kmip_protocol/types/
request.rs

1//! Rust types for sserializing KMIP requests.
2use enum_display_derive::Display;
3use serde_derive::Serialize;
4use std::fmt::Display;
5
6use super::common::{
7    ApplicationData, ApplicationNamespace, AttributeIndex, AttributeName, AttributeValue, CompromiseOccurrenceDate,
8    CryptographicAlgorithm, CryptographicLength, CryptographicParameters, CryptographicUsageMask, Data, DataLength,
9    KeyCompressionType, KeyFormatType, KeyMaterial, LinkType, LinkedObjectIdentifier, NameType, NameValue, ObjectType,
10    Operation, RevocationMessage, RevocationReasonCode, UniqueBatchItemID, UniqueIdentifier,
11};
12
13///  See KMIP 1.0 section 2.1.1 [Attribute](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581155).
14#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
15#[serde(rename = "0x420008")]
16pub struct Attribute(
17    pub AttributeName,
18    #[serde(skip_serializing_if = "Option::is_none")] pub Option<AttributeIndex>,
19    pub AttributeValue,
20);
21
22/// Helper functions to simplifying including KMIP TemplateAttributes in requests.
23///
24/// The set of possible attributes and their textual names are specified by the KMIP 1.0 spec in Section 3 Attributes.
25/// We offer various Attribute constructor functions that avoid the need for the caller to couple the right
26/// AttributeName and AttributeValue pairs together and to use the correct AttributeName text value and instead just Do
27/// The Right Thing for them.
28impl Attribute {
29    ///  See KMIP 1.0 section 3.1 Unique Identifier.
30    #[allow(non_snake_case)]
31    pub fn UniqueIdentifier(value: String) -> Self {
32        Attribute(
33            AttributeName("Unique Identifier".into()),
34            Option::<AttributeIndex>::None,
35            AttributeValue::TextString(value),
36        )
37    }
38
39    ///  See KMIP 1.0 section 3.2 Name.
40    #[allow(non_snake_case)]
41    pub fn Name(value: String) -> Self {
42        Attribute(
43            AttributeName("Name".into()),
44            Option::<AttributeIndex>::None,
45            AttributeValue::Name(NameValue(value), NameType::UninterpretedTextString),
46        )
47    }
48
49    ///  See KMIP 1.0 section 3.2 Name.
50    #[allow(non_snake_case)]
51    pub fn URI(value: String) -> Self {
52        Attribute(
53            AttributeName("Name".into()),
54            Option::<AttributeIndex>::None,
55            AttributeValue::Name(NameValue(value), NameType::URI),
56        )
57    }
58
59    ///  See KMIP 1.0 section 3.3 Object Type.
60    #[allow(non_snake_case)]
61    pub fn ObjectType(value: ObjectType) -> Self {
62        Attribute(
63            AttributeName("Object Type".into()),
64            Option::<AttributeIndex>::None,
65            AttributeValue::ObjectType(value),
66        )
67    }
68
69    ///  See KMIP 1.0 section 3.4 Cryptographic Algorithm.
70    #[allow(non_snake_case)]
71    pub fn CryptographicAlgorithm(value: CryptographicAlgorithm) -> Self {
72        Attribute(
73            AttributeName("Cryptographic Algorithm".into()),
74            Option::<AttributeIndex>::None,
75            AttributeValue::CryptographicAlgorithm(value),
76        )
77    }
78
79    ///  See KMIP 1.0 section 3.5 Cryptographic Length.
80    #[allow(non_snake_case)]
81    pub fn CryptographicLength(value: i32) -> Self {
82        Attribute(
83            AttributeName("Cryptographic Length".into()),
84            Option::<AttributeIndex>::None,
85            AttributeValue::Integer(value),
86        )
87    }
88
89    ///  See KMIP 1.0 section 3.6 Cryptographic Parameters.
90    #[allow(non_snake_case)]
91    pub fn CryptographicParameters(cryptographic_parameters: CryptographicParameters) -> Self {
92        Attribute(
93            AttributeName("Cryptographic Parameters".into()),
94            Option::<AttributeIndex>::None,
95            cryptographic_parameters.into(),
96        )
97    }
98
99    ///  See KMIP 1.0 section 3.13 Operation Policy Name.
