use alloc::{string::String, vec::Vec};
use core::str::FromStr;
#[cfg(feature = "serde")]
use serde::{ser::SerializeSeq, Serialize, Serializer};
use crate::hidden::Hidden;
#[derive(Clone, Debug)]
#[cfg_attr(feature = "serde", derive(serde::Deserialize))]
#[cfg_attr(feature = "serde", serde(transparent))]
pub struct SafePassword {
passphrase: Hidden<Vec<u8>>,
}
impl SafePassword {
pub fn reveal(&self) -> &Vec<u8> {
self.passphrase.reveal()
}
pub fn reveal_mut(&mut self) -> &mut Vec<u8> {
self.passphrase.reveal_mut()
}
}
impl FromStr for SafePassword {
type Err = String;
fn from_str(s: &str) -> Result<Self, Self::Err> {
Ok(Self {
passphrase: Hidden::<Vec<u8>>::hide(String::from(s).into_bytes()),
})
}
}
impl<S: Into<String>> From<S> for SafePassword {
fn from(s: S) -> Self {
Self {
passphrase: Hidden::<Vec<u8>>::hide(s.into().into_bytes()),
}
}
}
#[cfg(feature = "serde")]
impl Serialize for SafePassword {
fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
where S: Serializer {
let mut seq = serializer.serialize_seq(Some(self.passphrase.reveal().len()))?;
for e in self.passphrase.reveal() {
seq.serialize_element(e)?;
}
seq.end()
}
}
#[cfg(test)]
mod tests {
use alloc::string::ToString;
use std::str::FromStr;
use super::SafePassword;
#[test]
fn from_strings() {
let password = "password";
let from_str = SafePassword::from_str(password).unwrap();
let from_string = SafePassword::from(password.to_string());
let from_string_ref = SafePassword::from(password);
assert_eq!(from_str.reveal(), from_string.reveal());
assert_eq!(from_string.reveal(), from_string_ref.reveal());
}
#[test]
fn serialization() {
let safe_password = SafePassword::from("password");
let ser = serde_json::to_string(&safe_password).unwrap();
let deser: SafePassword = serde_json::from_str(&ser).unwrap();
assert_eq!(safe_password.reveal(), deser.reveal());
}
#[test]
fn use_with_clap_and_serde() {
use alloc::string::String;
use clap::Parser;
use serde::{Deserialize, Serialize};
fn deserialize_safe_password_option<'de, D>(deserializer: D) -> Result<Option<SafePassword>, D::Error>
where D: serde::Deserializer<'de> {
let password: Option<String> = Deserialize::deserialize(deserializer)?;
println!("Password: {:?}", password);
Ok(password.map(SafePassword::from))
}
#[derive(Parser, Serialize, Deserialize, Debug)]
#[clap(author, version, about, long_about = None)]
#[clap(propagate_version = true)]
struct Cli {
#[serde(deserialize_with = "deserialize_safe_password_option")]
#[clap(long, env = "MY_PASSWORD", hide_env_values = true)]
pub password: Option<SafePassword>,
}
let hex_password = "48656c6c6f20576f726c64";
let input = serde_json::json!({
"password": hex_password,
});
let cli: Cli = serde_json::from_value(input).unwrap();
if let Some(password) = cli.password {
let password_reveal = String::from_utf8(password.reveal().clone()).unwrap();
assert_eq!(hex_password.to_string(), password_reveal);
}
}
}