pub trait MappingBackendKeyId<T>where
T: BackendKeyIdFilter,{
// Required method
fn backend_key_id(&self, filter: &T) -> Option<String>;
}Expand description
An interface for returning a list of key IDs based on a filter.
The associated filter is an implementation of BackendKeyIdFilter and should target the
inherent details of a cryptographic key in the backend.
A key ID must only be returned, if the filter fully matches.
§Example
use signstar_config::{
SystemUserId,
config::{BackendKeyIdFilter, MappingBackendKeyId},
};
use signstar_crypto::{passphrase::Passphrase, traits::UserWithPassphrase};
#[derive(Clone, Debug, PartialEq)]
enum KeyFeature {
V1,
V2,
}
#[derive(Debug)]
struct KeySetup {
pub feature: KeyFeature,
pub id: u8,
}
#[derive(Debug)]
enum ExampleUserMapping {
Admin {
backend_id: u8,
},
Backup {
backend_id: u8,
system_user: SystemUserId,
},
Metrics {
backend_id: u8,
system_user: SystemUserId,
},
Signer {
backend_id: u8,
key_setup: KeySetup,
system_user: SystemUserId,
},
}
#[derive(Clone, Debug)]
struct KeyFilter {
pub feature: KeyFeature,
}
impl BackendKeyIdFilter for KeyFilter {}
impl MappingBackendKeyId<KeyFilter> for ExampleUserMapping {
fn backend_key_id(&self, filter: &KeyFilter) -> Option<String> {
match self {
Self::Admin { .. } | Self::Backup { .. } | Self::Metrics { .. } => None,
Self::Signer { key_setup, .. } => {
if key_setup.feature == filter.feature {
Some(key_setup.id.to_string())
} else {
None
}
}
}
}
}
let key_id = 1;
let mapping = ExampleUserMapping::Signer {
backend_id: 1,
key_setup: KeySetup {
feature: KeyFeature::V1,
id: key_id,
},
system_user: "backup".parse()?,
};
// A key ID is only returned, if the custom filter matches.
assert!(
mapping
.backend_key_id(&KeyFilter {
feature: KeyFeature::V1
})
.is_some_and(|id| id == key_id.to_string())
);
assert!(
mapping
.backend_key_id(&KeyFilter {
feature: KeyFeature::V2
})
.is_none()
);