100    #[allow(non_snake_case)]
101    pub fn OperationPolicyName(value: String) -> Self {
102        Attribute(
103            AttributeName("Operation Policy Name".into()),
104            Option::<AttributeIndex>::None,
105            AttributeValue::TextString(value),
106        )
107    }
108
109    ///  See KMIP 1.0 section 3.14 Cryptographic Usage Mask.
110    #[allow(non_snake_case)]
111    pub fn CryptographicUsageMask(value: CryptographicUsageMask) -> Self {
112        Attribute(
113            AttributeName("Cryptographic Usage Mask".into()),
114            Option::<AttributeIndex>::None,
115            AttributeValue::Integer(value as i32),
116        )
117    }
118
119    ///  See KMIP 1.0 section 3.24 Activation Date.
120    #[allow(non_snake_case)]
121    pub fn ActivationDate(value: u64) -> Self {
122        Attribute(
123            AttributeName("Activation Date".into()),
124            Option::<AttributeIndex>::None,
125            AttributeValue::DateTime(value),
126        )
127    }
128
129    ///  See KMIP 1.0 section 3.28 Object Group.
130    #[allow(non_snake_case)]
131    pub fn ObjectGroup(value: String) -> Self {
132        Attribute(
133            AttributeName("Object Group".into()),
134            Option::<AttributeIndex>::None,
135            AttributeValue::TextString(value),
136        )
137    }
138
139    ///  See KMIP 1.0 section 3.29 Link.
140    #[allow(non_snake_case)]
141    pub fn Link(link_type: LinkType, linked_object_identifier: LinkedObjectIdentifier) -> Self {
142        Attribute(
143            AttributeName("Link".into()),
144            Option::<AttributeIndex>::None,
145            AttributeValue::Link(link_type, linked_object_identifier),
146        )
147    }
148
149    ///  See KMIP 1.0 section 3.30 Application Specific Information.
150    #[allow(non_snake_case)]
151    pub fn ApplicationSpecificInformation(
152        application_namespace: ApplicationNamespace,
153        application_data: ApplicationData,
154    ) -> Self {
155        Attribute(
156            AttributeName("Application Specific Information".into()),
157            Option::<AttributeIndex>::None,
158            AttributeValue::ApplicationSpecificInformation(application_namespace, application_data),
159        )
160    }
161
162    ///  See KMIP 1.0 section 3.31 Contact Information.
163    #[allow(non_snake_case)]
164    pub fn ContactInformation(value: String) -> Self {
165        Attribute(
166            AttributeName("Contact Information".into()),
167            Option::<AttributeIndex>::None,
168            AttributeValue::ContactInformation(value),
169        )
170    }
171}
172
173macro_rules! impl_template_attribute_flavour {
174    ($RustType:ident, $TtlvTag:literal) => {
175        ///  See KMIP 1.0 section 2.1.8 [Template-Attribute Structures](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581162).
176        #[derive(Clone, Debug, Serialize, PartialEq, Eq)]
177        #[serde(rename = $TtlvTag)]
178        pub struct $RustType(
179            #[serde(skip_serializing_if = "Option::is_none")] pub Option<Vec<Name>>,
180            #[serde(skip_serializing_if = "Option::is_none")] pub Option<Vec<Attribute>>,
181        );
182        impl $RustType {
183            pub fn unnamed(attributes: Vec<Attribute>) -> Self {
184                Self(Option::<Vec<Name>>::None, Some(attributes))
185            }
186
187            pub fn named(name: String, attributes: Vec<Attribute>) -> Self {
188                Self(
189                    Some(vec![Name(NameValue(name), NameType::UninterpretedTextString)]),
190                    Some(attributes),
191                )
192            }
193        }
194    };
195}
196
197impl_template_attribute_flavour!(TemplateAttribute, "0x420091");
198impl_template_attribute_flavour!(CommonTemplateAttribute, "0x42001F");
199impl_template_attribute_flavour!(PrivateKeyTemplateAttribute, "0x420065");
200impl_template_attribute_flavour!(PublicKeyTemplateAttribute, "0x42006E");
201
202///  See KMIP 1.0 section 2.1.2 [Credential](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581156).
