Struct btlib::crypto::tpm::TpmCredStore

source ·
pub struct TpmCredStore { /* private fields */ }

Implementations§

source§

impl TpmCredStore

source

pub fn from_tabrmd( tabrmd_cfg: &str, state_path: PathBuf ) -> Result<TpmCredStore>

Connects to the TPM via the TPM Access Broker Resource Manager Daemon (TABRMD), as specified by the provided configuration string.

source

pub fn from_context( context: Context, state_path: PathBuf ) -> Result<TpmCredStore>

Trait Implementations§

source§

impl CredStore for TpmCredStore

§

type CredHandle = TpmCreds

The type of the credential handle returned by this store.
§

type ExportedCreds = ExportedCreds

The type of the exported credentials returned by this store.
source§

fn node_creds(&self) -> Result<TpmCreds>

Returns the node credentials. If credentials haven’t been generated, they are generated stored and returned.
source§

fn root_creds(&self, password: &str) -> Result<Self::CredHandle>

Returns the root credentials. If no root credentials have been generated, or the provided password is incorrect, then an error is returned.
source§

fn storage_key(&self) -> Result<AsymKeyPub<Encrypt>>

Returns a public key which can be used to encrypt data intended only to be accessed by this node. The returned key can be given as the new_parent parameter to the CredStore::export_root_creds method.
source§

fn export_root_creds( &self, root_creds: &TpmCreds, password: &str, new_parent: &AsymKeyPub<Encrypt> ) -> Result<ExportedCreds>

Exports the root credentials. These can be serialized and persisted external to the application and later loaded and deserialized and passed to the CredStoreMut::import_root_creds method. The password argument must match the value provided when the CredStore::root_creds method was called. The new_parent argument is the public key of the node that is to import the root key, which can be obtained using the CredStoreMut::gen_root_creds method on the importing node.
source§

impl CredStoreMut for TpmCredStore

source§

fn import_root_creds( &self, password: &str, exported: ExportedCreds ) -> Result<TpmCreds>

Imports root credentials that were previously created with CredStore::export_root_creds. The provided password must match the value that was given to that method.
source§

fn gen_root_creds(&self, password: &str) -> Result<Self::CredHandle>

Generates the root credentials and protects them using the given password. If the root credentials have already been generated then an error is returned.
source§

fn assign_node_writecap( &self, handle: &mut Self::CredHandle, writecap: Writecap ) -> Result<()>

Assigns the given Writecap to the node credentials referred to by the given handle. This method is responsible for committing the given Writecap to durable storage.
source§

fn assign_root_writecap( &self, handle: &mut Self::CredHandle, writecap: Writecap ) -> Result<()>

Assigns writecap to the root credentials referred to by handle. This method is responsible for committing the given Writecap to durable storage.
source§

fn provision_root( &self, password: &str, expires: Epoch ) -> Result<Self::CredHandle>

Generates new root credentials protected by password and issues them a self-signed Writecap which expires after valid_for. The newly generated root credentials are returned.
source§

fn provision_node_start(&self) -> Result<Principal>

Begin the provisioning process for a node by generating a new set of node credentials. The Principal of the newly generated credentials is returned. This Principal may then be transmitted to a root node which can use it to issue a Writecap to this node.
source§

fn provision_node_finish(&self, writecap: Writecap) -> Result<Self::CredHandle>

Assigns the given Writecap to the node credentials and commits it to durable storage. A handle to the node credentials is returned.

Auto Trait Implementations§

Blanket Implementations§

source§

impl<T> Any for Twhere T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for Twhere T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for Twhere T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> Free for T

§

unsafe default fn free(ptr_ref: NonNull<T>)

Drops the content pointed by this pointer and frees it. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for Twhere U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T, U> TryFrom<U> for Twhere U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for Twhere U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.