Struct parsec_interface::operations::psa_key_attributes::Attributes

pub struct Attributes {
    pub lifetime: Lifetime,
    pub key_type: Type,
    pub bits: usize,
    pub policy: Policy,
}

Native definition of the attributes needed to fully describe a cryptographic key.

Fields

lifetime: Lifetime

Lifetime of the key

key_type: Type

Intrinsic category and type of the key

bits: usize

Size of the key in bits

policy: Policy

Policy restricting the permitted usage of the key

Implementations

impl Attributes

pub fn is_exportable(self) -> bool

Check if a key has permission to be exported

pub fn can_export(self) -> Result<(), Error>

Check export in a fallible way

Example

use psa_crypto::types::key::{Attributes, Type, Lifetime, Policy, UsageFlags};
use psa_crypto::types::algorithm::{Algorithm, AsymmetricSignature, Hash};

let mut attributes = Attributes {
    key_type: Type::RsaKeyPair,
    bits: 1024,
    lifetime: Lifetime::Volatile,
    policy: Policy {
        usage_flags: UsageFlags {
            export: false,
            copy: false,
            cache: false,
            encrypt: false,
            decrypt: false,
            sign_message: false,
            verify_message: false,
            sign_hash: false,
            verify_hash: false,
            derive: false,
        },
        permitted_algorithms: Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
            hash_alg: Hash::Sha256.into(),
        }),
    },
};
// Can not export because the export flag is set to false.
attributes.can_export().unwrap_err();

pub fn is_hash_signable(self) -> bool

Check if a key has permission to sign a message hash

pub fn can_sign_hash(self) -> Result<(), Error>

Check hash signing permission in a fallible way

pub fn is_hash_verifiable(self) -> bool

Check if a key has permission to verify a message hash

pub fn can_verify_hash(self) -> Result<(), Error>

Check hash signing permission in a fallible way

pub fn is_encrypt_permitted(self) -> bool

Check if a key has permissions to encrypt a message

pub fn can_encrypt_message(self) -> Result<(), Error>

Check encrypt permission in a fallible way

pub fn is_decrypt_permitted(self) -> bool

Check if a key has permissions to decrypt a message

pub fn can_decrypt_message(self) -> Result<(), Error>

Check decrypt permission in a fallible way

pub fn is_derivable(self) -> bool

Check if a key has permissions to be derived from

pub fn can_derive_from(self) -> Result<(), Error>

Check derive permission of a fallible way

pub fn is_alg_permitted(self, alg: Algorithm) -> bool

Check if the alg given for a cryptographic operation is permitted to be used with the key

pub fn permits_alg(self, alg: Algorithm) -> Result<(), Error>

Check if alg is permitted in a fallible way

pub fn is_compatible_with_alg(self, alg: Algorithm) -> bool

Check if the alg given for a cryptographic operation is compatible with the type of the key

Example

use psa_crypto::types::key::{Attributes, Type, Lifetime, Policy, UsageFlags};
use psa_crypto::types::algorithm::{Algorithm, AsymmetricSignature, Hash};

let permitted_alg = Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
    hash_alg: Hash::Sha256.into(),
});
let alg = Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
    hash_alg: Hash::Sha256.into(),
});
let mut attributes = Attributes {
    key_type: Type::RsaKeyPair,
    bits: 1024,
    lifetime: Lifetime::Volatile,
    policy: Policy {
        usage_flags: UsageFlags {
            export: false,
            copy: false,
            cache: false,
            encrypt: false,
            decrypt: false,
            sign_message: false,
            verify_message: false,
            sign_hash: false,
            verify_hash: false,
            derive: false,
        },
        permitted_algorithms: permitted_alg,
    },
};
assert!(attributes.is_compatible_with_alg(alg));
attributes.key_type = Type::RsaPublicKey;
assert!(attributes.is_compatible_with_alg(alg));

pub fn compatible_with_alg(self, alg: Algorithm) -> Result<(), Error>

Check if alg is compatible in a fallible way

Trait Implementations

impl Clone for Attributes

pub fn clone(&self) -> Attributes

Returns a copy of the value.

pub fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Copy for Attributes

impl Debug for Attributes

pub fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for Attributes

pub fn deserialize<__D>(
    __deserializer: __D
) -> Result<Attributes, <__D as Deserializer<'de>>::Error> where
    __D: Deserializer<'de>, 

Deserialize this value from the given Serde deserializer.

impl PartialEq<Attributes> for Attributes

pub fn eq(&self, other: &Attributes) -> bool

This method tests for self and other values to be equal, and is used by ==.

pub fn ne(&self, other: &Attributes) -> bool

This method tests for !=.

impl Serialize for Attributes

pub fn serialize<__S>(
    &self,
    __serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error> where
    __S: Serializer, 

Serialize this value into the given Serde serializer.

impl StructuralPartialEq for Attributes

impl Zeroize for Attributes

pub fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not "optimized away" by the compiler.