Struct parsec_interface::operations::psa_key_attributes::Attributes

pub struct Attributes {
    pub lifetime: Lifetime,
    pub key_type: Type,
    pub bits: usize,
    pub policy: Policy,
}

Native definition of the attributes needed to fully describe a cryptographic key.

Fields

lifetime: Lifetime

Lifetime of the key

key_type: Type

Intrinsic category and type of the key

bits: usize

Size of the key in bits

policy: Policy

Policy restricting the permitted usage of the key

Implementations

impl Attributes

pub fn is_exportable(self) -> bool

Check if a key has permission to be exported

pub fn can_export(self) -> Result<(), Error>

Check export in a fallible way

Example

use psa_crypto::types::key::{Attributes, Type, Lifetime, Policy, UsageFlags};
use psa_crypto::types::algorithm::{Algorithm, AsymmetricSignature, Hash};

let mut usage_flags: UsageFlags = Default::default();
let mut attributes = Attributes {
    key_type: Type::RsaKeyPair,
    bits: 1024,
    lifetime: Lifetime::Volatile,
    policy: Policy {
        usage_flags,
        permitted_algorithms: Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
            hash_alg: Hash::Sha256.into(),
        }),
    },
};
// Can not export because the export flag is set to false.
attributes.can_export().unwrap_err();

pub fn is_hash_signable(self) -> bool

Check if a key has permission to sign a message hash

pub fn can_sign_hash(self) -> Result<(), Error>

Check hash signing permission in a fallible way

pub fn is_hash_verifiable(self) -> bool

Check if a key has permission to verify a message hash

pub fn can_verify_hash(self) -> Result<(), Error>

Check hash verifying permission in a fallible way

pub fn is_message_signable(self) -> bool

Check if a key has permission to sign a message

pub fn can_sign_message(self) -> Result<(), Error>

Check message signing permission in a fallible way

pub fn is_message_verifiable(self) -> bool

Check if a key has permission to verify a message

pub fn can_verify_message(self) -> Result<(), Error>

Check message verifying permission in a fallible way

pub fn is_encrypt_permitted(self) -> bool

Check if a key has permissions to encrypt a message

pub fn can_encrypt_message(self) -> Result<(), Error>

Check encrypt permission in a fallible way

pub fn is_decrypt_permitted(self) -> bool

Check if a key has permissions to decrypt a message

pub fn can_decrypt_message(self) -> Result<(), Error>

Check decrypt permission in a fallible way

pub fn is_derivable(self) -> bool

Check if a key has permissions to be derived from

pub fn can_derive_from(self) -> Result<(), Error>

Check derive permission of a fallible way

pub fn is_alg_permitted(self, alg: Algorithm) -> bool

Check if the alg given for a cryptographic operation is permitted to be used with the key

pub fn permits_alg(self, alg: Algorithm) -> Result<(), Error>

Check if alg is permitted in a fallible way

pub fn is_compatible_with_alg(self, alg: Algorithm) -> bool

Check if the alg given for a cryptographic operation is compatible with the type of the key

Example

use psa_crypto::types::key::{Attributes, Type, Lifetime, Policy, UsageFlags};
use psa_crypto::types::algorithm::{Algorithm, AsymmetricSignature, Hash};

let permitted_alg = Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
    hash_alg: Hash::Sha256.into(),
});
let alg = Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
    hash_alg: Hash::Sha256.into(),
});
let mut usage_flags: UsageFlags = Default::default();
let mut attributes = Attributes {
    key_type: Type::RsaKeyPair,
    bits: 1024,
    lifetime: Lifetime::Volatile,
    policy: Policy {
        usage_flags,
        permitted_algorithms: permitted_alg,
    },
};
assert!(attributes.is_compatible_with_alg(alg));
attributes.key_type = Type::RsaPublicKey;
assert!(attributes.is_compatible_with_alg(alg));

pub fn compatible_with_alg(self, alg: Algorithm) -> Result<(), Error>

Check if alg is compatible in a fallible way

Trait Implementations

impl Clone for Attributes

fn clone(&self) -> Attributes

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Attributes

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for Attributes

fn deserialize<__D>(
    __deserializer: __D
) -> Result<Attributes, <__D as Deserializer<'de>>::Error>where
    __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl PartialEq<Attributes> for Attributes

fn eq(&self, other: &Attributes) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for Attributes

fn serialize<__S>(
    &self,
    __serializer: __S
) -> Result<<__S as Serializer>::Ok, <__S as Serializer>::Error>where
    __S: Serializer,

Serialize this value into the given Serde serializer.

impl Zeroize for Attributes

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl Copy for Attributes

impl Eq for Attributes

impl StructuralEq for Attributes

impl StructuralPartialEq for Attributes