WIP 0.4.0 #2
17 changed files with 281 additions and 226 deletions
49
Cargo.lock
generated
49
Cargo.lock
generated
|
@ -36,13 +36,13 @@ dependencies = [
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "bitflags"
|
name = "base64"
|
||||||
version = "1.2.1"
|
version = "0.11.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "bumpalo"
|
name = "bitflags"
|
||||||
version = "3.1.1"
|
version = "1.2.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
|
@ -81,7 +81,7 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "coffer-client"
|
name = "coffer-client"
|
||||||
version = "0.2.0"
|
version = "0.4.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"exec 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"exec 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
@ -94,26 +94,26 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "coffer-common"
|
name = "coffer-common"
|
||||||
version = "0.1.0"
|
version = "0.4.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"bumpalo 3.1.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"base64 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
"log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
"quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"seckey 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"seckey 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
|
"serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
"serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"serde_json 1.0.44 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
"sodiumoxide 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
|
"sodiumoxide 0.2.5 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"toml 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)",
|
"toml 0.5.5 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "coffer-companion"
|
name = "coffer-companion"
|
||||||
version = "0.2.0"
|
version = "0.4.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"coffer-common 0.1.0",
|
"coffer-common 0.4.0",
|
||||||
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
"hex 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
"log 0.4.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
"quick-error 1.2.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
|
"serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
@ -125,10 +125,10 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "coffer-server"
|
name = "coffer-server"
|
||||||
version = "0.2.0"
|
version = "0.4.0"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"bytes 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)",
|
"bytes 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"coffer-common 0.1.0",
|
"coffer-common 0.4.0",
|
||||||
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"env_logger 0.7.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"futures 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
"futures 0.3.1 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
"hex 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
"hex 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
|
@ -365,11 +365,6 @@ dependencies = [
|
||||||
"libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
|
"libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "itoa"
|
|
||||||
version = "0.4.4"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "kernel32-sys"
|
name = "kernel32-sys"
|
||||||
version = "0.2.2"
|
version = "0.2.2"
|
||||||
|
@ -612,11 +607,6 @@ name = "rle-decode-fast"
|
||||||
version = "1.0.1"
|
version = "1.0.1"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "ryu"
|
|
||||||
