yubihsm/
domain.rs

1//! Logical partitions within the HSM, allowing several applications to share the device.
2
3#![allow(missing_docs)]
4
5mod error;
6
7pub use self::error::{Error, ErrorKind};
8
9use bitflags::bitflags;
10use serde::{de, ser, Deserialize, Serialize};
11use std::fmt;
12
13/// All domains as an array of bitflag types
14pub const DOMAINS: [Domain; 16] = [
15    Domain::DOM1,
16    Domain::DOM2,
17    Domain::DOM3,
18    Domain::DOM4,
19    Domain::DOM5,
20    Domain::DOM6,
21    Domain::DOM7,
22    Domain::DOM8,
23    Domain::DOM9,
24    Domain::DOM10,
25    Domain::DOM11,
26    Domain::DOM12,
27    Domain::DOM13,
28    Domain::DOM14,
29    Domain::DOM15,
30    Domain::DOM16,
31];
32
33bitflags! {
34    /// Logical partition within the `YubiHSM 2`, allowing several clients
35    /// to access the same device but access controlled on a domain-by-domain
36    /// basis. For more information, see the Yubico documentation:
37    ///
38    /// <https://developers.yubico.com/YubiHSM2/Concepts/Domain.html>
39    #[derive(Clone, Copy, Debug, Eq, PartialEq)]
40    pub struct Domain: u16 {
41        const DOM1 = 0x0001;
42        const DOM2 = 0x0002;
43        const DOM3 = 0x0004;
44        const DOM4 = 0x0008;
45        const DOM5 = 0x0010;
46        const DOM6 = 0x0020;
47        const DOM7 = 0x0040;
48        const DOM8 = 0x0080;
49        const DOM9 = 0x0100;
50        const DOM10 = 0x0200;
51        const DOM11 = 0x0400;
52        const DOM12 = 0x0800;
53        const DOM13 = 0x1000;
54        const DOM14 = 0x2000;
55        const DOM15 = 0x4000;
56        const DOM16 = 0x8000;
57    }
58}
59
60impl Domain {
61    /// Get the `Domain` object corresponding to the given-numbered domain
62    /// e.g. `Domain::at(1)` returns `Domain::DOM1`.
63    pub fn at(index: usize) -> Result<Self, Error> {
64        match index {
65            1..=16 => Ok(DOMAINS[index - 1]),
66            _ => fail!(
67                ErrorKind::DomainInvalid,
68                "invalid domain: {} (valid domains are 1-16)",
69                index
70            ),
71        }
72    }
73}
74
75impl Serialize for Domain {
76    fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
77    where
78        S: ser::Serializer,
79    {
80        serializer.serialize_u16(self.bits())
81    }
82}
83
84impl<'de> Deserialize<'de> for Domain {
85    fn deserialize<D>(deserializer: D) -> Result<Domain, D::Error>
86    where
87        D: de::Deserializer<'de>,
88    {
89        struct DomainVisitor;
90
91        impl<'de> de::Visitor<'de> for DomainVisitor {
92            type Value = Domain;
93
94            fn expecting(&self, formatter: &mut fmt::Formatter<'_>) -> fmt::Result {
95                formatter.write_str("2-bytes containing domain bitflags")
96            }
97
98            fn visit_u16<E>(self, value: u16) -> Result<Domain, E>
99            where
100                E: de::Error,
101            {
102                Domain::from_bits(value).ok_or_else(|| E::custom("invalid domain bitflags"))
103            }
104        }
105
106        deserializer.deserialize_u16(DomainVisitor)
107    }
108}
yubihsm/domain.rs

yubihsm/
domain.rs
