
28 /// Returns `Ok(Some(key))` if the key was successfully retrieved. Returns `Ok(None)` if the
29 /// key does not exist in this key store.
30 fn get(
31 &self,
32 key_spec: &dyn KeySpecifier,
33 item_type: &KeystoreItemType,
34 ) -> Result<Option<ErasedKey>>;
35
36 /// Write `key` to the key store.
37 fn insert(&self, key: &dyn EncodableItem, key_spec: &dyn KeySpecifier) -> Result<()>;
38
39 /// Remove the specified key.
40 ///
41 /// A return value of `Ok(None)` indicates the key doesn't exist in this key store, whereas
42 /// `Ok(Some(())` means the key was successfully removed.
43 ///
44 /// Returns `Err` if an error occurred while trying to remove the key.
45 fn remove(
46 &self,
47 key_spec: &dyn KeySpecifier,
48 item_type: &KeystoreItemType,
49 ) -> Result<Option<()>>;
50
51 /// List all the keys in this keystore.
52 fn list(&self) -> Result<Vec<(KeyPath, KeystoreItemType)>>;
53}