Struct yubihsm::capability::Capability
source · [−]pub struct Capability { /* private fields */ }
Expand description
Object attributes specifying which operations are allowed to be performed
https://developers.yubico.com/YubiHSM2/Concepts/Capability.html
Implementations
sourceimpl Capability
impl Capability
sourcepub const DERIVE_ECDH: Self = Self{bits: 2048,}
pub const DERIVE_ECDH: Self = Self{bits: 2048,}
derive-ecdh
: perform ECDH operation
sourcepub const DECRYPT_OAEP: Self = Self{bits: 1024,}
pub const DECRYPT_OAEP: Self = Self{bits: 1024,}
decrypt-oaep
: perform RSA-OAEP decryption
sourcepub const DECRYPT_PKCS: Self = Self{bits: 512,}
pub const DECRYPT_PKCS: Self = Self{bits: 512,}
decrypt-pkcs
: perform RSA-PKCS1v1.5 decryption
sourcepub const GENERATE_ASYMMETRIC_KEY: Self = Self{bits: 16,}
pub const GENERATE_ASYMMETRIC_KEY: Self = Self{bits: 16,}
generate-asymmetric-key
: generate asymmetric objects
sourcepub const SIGN_ECDSA: Self = Self{bits: 128,}
pub const SIGN_ECDSA: Self = Self{bits: 128,}
sign-ecdsa
: compute ECDSA digital signature
sourcepub const SIGN_EDDSA: Self = Self{bits: 256,}
pub const SIGN_EDDSA: Self = Self{bits: 256,}
sign-eddsa
: compute EdDSA (i.e. Ed25519) digital signature
sourcepub const SIGN_ATTESTATION_CERTIFICATE: Self = Self{bits: 17179869184,}
pub const SIGN_ATTESTATION_CERTIFICATE: Self = Self{bits: 17179869184,}
sign-attestation-certificate
: create attestation (i.e. X.509 certificate)
about an asymmetric object
sourcepub const GET_LOG_ENTRIES: Self = Self{bits: 16777216,}
pub const GET_LOG_ENTRIES: Self = Self{bits: 16777216,}
get-log-entries
: read the log store
sourcepub const DELETE_ASYMMETRIC_KEY: Self = Self{bits: 2199023255552,}
pub const DELETE_ASYMMETRIC_KEY: Self = Self{bits: 2199023255552,}
delete-asymmetric-key
: delete asymmetric key objects
sourcepub const DELETE_AUTHENTICATION_KEY: Self = Self{bits: 1099511627776,}
pub const DELETE_AUTHENTICATION_KEY: Self = Self{bits: 1099511627776,}
delete-authentication-key
: delete authentication::Key objects
sourcepub const DELETE_HMAC_KEY: Self = Self{bits: 8796093022208,}
pub const DELETE_HMAC_KEY: Self = Self{bits: 8796093022208,}
delete-hmac-key
: delete HMACKey objects
sourcepub const DELETE_OPAQUE: Self = Self{bits: 549755813888,}
pub const DELETE_OPAQUE: Self = Self{bits: 549755813888,}
delete-opaque
: delete opaque objects
sourcepub const DELETE_OTP_AEAD_KEY: Self = Self{bits: 35184372088832,}
pub const DELETE_OTP_AEAD_KEY: Self = Self{bits: 35184372088832,}
delete-otp-aead-key
: delete Yubic OTP AEAD key objects
sourcepub const DELETE_TEMPLATE: Self = Self{bits: 17592186044416,}
pub const DELETE_TEMPLATE: Self = Self{bits: 17592186044416,}
delete-template
: delete template objects
sourcepub const DELETE_WRAP_KEY: Self = Self{bits: 4398046511104,}
pub const DELETE_WRAP_KEY: Self = Self{bits: 4398046511104,}
delete-wrap-key
: delete WrapKey objects
sourcepub const EXPORTABLE_UNDER_WRAP: Self = Self{bits: 65536,}
pub const EXPORTABLE_UNDER_WRAP: Self = Self{bits: 65536,}
exportable-under-wrap
: mark an object as exportable under keywrap
sourcepub const EXPORT_WRAPPED: Self = Self{bits: 4096,}
pub const EXPORT_WRAPPED: Self = Self{bits: 4096,}
export-wrapped
: export objects under keywrap
sourcepub const GENERATE_OTP_AEAD_KEY: Self = Self{bits: 68719476736,}
pub const GENERATE_OTP_AEAD_KEY: Self = Self{bits: 68719476736,}
generate-otp-aead-key
: generate Yubico OTP AEAD objects
sourcepub const GENERATE_WRAP_KEY: Self = Self{bits: 32768,}
pub const GENERATE_WRAP_KEY: Self = Self{bits: 32768,}
generate-wrap-key
