Struct CodePolicy 

pub struct CodePolicy { /* private fields */ }

Validated policy governing code generation and validation.

Implementations

impl CodePolicy

pub fn default_human(ttl: Duration) -> Result<Self, PolicyError>

The recommended default for human-entered codes: the unambiguous alphabet, SECURE_MIN_HUMAN_LENGTH symbols, and the given TTL.

Errors

Returns PolicyError only if the TTL is zero. The built-in alphabet and length are always valid.

pub fn new( alphabet: Alphabet, length: usize, ttl: Duration, ) -> Result<Self, PolicyError>

Build a policy, enforcing the secure minimum length.

Errors

Returns PolicyError if the length is zero, below SECURE_MIN_HUMAN_LENGTH, or the TTL is zero. Use CodePolicy::short_compat to opt into a shorter length deliberately.

pub fn short_compat( alphabet: Alphabet, length: usize, ttl: Duration, ) -> Result<Self, PolicyError>

👎Deprecated:

codes shorter than SECURE_MIN_HUMAN_LENGTH have reduced entropy; ensure rate limiting is active and suppress with #[allow(deprecated)] at the call site to acknowledge the tradeoff

Explicitly opt into a short code length below the secure minimum.

This is a deliberately separate, named constructor (NFR-2): a short code is acceptable only with short expiry, single-use semantics, and rate limiting. Hosts choosing this take on that responsibility.

Security note: codes shorter than SECURE_MIN_HUMAN_LENGTH symbols have reduced entropy and require active rate limiting to be safe. An unprotected 6-symbol code over 31 symbols has only ~29.7 bits of entropy. Suppress this warning with #[allow(deprecated)] at the call site only after confirming that rate limiting is in place.

Errors

Returns PolicyError::ZeroLength if length is zero, or a TTL error if ttl is zero. Lengths at or above the minimum are also accepted.

pub fn six_symbol(ttl: Duration) -> Result<Self, PolicyError>

👎Deprecated:

6-symbol codes have only ~29.7 bits of entropy; use default_human() for new deployments or ensure rate limiting is active and suppress with #[allow(deprecated)]

Short-code compatibility policy: unambiguous alphabet, 6 symbols, caller-chosen TTL. Equivalent to short_compat(Alphabet::unambiguous(), 6, ttl).

Use this when migrating from an existing system that issued 6-symbol codes. Prefer CodePolicy::default_human (8 symbols, ~39.6 bits) for new deployments.

Errors

Returns a PolicyError if the TTL is zero.

pub fn alphabet(&self) -> &Alphabet

The alphabet used for generation and accepted in normalized input.

pub fn length(&self) -> usize

The exact normalized code length.

pub fn max_raw_len(&self) -> usize

The maximum accepted raw input length before normalization.

pub fn ttl(&self) -> Duration

The code time-to-live.

pub fn approx_entropy_bits(&self) -> f64

Approximate entropy in bits for this policy: length * log2(alphabet). Intended for docs/diagnostics, not a security decision input.

Trait Implementations

impl Clone for CodePolicy

fn clone(&self) -> CodePolicy

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for CodePolicy

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Eq for CodePolicy

impl PartialEq for CodePolicy

fn eq(&self, other: &CodePolicy) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl StructuralPartialEq for CodePolicy