NetHSM-config

A library for working with application configuration files for Nitrokey NetHSM devices.

The Nitrokey NetHSM is a hardware appliance, that serves as secure store for cryptographic keys. With the help of a REST API it is possible to communicate with the device (as well as the official nethsm container) for setup and various cryptographic actions.

This library is meant to be used by end-user applications written against the nethsm crate.

License

This project is licensed under the terms of the Apache-2.0 and MIT.

lib.rs:

A library for working with application configuration files for Nitrokey NetHSM devices

Provides configuration file management for custom applications designed around working with Nitrokey NetHSM devices or containers. Configuration settings allow for individualizing the configuration use and its use-cases (interactive or non-interactive).

A module for interactive prompts provides extra convenience around creating applications that may request further data from their users interactively.

Examples

use nethsm::{ConnectionSecurity, UserRole};
use nethsm_config::{Config, ConfigCredentials, ConfigInteractivity, ConfigSettings};

// a configuration for a non-interactive application called "my_app"
let config_settings = ConfigSettings::new(
    "my_app".to_string(),
    ConfigInteractivity::NonInteractive,
    None,
);

// let's assume a custom configuration file path
let tmpfile = testdir::testdir!().join("my_app.conf");
let config = Config::new(config_settings, Some(&tmpfile))?;

// add a first device to commnicate with
config.add_device(
    "nethsm1".to_string(),
    "https://example.org/api/v1".parse()?,
    ConnectionSecurity::Unsafe,
)?;

// add credentials to communicate with the the device
config.add_credentials(
    "nethsm1".to_string(),
    ConfigCredentials::new(
        UserRole::Administrator,
        "admin1".parse()?,
        Some("my-passphrase".to_string()),
    ),
)?;

// write configuration to file
config.store(Some(&tmpfile))?;