pub trait SkfContainer {
// Required methods
fn name(&self) -> &str;
fn get_type(&self) -> Result<u32>;
fn import_certificate(&self, signer: bool, data: &[u8]) -> Result<()>;
fn export_certificate(&self, signer: bool) -> Result<Vec<u8>>;
fn ecc_gen_key_pair(&self, alg_id: u32) -> Result<ECCPublicKeyBlob>;
fn ecc_import_key_pair(
&self,
enveloped_key: &EnvelopedKeyData,
) -> Result<()>;
fn ecc_export_public_key(&self, sign_part: bool) -> Result<Vec<u8>>;
fn ecc_sign(&self, hash: &[u8]) -> Result<ECCSignatureBlob>;
fn sk_gen_agreement_data(
&self,
alg_id: u32,
id: &[u8],
) -> Result<(ECCPublicKeyBlob, Box<dyn ManagedKey>)>;
fn sk_gen_agreement_data_and_key(
&self,
alg_id: u32,
initiator_key: &ECCPublicKeyBlob,
initiator_tmp_key: &ECCPublicKeyBlob,
initiator_id: &[u8],
responder_id: &[u8],
) -> Result<(ECCPublicKeyBlob, Box<dyn ManagedKey>)>;
fn sk_import(
&self,
alg_id: u32,
key_data: &[u8],
) -> Result<Box<dyn ManagedKey>>;
fn sk_export(
&self,
alg_id: u32,
key: &ECCPublicKeyBlob,
) -> Result<(Box<dyn ManagedKey>, ECCEncryptedData)>;
}Expand description
Required Methods§
Sourcefn get_type(&self) -> Result<u32>
fn get_type(&self) -> Result<u32>
Get container type,the value of type can be:
- [CONTAINER_TYPE_UNKNOWN]
- [CONTAINER_TYPE_RSA]
- [CONTAINER_TYPE_ECC]
Sourcefn import_certificate(&self, signer: bool, data: &[u8]) -> Result<()>
fn import_certificate(&self, signer: bool, data: &[u8]) -> Result<()>
Import certificate to container
[signer] - True means The imported certificate is used for sign
[data] - The certificate data
Sourcefn export_certificate(&self, signer: bool) -> Result<Vec<u8>>
fn export_certificate(&self, signer: bool) -> Result<Vec<u8>>
Export certificate from container
[signer] - True means The exported certificate is used for sign
Sourcefn ecc_gen_key_pair(&self, alg_id: u32) -> Result<ECCPublicKeyBlob>
fn ecc_gen_key_pair(&self, alg_id: u32) -> Result<ECCPublicKeyBlob>
Generate ECC key pair(signing part),the private key will be stored in the container.
see [SKF_GenECCKeyPair] for more details
[alg_id] - The algorithm id, supported values is SGD_SM2_1
Sourcefn ecc_import_key_pair(&self, enveloped_key: &EnvelopedKeyData) -> Result<()>
fn ecc_import_key_pair(&self, enveloped_key: &EnvelopedKeyData) -> Result<()>
Import ECC key pair( encryption part) to container.
see [SKF_ImportECCKeyPair] for more details
[enveloped_key] - The enveloped key data
§permission state requirement
user permission
Sourcefn ecc_export_public_key(&self, sign_part: bool) -> Result<Vec<u8>>
fn ecc_export_public_key(&self, sign_part: bool) -> Result<Vec<u8>>
Export ECC public key from container.
see [SKF_ExportPublicKey] for more details
[sign_part] - True means The exported public key is used for sign
Sourcefn ecc_sign(&self, hash: &[u8]) -> Result<ECCSignatureBlob>
fn ecc_sign(&self, hash: &[u8]) -> Result<ECCSignatureBlob>
Sign data use signing key in the container
see [SKF_ECCSignData] for more details
[hash] - The hash value of data.
When using the SM2 algorithm, the data is the result of pre-processing the data to be
signed through the SM2 signature pre-processing. The pre-processing procedure follows GM/T 0009.
Sourcefn sk_gen_agreement_data(
&self,
alg_id: u32,
id: &[u8],
) -> Result<(ECCPublicKeyBlob, Box<dyn ManagedKey>)>
fn sk_gen_agreement_data( &self, alg_id: u32, id: &[u8], ) -> Result<(ECCPublicKeyBlob, Box<dyn ManagedKey>)>
Key exchange step: generate ephemeral public key and agreement key for initiator
see [SKF_GenerateAgreementDataWithECC] for more details
[alg_id] - The algorithm id used for session key generation
[id] - Initiator’s ID,max 32 bytes
§Return value
return ephemeral public key and key agreement handle
Sourcefn sk_gen_agreement_data_and_key(
&self,
alg_id: u32,
initiator_key: &ECCPublicKeyBlob,
initiator_tmp_key: &ECCPublicKeyBlob,
initiator_id: &[u8],
responder_id: &[u8],
) -> Result<(ECCPublicKeyBlob, Box<dyn ManagedKey>)>
fn sk_gen_agreement_data_and_key( &self, alg_id: u32, initiator_key: &ECCPublicKeyBlob, initiator_tmp_key: &ECCPublicKeyBlob, initiator_id: &[u8], responder_id: &[u8], ) -> Result<(ECCPublicKeyBlob, Box<dyn ManagedKey>)>
Key exchange step: generate ephemeral public key and session key for responder
see [SKF_GenerateAgreementDataAndKeyWithECC] for more details
[alg_id] - The algorithm id used for session key generation
[initiator_key] - Initiator’s public key
[initiator_tmp_key] - Initiator’s ephemeral public key
[initiator_id] - Initiator’s ID,max 32 bytes
[responder_id] - Responder’s ID,max 32 bytes
§Return value
return ephemeral public key and session key handle
Sourcefn sk_import(&self, alg_id: u32, key_data: &[u8]) -> Result<Box<dyn ManagedKey>>
fn sk_import(&self, alg_id: u32, key_data: &[u8]) -> Result<Box<dyn ManagedKey>>
Import session key
see [SKF_ImportSessionKey] for more details
[alg_id] - The algorithm id
[key_data] - The session key data
Sourcefn sk_export(
&self,
alg_id: u32,
key: &ECCPublicKeyBlob,
) -> Result<(Box<dyn ManagedKey>, ECCEncryptedData)>
fn sk_export( &self, alg_id: u32, key: &ECCPublicKeyBlob, ) -> Result<(Box<dyn ManagedKey>, ECCEncryptedData)>
Generate session key and export it
[alg_id] - The algorithm id used for session key generation
[key] - The public key,used for encrypt session key