Skip to main content

IsletHES

islet_hes

Struct IsletHES 

Source 
pub struct IsletHES { /* private fields */ }

Implementations§

Source§

impl IsletHES

Source

pub fn init<H: HWData>(hw_data: H) -> Result<Self, IsletHESError>
where <H as HWData>::Error: Debug,

Initializes IsletHes with data for HWData interface

Source

pub fn reset<H: HWData>(&mut self, hw_data: H) -> Result<(), IsletHESError>

Resets the measurements database and unmarks DAK key as generated

Source

pub fn read_measurement( &self, slot_id: usize, ) -> Result<(&Measurement, bool), IsletHESError>

Returns measurement metadata, value and locked attribute from given slot_id. Returns IsletHESError::InvalidArgument, when slot_id is out of bounds. Returns IsletHESError::DoesNotExist, when is not populated.

Source

pub fn extend_measurement( &mut self, slot_id: usize, measurement: Measurement, lock: bool, ) -> Result<(), IsletHESError>

Extends measurement with updated metadata, value and locked attribute in given slot_id. Returns IsletHESError::InvalidArgument, when slot_id is out of bounds. Returns IsletHESError::BadState, when measurement is locked. Returns IsletHESError::NotPermitted, when measurements signer id’s and algorithm do not match.

Source

pub fn get_delegated_key( &mut self, ecc_family: ECCFamily, key_bits: KeyBits, hash_algo: HashAlgo, ) -> Result<Vec<u8>, IsletHESError>

Generates DAK with ECCFamily and uses measurements (Measurement) as salt in the process. Returns bytes of a scalar primitive, which can be used to recreate DAK Private Key. HashAlgo is used for verification process, when get_platform_token is called. Returns IsletHESError::GenericError, when CBOR or crypto operation fails.

Source

pub fn get_platform_token( &mut self, dak_pub_hash: &[u8], ) -> Result<CoseSign1, IsletHESError>

Creates a tagged [CoseSign1] of the platform token. dak_pub_hash must be a valid hash of DAK Public Key using HashAlgo passed in IsletHES::get_delegated_key. Returns IsletHESError::GenericError, when CBOR or crypto operation fails. Returns IsletHESError::InvalidArgument, when DAK was not requsted before this operation, or dak_pub_hash is not a valid hash of DAK Public Key.

Source

pub fn get_authority_vhuk(&mut self) -> Result<Vec<u8>, IsletHESError>

Creates an authority based Virtual HUK (VHUK_A). This key is bound to the authority data, the type of firmware components and HUK. This makes it immune to firmware updates. This function should not return an error.

Source

pub fn get_measurement_vhuk(&mut self) -> Result<Vec<u8>, IsletHESError>

Creates a measurement based Virtual HUK (VHUK_M). This key is bound to the boot measurements of firmware components and HUK. It is bound to a specific version of CCA Platform firmware.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.