203#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
204#[serde(rename = "0x420023")]
205pub struct Credential(pub CredentialType, pub CredentialValue);
206
207///  See KMIP 1.0 section 2.1.2 [Credential](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581156).
208#[derive(Clone, Copy, Debug, Serialize, Display, PartialEq, Eq)]
209#[serde(rename = "0x420024")]
210#[non_exhaustive]
211pub enum CredentialType {
212    #[serde(rename = "0x00000001")]
213    UsernameAndPassword,
214}
215
216///  See KMIP 1.0 section 2.1.2 [Credential](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581156).
217#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
218#[serde(rename = "0x420025")]
219#[non_exhaustive]
220pub enum CredentialValue {
221    UsernameAndPassword(
222        Username,
223        #[serde(skip_serializing_if = "Option::is_none")] Option<Password>,
224    ),
225}
226
227///  See KMIP 1.0 section 2.1.2 [Credential](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581156).
228#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
229#[serde(rename = "Transparent:0x420099")]
230pub struct Username(pub String);
231
232///  See KMIP 1.0 section 2.1.2 [Credential](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581156).
233#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
234#[serde(rename = "Transparent:0x4200A1")]
235pub struct Password(pub String);
236
237///  See KMIP 1.0 section 2.1.3 [Key Block](https://docs.oasis-open.org/kmip/spec/v1.2/os/kmip-spec-v1.2-os.html#_Toc409613459).
238#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
239#[serde(rename = "0x420040")]
240pub struct KeyBlock(
241    pub KeyFormatType,
242    #[serde(skip_serializing_if = "Option::is_none")] pub Option<KeyCompressionType>,
243    #[serde(skip_serializing_if = "Option::is_none")] pub Option<KeyValue>,
244    #[serde(skip_serializing_if = "Option::is_none")] pub Option<CryptographicAlgorithm>,
245    #[serde(skip_serializing_if = "Option::is_none")] pub Option<CryptographicLength>,
246    #[serde(skip_serializing_if = "Option::is_none")] pub Option<KeyWrappingData>,
247);
248
249///  See KMIP 1.0 section 2.1.4 [Key Value](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581158).
250#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
251#[serde(rename = "0x420045")]
252pub struct KeyValue(
253    pub KeyMaterial,
254    #[serde(skip_serializing_if = "Option::is_none")] pub Option<Vec<Attribute>>,
255);
256
257///  See KMIP 1.0 section 2.1.5 [Key Wrapping Data](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581159).
258#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
259#[serde(rename = "0x420046")]
260pub struct KeyWrappingData(
261    pub WrappingMethod,
262    #[serde(skip_serializing_if = "Option::is_none")] pub Option<EncryptionKeyInformation>,
263    #[serde(skip_serializing_if = "Option::is_none")] pub Option<MACOrSignatureKeyInformation>,
264    #[serde(skip_serializing_if = "Option::is_none")] pub Option<MACOrSignature>,
265    #[serde(skip_serializing_if = "Option::is_none")] pub Option<IVOrCounterOrNonce>,
266    #[serde(skip_serializing_if = "Option::is_none")] pub Option<Vec<Attribute>>,
267);
268
269///  See KMIP 1.0 section 2.1.5 [Key Wrapping Data](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581159).
270#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
271#[serde(rename = "Transparent:0x42004D")]
272pub struct MACOrSignature(#[serde(with = "serde_bytes")] Vec<u8>);
273
274///  See KMIP 1.0 section 2.1.5 [Key Wrapping Data](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581159).
275#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
276#[serde(rename = "Transparent:0x42003D")]
277pub struct IVOrCounterOrNonce(#[serde(with = "serde_bytes")] Vec<u8>);
278
279///  See KMIP 1.0 section 2.1.5 [Key Wrapping Data](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581159).
280#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
281#[serde(rename = "0x420036")]
282pub struct EncryptionKeyInformation(
283    pub UniqueIdentifier,
284    #[serde(skip_serializing_if = "Option::is_none")] pub Option<CryptographicParameters>,
285);
286
287///  See KMIP 1.0 section 2.1.5 [Key Wrapping Data](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581159).
