tor_keymgr/
lib.rs

1#![cfg_attr(docsrs, feature(doc_auto_cfg, doc_cfg))]
2#![doc = include_str!("../README.md")]
3// @@ begin lint list maintained by maint/add_warning @@
4#![allow(renamed_and_removed_lints)] // @@REMOVE_WHEN(ci_arti_stable)
5#![allow(unknown_lints)] // @@REMOVE_WHEN(ci_arti_nightly)
6#![warn(missing_docs)]
7#![warn(noop_method_call)]
8#![warn(unreachable_pub)]
9#![warn(clippy::all)]
10#![deny(clippy::await_holding_lock)]
11#![deny(clippy::cargo_common_metadata)]
12#![deny(clippy::cast_lossless)]
13#![deny(clippy::checked_conversions)]
14#![warn(clippy::cognitive_complexity)]
15#![deny(clippy::debug_assert_with_mut_call)]
16#![deny(clippy::exhaustive_enums)]
17#![deny(clippy::exhaustive_structs)]
18#![deny(clippy::expl_impl_clone_on_copy)]
19#![deny(clippy::fallible_impl_from)]
20#![deny(clippy::implicit_clone)]
21#![deny(clippy::large_stack_arrays)]
22#![warn(clippy::manual_ok_or)]
23#![deny(clippy::missing_docs_in_private_items)]
24#![warn(clippy::needless_borrow)]
25#![warn(clippy::needless_pass_by_value)]
26#![warn(clippy::option_option)]
27#![deny(clippy::print_stderr)]
28#![deny(clippy::print_stdout)]
29#![warn(clippy::rc_buffer)]
30#![deny(clippy::ref_option_ref)]
31#![warn(clippy::semicolon_if_nothing_returned)]
32#![warn(clippy::trait_duplication_in_bounds)]
33#![deny(clippy::unchecked_duration_subtraction)]
34#![deny(clippy::unnecessary_wraps)]
35#![warn(clippy::unseparated_literal_suffix)]
36#![deny(clippy::unwrap_used)]
37#![deny(clippy::mod_module_files)]
38#![allow(clippy::let_unit_value)] // This can reasonably be done for explicitness
39#![allow(clippy::uninlined_format_args)]
40#![allow(clippy::significant_drop_in_scrutinee)] // arti/-/merge_requests/588/#note_2812945
41#![allow(clippy::result_large_err)] // temporary workaround for arti#587
42#![allow(clippy::needless_raw_string_hashes)] // complained-about code is fine, often best
43#![allow(clippy::needless_lifetimes)] // See arti#1765
44#![allow(mismatched_lifetime_syntaxes)] // temporary workaround for arti#2060
45//! <!-- @@ end lint list maintained by maint/add_warning @@ -->
46
47// TODO #1645 (either remove this, or decide to have it everywhere)
48#![cfg_attr(not(all(feature = "full", feature = "experimental")), allow(unused))]
49
50// TODO: write more comprehensive documentation when the API is a bit more
51// stable
52
53mod arti_path;
54pub mod config;
55mod err;
56mod key_specifier;
57#[cfg(any(test, feature = "testing"))]
58pub mod test_utils;
59
60#[cfg(feature = "keymgr")]
61mod keystore;
62#[cfg(feature = "keymgr")]
63mod mgr;
64
65#[cfg(not(feature = "keymgr"))]
66mod dummy;
67
68pub use arti_path::{ArtiPath, DENOTATOR_SEP};
69pub use err::{
70    ArtiPathSyntaxError, Error, KeystoreCorruptionError, KeystoreError, UnknownKeyTypeError,
71    UnrecognizedEntryError, UnrecognizedEntryId,
72};
73pub use key_specifier::{
74    ArtiPathRange, ArtiPathUnavailableError, CTorPath, CTorServicePath,
75    InvalidKeyPathComponentValue, KeyCertificateSpecifier, KeyPath, KeyPathError, KeyPathInfo,
76    KeyPathInfoBuilder, KeyPathInfoExtractor, KeyPathPattern, KeySpecifier, KeySpecifierComponent,
77    KeySpecifierComponentViaDisplayFromStr, KeySpecifierPattern,
78};
79
80#[cfg(feature = "keymgr")]
81#[cfg_attr(docsrs, doc(cfg(feature = "keymgr")))]
82pub use {
83    keystore::arti::ArtiNativeKeystore,
84    keystore::{Keystore, KeystoreEntryResult},
85    mgr::{KeyMgr, KeyMgrBuilder, KeyMgrBuilderError, KeystoreEntry},
86    ssh_key,
87};
88
89#[cfg(all(feature = "keymgr", feature = "ephemeral-keystore"))]
90#[cfg_attr(
91    docsrs,
92    doc(cfg(all(feature = "keymgr", feature = "ephemeral-keystore")))
93)]
94pub use keystore::ephemeral::ArtiEphemeralKeystore;
95
96#[cfg(all(feature = "keymgr", feature = "ctor-keystore"))]
97#[cfg_attr(docsrs, doc(cfg(all(feature = "keymgr", feature = "ctor-keystore"))))]
98pub use keystore::ctor::{CTorClientKeystore, CTorServiceKeystore};
99
100#[doc(hidden)]
101pub use key_specifier::derive as key_specifier_derive;
102
103pub use tor_key_forge::{
104    EncodableItem, ErasedKey, KeyType, Keygen, KeygenRng, SshKeyAlgorithm, SshKeyData,
105    ToEncodableKey,
106};
107
108derive_deftly::template_export_semver_check! { "0.12.1" }
109
110#[cfg(not(feature = "keymgr"))]
111#[cfg_attr(docsrs, doc(cfg(not(feature = "keymgr"))))]
112pub use dummy::*;
113
114/// A boxed [`Keystore`].
115pub(crate) type BoxedKeystore = Box<dyn Keystore>;
116
117#[doc(hidden)]
118pub use {derive_deftly, inventory};
119
120use derive_more::{AsRef, Display, From};
121use serde::{Deserialize, Serialize};
122use std::str::FromStr;
123
124/// A Result type for this crate.
125pub type Result<T> = std::result::Result<T, Error>;
126
127/// An identifier for a particular [`Keystore`] instance.
128//
129// TODO (#1193): restrict the charset of this ID
130#[derive(
131    Clone, Debug, Eq, PartialEq, Ord, PartialOrd, Hash, Serialize, Deserialize, Display, AsRef,
132)]
133#[serde(transparent)]
134#[non_exhaustive]
135pub struct KeystoreId(String);
136
137impl FromStr for KeystoreId {
138    type Err = Error;
139
140    fn from_str(s: &str) -> Result<Self> {
141        Ok(Self(s.into()))
142    }
143}
144
145/// Specifies which keystores a [`KeyMgr`] operation should apply to.
146#[derive(Copy, Clone, Default, Debug, PartialEq, Eq, Hash, From)]
147#[non_exhaustive]
148pub enum KeystoreSelector<'a> {
149    /// Try to use the keystore with the specified ID.
150    Id(&'a KeystoreId),
151    /// Use the primary key store.
152    #[default]
153    Primary,
154}