pbs-api-types/src/crypto.rs

   1 use std::fmt::{self, Display};
   2
   3 use anyhow::Error;
   4 use serde::{Deserialize, Serialize};
   5
   6 use proxmox::api::api;
   7
   8 use pbs_tools::format::{as_fingerprint, bytes_as_fingerprint};
   9
  10 #[api(default: "encrypt")]
  11 #[derive(Copy, Clone, Debug, Eq, PartialEq, Deserialize, Serialize)]
  12 #[serde(rename_all = "kebab-case")]
  13 /// Defines whether data is encrypted (using an AEAD cipher), only signed, or neither.
  14 pub enum CryptMode {
  15     /// Don't encrypt.
  16     None,
  17     /// Encrypt.
  18     Encrypt,
  19     /// Only sign.
  20     SignOnly,
  21 }
  22
  23 #[derive(Debug, Eq, PartialEq, Hash, Clone, Deserialize, Serialize)]
  24 #[serde(transparent)]
  25 /// 32-byte fingerprint, usually calculated with SHA256.
  26 pub struct Fingerprint {
  27     #[serde(with = "bytes_as_fingerprint")]
  28     bytes: [u8; 32],
  29 }
  30
  31 impl Fingerprint {
  32     pub fn new(bytes: [u8; 32]) -> Self {
  33         Self { bytes }
  34     }
  35     pub fn bytes(&self) -> &[u8; 32] {
  36         &self.bytes
  37     }
  38 }
  39
  40 /// Display as short key ID
  41 impl Display for Fingerprint {
  42     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
  43         write!(f, "{}", as_fingerprint(&self.bytes[0..8]))
  44     }
  45 }
  46
  47 impl std::str::FromStr for Fingerprint {
  48     type Err = Error;
  49
  50     fn from_str(s: &str) -> Result<Self, Error> {
  51         let mut tmp = s.to_string();
  52         tmp.retain(|c| c != ':');
  53         let bytes = proxmox::tools::hex_to_digest(&tmp)?;
  54         Ok(Fingerprint::new(bytes))
  55     }
  56 }
  57