288#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
289#[serde(rename = "0x42004E")]
290pub struct MACOrSignatureKeyInformation(
291    pub UniqueIdentifier,
292    #[serde(skip_serializing_if = "Option::is_none")] pub Option<CryptographicParameters>,
293);
294
295///  See KMIP 1.0 section 2.1.6 [Key Wrapping Specification](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581160).
296#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
297#[serde(rename = "Transparent:0x420047")]
298pub struct KeyWrappingSpecification(
299    pub WrappingMethod,
300    #[serde(skip_serializing_if = "Option::is_none")] pub Option<EncryptionKeyInformation>,
301    #[serde(skip_serializing_if = "Option::is_none")] pub Option<MACOrSignatureKeyInformation>,
302    #[serde(skip_serializing_if = "Option::is_none")] pub Option<Vec<Attribute>>,
303);
304
305///  See KMIP 1.0 section 2.2 [Managed Objects](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581163).
306#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
307#[serde(untagged)]
308#[non_exhaustive]
309pub enum ManagedObject {
310    // Certificate(Certificate),
311    // Not implemented
312    SymmetricKey(SymmetricKey),
313
314    PublicKey(PublicKey),
315
316    PrivateKey(PrivateKey),
317
318    // SplitKey(SplitKey),
319    // Not implemented
320    Template(Template),
321    // SecretData(SecretData),
322    // Not implemented
323
324    // OpaqueObject(OpaqueObject),
325    // Not implemented
326}
327
328///  See KMIP 1.0 section 2.2.2 [Symmetric Key](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581165).
329#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
330#[serde(rename = "0x42008F")]
331pub struct SymmetricKey(pub KeyBlock);
332
333///  See KMIP 1.0 section 2.2.3 [Public Key](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581166).
334#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
335#[serde(rename = "0x42006D")]
336pub struct PublicKey(pub KeyBlock);
337
338///  See KMIP 1.0 section 2.2.4 [Private Key](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581167).
339#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
340#[serde(rename = "0x420064")]
341pub struct PrivateKey(pub KeyBlock);
342
343///  See KMIP 1.0 section 2.2.6 [Template](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581169).
344#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
345#[serde(rename = "0x420090")]
346pub struct Template(pub Vec<Attribute>);
347
348///  See KMIP 1.0 section 3.2 [Name](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581174).
349#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
350#[serde(rename = "0x420053")]
351pub struct Name(pub NameValue, pub NameType);
352
353impl std::fmt::Display for Name {
354    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
355        f.write_fmt(format_args!("{}", self.0))
356    }
357}
358
359///  See KMIP 1.0 section 3.26 [Revocation Reason](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581200).
360#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
361#[serde(rename = "0x420081")]
362pub struct RevocationReason(
363    pub RevocationReasonCode,
364    #[serde(skip_serializing_if = "Option::is_none")] pub Option<RevocationMessage>,
365);
366
367///  See KMIP 1.0 section 6.1 [Protocol Version](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581239).
368#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
369#[serde(rename = "0x420069")]
370pub struct ProtocolVersion(pub ProtocolVersionMajor, pub ProtocolVersionMinor);
371
372///  See KMIP 1.0 section 6.1 [Protocol Version](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581239).
373#[derive(Clone, Copy, Debug, Serialize, PartialEq, Eq)]
374#[serde(rename = "Transparent:0x42006A")]
375pub struct ProtocolVersionMajor(pub i32);
376
377///  See KMIP 1.0 section 6.1 [Protocol Version](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581239).
378#[derive(Clone, Copy, Debug, Serialize, PartialEq, Eq)]
379#[serde(rename = "Transparent:0x42006B")]
380pub struct ProtocolVersionMinor(pub i32);
381
382///  See KMIP 1.0 section 6.3 [Maximum Response Size](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581241).
383#[derive(Clone, Copy, Debug, Serialize, PartialEq, Eq)]
384#[serde(rename = "Transparent:0x420050")]
385pub struct MaximumResponseSize(pub i32);
386
387///  See KMIP 1.0 section 6.6 [Authentication](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581244).