version = "1.0.2"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "seckey"
|
name = "seckey"
|
||||||
version = "0.9.1"
|
version = "0.9.1"
|
||||||
|
@ -653,16 +643,6 @@ dependencies = [
|
||||||
"syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
"syn 1.0.8 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "serde_json"
|
|
||||||
version = "1.0.44"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
dependencies = [
|
|
||||||
"itoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
"ryu 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
"serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "serde_yaml"
|
name = "serde_yaml"
|
||||||
version = "0.8.11"
|
version = "0.8.11"
|
||||||
|
@ -932,8 +912,8 @@ dependencies = [
|
||||||
"checksum ansi_term 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
|
"checksum ansi_term 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "ee49baf6cb617b853aa8d93bf420db2383fab46d314482ca2803b40d5fde979b"
|
||||||
"checksum arc-swap 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "d7b8a9123b8027467bce0099fe556c628a53c8d83df0507084c31e9ba2e39aff"
|
"checksum arc-swap 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "d7b8a9123b8027467bce0099fe556c628a53c8d83df0507084c31e9ba2e39aff"
|
||||||
"checksum atty 0.2.13 (registry+https://github.com/rust-lang/crates.io-index)" = "1803c647a3ec87095e7ae7acfca019e98de5ec9a7d01343f611cf3152ed71a90"
|
"checksum atty 0.2.13 (registry+https://github.com/rust-lang/crates.io-index)" = "1803c647a3ec87095e7ae7acfca019e98de5ec9a7d01343f611cf3152ed71a90"
|
||||||
|
"checksum base64 0.11.0 (registry+https://github.com/rust-lang/crates.io-index)" = "b41b7ea54a0c9d92199de89e20e58d49f02f8e699814ef3fdf266f6f748d15c7"
|
||||||
"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
|
"checksum bitflags 1.2.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693"
|
||||||
"checksum bumpalo 3.1.1 (registry+https://github.com/rust-lang/crates.io-index)" = "8fe2567a8d8a3aedb4e39aa39e186d5673acfd56393c6ac83b2bc5bd82f4369c"
|
|
||||||
"checksum byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c3dd8985a7111efc5c80b44e23ecdd8c007de8ade3b96595387e812b957cf5"
|
"checksum byteorder 1.3.2 (registry+https://github.com/rust-lang/crates.io-index)" = "a7c3dd8985a7111efc5c80b44e23ecdd8c007de8ade3b96595387e812b957cf5"
|
||||||
"checksum bytes 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "10004c15deb332055f7a4a208190aed362cf9a7c2f6ab70a305fba50e1105f38"
|
"checksum bytes 0.5.3 (registry+https://github.com/rust-lang/crates.io-index)" = "10004c15deb332055f7a4a208190aed362cf9a7c2f6ab70a305fba50e1105f38"
|
||||||
"checksum cc 1.0.47 (registry+https://github.com/rust-lang/crates.io-index)" = "aa87058dce70a3ff5621797f1506cb837edd02ac4c0ae642b4542dce802908b8"
|
"checksum cc 1.0.47 (registry+https://github.com/rust-lang/crates.io-index)" = "aa87058dce70a3ff5621797f1506cb837edd02ac4c0ae642b4542dce802908b8"
|
||||||
|
@ -966,7 +946,6 @@ dependencies = [
|
||||||
"checksum hex 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "023b39be39e3a2da62a94feb433e91e8bcd37676fbc8bea371daf52b7a769a3e"
|
"checksum hex 0.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "023b39be39e3a2da62a94feb433e91e8bcd37676fbc8bea371daf52b7a769a3e"
|
||||||
"checksum humantime 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f"
|
"checksum humantime 1.3.0 (registry+https://github.com/rust-lang/crates.io-index)" = "df004cfca50ef23c36850aaaa59ad52cc70d0e90243c3c7737a4dd32dc7a3c4f"
|
||||||
"checksum iovec 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "b2b3ea6ff95e175473f8ffe6a7eb7c00d054240321b84c57051175fe3c1e075e"
