Security

security

Struct Security 

Source 
pub struct Security<P: CheckedPermissions> { /* private fields */ }

Implementations§

Source§

impl<P: CheckedPermissions> Security<P>

Source

pub fn set_seed_and_pin( &self, seed: Seed, pin: String, pin_entry: PinEntryMode, ) -> Result<(), PinError>
where P: MessageAllowed<SetSeedAndPin>,

Permission: os/security / SetSeedAndPin

Groups: device-secrets.owner-auth

Sender policy: static-server

Grant timing: policy-only

User does not need to be logged in. Use this when setting the seed and PIN for the first time.

Source

pub fn change_pin( &self, raw_pin: String, seed: Option<Seed>, pin_entry: PinEntryMode, ) -> Result<(), PinError>
where P: MessageAllowed<ChangePin>,

Permission: os/security / ChangePin

Groups: device-secrets.owner-auth

Sender policy: static-server

Grant timing: policy-only

User must be logged in to set a new pin.

Source

pub fn is_pin_set(&self) -> Result<bool, AccessDenied>
where P: MessageAllowed<IsPinSet>,

Permission: os/security / IsPinSet

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn get_pin_entry_mode(&self) -> PinEntryMode
where P: MessageAllowed<GetPinEntryMode>,

Permission: os/security / GetPinEntryMode

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn log_in(&self, pin: String) -> Result<(), LoginFailed>
where P: MessageAllowed<Login>,

Permission: os/security / Login

Groups: device-secrets.owner-auth

Sender policy: static-server

Grant timing: policy-only

Source

pub fn log_out(&self)
where P: MessageAllowed<Logout>,

Permission: os/security / Logout

Groups: device-secrets.owner-auth

Sender policy: static-server

Grant timing: policy-only

Source

pub fn logged_in(&self) -> bool
where P: MessageAllowed<LoggedIn>,

Permission: os/security / LoggedIn

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn attempts_remaining(&self) -> Result<u32, AccessDenied>
where P: MessageAllowed<GetAttemptsRemaining>,

Permission: os/security / GetAttemptsRemaining

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn factory_reset_counter(&self) -> Result<u32, AccessDenied>
where P: MessageAllowed<GetFactoryResetCounter>,

Permission: os/security / GetFactoryResetCounter

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn seed(&self) -> Result<Option<Seed>, AccessDenied>
where P: MessageAllowed<GetSeed>,

Permission: os/security / GetSeed

Groups: device-secrets.master-seed

Sender policy: static-server

Grant timing: policy-only

Fetches the Seed from SE.

§Returns
  • None if otp_key field of SECURAM is set to all zeros.
  • Some(seed) otherwise.
Source

pub fn set_seed(&self, seed: Seed) -> Result<(), AccessDenied>
where P: MessageAllowed<SetSeed>,

Permission: os/security / SetSeed

Groups: device-secrets.master-seed

Sender policy: static-server

Grant timing: policy-only

User must be logged in to change the seed. This is because a XOR operation will be performed between the seed and the PIN hash before storing it in the SE.

In case the user is setting the seed for the first time, use SetSeedAndPin instead.

Source

pub fn app_seed(&self) -> Result<[u8; 32], AccessDenied>
where P: MessageAllowed<GetAppSeed>,

Permission: os/security / GetAppSeed

Groups: device-secrets.app-scoped-seed

Sender policy: signed

Grant timing: install-review

Source

pub fn lockout( &self, lockout_options: LockoutOptions, ) -> Result<(), AccessDenied>
where P: MessageAllowed<Lockout>,

Permission: os/security / Lockout

Groups: device-secrets.owner-auth

Sender policy: static-server

Grant timing: policy-only

Source

pub fn sign_with_security_check_key( &self, data: [u8; 32], ) -> Result<[u8; 64], AccessDenied>
where P: MessageAllowed<SignWithSecurityCheckKey>,

