parsec_interface/operations/
attest_key.rs

1// Copyright 2021 Contributors to the Parsec project.
2// SPDX-License-Identifier: Apache-2.0
3//! # AttestKey operation
4//!
5//! Produce an attestation token as proof that the given
6//! key was produced and is stored in the hardware backend.
7use derivative::Derivative;
8use zeroize::Zeroizing;
9
10/// Native operation for key attestation
11#[derive(Derivative)]
12#[derivative(Debug)]
13#[non_exhaustive]
14pub enum Operation {
15    /// Attestation via TPM 2.0 ActivateCredential operation
16    ActivateCredential {
17        /// Name of key to be attested
18        attested_key_name: String,
19        /// Blob of data representing the encrypted credential
20        #[derivative(Debug = "ignore")]
21        credential_blob: Zeroizing<Vec<u8>>,
22        /// Blob of data representing the encrypted secret
23        #[derivative(Debug = "ignore")]
24        secret: Zeroizing<Vec<u8>>,
25        /// Name of key to be used for attesting
26        attesting_key_name: Option<String>,
27    },
28}
29
30/// Native result of key attestation
31#[derive(Derivative)]
32#[derivative(Debug)]
33#[non_exhaustive]
34pub enum Result {
35    /// Result of attestation via TPM 2.0 ActivateCredential operation
36    ActivateCredential {
37        /// Decrypted credential
38        #[derivative(Debug = "ignore")]
39        credential: Zeroizing<Vec<u8>>,
40    },
41}
parsec_interface/operations/attest_key.rs

parsec_interface/operations/
attest_key.rs
