Struct optee_utee::object::TransientObject [−][src]
pub struct TransientObject(_);
Expand description
An object containing attributes but no data stream, which is reclaimed when closed or when the TA instance is destroyed. Transient objects are used to hold a cryptographic object (key or key-pair).
Contrast PersistentObject.
Implementations
Create a TransientObject with a null handle which points to nothing.
Allocate an uninitialized TransientObject, i.e. a container for attributes.
As allocated, the object is uninitialized. It can be initialized by subsequently importing the object material, generating an object, deriving an object, or loading an object from the Trusted Storage.
Parameters
object_type
: Type of uninitialized object container to be created as defined in TransientObjectType.max_object_size
: Key Size of the object. Valid values depend on the object type and are defined in TransientObjectType.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object) =>
{
// ...
Ok(())
}
Err(e) => Err(e),
}
Errors
OutOfMemory
: If not enough resources are available to allocate the object handle.NotSupported
: If the key size is not supported or the object type is not supported.
Panics
- If the Implementation detects any error associated with this function which is not explicitly associated with a defined return code for this function.
Reset a TransientObject to its initial state after allocation. If the object is currently initialized, the function clears the object of all its material. The object is then uninitialized again.
Populate an uninitialized object container with object attributes passed by the TA in the attrs
parameter.
When this function is called, the object SHALL be uninitialized.
If the object is initialized, the caller SHALL first clear it using the function reset.
Note that if the object type is a key-pair, then this function sets both the private and public attributes of the keypair.
Parameters
attrs
: Array of object attributes.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object) =>
{
let attrs = [AttributeMemref::from_ref(AttributeId::SecretValue, &[0u8;1])];
object.populate(&attrs);
Ok(())
}
Err(e) => Err(e),
}
Errors
BadParameters
: If an incorrect or inconsistent attribute value is detected. In this case, the content of the object SHALL remain uninitialized.
Panics
- If object is not a valid opened object that is transient and uninitialized.
- If some mandatory attribute is missing.
- If an attribute which is not defined for the object’s type is present in attrs.
- If an attribute value is too big to fit within the maximum object size specified when the object was created.
- If the Implementation detects any other error associated with this function which is not explicitly associated with a defined return code for this function.
Return the characteristics of an object.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object) => {
match object.info() {
Ok(info) => {
// ...
Ok(())
}
Err(e) => Err(e),
}
Err(e) => Err(e),
}
Panics
- If object is not a valid opened object.
- If the Implementation detects any other error associated with this function which is not explicitly associated with a defined return code for this function.
Restrict the object usage flags of an object handle to contain at most the flags passed in the obj_usage parameter.
The initial value of the key usage contains all usage flags.
Parameters
obj_usage
: New object usage, an OR comination of one or more of the UsageFlag.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object) =>
{
object.restrict_usage(UsageFlag::ENCRYPT)?;
Ok(())
}
Err(e) => Err(e),
}
Panics
- If object is not a valid opened object.
- If the Implementation detects any other error associated with this function which is not explicitly associated with a defined return code for this function.
Extract one buffer attribute from an object. The attribute is identified by the argument id.
Parameters
id
: Identifier of the attribute to retrieve.ref_attr
: Output buffer to get the content of the attribute.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object) => {
let mut attr = [0u8; 16];
match object.ref_attribute(id, &mut attr) {
Ok(size) => {
// ...
Ok(())
}
Err(e) => Err(e),
}
}
Err(e) => Err(e),
}
Errors
ItemNotFound
: If the attribute is not found on this object.ShortBuffer
: If buffer is NULL or too small to contain the key part.
Panics
- If object is not a valid opened object.
- If the object is not initialized.
- If the Attribute is not a buffer attribute.
Extract one value attribute from an object. The attribute is identified by the argument id.
Parameters
id
: Identifier of the attribute to retrieve.value_attr
: Two value placeholders to get the content of the attribute.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object) => {
match object.value_attribute(id) {
Ok(a,b) => {
// ...
Ok(())
}
Err(e) => Err(e),
}
}
Err(e) => Err(e),
}
Errors
ItemNotFound
: If the attribute is not found on this object.
Panics
- If object is not a valid opened object.
- If the object is not initialized.
- If the Attribute is not a value attribute.
Populates an uninitialized object handle with the attributes of another object handle; that is, it populates the attributes of this handle with the attributes of src_handle. It is most useful in the following situations:
- To extract the public key attributes from a key-pair object.
- To copy the attributes from a PersistentObject into a TransientObject.
Parameters
src_object
: Can be either a TransientObject or PersistentObject.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object1) =>
{
match TransientObject::allocate(TransientObjectType::Aes, 256) {
Ok(object2) => {
object1.copy_attribute_from(object2);
Ok(())
}
Err(e) => Err(e),
}
}
Err(e) => Err(e),
}
Errors
CorruptObject
: If the persistentd` object is corrupt. The object handle is closed.StorageNotAvailable
: If the PersistentObject is stored in a storage area which is currently inaccessible.
Panics
- If src_object is not initialized.
- If self is initialized.
- If the type and size of src_object and self are not compatible.
- If the Implementation detects any other error associated with this function which is not explicitly associated with a defined return code for this function.
Generates a random key or a key-pair and populates a transient key object with the generated key material.
Parameters
key_size
: the size of the desired key. It SHALL be less than or equal to the maximum key size specified when the TransientObject was created.
Example
match TransientObject::allocate(TransientObjectType::Aes, 128) {
Ok(object) =>
{
object.generate_key(128, &[])?;
Ok(())
}
Err(e) => Err(e),
}
Errors
BadParameters
: If an incorrect or inconsistent attribute value is detected. In this case, the content of the object SHALL remain uninitialized.
Panics
- If object is not a valid opened object.
- If some mandatory attribute is missing.
- If an attribute which is not defined for the object’s type is present in attrs.
- If an attribute value is too big to fit within the maximum object size specified when the object was created.
- If the Implementation detects any other error associated with this function which is not explicitly associated with a defined return code for this function.
Trait Implementations
Deallocates a TransientObject previously allocated. After this function has been called, the object handle is no longer valid and all resources associated with the TransientObject SHALL have been reclaimed.
Panics
- If object is not a valid opened object.
- If the Implementation detects any other error associated with this function which is not explicitly associated with a defined return code for this function.
Auto Trait Implementations
impl RefUnwindSafe for TransientObject
impl !Send for TransientObject
impl !Sync for TransientObject
impl Unpin for TransientObject
impl UnwindSafe for TransientObject
Blanket Implementations
pub fn borrow_mut(&mut self) -> &mut T
pub fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
pub fn from(t: T) -> T
pub fn from(t: T) -> T
Performs the conversion.
pub fn into(self) -> U
pub fn into(self) -> U
Performs the conversion.