cosmian_kms_crypto 5.24.0

Cosmian KMS Crypto - cryptographic operations and algorithms
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

use cosmian_kmip::kmip_2_1::{
    kmip_attributes::Attributes,
    kmip_objects::ObjectType,
    kmip_operations::ReKeyKeyPair,
    kmip_types::{CryptographicAlgorithm, KeyFormatType, UniqueIdentifier},
};

use super::attributes::{RekeyEditAction, rekey_edit_action_as_vendor_attribute};
use crate::error::CryptoError;

/// Build a `ReKeyKeyPair` request.
/// To re-key an attribute of a user decryption key, we first need:
/// - the MSK UID
/// - the `CoverCrypt` attributes to revoke
/// - the `ReKeyKeyPairAction` to perform
///
/// The routine will then locate and renew all user decryption keys linked to
/// this MSK.
pub fn build_rekey_keypair_request(
    vendor_id: &str,
    msk_uid: &str,
    action: &RekeyEditAction,
) -> Result<ReKeyKeyPair, CryptoError> {
    Ok(ReKeyKeyPair {
        private_key_unique_identifier: Some(UniqueIdentifier::TextString(msk_uid.to_owned())),
        private_key_attributes: Some(Attributes {
            object_type: Some(ObjectType::PrivateKey),
            cryptographic_algorithm: Some(CryptographicAlgorithm::CoverCrypt),
            key_format_type: Some(KeyFormatType::CoverCryptSecretKey),
            vendor_attributes: Some(vec![rekey_edit_action_as_vendor_attribute(
                vendor_id, action,
            )?]),
            ..Attributes::default()
        }),
        ..ReKeyKeyPair::default()
    })
}