Trait parsec_service::providers::Provide

source · 
pub trait Provide {

Show 30 methods    // Required methods
    fn describe(&self) -> Result<(ProviderInfo, HashSet<Opcode>)>;
    fn list_keys(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result>;
    fn list_clients(&self, _op: Operation) -> Result<Result>;

    // Provided methods
    fn list_providers(&self, _op: Operation) -> Result<Result> { ... }
    fn list_opcodes(&self, _op: Operation) -> Result<Result> { ... }
    fn list_authenticators(&self, _op: Operation) -> Result<Result> { ... }
    fn delete_client(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn ping(&self, _op: Operation) -> Result<Result> { ... }
    fn psa_generate_key(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_import_key(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_export_public_key(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_export_key(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_destroy_key(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_sign_hash(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_verify_hash(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_asymmetric_encrypt(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_asymmetric_decrypt(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_aead_encrypt(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_aead_decrypt(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_hash_compute(&self, _op: Operation) -> Result<Result> { ... }
    fn psa_hash_compare(&self, _op: Operation) -> Result<Result> { ... }
    fn psa_raw_key_agreement(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_generate_random(&self, _op: Operation) -> Result<Result> { ... }
    fn psa_cipher_encrypt(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_cipher_decrypt(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_sign_message(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn psa_verify_message(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn can_do_crypto(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn prepare_key_attestation(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }
    fn attest_key(
        &self,
        _application_identity: &ApplicationIdentity,
        _op: Operation
    ) -> Result<Result> { ... }

}
Expand description

Provider interface for servicing client operations

Definition of the interface that a provider must implement to be linked into the service through a backend handler.

The methods with no default are used on a service-level by the core provider and so must be supported by all providers.

Required Methods§

source

fn describe(&self) -> Result<(ProviderInfo, HashSet<Opcode>)>

Return a description of the current provider.

The descriptions are gathered in the Core Provider and returned for a ListProviders operation.

source

fn list_keys( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Lists all keys belonging to the application.

source

fn list_clients(&self, _op: Operation) -> Result<Result>

Lists all clients currently having data in the service.

Provided Methods§

source

fn list_providers(&self, _op: Operation) -> Result<Result>

List the providers running in the service.

source

fn list_opcodes(&self, _op: Operation) -> Result<Result>

List the opcodes supported by the given provider.

source

fn list_authenticators(&self, _op: Operation) -> Result<Result>

List the authenticators supported by the given provider.

source

fn delete_client( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Delete all data a client has in the service..

source

fn ping(&self, _op: Operation) -> Result<Result>

Execute a Ping operation to get the wire protocol version major and minor information.

§Errors

This operation will only fail if not implemented. It will never fail when being called on the CoreProvider.

source

fn psa_generate_key( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute a GenerateKey operation.

Providers should try, in a best-effort way, to handle failures in a way that it is possible to create a key with the same name later on.

For providers using a Key Info Manager to map a key name with a provider-specific key identification, the following algorithm can be followed:

  1. generate unique key ID
  2. try key creation with it. If successfull go to 3 else return an error.
  3. store the mappings between key name and key ID. If successfull return success, else go to 4.
  4. try to delete the key created. If failed, log it and return the error from 3.
source

fn psa_import_key( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute an ImportKey operation.

Providers should try, in a best-effort way, to handle failures in a way that it is possible to import a key with the same name later on.

For providers using a Key Info Manager to map a key name with a provider-specific key identification, the following algorithm can be followed:

  1. generate unique key ID
  2. try key import with it. If successfull go to 3 else return an error.
  3. store the mappings between key name and key ID. If successfull return success, else go to 4.
  4. try to delete the key imported. If failed, log it and return the error from 3.
source

fn psa_export_public_key( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute an ExportPublicKey operation.

source

fn psa_export_key( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute an ExportKey operation.

source

fn psa_destroy_key( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute a DestroyKey operation.

Providers should try, in a best-effort way, to handle failures in a way that it is possible to generate or create a key with the same name than the one destroyed later on.

For providers using a Key Info Manager to map a key name with a provider-specific key identification, the following algorithm can be followed:

  1. get the key ID from the key name using the KIM
  2. destroy the key mappings
  3. try to destroy the key
source

fn psa_sign_hash( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute a SignHash operation. This operation only signs the short digest given but does not hash it.

source

fn psa_verify_hash( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute a VerifyHash operation.

source

fn psa_asymmetric_encrypt( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute an AsymmetricEncrypt operation.

source

fn psa_asymmetric_decrypt( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute an AsymmetricDecrypt operation.

source

fn psa_aead_encrypt( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute an AeadEncrypt operation.

source

fn psa_aead_decrypt( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute an AeadDecrypt operation.

source

fn psa_hash_compute(&self, _op: Operation) -> Result<Result>

Execute a HashCompute operation.

source

fn psa_hash_compare(&self, _op: Operation) -> Result<Result>

Execute a HashCompare operation.

source

fn psa_raw_key_agreement( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Execute a RawKeyAgreement operation.

source

fn psa_generate_random(&self, _op: Operation) -> Result<Result>

Execute a GenerateRandom operation.

source

fn psa_cipher_encrypt( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Encrypt a short message with a symmetric cipher.

source

fn psa_cipher_decrypt( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Decrypt a short message with a symmetric cipher.

source

fn psa_sign_message( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Sign a message with a private key.

source

fn psa_verify_message( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Verify the signature of a message using a public key.

source

fn can_do_crypto( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Check if the crypto operation is supported by provider.

source

fn prepare_key_attestation( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Prepare a key attestation operation.

source

fn attest_key( &self, _application_identity: &ApplicationIdentity, _op: Operation ) -> Result<Result>

Attest a key.

Implementors§

source§

impl Provide for parsec_service::providers::core::Provider

source§

impl Provide for parsec_service::providers::cryptoauthlib::Provider

source§

impl Provide for parsec_service::providers::mbed_crypto::Provider

source§

impl Provide for parsec_service::providers::pkcs11::Provider

source§

impl Provide for parsec_service::providers::tpm::Provider