pub trait AuthClient: ExtensionClient<AuthExtension> {
// Provided methods
fn has_pin<I: Into<PinId>>(&mut self, id: I) -> AuthResult<'_, HasPin, Self> { ... }
fn check_pin<I>(
&mut self,
id: I,
pin: Pin,
) -> AuthResult<'_, CheckPin, Self>
where I: Into<PinId> { ... }
fn get_pin_key<I>(
&mut self,
id: I,
pin: Pin,
) -> AuthResult<'_, GetPinKey, Self>
where I: Into<PinId> { ... }
fn set_pin<I: Into<PinId>>(
&mut self,
id: I,
pin: Pin,
retries: Option<u8>,
derive_key: bool,
) -> AuthResult<'_, SetPin, Self> { ... }
fn set_pin_with_key<I: Into<PinId>>(
&mut self,
id: I,
pin: Pin,
retries: Option<u8>,
key: KeyId,
) -> AuthResult<'_, SetPinWithKey, Self> { ... }
fn change_pin<I: Into<PinId>>(
&mut self,
id: I,
old_pin: Pin,
new_pin: Pin,
) -> AuthResult<'_, ChangePin, Self> { ... }
fn delete_pin<I: Into<PinId>>(
&mut self,
id: I,
) -> AuthResult<'_, DeletePin, Self> { ... }
fn delete_all_pins(&mut self) -> AuthResult<'_, DeleteAllPins, Self> { ... }
fn pin_retries<I: Into<PinId>>(
&mut self,
id: I,
) -> AuthResult<'_, PinRetries, Self> { ... }
fn get_application_key(
&mut self,
info: Message,
) -> AuthResult<'_, GetApplicationKey, Self> { ... }
fn reset_app_keys(&mut self) -> AuthResult<'_, ResetAppKeys, Self> { ... }
fn reset_auth_data(&mut self) -> AuthResult<'_, ResetAuthData, Self> { ... }
}Expand description
Provides access to the AuthExtension.
The extension manages PINs identified by a PinId within the namespace of this client.
PINs can have a retry counter. If a retry counter is configured when setting a PIN, it is
decremented on every failed authentication attempt. If the counter reaches zero, all further
authentication attempts fail until the PIN is reset.
The extension does not enforce any constraints on the PINs (except for the maximum length, see
MAX_PIN_LENGTH). Even empty PINs can be used. Also, there is no authentication required
to set, reset or delete a PIN. It is up to the application to enforce any policies and
constraints.
Provided Methods§
Sourcefn has_pin<I: Into<PinId>>(&mut self, id: I) -> AuthResult<'_, HasPin, Self>
fn has_pin<I: Into<PinId>>(&mut self, id: I) -> AuthResult<'_, HasPin, Self>
Returns true if the PIN is set.
Sourcefn check_pin<I>(&mut self, id: I, pin: Pin) -> AuthResult<'_, CheckPin, Self>
fn check_pin<I>(&mut self, id: I, pin: Pin) -> AuthResult<'_, CheckPin, Self>
Returns true if the provided PIN is correct and not blocked.
If the PIN is not correct and a retry counter is configured, the counter is decremented. Once it reaches zero, authentication attempts for that PIN fail. If the PIN with the given ID is not set, an error is returned.
Sourcefn get_pin_key<I>(&mut self, id: I, pin: Pin) -> AuthResult<'_, GetPinKey, Self>
fn get_pin_key<I>(&mut self, id: I, pin: Pin) -> AuthResult<'_, GetPinKey, Self>
Returns a keyid if the provided PIN is correct and not blocked.
The pin must have been created with derive_key set to true.
If the PIN is not correct and a retry counter is configured, the counter is decremented.
Once it reaches zero, authentication attempts for that PIN fail. If the PIN with the given
ID is not set, an error is returned.
Sourcefn set_pin<I: Into<PinId>>(
&mut self,
id: I,
pin: Pin,
retries: Option<u8>,
derive_key: bool,
) -> AuthResult<'_, SetPin, Self>
fn set_pin<I: Into<PinId>>( &mut self, id: I, pin: Pin, retries: Option<u8>, derive_key: bool, ) -> AuthResult<'_, SetPin, Self>
Sets the given PIN and resets its retry counter.
If the retry counter is None, the number of retries is not limited and the PIN will never
be blocked.
Sourcefn set_pin_with_key<I: Into<PinId>>(
&mut self,
id: I,
pin: Pin,
retries: Option<u8>,
key: KeyId,
) -> AuthResult<'_, SetPinWithKey, Self>
fn set_pin_with_key<I: Into<PinId>>( &mut self, id: I, pin: Pin, retries: Option<u8>, key: KeyId, ) -> AuthResult<'_, SetPinWithKey, Self>
Set a pin, resetting its retry counter and setting the key to be wrapped
Similar to set_pin, but allows the key that the pin will unwrap to be configured.
Currently only symmetric 256 bit keys are accepted. This method should be used only with keys that were obtained through get_pin_key
This allows for example backing up the key for a pin, to be able to restore it from another source.
Sourcefn change_pin<I: Into<PinId>>(
&mut self,
id: I,
old_pin: Pin,
new_pin: Pin,
) -> AuthResult<'_, ChangePin, Self>
fn change_pin<I: Into<PinId>>( &mut self, id: I, old_pin: Pin, new_pin: Pin, ) -> AuthResult<'_, ChangePin, Self>
Change the given PIN and resets its retry counter.
The key obtained by get_pin_key will stay the same
Sourcefn delete_pin<I: Into<PinId>>(
&mut self,
id: I,
) -> AuthResult<'_, DeletePin, Self>
fn delete_pin<I: Into<PinId>>( &mut self, id: I, ) -> AuthResult<'_, DeletePin, Self>
Deletes the given PIN (if it exists).
Sourcefn delete_all_pins(&mut self) -> AuthResult<'_, DeleteAllPins, Self>
fn delete_all_pins(&mut self) -> AuthResult<'_, DeleteAllPins, Self>
Deletes all PINs for this client.
Sourcefn pin_retries<I: Into<PinId>>(
&mut self,
id: I,
) -> AuthResult<'_, PinRetries, Self>
fn pin_retries<I: Into<PinId>>( &mut self, id: I, ) -> AuthResult<'_, PinRetries, Self>
Returns the remaining retries for the given PIN.
Sourcefn get_application_key(
&mut self,
info: Message,
) -> AuthResult<'_, GetApplicationKey, Self>
fn get_application_key( &mut self, info: Message, ) -> AuthResult<'_, GetApplicationKey, Self>
Returns a keyid that is persistent given the “info” parameter
Sourcefn reset_app_keys(&mut self) -> AuthResult<'_, ResetAppKeys, Self>
fn reset_app_keys(&mut self) -> AuthResult<'_, ResetAppKeys, Self>
Delete all application keys
Sourcefn reset_auth_data(&mut self) -> AuthResult<'_, ResetAuthData, Self>
fn reset_auth_data(&mut self) -> AuthResult<'_, ResetAuthData, Self>
Combines reset_app_keys and delete_all_pins
Dyn Compatibility§
This trait is not dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety", so this trait is not object safe.