signstar_config::nethsm::backend

Struct NetHsmBackend

Source 
pub struct NetHsmBackend<'a, 'b> {
    nethsm: NetHsm,
    admin_credentials: &'a AdminCredentials,
    signstar_config: &'b HermeticParallelConfig,
}
Expand description

A NetHSM backend that provides full control over its data.

This backend allows full control over the data in a [NetHsm], to the extend that is configured by the tracked AdminCredentials and HermeticParallelConfig.

Fields§

§nethsm: NetHsm§admin_credentials: &'a AdminCredentials§signstar_config: &'b HermeticParallelConfig

Implementations§

Source§

impl<'a, 'b> NetHsmBackend<'a, 'b>

Source

pub fn new( nethsm: NetHsm, admin_credentials: &'a AdminCredentials, signstar_config: &'b HermeticParallelConfig, ) -> Result<Self, Error>

Creates a new NetHsmBackend.

§Errors

Returns an error if

  • the iteration of the admin_credentials does not match that of the signstar_config,
  • or retrieving the default administrator from the admin_credentials fails.
§Examples
use std::collections::HashSet;

use nethsm::{FullCredentials, Connection, ConnectionSecurity, NetHsm};
use nethsm_config::{
    AdministrativeSecretHandling,
    AuthorizedKeyEntryList,
    ConfigInteractivity,
    ConfigSettings,
    HermeticParallelConfig,
    NonAdministrativeSecretHandling,
    UserMapping,
};
use signstar_config::{AdminCredentials, NetHsmBackend};

// The NetHSM connection.
let nethsm = NetHsm::new(
    Connection::new(
        "https://example.org/api/v1".try_into()?,
        ConnectionSecurity::Unsafe,
    ),
    None,
    None,
    None,
)?;
// The administrative credentials.
let admin_credentials = AdminCredentials::new(
    1,
    "backup-passphrase".parse()?,
    "unlock-passphrase".parse()?,
    vec![FullCredentials::new(
        "admin".parse()?,
        "admin-passphrase".parse()?,
    )],
    vec![FullCredentials::new(
        "ns1~admin".parse()?,
        "ns1-admin-passphrase".parse()?,
    )],
)?;
// The Signstar config.
let signstar_config = HermeticParallelConfig::new(
    ConfigSettings::new(
        "my_app".to_string(),
        ConfigInteractivity::NonInteractive,
        None,
    ),
    1,
    AdministrativeSecretHandling::ShamirsSecretSharing,
    NonAdministrativeSecretHandling::SystemdCreds,
    HashSet::from([Connection::new(
        "https://localhost:8443/api/v1/".parse()?,
        "Unsafe".parse()?,
    )]),
    HashSet::from([
        UserMapping::NetHsmOnlyAdmin("admin".parse()?),
        UserMapping::SystemOnlyShareDownload {
            system_user: "ssh-share-down".parse()?,
            ssh_authorized_keys: AuthorizedKeyEntryList::new(vec!["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOh96uFTnvX6P1ebbLxXFvy6sK7qFqlMHDOuJ0TmuXQQ user@host".parse()?])?,
        },
        UserMapping::SystemOnlyShareUpload {
            system_user: "ssh-share-up".parse()?,
            ssh_authorized_keys: AuthorizedKeyEntryList::new(vec!["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOh96uFTnvX6P1ebbLxXFvy6sK7qFqlMHDOuJ0TmuXQQ user@host".parse()?])?,
        }]),
)?;

let nethsm_backend = NetHsmBackend::new(nethsm, &admin_credentials, &signstar_config)?;
Source

pub fn state(&self) -> Result<State, Error>

Creates a new State for the [NetHsm] backend.

§Note

This function uses the nethsm with the default R-Administrator, but may switch to a namespace-specific N-Administrator for individual operations. If this function succeeds, the nethsm is guaranteed to use the default R-Administrator again. If this function fails, the nethsm may still use a namespace-specific N-Administrator.

§Errors

Returns an error if

  • retrieving the system state of the tracked [NetHsm] fails,
  • unlocking a locked [NetHsm] backend fails,
  • or retrieving the state of users or keys on the tracked [NetHsm] backend fails.
Source

pub fn sync(&self, user_credentials: &[FullCredentials]) -> Result<(), Error>

Syncs the state of a Signstar configuration with the backend using credentials for users in non-administrative roles.

Provisions unprovisioned NetHSM backends and unlocks locked ones. Then works down the following list to

  • create R-Administrators,
    • or set their passphrase if they exist already,
  • create system-wide keys and add tags to them,
    • or remove all tags from existing keys and only add the configured tags,
  • create users in the system-wide, non-administrative roles (i.e. [Backup][UserRole::Backup], [Metrics][UserRole::Metrics] and [Operator][UserRole::Operator]),
    • or set their passphrase if they exist already,
  • create OpenPGP certificates for system-wide keys,
    • or do nothing if they exist already,
  • create N-Administrators and their respective namespaces,
    • or set their passphrase if they exist already,
  • create namespaced keys and add tags to them,
    • or remove all tags from existing keys and only add the configured tags,
  • create users in the namespaced, non-administrative roles (i.e. [Operator][UserRole::Operator]),
    • or set their passphrase if they exist already,
  • and create OpenPGP certificates for namespaced keys,
    • or do nothing if they exist already.
§Note

This function uses the nethsm with the default R-Administrator, but may switch to a namespace-specific N-Administrator or non-administrative user for individual operations. If this function succeeds, the nethsm is guaranteed to use the default R-Administrator again. If this function fails, the nethsm may still use a namespace-specific N-Administrator or non-administrative user.

