libcoap_rs/crypto/pki_rpk/
rpk.rs1use std::{ffi::CString, fmt::Debug};
12
13use libcoap_sys::{
14 coap_const_char_ptr_t, coap_dtls_key_t, coap_dtls_key_t__bindgen_ty_1, coap_dtls_pki_t, coap_pki_define_t,
15 coap_pki_define_t_COAP_PKI_KEY_DEF_PEM, coap_pki_define_t_COAP_PKI_KEY_DEF_PKCS11_RPK,
16 coap_pki_define_t_COAP_PKI_KEY_DEF_RPK_BUF, coap_pki_key_define_t, coap_pki_key_t_COAP_PKI_KEY_DEFINE,
17};
18
19use crate::{
20 crypto::{
21 pki_rpk,
22 pki_rpk::{
23 key::{KeyComponentSealed, KeyTypeSealed},
24 Asn1PrivateKeyType, CnCallback, KeyComponent, KeyDef, KeyDefSealed, NonCertVerifying,
25 PemMemoryKeyComponent, Pkcs11KeyComponent, PkiRpkContext, PkiRpkContextBuilder, ServerPkiRpkCryptoContext,
26 },
27 ClientCryptoContext,
28 },
29 session::CoapSession,
30};
31
32#[derive(Debug, Clone, Copy)]
34pub struct Rpk {}
35
36impl KeyTypeSealed for Rpk {
37 fn set_key_type_defaults(ctx: &mut coap_dtls_pki_t) {
38 ctx.is_rpk_not_cert = 1;
39 }
40}
41
42impl<'a> From<PkiRpkContext<'a, Rpk>> for ClientCryptoContext<'a> {
46 fn from(value: PkiRpkContext<'a, Rpk>) -> Self {
47 ClientCryptoContext::Rpk(value)
48 }
49}
50
51impl<'a> From<PkiRpkContext<'a, Rpk>> for ServerPkiRpkCryptoContext<'a> {
52 fn from(value: PkiRpkContext<'a, Rpk>) -> Self {
53 ServerPkiRpkCryptoContext::Rpk(value)
54 }
55}
56
57impl<'a> PkiRpkContextBuilder<'a, Rpk, NonCertVerifying> {
58 pub fn rpk_validator(mut self, validator: impl RpkValidator + 'a) -> Self {
69 self.ctx.cn_callback = Some(CnCallback::Rpk(Box::new(validator)));
70 self.ctx.raw_cfg.validate_cn_call_back = Some(pki_rpk::dtls_pki_cn_callback::<Rpk>);
71 self
72 }
73}
74
75pub trait RpkValidator {
77 fn validate_rpk(&self, asn1_public_key: &[u8], session: &CoapSession, validated: bool) -> bool;
93}
94
95impl<T: Fn(&[u8], &CoapSession, bool) -> bool> RpkValidator for T {
96 fn validate_rpk(&self, asn1_public_key: &[u8], session: &CoapSession, validated: bool) -> bool {
97 self(asn1_public_key, session, validated)
98 }
99}
100
101#[derive(Clone, Debug)]
111pub struct RpkKeyDef<PK: KeyComponent<Rpk>, SK: KeyComponent<Rpk>> {
112 public_key: PK,
113 private_key: SK,
114 user_pin: Option<CString>,
115 asn1_private_key_type: Asn1PrivateKeyType,
116}
117
118impl<PK: KeyComponent<Rpk>, SK: KeyComponent<Rpk>> RpkKeyDef<PK, SK> {
119 pub fn new(
130 public_key: PK,
131 private_key: SK,
132 user_pin: Option<CString>,
133 asn1_private_key_type: Asn1PrivateKeyType,
134 ) -> Self {
135 Self {
136 public_key,
137 private_key,
138 user_pin,
139 asn1_private_key_type,
140 }
141 }
142}
143
144impl RpkKeyDef<PemMemoryKeyComponent, PemMemoryKeyComponent> {
145 pub fn with_pem_memory(
149 public_key: impl Into<PemMemoryKeyComponent>,
150 private_key: impl Into<PemMemoryKeyComponent>,
151 ) -> Self {
152 Self::new(public_key.into(), private_key.into(), None, Asn1PrivateKeyType::None)
153 }
154}
155
156impl RpkKeyDef<Pkcs11KeyComponent, Pkcs11KeyComponent> {
157 pub fn with_pkcs11(
161 public_key: impl Into<Pkcs11KeyComponent>,
162 private_key: impl Into<Pkcs11KeyComponent>,
163 user_pin: Option<CString>,
164 ) -> Self {
165 Self::new(
166 public_key.into(),
167 private_key.into(),
168 user_pin,
169 Asn1PrivateKeyType::None,
170 )
171 }
172}
173
174impl<PK: KeyComponent<Rpk>, SK: KeyComponent<Rpk>> KeyDefSealed for RpkKeyDef<PK, SK> {
175 fn as_raw_dtls_key(&self) -> coap_dtls_key_t {
176 let (public_cert, public_cert_len) = self.public_key.as_raw_key_component();
177 let (private_key, private_key_len) = self.private_key.as_raw_key_component();
178
179 coap_dtls_key_t {
180 key_type: coap_pki_key_t_COAP_PKI_KEY_DEFINE,
181 key: coap_dtls_key_t__bindgen_ty_1 {
182 define: coap_pki_key_define_t {
183 ca: coap_const_char_ptr_t {
184 u_byte: std::ptr::null(),
185 },
186 public_cert,
187 private_key,
188 ca_len: 0,
189 public_cert_len,
190 private_key_len,
191 ca_def: coap_pki_define_t_COAP_PKI_KEY_DEF_PEM,
192 public_cert_def: <PK as KeyComponentSealed<Rpk>>::DEFINE_TYPE,
193 private_key_def: <SK as KeyComponentSealed<Rpk>>::DEFINE_TYPE,
194 private_key_type: self.asn1_private_key_type.into(),
195 user_pin: self.user_pin.as_ref().map(|v| v.as_ptr()).unwrap_or(std::ptr::null()),
196 },
197 },
198 }
199 }
200}
201
202impl<PK: KeyComponent<Rpk>, SK: KeyComponent<Rpk>> KeyDef for RpkKeyDef<PK, SK> {
203 type KeyType = Rpk;
204}
205
206impl KeyComponentSealed<Rpk> for PemMemoryKeyComponent {
207 const DEFINE_TYPE: coap_pki_define_t = coap_pki_define_t_COAP_PKI_KEY_DEF_RPK_BUF;
208}
209
210impl KeyComponentSealed<Rpk> for Pkcs11KeyComponent {
211 const DEFINE_TYPE: coap_pki_define_t = coap_pki_define_t_COAP_PKI_KEY_DEF_PKCS11_RPK;
212}