: generate wrapkey objects
sourcepub const GET_OPAQUE: Self = Self{bits: 1,}
pub const GET_OPAQUE: Self = Self{bits: 1,}
get-opaque
: read opaque objects
sourcepub const GET_OPTION: Self = Self{bits: 262144,}
pub const GET_OPTION: Self = Self{bits: 262144,}
get-option
: read device-global options
sourcepub const GET_PSEUDO_RANDOM: Self = Self{bits: 524288,}
pub const GET_PSEUDO_RANDOM: Self = Self{bits: 524288,}
get-pseudo-random
: extract random bytes
sourcepub const GET_TEMPLATE: Self = Self{bits: 67108864,}
pub const GET_TEMPLATE: Self = Self{bits: 67108864,}
get-template
: read SSH template objects
sourcepub const GENERATE_HMAC_KEY: Self = Self{bits: 2097152,}
pub const GENERATE_HMAC_KEY: Self = Self{bits: 2097152,}
generate-hmac-key
: generate HMAC key objects
sourcepub const VERIFY_HMAC: Self = Self{bits: 8388608,}
pub const VERIFY_HMAC: Self = Self{bits: 8388608,}
verify-hmac
: verify HMAC for data
sourcepub const IMPORT_WRAPPED: Self = Self{bits: 8192,}
pub const IMPORT_WRAPPED: Self = Self{bits: 8192,}
import-wrapped
: import keywrapped objects
sourcepub const CREATE_OTP_AEAD: Self = Self{bits: 1073741824,}
pub const CREATE_OTP_AEAD: Self = Self{bits: 1073741824,}
create-otp-aead
: create an OTP AEAD
sourcepub const RANDOMIZE_OTP_AEAD: Self = Self{bits: 2147483648,}
pub const RANDOMIZE_OTP_AEAD: Self = Self{bits: 2147483648,}
randomize-otp-aead
: create an OTP AEAD from random data
sourcepub const REWRAP_FROM_OTP_AEAD_KEY: Self = Self{bits: 4294967296,}
pub const REWRAP_FROM_OTP_AEAD_KEY: Self = Self{bits: 4294967296,}
rewrap-from-otp-aead-key
: rewrap AEADs from an OTP AEAD key object to another
sourcepub const REWRAP_TO_OTP_AEAD_KEY: Self = Self{bits: 8589934592,}
pub const REWRAP_TO_OTP_AEAD_KEY: Self = Self{bits: 8589934592,}
rewrap-to-otp-aead-key
: rewrap AEADs to an OTP AEAD key object from another
sourcepub const DECRYPT_OTP: Self = Self{bits: 536870912,}
pub const DECRYPT_OTP: Self = Self{bits: 536870912,}
decrypt-otp
: decrypt OTP
sourcepub const PUT_ASYMMETRIC_KEY: Self = Self{bits: 8,}
pub const PUT_ASYMMETRIC_KEY: Self = Self{bits: 8,}
put-asymmetric-key
: write asymmetric objects
sourcepub const PUT_AUTHENTICATION_KEY: Self = Self{bits: 4,}
pub const PUT_AUTHENTICATION_KEY: Self = Self{bits: 4,}
put-authentication-key
: write authentication key objects
sourcepub const PUT_HMAC_KEY: Self = Self{bits: 1048576,}
pub const PUT_HMAC_KEY: Self = Self{bits: 1048576,}
put-hmac-key
: write HMAC key objects
sourcepub const PUT_OPAQUE: Self = Self{bits: 2,}
pub const PUT_OPAQUE: Self = Self{bits: 2,}
put-opaque
: Write Opaque Objects
sourcepub const PUT_OPTION: Self = Self{bits: 131072,}
pub const PUT_OPTION: Self = Self{bits: 131072,}
set-option
: write device-global options
sourcepub const PUT_OTP_AEAD_KEY: Self = Self{bits: 34359738368,}
pub const PUT_OTP_AEAD_KEY: Self = Self{bits: 34359738368,}
put-otp-aead-key
: write OTP AEAD key objects
sourcepub const PUT_TEMPLATE: Self = Self{bits: 134217728,}
pub const PUT_TEMPLATE: Self = Self{bits: 134217728,}
put-template
: write template objects
sourcepub const PUT_WRAP_KEY: Self = Self{bits: 16384,}
pub const PUT_WRAP_KEY: Self = Self{bits: 16384,}
put-wrap-key
: write WrapKey objects
sourcepub const RESET_DEVICE: Self = Self{bits: 268435456,}
pub const RESET_DEVICE: Self = Self{bits: 268435456,}
reset-device
: factory reset the device
sourcepub const SIGN_SSH_CERTIFICATE: Self = Self{bits: 33554432,}
pub const SIGN_SSH_CERTIFICATE: Self = Self{bits: 33554432,}
sign-ssh-certificate
: sign SSH certificates