388#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
389#[serde(rename = "0x42000C")]
390pub struct Authentication(pub Credential);
391
392///  See KMIP 1.0 section 6.14 [Batch Count](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581252).
393#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
394#[serde(rename = "Transparent:0x42000D")]
395pub struct BatchCount(pub i32);
396
397///  See KMIP 1.0 section 6.15 [Batch Item](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581253).
398#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
399#[serde(rename = "0x42000F")]
400pub struct BatchItem(
401    pub Operation, // TODO: set this somehow automatically to RequestPayload::operation()
402    #[serde(skip_serializing_if = "Option::is_none")] pub Option<UniqueBatchItemID>,
403    pub RequestPayload,
404);
405
406///  See KMIP 1.0 section 7.1 [Message Structure](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581256).
407#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
408#[serde(rename = "0x420078")]
409pub struct RequestMessage(pub RequestHeader, pub Vec<BatchItem>);
410
411///  See KMIP 1.0 section 7.2 [Operations](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581257).
412#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
413#[serde(rename = "0x420077")]
414pub struct RequestHeader(
415    pub ProtocolVersion,
416    #[serde(skip_serializing_if = "Option::is_none")] pub Option<MaximumResponseSize>,
417    #[serde(skip_serializing_if = "Option::is_none")] pub Option<Authentication>,
418    pub BatchCount,
419);
420
421///  See KMIP 1.0 section 7.1 [Message Structure](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581256).
422#[derive(Clone, Debug, Serialize, PartialEq, Eq)]
423#[serde(rename = "0x420079")]
424#[non_exhaustive]
425#[allow(clippy::large_enum_variant)]
426pub enum RequestPayload {
427    // ///  See KMIP 1.0 section 4.1 Create.
428    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581209
429    Create(ObjectType, TemplateAttribute),
430
431    // ///  See KMIP 1.0 section 4.2 Create Key Pair.
432    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581210
433    CreateKeyPair(
434        #[serde(skip_serializing_if = "Option::is_none")] Option<CommonTemplateAttribute>,
435        #[serde(skip_serializing_if = "Option::is_none")] Option<PrivateKeyTemplateAttribute>,
436        #[serde(skip_serializing_if = "Option::is_none")] Option<PublicKeyTemplateAttribute>,
437    ),
438
439    // ///  See KMIP 1.0 section 4.3 Register.
440    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581211
441    Register(
442        ObjectType,
443        TemplateAttribute,
444        #[serde(skip_serializing_if = "Option::is_none")] Option<ManagedObject>,
445    ),
446
447    // ///  See KMIP 1.0 section 4.8 Locate.
448    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581216
449    Locate(Vec<Attribute>), // TODO: Add MaximumItems and StorageStatusMask optional request payload fields
450
451    // ///  See KMIP 1.0 section 4.10 Get.
452    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581218
453    Get(
454        #[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>,
455        #[serde(skip_serializing_if = "Option::is_none")] Option<KeyFormatType>,
456        #[serde(skip_serializing_if = "Option::is_none")] Option<KeyCompressionType>,
457        #[serde(skip_serializing_if = "Option::is_none")] Option<KeyWrappingSpecification>,
458    ),
459
460    // ///  See KMIP 1.0 section 4.11 Get Attributes.
461    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581219
462    GetAttributes(
463        #[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>,
464        #[serde(skip_serializing_if = "Option::is_none")] Option<Vec<AttributeName>>,
465    ),
466
467    // ///  See KMIP 1.0 section 4.12 Get Attribute List.
468    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581220
469    GetAttributeList(#[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>),
470
471    // ///  See KMIP 1.0 section 4.13 Add Attribute.
472    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581221
473    AddAttribute(
474        #[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>,
475        Attribute,
476    ),
477
478    // ///  See KMIP 1.0 section 4.14 Modify Attribute.
479    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581222
480    ModifyAttribute(
481        #[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>,
482        Attribute,
483    ),
484
485    // ///  See KMIP 1.0 section 4.15 Delete Attribute.