|
"checksum iovec 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)" = "b2b3ea6ff95e175473f8ffe6a7eb7c00d054240321b84c57051175fe3c1e075e"
|
||||||
"checksum itoa 0.4.4 (registry+https://github.com/rust-lang/crates.io-index)" = "501266b7edd0174f8530248f87f99c88fbe60ca4ef3dd486835b8d8d53136f7f"
|
|
||||||
"checksum kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7507624b29483431c0ba2d82aece8ca6cdba9382bff4ddd0f7490560c056098d"
|
"checksum kernel32-sys 0.2.2 (registry+https://github.com/rust-lang/crates.io-index)" = "7507624b29483431c0ba2d82aece8ca6cdba9382bff4ddd0f7490560c056098d"
|
||||||
"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
|
"checksum lazy_static 1.4.0 (registry+https://github.com/rust-lang/crates.io-index)" = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
|
||||||
"checksum libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)" = "1a31a0627fdf1f6a39ec0dd577e101440b7db22672c0901fe00a9a6fbb5c24e8"
|
"checksum libc 0.2.65 (registry+https://github.com/rust-lang/crates.io-index)" = "1a31a0627fdf1f6a39ec0dd577e101440b7db22672c0901fe00a9a6fbb5c24e8"
|
||||||
|
@ -997,12 +976,10 @@ dependencies = [
|
||||||
"checksum regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "dc220bd33bdce8f093101afe22a037b8eb0e5af33592e6a9caafff0d4cb81cbd"
|
"checksum regex 1.3.1 (registry+https://github.com/rust-lang/crates.io-index)" = "dc220bd33bdce8f093101afe22a037b8eb0e5af33592e6a9caafff0d4cb81cbd"
|
||||||
"checksum regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)" = "11a7e20d1cce64ef2fed88b66d347f88bd9babb82845b2b858f3edbf59a4f716"
|
"checksum regex-syntax 0.6.12 (registry+https://github.com/rust-lang/crates.io-index)" = "11a7e20d1cce64ef2fed88b66d347f88bd9babb82845b2b858f3edbf59a4f716"
|
||||||
"checksum rle-decode-fast 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cabe4fa914dec5870285fa7f71f602645da47c486e68486d2b4ceb4a343e90ac"
|
"checksum rle-decode-fast 1.0.1 (registry+https://github.com/rust-lang/crates.io-index)" = "cabe4fa914dec5870285fa7f71f602645da47c486e68486d2b4ceb4a343e90ac"
|
||||||
"checksum ryu 1.0.2 (registry+https://github.com/rust-lang/crates.io-index)" = "bfa8506c1de11c9c4e4c38863ccbe02a305c8188e85a05a784c9e11e1c3910c8"
|
|
||||||
"checksum seckey 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c819d0a699db7622e4ee55a651f992242f754481f97de3024dc548adcce13237"
|
"checksum seckey 0.9.1 (registry+https://github.com/rust-lang/crates.io-index)" = "c819d0a699db7622e4ee55a651f992242f754481f97de3024dc548adcce13237"
|
||||||
"checksum serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)" = "0c4b39bd9b0b087684013a792c59e3e07a46a01d2322518d8a1104641a0b1be0"
|
"checksum serde 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)" = "0c4b39bd9b0b087684013a792c59e3e07a46a01d2322518d8a1104641a0b1be0"
|
||||||
"checksum serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f7081ed758ec726a6ed8ee7e92f5d3f6e6f8c3901b1f972e3a4a2f2599fad14f"
|
"checksum serde_cbor 0.10.2 (registry+https://github.com/rust-lang/crates.io-index)" = "f7081ed758ec726a6ed8ee7e92f5d3f6e6f8c3901b1f972e3a4a2f2599fad14f"
|
||||||
"checksum serde_derive 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)" = "ca13fc1a832f793322228923fbb3aba9f3f44444898f835d31ad1b74fa0a2bf8"
|
"checksum serde_derive 1.0.102 (registry+https://github.com/rust-lang/crates.io-index)" = "ca13fc1a832f793322228923fbb3aba9f3f44444898f835d31ad1b74fa0a2bf8"
|
||||||
"checksum serde_json 1.0.44 (registry+https://github.com/rust-lang/crates.io-index)" = "48c575e0cc52bdd09b47f330f646cf59afc586e9c4e3ccd6fc1f625b8ea1dad7"
|
|
||||||
