[−][src]Struct tss_esapi::abstraction::transient::TransientKeyContextBuilder
Build a new TransientKeyContext
.
Default values
- TCTI: Device TCTI
- Hierarchy: Owner hierarchy
- Root key size: 2048 bits
- Root key authentication size: 32 bytes
- Hierarchy authentication value: Empty array of bytes
- Session encryption cipher: 256 bit AES in CFB mode
- Session hash algorithm: SHA256
Implementations
impl TransientKeyContextBuilder
[src]
pub fn new() -> Self
[src]
Create a new builder.
pub fn with_tcti(self, tcti: Tcti) -> Self
[src]
Define the TCTI to be used by the client.
pub fn with_hierarchy(self, hierarchy: Hierarchy) -> Self
[src]
Define which hierarchy will be used for the keys being managed.
pub fn with_root_key_size(self, root_key_size: u16) -> Self
[src]
Choose length in bits of primary key that will serve as parent to all user keys.
pub fn with_root_key_auth_size(self, root_key_auth_size: usize) -> Self
[src]
Choose authentication value length (in bytes) for primary key.
pub fn with_hierarchy_auth(self, hierarchy_auth: Vec<u8>) -> Self
[src]
Input the authentication value of the working hierarchy.
pub fn with_default_context_cipher(self, default_context_cipher: Cipher) -> Self
[src]
Define the cipher to be used within this context as a default.
Currently this default is used for:
- securing command parameters using session-based encryption
- encrypting all user keys using the primary key
pub fn with_session_hash_alg(self, session_hash_alg: TPM2_ALG_ID) -> Self
[src]
Define the cipher to be used by sessions for hashing commands.
pub unsafe fn build(self) -> Result<TransientKeyContext>
[src]
Bootstrap the TransientKeyContext.
The root key is created as a primary key in the provided hierarchy and thus authentication is needed for said hierarchy. The authentication valuei for the key is generated by the TPM itself, with a configurable length, and never exposed outside the context.
Safety
- it is the responsibility of the client to ensure that the context can be initialized safely, threading-wise
- the client is also responsible of choosing the correct TCTI to connect to.
- it is the responsability of the client to set a sufficiently secure default cipher for the context
Constraints
root_key_size
must be 1024, 2048, 3072 or 4096root_key_auth_size
must be at most 32
Errors
- errors are returned if any method calls return an error:
Context::get_random
,Context::start_auth_session
,Context::create_primary_key
,Context::flush_context
,Context::set_handle_auth
- if the root key authentication size is given greater than 32 or if the root key size is
not 1024, 2048, 3072 or 4096, a
WrongParamSize
wrapper error is returned
Trait Implementations
impl Debug for TransientKeyContextBuilder
[src]
impl Default for TransientKeyContextBuilder
[src]
Auto Trait Implementations
impl RefUnwindSafe for TransientKeyContextBuilder
impl Send for TransientKeyContextBuilder
impl Sync for TransientKeyContextBuilder
impl Unpin for TransientKeyContextBuilder
impl UnwindSafe for TransientKeyContextBuilder
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> Free for T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,