Permission: os/security / SignWithSecurityCheckKey

Groups: cryptography.secure-signing

Sender policy: static-server

Grant timing: policy-only

Source

pub fn sign_with_fido_key( &self, data: [u8; 32], ) -> Result<[u8; 64], AccessDenied>
where P: MessageAllowed<SignWithFidoKey>,

Permission: os/security / SignWithFidoKey

Groups: cryptography.secure-signing

Sender policy: static-server

Grant timing: policy-only

Source

pub fn get_fido_pubkey(&self) -> Result<[u8; 64], AccessDenied>
where P: MessageAllowed<GetFidoPubkey>,

Permission: os/security / GetFidoPubkey

Groups: cryptography.secure-signing

Sender policy: static-server

Grant timing: policy-only

Source

pub fn security_words( &self, pin_prefix: &str, ) -> Result<[SecurityWord; 2], AccessDenied>
where P: MessageAllowed<GetSecurityWords>,

Permission: os/security / GetSecurityWords

Groups: device-secrets.owner-auth

Sender policy: static-server

Grant timing: policy-only

Source

pub fn firmware_timestamp(&self) -> Result<FirmwareTimestamp, AccessDenied>
where P: MessageAllowed<GetFirmwareTimestamp>,

Permission: os/security / GetFirmwareTimestamp

Groups: device-secrets.firmware-timestamp

Sender policy: foundation-signed

Grant timing: policy-only

Source

pub fn set_firmware_timestamp( &self, timestamp: FirmwareTimestamp, ) -> Result<(), AccessDenied>
where P: MessageAllowed<SetFirmwareTimestamp>,

Permission: os/security / SetFirmwareTimestamp

Groups: device-secrets.firmware-timestamp

Sender policy: foundation-signed

Grant timing: policy-only

Source

pub fn seed_fingerprint(&self) -> Result<[u8; 32], AccessDenied>
where P: MessageAllowed<GetSeedFingerprint>,

Permission: os/security / GetSeedFingerprint

Groups: device-secrets.device-identity

Sender policy: signed

Grant timing: grant-on-first-use

Source

pub fn fingerprint(&self, seed: &Seed) -> Result<[u8; 32], AccessDenied>
where P: MessageAllowed<ComputeSeedFingerprint>,

Permission: os/security / ComputeSeedFingerprint

Groups: device-secrets.device-identity

Sender policy: signed

Grant timing: grant-on-first-use

Source

pub fn os_version_info(&self) -> Result<Option<OsVersionInfo>, AccessDenied>
where P: MessageAllowed<GetOsVersionInfo>,

Permission: os/security / GetOsVersionInfo

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn bootloader_build_date(&self) -> Result<Option<u64>, AccessDenied>
where P: MessageAllowed<GetBootloaderBuildDate>,

Permission: os/security / GetBootloaderBuildDate

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn sc_challenge( &self, challenge: [u8; 104], ) -> Result<ScProof, ScChallengeError>
where P: MessageAllowed<ScChallenge>,

Permission: os/security / ScChallenge

Groups: cryptography.secure-signing

Sender policy: static-server

Grant timing: policy-only

Source

pub fn device_id(&self) -> Result<DeviceId, GetDeviceIdError>
where P: MessageAllowed<GetDeviceId>,

Permission: os/security / GetDeviceId

Groups: device-secrets.device-identity

Sender policy: signed

Grant timing: grant-on-first-use

Source

pub fn get_random(&self) -> Result<[u8; 32], AccessDenied>
where P: MessageAllowed<GetRandom>,

Permission: os/security / GetRandom

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn keycard_authenticity_mac( &self, msg: [u8; 32], ) -> Result<[u8; 32], AccessDenied>
where P: MessageAllowed<KeycardAuthenticityMac>,