"checksum serde_yaml 0.8.11 (registry+https://github.com/rust-lang/crates.io-index)" = "691b17f19fc1ec9d94ec0b5864859290dff279dbd7b03f017afda54eb36c3c35"
|
"checksum serde_yaml 0.8.11 (registry+https://github.com/rust-lang/crates.io-index)" = "691b17f19fc1ec9d94ec0b5864859290dff279dbd7b03f017afda54eb36c3c35"
|
||||||
"checksum signal-hook-registry 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "94f478ede9f64724c5d173d7bb56099ec3e2d9fc2774aac65d34b8b890405f41"
|
"checksum signal-hook-registry 1.2.0 (registry+https://github.com/rust-lang/crates.io-index)" = "94f478ede9f64724c5d173d7bb56099ec3e2d9fc2774aac65d34b8b890405f41"
|
||||||
"checksum slab 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8"
|
"checksum slab 0.4.2 (registry+https://github.com/rust-lang/crates.io-index)" = "c111b5bd5695e56cffe5129854aa230b39c93a305372fdbb2668ca2394eea9f8"
|
||||||
|
|
12
Design.org
12
Design.org
|
@ -25,7 +25,10 @@
|
||||||
* Coffer
|
* Coffer
|
||||||
- Sharded KV-Store
|
- Sharded KV-Store
|
||||||
- Keys are UTF-8 Strings
|
- Keys are UTF-8 Strings
|
||||||
- Typed values as defined by TOML: String, Integer, Float, Boolean, Date
|
- Typed values as defined by TOML: String, Integer, Float, Boolean
|
||||||
|
- No Dates support
|
||||||
|
- No binary data support
|
||||||
|
- Floats and Integers are 32 bit
|
||||||
|
|
||||||
* Coffer Server
|
* Coffer Server
|
||||||
A ~coffer-server~ can support multiple clients by means of /sharding/ the
|
A ~coffer-server~ can support multiple clients by means of /sharding/ the
|
||||||
|
@ -43,10 +46,9 @@
|
||||||
Encrypted Authentication: SK of coffer-companion, PK of coffer-server
|
Encrypted Authentication: SK of coffer-companion, PK of coffer-server
|
||||||
|
|
||||||
#+BEGIN_SRC yaml
|
#+BEGIN_SRC yaml
|
||||||
# Names for ids (public keys) of clients
|
# IDs (public keys) of clients
|
||||||
[clients]
|
file.id = "AAAA-AAAA-AAAA-AAAA"
|
||||||
file = "AAAA-AAAA-AAAA-AAAA"
|
bin.id = "FFFF-FFFF-FFFF-FFFF"
|
||||||
bin = "FFFF-FFFF-FFFF-FFFF"
|
|
||||||
|
|
||||||
# Secrets for a named client (defined in clients)
|
# Secrets for a named client (defined in clients)
|
||||||
[file]
|
[file]
|
||||||
|
|
4
Makefile
4
Makefile
|
@ -7,7 +7,7 @@ release:
|
||||||
cargo build --release
|
cargo build --release
|
||||||
|
|
||||||
publish:
|
publish:
|
||||||
docker pull clux/muslrust
|
podman pull clux/muslrust
|
||||||
docker run -v $(CURDIR):/volume --rm -t clux/muslrust cargo build --release
|
podman run -v .:/volume --rm -t clux/muslrust cargo build --release
|
||||||
|
|
||||||
.PHONY: default release publish
|
.PHONY: default release publish
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "coffer-client"
|
name = "coffer-client"
|
||||||
version = "0.2.0"
|
version = "0.4.0"
|
||||||
authors = ["Armin Friedl <dev@friedl.net>"]
|
authors = ["Armin Friedl <dev@friedl.net>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "coffer-common"
|
name = "coffer-common"
|
||||||
version = "0.1.0"
|
version = "0.4.0"
|
||||||
authors = ["armin"]
|
authors = ["armin"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
|
||||||
|
@ -15,13 +15,12 @@ export = []
|
||||||
# Base tools
|
# Base tools
|
||||||
log = "^0.4"
|
log = "^0.4"
|
||||||
env_logger = "^0.7"
|
env_logger = "^0.7"
|
||||||
|
quick-error = "^1.2"
|
||||||
|
# Serialization
|
||||||
serde = { version = "^1.0", features = ["derive"]}
|
serde = { version = "^1.0", features = ["derive"]}
|
||||||
serde_cbor = "^0.10"
|
serde_cbor = "^0.10"
|
||||||
serde_json = "^1.0"
|
|
||||||
toml = "^0.5"
|
toml = "^0.5"
|
||||||
quick-error = "^1.2"
|
base64 = "^0.11"
|
||||||
# Key management/Cryptography
|
