yubihsm 0.26.0

Pure Rust client for YubiHSM2 devices with support for HTTP and USB-based access to the device. Supports most HSM functionality including ECDSA, Ed25519, HMAC, and RSA.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

//! Wrap messages

use super::nonce::{self, Nonce};
use failure::{bail, Error};
use serde::{Deserialize, Serialize};

/// Wrap wessage (encrypted HSM object or arbitrary data) encrypted under a wrap key
#[derive(Serialize, Deserialize, Debug, Clone)]
pub struct Message {
    /// Nonce used to encrypt the wrapped data
    pub nonce: Nonce,

    /// Ciphertext of the encrypted object
    pub ciphertext: Vec<u8>,
}

impl Message {
    /// Load a `Message` from a byte vector
    pub fn from_vec(mut vec: Vec<u8>) -> Result<Self, Error> {
        if vec.len() < nonce::SIZE {
            bail!("message must be at least {}-bytes", nonce::SIZE);
        }

        let ciphertext = vec.split_off(nonce::SIZE);
        let nonce = vec.as_ref();

        Ok(Self::new(nonce, ciphertext))
    }

    /// Create a new `Message`
    pub fn new<N, V>(nonce: N, ciphertext: V) -> Self
    where
        N: Into<Nonce>,
        V: Into<Vec<u8>>,
    {
        Self {
            nonce: nonce.into(),
            ciphertext: ciphertext.into(),
        }
    }

    /// Convert this message into a byte vector
    pub fn into_vec(self) -> Vec<u8> {
        self.into()
    }
}

impl Into<Vec<u8>> for Message {
    fn into(self) -> Vec<u8> {
        let Message {
            nonce,
            mut ciphertext,
        } = self;

        let mut vec = Vec::with_capacity(nonce::SIZE + ciphertext.len());
        vec.extend_from_slice(nonce.as_ref());
        vec.append(&mut ciphertext);

        vec
    }
}