nethsm_config::config

Enum AdministrativeSecretHandling

Source 
pub enum AdministrativeSecretHandling {
    Plaintext,
    SystemdCreds,
    ShamirsSecretSharing,
}
Expand description

The handling of administrative secrets.

Administrative secrets may be handled in different ways (e.g. persistent or non-persistent).

Variants§

§

Plaintext

The administrative secrets are handled in a plaintext file in a non-volatile directory.

§Warning

This variant should only be used in non-production test setups, as it implies the persistence of unencrypted administrative secrets on a file system.

§

SystemdCreds

The administrative secrets are handled in a file encrypted using systemd-creds in a non-volatile directory.

§Warning

This variant should only be used in non-production test setups, as it implies the persistence of (host-specific) encrypted administrative secrets on a file system, that could be extracted if the host is compromised.

§

ShamirsSecretSharing

The administrative secrets are handled using Shamir’s Secret Sharing (SSS).

This variant is the default for production use, as the administrative secrets are only ever exposed on a volatile filesystem for the time of their use. The secrets are only made available to the system as shares of a shared secret, split using SSS. This way no holder of a share is aware of the administrative secrets and the system only for as long as it needs to use the administrative secrets.

Trait Implementations§

Source§

impl Clone for AdministrativeSecretHandling

Source§

fn clone(&self) -> AdministrativeSecretHandling

Returns a copy of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for AdministrativeSecretHandling

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for AdministrativeSecretHandling

Source§

fn default() -> AdministrativeSecretHandling

Returns the “default value” for a type. Read more
Source§

impl<'de> Deserialize<'de> for AdministrativeSecretHandling

Source§

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more
Source§

impl PartialEq for AdministrativeSecretHandling

Source§

fn eq(&self, other: &AdministrativeSecretHandling) -> bool

Tests for self and other values to be equal, and is used by ==.
1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.
Source§

impl Serialize for AdministrativeSecretHandling

Source§

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>
where __S: Serializer,

Serialize this value into the given Serde serializer. Read more
Source§

impl Copy for AdministrativeSecretHandling

Source§

impl Eq for AdministrativeSecretHandling

Source§

impl StructuralPartialEq for AdministrativeSecretHandling

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dst: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Checks if this value is equivalent to the given key. Read more
§

impl<Q, K> Equivalent<K> for Q
where Q: Eq + ?Sized, K: Borrow<Q> + ?Sized,

§

fn equivalent(&self, key: &K) -> bool

Compare self to key and return true if they are equal.
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

Source§

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,

§

impl<T> ErasedDestructor for T
where T: 'static,

§

impl<T> MaybeSendSync for T