sourcepub const UNWRAP_DATA: Self = Self{bits: 274877906944,}
pub const UNWRAP_DATA: Self = Self{bits: 274877906944,}
unwrap-data
: unwrap user-provided data
sourcepub const CHANGE_AUTHENTICATION_KEY: Self = Self{bits: 70368744177664,}
pub const CHANGE_AUTHENTICATION_KEY: Self = Self{bits: 70368744177664,}
change-authentication-key
: overwrite existing authentication key with new one
sourcepub const UNKNOWN_CAPABILITY_47: Self = Self{bits: 140737488355328,}
pub const UNKNOWN_CAPABILITY_47: Self = Self{bits: 140737488355328,}
unknown capability: bit 47
sourcepub const UNKNOWN_CAPABILITY_48: Self = Self{bits: 281474976710656,}
pub const UNKNOWN_CAPABILITY_48: Self = Self{bits: 281474976710656,}
unknown capability: bit 48
sourcepub const UNKNOWN_CAPABILITY_49: Self = Self{bits: 562949953421312,}
pub const UNKNOWN_CAPABILITY_49: Self = Self{bits: 562949953421312,}
unknown capability: bit 49
sourcepub const UNKNOWN_CAPABILITY_50: Self = Self{bits: 1125899906842624,}
pub const UNKNOWN_CAPABILITY_50: Self = Self{bits: 1125899906842624,}
unknown capability: bit 50
sourcepub const UNKNOWN_CAPABILITY_51: Self = Self{bits: 2251799813685248,}
pub const UNKNOWN_CAPABILITY_51: Self = Self{bits: 2251799813685248,}
unknown capability: bit 51
sourcepub const UNKNOWN_CAPABILITY_52: Self = Self{bits: 4503599627370496,}
pub const UNKNOWN_CAPABILITY_52: Self = Self{bits: 4503599627370496,}
unknown capability: bit 52
sourcepub const UNKNOWN_CAPABILITY_53: Self = Self{bits: 9007199254740992,}
pub const UNKNOWN_CAPABILITY_53: Self = Self{bits: 9007199254740992,}
unknown capability: bit 53
sourcepub const UNKNOWN_CAPABILITY_54: Self = Self{bits: 18014398509481984,}
pub const UNKNOWN_CAPABILITY_54: Self = Self{bits: 18014398509481984,}
unknown capability: bit 54
sourcepub const UNKNOWN_CAPABILITY_55: Self = Self{bits: 36028797018963968,}
pub const UNKNOWN_CAPABILITY_55: Self = Self{bits: 36028797018963968,}
unknown capability: bit 55
sourcepub const UNKNOWN_CAPABILITY_56: Self = Self{bits: 72057594037927936,}
pub const UNKNOWN_CAPABILITY_56: Self = Self{bits: 72057594037927936,}
unknown capability: bit 56
sourcepub const UNKNOWN_CAPABILITY_57: Self = Self{bits: 144115188075855872,}
pub const UNKNOWN_CAPABILITY_57: Self = Self{bits: 144115188075855872,}
unknown capability: bit 57
sourcepub const UNKNOWN_CAPABILITY_58: Self = Self{bits: 288230376151711744,}
pub const UNKNOWN_CAPABILITY_58: Self = Self{bits: 288230376151711744,}
unknown capability: bit 58
sourcepub const UNKNOWN_CAPABILITY_59: Self = Self{bits: 576460752303423488,}
pub const UNKNOWN_CAPABILITY_59: Self = Self{bits: 576460752303423488,}
unknown capability: bit 59
sourcepub const UNKNOWN_CAPABILITY_60: Self = Self{bits: 1152921504606846976,}
pub const UNKNOWN_CAPABILITY_60: Self = Self{bits: 1152921504606846976,}
unknown capability: bit 60
sourcepub const UNKNOWN_CAPABILITY_61: Self = Self{bits: 2305843009213693952,}
pub const UNKNOWN_CAPABILITY_61: Self = Self{bits: 2305843009213693952,}
unknown capability: bit 61
sourcepub const UNKNOWN_CAPABILITY_62: Self = Self{bits: 4611686018427387904,}
pub const UNKNOWN_CAPABILITY_62: Self = Self{bits: 4611686018427387904,}
unknown capability: bit 62
sourcepub const UNKNOWN_CAPABILITY_63: Self = Self{bits: 9223372036854775808,}
pub const UNKNOWN_CAPABILITY_63: Self = Self{bits: 9223372036854775808,}
unknown capability: bit 63
sourcepub const fn from_bits(bits: u64) -> Option<Self>
pub const fn from_bits(bits: u64) -> Option<Self>
Convert from underlying bit representation, unless that representation contains bits that do not correspond to a flag.
