signstar_crypto/key/import/
nethsm.rs

1//! Implementations specific to a NetHSM backend.
2
3use base64ct::{Base64, Encoding};
4use nethsm_sdk_rs::models::KeyPrivateData;
5
6use crate::key::{
7    Error,
8    import::{PrivateKeyData, PrivateKeyImport},
9};
10
11impl TryFrom<PrivateKeyImport> for KeyPrivateData {
12    type Error = crate::Error;
13
14    fn try_from(value: PrivateKeyImport) -> Result<Self, Self::Error> {
15        Ok(match value.key_data {
16            PrivateKeyData::Rsa {
17                prime_p,
18                prime_q,
19                public_exponent,
20            } => KeyPrivateData {
21                prime_p: Some(Base64::encode_string(&prime_p)),
22                prime_q: Some(Base64::encode_string(&prime_q)),
23                public_exponent: Some(Base64::encode_string(&public_exponent)),
24                data: None,
25            },
26            PrivateKeyData::EcP224(data)
27            | PrivateKeyData::EcP256(data)
28            | PrivateKeyData::EcP384(data)
29            | PrivateKeyData::EcP521(data)
30            | PrivateKeyData::Curve25519(data) => KeyPrivateData {
31                prime_p: None,
32                prime_q: None,
33                public_exponent: None,
34                data: Some(Base64::encode_string(&data)),
35            },
36            PrivateKeyData::EcBp256(_) | PrivateKeyData::EcBp384(_) | PrivateKeyData::EcK256(_) => {
37                return Err(Error::UnsupportedPrivateKeyData {
38                    key_type: value.key_type(),
39                    context: "the NetHSM backend does not support it",
40                }
41                .into());
42            }
43        })
44    }
45}
signstar_crypto/key/import/nethsm.rs

signstar_crypto/key/import/
nethsm.rs
