Friendly-name registry for security keys, plus device-identity resolution.
Lets a user attach a memorable label (e.g. signing-yubikey) to a physical
key, matched by its stable serial number, so commands can target a key
by --name instead of a /dev/hidrawN path that changes on every replug.
This crate is pure config + matching logic: it has no hardware or PC/SC
dependencies and never enumerates devices itself. The caller supplies the
list of connected devices (as [ConnectedKey]) — for the CLI that's the
HID enumeration plus, for keys without a USB serial, a CCID-read serial.
Front-end concerns (interactive pickers, TTY handling, confirmations) live
in the caller, so both the CLI and the GUI reuse this same core.
Privacy
Persisting a key's serial to disk is opt-in: nothing is written unless
the caller explicitly invokes [Keyring::save_to] / [Keyring::save_default]
(i.e. the user ran an "add a name" action). Loading and in-memory matching
record nothing.