Expand description
Backend handling for [NetHsm].
Based on a [NetHsm], NetHsmAdminCredentials and a SignstarConfig this module offers
the ability to populate a [NetHsm] backend with the help of the NetHsmBackend struct.
Using NetHsmBackend::sync all users and keys configured in a SignstarConfig
are created and adapted to changes upon re-run.
The state representation can be found in the nethsm::state module.
ยงNote
This module only works with data for the same iteration (i.e. the iteration of the
NetHsmAdminCredentials and those of the [NetHsm] backend must match).
Structsยง
- KeySetup
Comparison ๐ - Comparable components of a key setup between a [
NetHsm] backend and a Signstar config. - NetHsm
Backend - A NetHSM backend that provides full control over its data.
Functionsยง
- add_
namespace_ ๐admins - Sets up all N-Administrators and their respective namespaces.
- add_
namespaced_ ๐keys - Sets up all namespaced keys and tags them.
- add_
namespaced_ ๐non_ administrative_ users - Sets up all namespaced non-administrative users.
- add_
namespaced_ ๐openpgp_ certificates - Adds OpenPGP certificates for namespaced keys that are used for OpenPGP signing.
- add_
non_ ๐administrative_ users - Sets up all system-wide, non-administrative users based on provided credentials.
- add_
system_ ๐wide_ admins - Creates all R-Administrators on a [
NetHsm]. - add_
system_ ๐wide_ keys - Sets up all system-wide keys.
- add_
system_ ๐wide_ openpgp_ certificates - Adds OpenPGP certificates for system-wide keys that are used for OpenPGP signing.
- compare_
key_ ๐setups - Compares the key setups of a key from a Signstar config and that of a NetHSM backend.
- get_
first_ ๐available_ namespace_ admin - Retrieves the first available user in the [
Administrator][UserRole::Administrator] (N-Administrator) role in a namespace.