486    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581223
487    DeleteAttribute(
488        #[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>,
489        AttributeName,
490        #[serde(skip_serializing_if = "Option::is_none")] Option<AttributeIndex>,
491    ),
492
493    // ///  See KMIP 1.0 section 4.18 Activate.
494    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581226
495    Activate(#[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>),
496
497    // ///  See KMIP 1.0 section 4.19 Revoke.
498    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581227
499    Revoke(
500        #[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>,
501        RevocationReason,
502        #[serde(skip_serializing_if = "Option::is_none")] Option<CompromiseOccurrenceDate>,
503    ),
504
505    // ///  See KMIP 1.0 section 4.20 Destroy.
506    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581228
507    Destroy(#[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>),
508
509    // ///  See KMIP 1.0 section 4.24 Query.
510    // See: https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Toc262581232
511    Query(Vec<QueryFunction>),
512
513    // ///  See KMIP 1.1 section 4.26 Discover Versions.
514    // See: https://docs.oasis-open.org/kmip/spec/v1.1/cs01/kmip-spec-v1.1-cs01.html#_Toc332787652
515    DiscoverVersions(Vec<ProtocolVersion>),
516
517    // ///  See KMIP 1.2 section 4.31 Sign.
518    // See: https://docs.oasis-open.org/kmip/spec/v1.2/os/kmip-spec-v1.2-os.html#_Toc409613558
519    Sign(
520        #[serde(skip_serializing_if = "Option::is_none")] Option<UniqueIdentifier>,
521        #[serde(skip_serializing_if = "Option::is_none")] Option<CryptographicParameters>,
522        Data,
523    ),
524
525    // ///  See KMIP 1.2 section 4.35 RNG Retrieve.
526    // See: https://docs.oasis-open.org/kmip/spec/v1.2/os/kmip-spec-v1.2-os.html#_Toc409613562
527    RNGRetrieve(DataLength),
528}
529
530impl RequestPayload {
531    pub fn operation(&self) -> Operation {
532        match self {
533            RequestPayload::Create(..) => Operation::Create,
534            RequestPayload::CreateKeyPair(..) => Operation::CreateKeyPair,
535            RequestPayload::Register(..) => Operation::Register,
536            // Not implemented: Re-key (KMIP 1.0)
537            // Not implemented: Re-key Key Pair (KMIP 1.1)
538            // Not implemented: Derive Key (KMIP 1.0)
539            // Not implemented: Certify (KMIP 1.0)
540            // Not implemented: Re-certify (KMIP 1.0)
541            RequestPayload::Locate(..) => Operation::Locate,
542            // Not implemented: Check (KMIP 1.0)
543            RequestPayload::Get(..) => Operation::Get,
544            RequestPayload::GetAttributes(..) => Operation::GetAttributes,
545            RequestPayload::GetAttributeList(..) => Operation::GetAttributeList,
546            RequestPayload::AddAttribute(..) => Operation::AddAttribute,
547            RequestPayload::ModifyAttribute(..) => Operation::ModifyAttribute,
548            RequestPayload::DeleteAttribute(..) => Operation::DeleteAttribute,
549            // Not implemented: Obtain Lease (KMIP 1.0)
550            // Not implemented: Get Usage Allocation (KMIP 1.0)
551            RequestPayload::Activate(..) => Operation::Activate,
552            RequestPayload::Revoke(..) => Operation::Revoke,
553            RequestPayload::Destroy(..) => Operation::Destroy,
554            // Not implemented: Archive (KMIP 1.0)
555            // Not implemented: Recover (KMIP 1.0)
556            // Not implemented: Validate (KMIP 1.0)
557            RequestPayload::Query(..) => Operation::Query,
558            RequestPayload::DiscoverVersions(..) => Operation::DiscoverVersions,
559            // Not implemented: Cancel (KMIP 1.0)
560            // Not implemented: Poll (KMIP 1.0)
561            // Not implemented: Encrypt (KMIP 1.2)
562            // Not implemented: Decrypt (KMIP 1.2)
563            RequestPayload::Sign(..) => Operation::Sign,
564            // Not implemented: Signature Verify (KMIP 1.2)
565            // Not implemented: MAC (KMIP 1.2)
566            // Not implemented: MAC Verify (KMIP 1.2)
567            RequestPayload::RNGRetrieve(..) => Operation::RNGRetrieve,
568            // Not implemented: RNG Seed (KMIP 1.2)
569            // Not implemented: Hash (KMIP 1.2)
570            // Not implemented: Create Split Key (KMIP 1.2)
571            // Not implemented: Join Split Key (KMIP 1.2)
