Struct ConfigBuilder

pub struct ConfigBuilder { /* private fields */ }

An implementation of ServerSecurityConfig that can be extended using builder methods.

This is very much in flux, and will need further exploration as to inhowmuch this can be type-composed from components.

Implementations

impl ConfigBuilder

pub fn new() -> Self

Creates an empty server security configuration.

Without any additional building steps, this is equivalent to DenyAll.

pub fn with_aif_symmetric_as_aesccm256(self, key: [u8; 32]) -> Self

Sets a single Authorization Server recognized by a shared AES-16-128-256 (COSE algorithm 31) key.

Scopes are accepted as given by the AS using the AIF REST model as understood by crate::scope::AifValue.

Caveats and evolution

Currently, this type just supports a single AS; it should therefore only be called once, and the latest value overwrites any earlier. Building these in type state (as [(&as_key); { N+1 }] (once that is possible) or (&as_key1, (&as_key2, ())) will make sense on the long run, but is not implemented yet.

Depending on whether the keys are already referenced in a long-lived location, when implementing that, it can also make sense to allow using any AsRef<[u8; 32]> types at that point.

Currently, keys are taken as byte sequence. With the expected flexibilization of crypto backends, this may later allow a more generic type that reflects secure element key slots.

pub fn with_aif_asymmetric_es256( self, x: [u8; 32], y: [u8; 32], audience: String<MAX_AUD_SIZE>, ) -> Self

Sets a single Authorization Server recignized by its ES256 (COSE algorithm -7) signing key.

An audience identifier is taken along with the key; signed tokens are only accepted if they have that audience.

Scopes are accepted as given by the AS using the AIF REST model as understood by crate::scope::AifValue.

Caveats and evolution

Same from Self::with_aif_symmetric_as_aesccm256 apply, minus the considerations for secure key storage.

pub fn with_known_edhoc_credential( self, credential: Credential, scope: UnionScope, ) -> Self

Allow use of the server within the limits of the given scope by EDHOC clients provided they present the given credential.

Caveats and evolution

Currently, this type just supports a single credential; it should therefore only be called once, and the latest value overwrites any earlier. (See Self::with_aif_symmetric_as_aesccm256 for plans).

pub fn with_own_edhoc_credential( self, credential: Credential, key: BytesP256ElemLen, ) -> Self

Configures an EDHOC credential and private key to be presented by this server.

Panics

When debug assertions are enabled, this panics if an own credential has already been configured.

pub fn allow_unauthenticated(self, scope: UnionScope) -> Self

Allow use of the server by unauthenticated clients using the given scope.

Panics

When debug assertions are enabled, this panics if an unauthenticated scope has already been configured.

pub fn with_request_creation_hints( self, request_creation_hints: &'static [u8], ) -> Self

Sets the payload of the “Unauthorized” response.

Panics

When debug assertions are enabled, this panics if an unauthenticated scope has already been configured.

Trait Implementations

impl Default for ConfigBuilder

fn default() -> Self

Returns the “default value” for a type.

impl ServerSecurityConfig for ConfigBuilder

const PARSES_TOKENS: bool = true

True if the type will at any time need to process tokens at /authz-info

type Scope = UnionScope

The way scopes issued with this system as audience by this AS are expressed here.

fn decrypt_symmetric_token<'buf>( &self, headers: &HeaderMap<'_>, aad: &[u8], ciphertext_buffer: &'buf mut [u8], _: PrivateMethod, ) -> Result<(Self::Scope, CwtClaimsSet<'buf>), CredentialError>

Unprotects a symmetriclly encrypted token and processes the contained [CWT Claims Set][crate::ace::CwtClaimsSet] into a Self::Scope and returns the claims.

fn verify_asymmetric_token<'b>( &self, headers: &HeaderMap<'_>, signed_data: &[u8], signature: &[u8], signed_payload: &'b [u8], _: PrivateMethod, ) -> Result<(Self::Scope, CwtClaimsSet<'b>), CredentialError>

Verify the signature on a symmetrically encrypted token

fn nosec_authorization(&self) -> Option<Self::Scope>

Generates the scope representing unauthenticated access.

fn own_edhoc_credential(&self) -> Option<(Credential, BytesP256ElemLen)>

fn expand_id_cred_x( &self, id_cred_x: IdCred, ) -> Option<(Credential, Self::Scope)>

Expands an EDHOC ID_CRED_x into a parsed CRED_x along with the associated authorizations.

fn render_not_allowed<M: MutableWritableMessage>( &self, message: &mut M, ) -> Result<(), NotAllowedRenderingFailed>

Render the “not allowed” message in this scenario.