lockchain - [Experimental] A modern, cross-platform and extendable secrets manager

//! A secrets type module that wraps around some user content with metadata

use crate::traits::AutoEncoder;
use serde::{Deserialize, Serialize};

/// Specifies the type of secret that's used to derive a vault user secret
#[derive(Serialize, Deserialize)]
pub enum SecretType {
    /// A simple password
    Plain,
    /// A keyfile that allows asymetric trust operations
    Keyfile,
    /// Signing a user password with the id of a yubikey
    Combine,
}

impl AutoEncoder for SecretType {}

/// The backing secret for user authentication
///
/// This is _always_ in a non-recoverable form, i.e. a hash
/// and salted password. **However** it does reveal something
/// about the user setup, i.e. the type of secret used.
///
/// Depending on what secret is used, there are other operations that
/// might be supported to verify operations. For example, a `Keyfile`
/// secret can deposit the entire public key in the `content` field,
/// then use asymmetric operations to verify operations more thoroughly.
#[derive(Serialize, Deserialize)]
pub struct UserSecret {
    tt: SecretType,
    content: String,
}

impl AutoEncoder for UserSecret {}