§Errors

Returns an error if

  • retrieving the state of the [NetHsm] backend fails,
  • provisioning an unprovisioned [NetHsm] fails,
  • unlocking a locked [NetHsm] backend fails,
  • adding users in the system-wide [Administrator][UserRole::Administrator] role fails,
  • adding system-wide keys fails,
  • adding system-wide users in the [Backup][UserRole::Backup], [Metrics][UserRole::Metrics] or [Operator][UserRole::Operator] role fails,
  • adding OpenPGP certificates for system-wide keys fails,
  • adding namespaced users in the [Administrator][UserRole::Administrator] role or adding their respective namespace fails,
  • adding namespaced keys fails,
  • adding namespaced users in the [Operator][UserRole::Operator] role fails,
  • or adding OpenPGP certificates for namespaced keys fails.

Trait Implementations§

Source§

impl<'a, 'b> Debug for NetHsmBackend<'a, 'b>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

§

impl<'a, 'b> !Freeze for NetHsmBackend<'a, 'b>

§

impl<'a, 'b> !RefUnwindSafe for NetHsmBackend<'a, 'b>

§

impl<'a, 'b> Send for NetHsmBackend<'a, 'b>

§

impl<'a, 'b> !Sync for NetHsmBackend<'a, 'b>

§

impl<'a, 'b> Unpin for NetHsmBackend<'a, 'b>

§

impl<'a, 'b> !UnwindSafe for NetHsmBackend<'a, 'b>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> Conv for T

§

fn conv<T>(self) -> T
where Self: Into<T>,

Converts self into T using Into<T>. Read more
§

impl<T> FmtForward for T

§

fn fmt_binary(self) -> FmtBinary<Self>
where Self: Binary,

Causes self to use its Binary implementation when Debug-formatted.
§

fn fmt_display(self) -> FmtDisplay<Self>
where Self: Display,

Causes self to use its Display implementation when Debug-formatted.
§

fn fmt_lower_exp(self) -> FmtLowerExp<Self>
where Self: LowerExp,

Causes self to use its LowerExp implementation when Debug-formatted.
§

fn fmt_lower_hex(self) -> FmtLowerHex<Self>
where Self: LowerHex,

Causes self to use its LowerHex implementation when Debug-formatted.
§

fn fmt_octal(self) -> FmtOctal<Self>
where Self: Octal,

Causes self to use its Octal implementation when Debug-formatted.
§

fn fmt_pointer(self) -> FmtPointer<Self>
where Self: Pointer,

Causes self to use its Pointer implementation when Debug-formatted.
§

fn fmt_upper_exp(self) -> FmtUpperExp<Self>
where Self: UpperExp,

Causes self to use its UpperExp implementation when Debug-formatted.
§

fn fmt_upper_hex(self) -> FmtUpperHex<Self>
where Self: UpperHex,

Causes self to use its UpperHex implementation when Debug-formatted.
§

fn fmt_list(self) -> FmtList<Self>
where &'a Self: for<'a> IntoIterator,

Formats each item in a sequence. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pipe for T
where T: ?Sized,

§

fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> R
where Self: Sized,

Pipes by value. This is generally the method you want to use. Read more
§

fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R
where R: 'a,

Borrows self and passes that borrow into the pipe function. Read more
§

fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> R
where R: 'a,

Mutably borrows self and passes that borrow into the pipe function. Read more
§

fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
where Self: Borrow<B>, B: 'a + ?Sized, R: 'a,

Borrows self, then passes self.borrow() into the pipe function. Read more
§

fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
where Self: BorrowMut<B>, B: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more
§

fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
where Self: AsRef<U>, U: 'a + ?Sized, R: 'a,

Borrows self, then passes self.as_ref() into the pipe function.
§

fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
where Self: AsMut<U>, U: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.as_mut() into the pipe function.
§

fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
where Self: Deref<Target = T>, T: 'a + ?Sized, R: 'a,

Borrows self, then passes self.deref() into the pipe function.
§

fn pipe_deref_mut<'a, T, R>( &'a mut self, func: impl FnOnce(&'a mut T) -> R, ) -> R
where Self: DerefMut<Target = T> + Deref, T: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.deref_mut() into the pipe function.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
§

impl<T> Tap for T

§

fn tap(self, func: impl FnOnce(&Self)) -> Self

Immutable access to a value. Read more
§

fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self

Mutable access to a value. Read more
§

fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Immutable access to the Borrow<B> of a value. Read more
§

fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Mutable access to the BorrowMut<B> of a value. Read more
§

fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Immutable access to the AsRef<R> view of a value. Read more
§

fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Mutable access to the AsMut<R> view of a value. Read more
§

fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Immutable access to the Deref::Target of a value. Read more
§

fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Mutable access to the Deref::Target of a value. Read more
§

fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self

Calls .tap() only in debug builds, and is erased in release builds.
§

fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self

Calls .tap_mut() only in debug builds, and is erased in release builds.
§

fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Calls .tap_borrow() only in debug builds, and is erased in release builds.
§

fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds.
§

fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Calls .tap_ref() only in debug builds, and is erased in release builds.
§

fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Calls .tap_ref_mut() only in debug builds, and is erased in release builds.
§

fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Calls .tap_deref() only in debug builds, and is erased in release builds.
§

fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Calls .tap_deref_mut() only in debug builds, and is erased in release builds.
§

impl<T> TryConv for T

§

fn try_conv<T>(self) -> Result<T, Self::Error>
where Self: TryInto<T>,

Attempts to convert self into T using TryInto<T>. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V

§

impl<T> ErasedDestructor for T
where T: 'static,