Permission: os/security / KeycardAuthenticityMac

Groups: cryptography.secure-signing

Sender policy: static-server

Grant timing: policy-only

Source

pub fn get_pin(&self) -> String
where P: MessageAllowed<GetPin>,

Permission: os/security / GetPin

Groups: device-secrets.owner-auth

Sender policy: static-server

Grant timing: policy-only

Source

pub fn set_attempts_remaining(&self, attempts: u32) -> Result<(), SecurityError>
where P: MessageAllowed<SetAttempts>,

Permission: os/security / SetAttempts

Groups: device-secrets.admin-and-pairing-state

Sender policy: static-server

Grant timing: policy-only

Source

pub fn bluetooth_challenge_secret(&self) -> BluetoothChallengeSecret
where P: MessageAllowed<GetBluetoothChallengeSecret>,

Permission: os/security / GetBluetoothChallengeSecret

Groups: device-secrets.admin-and-pairing-state

Sender policy: static-server

Grant timing: policy-only

Get the bluetooth HMAC challenge secret and whether it was shared with the BT chip already.

Source

pub fn set_bluetooth_challenge_secret_sent(&self)
where P: MessageAllowed<SetBluetoothCheckSecretSent>,

Permission: os/security / SetBluetoothCheckSecretSent

Groups: device-secrets.admin-and-pairing-state

Sender policy: static-server

Grant timing: policy-only

Source

pub fn set_bluetooth_device_id(&self, device_id: [u8; 8])
where P: MessageAllowed<SetBluetoothDeviceId>,

Permission: os/security / SetBluetoothDeviceId

Groups: device-secrets.admin-and-pairing-state

Sender policy: static-server

Grant timing: policy-only

Source

pub fn master_key_state(&self) -> MasterKeyState
where P: MessageAllowed<GetMasterKeyState>,

Permission: os/security / GetMasterKeyState

Groups: device-secrets.status

Sender policy: signed

Grant timing: install-review

Source

pub fn subscribe_disk_encryption_keys_ready<SR>( &self, context: &mut ServerContext<SR>, )
where P: MessageAllowed<SubscribeDiskEncryptionKeysReady>, SR: ScalarEventHandler<DiskEncryptionKeysReady>,

Permission: os/security / SubscribeDiskEncryptionKeysReady

Groups: TBD

Sender policy: TBD

Grant timing: TBD

Subscribe to the DiskEncryptionKeysReady event. The event fires once, when the security server has written disk encryption keys into SECURAM. Subscribers that arrive after the event has already fired receive it immediately on subscription.

Trait Implementations§

Source§

impl<P: Default + CheckedPermissions> Default for Security<P>

Source§

fn default() -> Security<P>

Returns the “default value” for a type. Read more

Auto Trait Implementations§

§

impl<P> Freeze for Security<P>

§

impl<P> RefUnwindSafe for Security<P>

§

impl<P> Send for Security<P>

§

impl<P> Sync for Security<P>

§

impl<P> Unpin for Security<P>

§

impl<P> UnwindSafe for Security<P>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
§

impl<T> ArchivePointee for T

§

type ArchivedMetadata = ()

The archived version of the pointer metadata for this type.
§

fn pointer_metadata( _: &<T as ArchivePointee>::ArchivedMetadata, ) -> <T as Pointee>::Metadata

Converts some archived metadata to the pointer metadata for itself.
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> LayoutRaw for T

§

fn layout_raw(_: <T as Pointee>::Metadata) -> Result<Layout, LayoutError>

Returns the layout of the type.
§

impl<T, N1, N2> Niching<NichedOption<T, N1>> for N2
where T: SharedNiching<N1, N2>, N1: Niching<T>, N2: Niching<T>,

§

unsafe fn is_niched(niched: *const NichedOption<T, N1>) -> bool

Returns whether the given value has been niched. Read more
§

fn resolve_niched(out: Place<NichedOption<T, N1>>)

Writes data to out indicating that a T is niched.
§

impl<T> Pointee for T

§

type Metadata = ()

The metadata type for pointers and references to this type.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.