signstar_yubihsm2/object/
id.rs

1//! YubiHSM2 objects.
2
3use serde::{Deserialize, Serialize};
4use yubihsm::object::{Handle, Type};
5
6/// Identifier for an object stored on a YubiHSM2.
7///
8/// The YubiHSM2 provides several different types of objects.
9/// Each object type serves as a namespace, which means that an object of a specific type is
10/// isolated from objects of a different type.
11#[derive(Debug, Deserialize, Serialize)]
12#[serde(tag = "object_type", content = "object_id", rename_all = "kebab-case")]
13pub enum ObjectId {
14    /// Asymmetric key used for data signing.
15    AsymmetricKey(u16),
16
17    /// Authentication key used for authentication.
18    AuthenticationKey(u16),
19
20    /// Wrapping key used for exporting other objects under wrap.
21    WrappingKey(u16),
22
23    /// Opaque byte arrays which hold implementation-defined data, e.g. an OpenPGP certificate.
24    Opaque(u16),
25
26    /// HMAC-signing key.
27    Hmac(u16),
28
29    /// SSH certificate template.
30    Template(u16),
31
32    /// One-Time-Password AEAD key.
33    Otp(u16),
34}
35
36impl ObjectId {
37    /// Returns the raw identifier of the YubiHSM2 object.
38    pub fn id(&self) -> u16 {
39        match self {
40            ObjectId::AsymmetricKey(id) => *id,
41            ObjectId::AuthenticationKey(id) => *id,
42            ObjectId::WrappingKey(id) => *id,
43            ObjectId::Opaque(id) => *id,
44            ObjectId::Hmac(id) => *id,
45            ObjectId::Template(id) => *id,
46            ObjectId::Otp(id) => *id,
47        }
48    }
49
50    /// Returns the type of the YubiHSM2 object.
51    pub fn object_type(&self) -> Type {
52        match self {
53            ObjectId::AsymmetricKey(_) => Type::AsymmetricKey,
54            ObjectId::AuthenticationKey(_) => Type::AuthenticationKey,
55            ObjectId::WrappingKey(_) => Type::WrapKey,
56            ObjectId::Opaque(_) => Type::Opaque,
57            ObjectId::Hmac(_) => Type::HmacKey,
58            ObjectId::Template(_) => Type::Template,
59            ObjectId::Otp(_) => Type::OtpAeadKey,
60        }
61    }
62}
63
64impl From<Handle> for ObjectId {
65    fn from(value: Handle) -> Self {
66        match value.object_type {
67            Type::Opaque => ObjectId::Opaque(value.object_id),
68            Type::AuthenticationKey => ObjectId::AuthenticationKey(value.object_id),
69            Type::AsymmetricKey => ObjectId::AsymmetricKey(value.object_id),
70            Type::WrapKey => ObjectId::WrappingKey(value.object_id),
71            Type::HmacKey => ObjectId::Hmac(value.object_id),
72            Type::Template => ObjectId::Template(value.object_id),
73            Type::OtpAeadKey => ObjectId::Otp(value.object_id),
74        }
75    }
76}