sourcepub const fn from_bits_truncate(bits: u64) -> Self
pub const fn from_bits_truncate(bits: u64) -> Self
Convert from underlying bit representation, dropping any bits that do not correspond to flags.
sourcepub const unsafe fn from_bits_unchecked(bits: u64) -> Self
pub const unsafe fn from_bits_unchecked(bits: u64) -> Self
Convert from underlying bit representation, preserving all bits (even those not corresponding to a defined flag).
Safety
The caller of the bitflags!
macro can chose to allow or
disallow extra bits for their bitflags type.
The caller of from_bits_unchecked()
has to ensure that
all bits correspond to a defined flag or that extra bits
are valid for this bitflags type.
sourcepub const fn intersects(&self, other: Self) -> bool
pub const fn intersects(&self, other: Self) -> bool
Returns true
if there are flags common to both self
and other
.
sourcepub const fn contains(&self, other: Self) -> bool
pub const fn contains(&self, other: Self) -> bool
Returns true
if all of the flags in other
are contained within self
.
sourcepub fn set(&mut self, other: Self, value: bool)
pub fn set(&mut self, other: Self, value: bool)
Inserts or removes the specified flags depending on the passed value.
sourcepub const fn intersection(self, other: Self) -> Self
pub const fn intersection(self, other: Self) -> Self
Returns the intersection between the flags in self
and
other
.
Specifically, the returned set contains only the flags which are
present in both self
and other
.
This is equivalent to using the &
operator (e.g.
ops::BitAnd
), as in flags & other
.
sourcepub const fn union(self, other: Self) -> Self
pub const fn union(self, other: Self) -> Self
Returns the union of between the flags in self
and other
.
Specifically, the returned set contains all flags which are
present in either self
or other
, including any which are
present in both (see Self::symmetric_difference
if that
is undesirable).
This is equivalent to using the |
operator (e.g.
ops::BitOr
), as in flags | other
.
sourcepub const fn difference(self, other: Self) -> Self
pub const fn difference(self, other: Self) -> Self
Returns the difference between the flags in self
and other
.
Specifically, the returned set contains all flags present in
self
, except for the ones present in other
.
It is also conceptually equivalent to the “bit-clear” operation:
flags & !other
(and this syntax is also supported).
This is equivalent to using the -
operator (e.g.
ops::Sub
), as in flags - other
.
sourcepub const fn symmetric_difference(self, other: Self) -> Self
pub const fn symmetric_difference(self, other: Self) -> Self
Returns the symmetric difference between the flags
in self
and other
.
Specifically, the returned set contains the flags present which
are present in self
or other
, but that are not present in
both. Equivalently, it contains the flags present in exactly
one of the sets self
and other
.
This is equivalent to using the ^
operator (e.g.
ops::BitXor
), as in flags ^ other
.
sourcepub const fn complement(self) -> Self
pub const fn complement(self) -> Self
Returns the complement of this set of flags.
Specifically, the returned set contains all the flags which are
not set in self
, but which are allowed for this type.
Alternatively, it can be thought of as the set difference
between Self::all()
and self
(e.g. Self::all() - self
)
This is equivalent to using the !
operator (e.g.
ops::Not
), as in !flags
.
Trait Implementations
sourceimpl Binary for Capability
impl Binary for Capability
sourceimpl BitAnd<Capability> for Capability
impl BitAnd<Capability> for Capability
type Output = Capability
type Output = Capability
The resulting type after applying the &
operator.
sourceimpl BitAndAssign<Capability> for Capability
impl BitAndAssign<Capability> for Capability
sourcefn bitand_assign(&mut self, other: Self)
fn bitand_assign(&mut self, other: Self)
Disables all flags disabled in the set.
sourceimpl BitOr<Capability> for Capability
impl BitOr<Capability> for Capability
sourcefn bitor(self, other: Capability) -> Self
fn bitor(self, other: Capability) -> Self
Returns the union of the two sets of flags.
type Output = Capability
type Output = Capability
The resulting type after applying the |
operator.
sourceimpl BitOrAssign<Capability> for Capability
impl BitOrAssign<Capability> for Capability
sourcefn bitor_assign(&mut self, other: Self)
fn bitor_assign(&mut self, other: Self)
Adds the set of flags.
