Struct psa_crypto::types::key::Attributes[][src]

pub struct Attributes {
    pub lifetime: Lifetime,
    pub key_type: Type,
    pub bits: usize,
    pub policy: Policy,
}
Expand description

Native definition of the attributes needed to fully describe a cryptographic key.

Fields

lifetime: Lifetime

Lifetime of the key

key_type: Type

Intrinsic category and type of the key

bits: usize

Size of the key in bits

policy: Policy

Policy restricting the permitted usage of the key

Implementations

Check if a key has permission to be exported

Check export in a fallible way

Example
use psa_crypto::types::key::{Attributes, Type, Lifetime, Policy, UsageFlags};
use psa_crypto::types::algorithm::{Algorithm, AsymmetricSignature, Hash};

let mut usage_flags: UsageFlags = Default::default();
let mut attributes = Attributes {
    key_type: Type::RsaKeyPair,
    bits: 1024,
    lifetime: Lifetime::Volatile,
    policy: Policy {
        usage_flags,
        permitted_algorithms: Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
            hash_alg: Hash::Sha256.into(),
        }),
    },
};
// Can not export because the export flag is set to false.
attributes.can_export().unwrap_err();

Check if a key has permission to sign a message hash

Check hash signing permission in a fallible way

Check if a key has permission to verify a message hash

Check hash verifying permission in a fallible way

Check if a key has permission to sign a message

Check message signing permission in a fallible way

Check if a key has permission to verify a message

Check message verifying permission in a fallible way

Check if a key has permissions to encrypt a message

Check encrypt permission in a fallible way

Check if a key has permissions to decrypt a message

Check decrypt permission in a fallible way

Check if a key has permissions to be derived from

Check derive permission of a fallible way

Check if can be converted into psa_key_attributes_t

Check if the alg given for a cryptographic operation is permitted to be used with the key

Check if alg is permitted in a fallible way

Check if the alg given for a cryptographic operation is compatible with the type of the key

Example
use psa_crypto::types::key::{Attributes, Type, Lifetime, Policy, UsageFlags};
use psa_crypto::types::algorithm::{Algorithm, AsymmetricSignature, Hash};

let permitted_alg = Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
    hash_alg: Hash::Sha256.into(),
});
let alg = Algorithm::AsymmetricSignature(AsymmetricSignature::RsaPkcs1v15Sign {
    hash_alg: Hash::Sha256.into(),
});
let mut usage_flags: UsageFlags = Default::default();
let mut attributes = Attributes {
    key_type: Type::RsaKeyPair,
    bits: 1024,
    lifetime: Lifetime::Volatile,
    policy: Policy {
        usage_flags,
        permitted_algorithms: permitted_alg,
    },
};
assert!(attributes.is_compatible_with_alg(alg));
attributes.key_type = Type::RsaPublicKey;
assert!(attributes.is_compatible_with_alg(alg));

Check if alg is compatible in a fallible way

Gets the attributes for a given key ID

The Id structure can be created with the from_persistent_key_id constructor on Id.

Example
psa_crypto::init().unwrap();
let my_key_id = key_management::generate(attributes, None).unwrap();
//...
let key_attributes = Attributes::from_key_id(my_key_id);

Sufficient size for a buffer to export the key, if supported

Sufficient size for a buffer to export the public key, if supported

Sufficient buffer size for a signature using the given key, if the key is supported

Sufficient buffer size for an encrypted message using the given asymmetric encryption algorithm

Sufficient buffer size for a decrypted message using the given asymmetric encryption algorithm

Sufficient buffer size for the MAC of the specified algorithm, if compatible

Sufficient buffer size for an encrypted message using the given aead algorithm

Sufficient buffer size for an encrypted message using the given aead algorithm

The length of a tag for an AEAD algorithm

Sufficient buffer size for the resulting shared secret from a raw key agreement

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Deserialize this value from the given Serde deserializer. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

Serialize this value into the given Serde serializer. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Performs the conversion.

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.