signstar_yubihsm2/user/
mod.rs

1//! User handling for YubiHSM2 devices.
2
3use signstar_crypto::{passphrase::Passphrase, traits::UserWithPassphrase};
4
5/// Credentials for a YubiHSM2 device.
6///
7/// Credentials are mapped to the authentication key ID and the passphrase used as key derivation
8/// function (KDF) for an authentication key.
9#[derive(Clone, Debug)]
10pub struct Credentials {
11    id: u16,
12    passphrase: Passphrase,
13}
14
15impl Credentials {
16    /// Creates a new [`Credentials`].
17    ///
18    /// # Examples
19    ///
20    /// ```
21    /// use signstar_crypto::passphrase::Passphrase;
22    /// use signstar_yubihsm2::Credentials;
23    ///
24    /// # fn main() -> testresult::TestResult {
25    /// let creds = Credentials::new(1, "this-is-a-passphrase".parse()?);
26    /// # Ok(())
27    /// # }
28    /// ```
29    pub fn new(id: u16, passphrase: Passphrase) -> Self {
30        Self { id, passphrase }
31    }
32}
33
34impl UserWithPassphrase for Credentials {
35    fn user(&self) -> String {
36        self.id.to_string()
37    }
38
39    fn passphrase(&self) -> &Passphrase {
40        &self.passphrase
41    }
42}
43
44#[cfg(test)]
45mod tests {
46    use super::*;
47
48    #[test]
49    fn credentials_user_with_passphrase() {
50        let credentials = Credentials::new(1, Passphrase::generate(None));
51        assert_eq!(credentials.user(), "1");
52        assert_eq!(
53            credentials.passphrase().expose_borrowed().len(),
54            Passphrase::DEFAULT_LENGTH
55        );
56    }
57}