572        }
573    }
574
575    pub fn protocol_version(&self) -> ProtocolVersion {
576        match self {
577            RequestPayload::Create(..)
578            | RequestPayload::CreateKeyPair(..)
579            | RequestPayload::Register(..)
580            | RequestPayload::Locate(..)
581            | RequestPayload::Get(..)
582            | RequestPayload::GetAttributes(..)
583            | RequestPayload::GetAttributeList(..)
584            | RequestPayload::AddAttribute(..)
585            | RequestPayload::ModifyAttribute(..)
586            | RequestPayload::DeleteAttribute(..)
587            | RequestPayload::Activate(..)
588            | RequestPayload::Revoke(..)
589            | RequestPayload::Destroy(..) => {
590                // These KMIP operations are defined in the KMIP 1.0 specification
591                ProtocolVersion(ProtocolVersionMajor(1), ProtocolVersionMinor(0))
592            }
593            RequestPayload::DiscoverVersions(..) => {
594                // These KMIP operations are defined in the KMIP 1.1 specification
595                ProtocolVersion(ProtocolVersionMajor(1), ProtocolVersionMinor(1))
596            }
597            RequestPayload::Sign(..) | RequestPayload::RNGRetrieve(..) => {
598                // These KMIP operations are defined in the KMIP 1.2 specification
599                ProtocolVersion(ProtocolVersionMajor(1), ProtocolVersionMinor(2))
600            }
601            RequestPayload::Query(..) => {
602                // TODO: Although query is defined in the KMIP 1.0 specification, KMIP servers that support KMIP >1.0
603                // are required by the specification to "support backward compatibility with versions of the protocol
604                // with the same major version". A KMIP 1.2 server cannot respond to a Query request with KMIP tag
605                // numbers representing KMIP Operations that were only defined in a KMIP specification >1.0. Presumably
606                // therefore we must pass the highest version number that both we and the server support. Currently
607                // this is just dumb and passes the highest version number that we support, we should actually base
608                // it on the result of a previous attempt to use the KMIP 1.1 Discover Versions request.
609                ProtocolVersion(ProtocolVersionMajor(1), ProtocolVersionMinor(2))
610            }
611        }
612    }
613}
614
615///  See KMIP 1.0 section 9.1.3.2.4 [Wrapping Method Enumeration](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Ref241993348).
616#[derive(Clone, Copy, Debug, Serialize, Display, PartialEq, Eq)]
617#[serde(rename = "0x42009E")]
618#[non_exhaustive]
619pub enum WrappingMethod {
620    #[serde(rename = "0x00000001")]
621    Encrypt,
622
623    #[serde(rename = "0x00000002")]
624    MACSign,
625
626    #[serde(rename = "0x00000003")]
627    EncryptThenMACSign,
628
629    #[serde(rename = "0x00000004")]
630    MACSignThenEncrypt,
631
632    #[serde(rename = "0x00000005")]
633    TR31,
634}
635
636///  See KMIP 1.0 section 9.1.3.2.23 [Query Function Enumeration](https://docs.oasis-open.org/kmip/spec/v1.0/os/kmip-spec-1.0-os.html#_Ref242030554).
637#[derive(Clone, Copy, Debug, Serialize, Display, PartialEq, Eq)]
638#[serde(rename = "0x420074")]
639#[non_exhaustive]
640pub enum QueryFunction {
641    #[serde(rename = "0x00000001")]
642    QueryOperations,
643
644    #[serde(rename = "0x00000002")]
645    QueryObjects,
646
647    #[serde(rename = "0x00000003")]
648    QueryServerInformation,
649    // Note: This set of enum variants is deliberately limited to those that we currently support.
650}