sourceimpl BitXor<Capability> for Capability
impl BitXor<Capability> for Capability
sourcefn bitxor(self, other: Self) -> Self
fn bitxor(self, other: Self) -> Self
Returns the left flags, but with all the right flags toggled.
type Output = Capability
type Output = Capability
The resulting type after applying the ^
operator.
sourceimpl BitXorAssign<Capability> for Capability
impl BitXorAssign<Capability> for Capability
sourcefn bitxor_assign(&mut self, other: Self)
fn bitxor_assign(&mut self, other: Self)
Toggles the set of flags.
sourceimpl Clone for Capability
impl Clone for Capability
sourcefn clone(&self) -> Capability
fn clone(&self) -> Capability
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
sourceimpl Debug for Capability
impl Debug for Capability
sourceimpl Default for Capability
impl Default for Capability
sourceimpl<'de> Deserialize<'de> for Capability
impl<'de> Deserialize<'de> for Capability
sourcefn deserialize<D>(deserializer: D) -> Result<Capability, D::Error> where
D: Deserializer<'de>,
fn deserialize<D>(deserializer: D) -> Result<Capability, D::Error> where
D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
sourceimpl Display for Capability
impl Display for Capability
sourceimpl Extend<Capability> for Capability
impl Extend<Capability> for Capability
sourcefn extend<T: IntoIterator<Item = Self>>(&mut self, iterator: T)
fn extend<T: IntoIterator<Item = Self>>(&mut self, iterator: T)
Extends a collection with the contents of an iterator. Read more
sourcefn extend_one(&mut self, item: A)
fn extend_one(&mut self, item: A)
extend_one
)Extends a collection with exactly one element.
sourcefn extend_reserve(&mut self, additional: usize)
fn extend_reserve(&mut self, additional: usize)
extend_one
)Reserves capacity in a collection for the given number of additional elements. Read more
sourceimpl FromIterator<Capability> for Capability
impl FromIterator<Capability> for Capability
sourcefn from_iter<T: IntoIterator<Item = Self>>(iterator: T) -> Self
fn from_iter<T: IntoIterator<Item = Self>>(iterator: T) -> Self
Creates a value from an iterator. Read more
sourceimpl FromStr for Capability
impl FromStr for Capability
sourceimpl Hash for Capability
impl Hash for Capability
sourceimpl LowerHex for Capability
impl LowerHex for Capability
sourceimpl Not for Capability
impl Not for Capability
type Output = Capability
type Output = Capability
The resulting type after applying the !
operator.
sourceimpl Octal for Capability
impl Octal for Capability
sourceimpl Ord for Capability
impl Ord for Capability
sourceimpl PartialEq<Capability> for Capability
impl PartialEq<Capability> for Capability
sourcefn eq(&self, other: &Capability) -> bool
fn eq(&self, other: &Capability) -> bool
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
sourcefn ne(&self, other: &Capability) -> bool
fn ne(&self, other: &Capability) -> bool
This method tests for !=
.
sourceimpl PartialOrd<Capability> for Capability
impl PartialOrd<Capability> for Capability
sourcefn partial_cmp(&self, other: &Capability) -> Option<Ordering>
fn partial_cmp(&self, other: &Capability) -> Option<Ordering>
This method returns an ordering between self
and other
values if one exists. Read more
1.0.0 · sourcefn lt(&self, other: &Rhs) -> bool
fn lt(&self, other: &Rhs) -> bool
This method tests less than (for self
and other
) and is used by the <
operator. Read more
1.0.0 · sourcefn le(&self, other: &Rhs) -> bool
fn le(&self, other: &Rhs) -> bool
This method tests less than or equal to (for self
and other
) and is used by the <=
operator. Read more
sourceimpl Serialize for Capability
impl Serialize for Capability
sourceimpl Sub<Capability> for Capability
impl Sub<Capability> for Capability
type Output = Capability
type Output = Capability
The resulting type after applying the -
operator.
sourceimpl SubAssign<Capability> for Capability
impl SubAssign<Capability> for Capability
sourcefn sub_assign(&mut self, other: Self)
fn sub_assign(&mut self, other: Self)
Disables all flags enabled in the set.
sourceimpl UpperHex for Capability
impl UpperHex for Capability
impl Copy for Capability
impl Eq for Capability
impl StructuralEq for Capability
impl StructuralPartialEq for Capability
Auto Trait Implementations
impl RefUnwindSafe for Capability
impl Send for Capability
impl Sync for Capability
impl Unpin for Capability
impl UnwindSafe for Capability
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more