# Key management/Cryptography
|
||||||
sodiumoxide = "^0.2"
|
sodiumoxide = "^0.2"
|
||||||
seckey = "^0.9"
|
seckey = "^0.9"
|
||||||
# Memory management
|
|
||||||
bumpalo = { version = "^3.1", features = ["collections"]}
|
|
|
@ -83,6 +83,15 @@ impl Certificate {
|
||||||
Ok(cbor)
|
Ok(cbor)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn public_key(&self) -> Vec<u8> {
|
||||||
|
self.inner.read().public_key.as_ref().to_owned()
|
||||||
|
}
|
||||||
|
|
||||||
|
#[cfg(feature = "export")]
|
||||||
|
pub fn secret_key(&self) -> Vec<u8> {
|
||||||
|
self.inner.read().private_key.as_ref().to_owned()
|
||||||
|
}
|
||||||
|
|
||||||
pub fn open(&self, c: &[u8]) -> Result<Vec<u8>, CertificateError> {
|
pub fn open(&self, c: &[u8]) -> Result<Vec<u8>, CertificateError> {
|
||||||
let pk = &self.inner.read().public_key;
|
let pk = &self.inner.read().public_key;
|
||||||
let sk = &self.inner.read().private_key;
|
let sk = &self.inner.read().private_key;
|
||||||
|
@ -90,6 +99,12 @@ impl Certificate {
|
||||||
sealedbox::open(c, pk, sk)
|
sealedbox::open(c, pk, sk)
|
||||||
.map_err(|_| CertificateError::Crypto)
|
.map_err(|_| CertificateError::Crypto)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn seal(&self, message: &[u8]) -> Result<Vec<u8>, CertificateError> {
|
||||||
|
let pk = &self.inner.read().public_key;
|
||||||
|
|
||||||
|
Ok(sealedbox::seal(message, pk))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl <T: AsRef<Path>> From<T> for Certificate {
|
impl <T: AsRef<Path>> From<T> for Certificate {
|
||||||
|
|
|
@ -1,8 +1,13 @@
|
||||||
//! A storage container for client data
|
//! A storage container for client data
|
||||||
|
|
||||||
#[allow(unused_imports)]
|
#[allow(unused_imports)]
|
||||||
use log::{debug, error, info, trace, warn};
|
use log::{debug, error, info, trace, warn};
|
||||||
|
|
||||||
|
use std::path::Path;
|
||||||
|
use std::fs::File;
|
||||||
|
use std::io::{BufReader, Read};
|
||||||
|
|
||||||
|
use toml::Value as TomlValue;
|
||||||
|
|
||||||
use serde::{Serialize, Deserialize};
|
use serde::{Serialize, Deserialize};
|
||||||
|
|
||||||
use quick_error::quick_error;
|
use quick_error::quick_error;
|
||||||
|
@ -29,39 +34,104 @@ pub enum CofferValue {
|
||||||
String(String),
|
String(String),
|
||||||
/// A 32-bit integer
|
/// A 32-bit integer
|
||||||
Integer(i32),
|
Integer(i32),
|
||||||
/// An opaque blob of data
|
/// A 32-bit float
|
||||||
Blob(Vec<u8>)
|
Float(f32),
|
||||||
|
// A boolean
|
||||||
|
Boolean(bool)
|
||||||
}
|
}
|
||||||
|
|
||||||
/// A path to a value
|
#[derive(Clone, Debug, Serialize, Deserialize, PartialEq, Eq, Hash)]
|
||||||
#[derive(Clone, Eq, PartialEq, Hash, Debug, Serialize, Deserialize)]
|
pub struct CofferKey {
|
||||||
pub struct CofferPath(pub Vec<String>);
|
pub shard: String,
|
||||||
|
pub key: String
|
||||||
|
}
|
||||||
|
|
||||||
|
#[derive(Debug, Serialize, Deserialize)]
|
||||||
|
pub struct CofferShard(pub Vec<(String, CofferValue)>);
|
||||||
|
|
||||||
/// Interface for interacting with a `Coffer`
|
/// Interface for interacting with a `Coffer`
|
||||||
pub trait Coffer {
|
pub trait Coffer {
|
||||||
/// Put `value` at `path`. Errors if there is already a value at `path`.
|
/// Put `value` at `path`. Errors if there is already a value at `path`.
|
||||||
fn put(&mut self, path: CofferPath, value: CofferValue) -> CofferResult<()>;
|
fn put(&mut self, key: CofferKey, value: CofferValue) -> CofferResult<()>;
|
||||||
|
|
||||||
/// Push `value` to `path`. Replaces existing values.
|
/// Push `value` to `path`. Replaces existing values.
|
||||||
fn push(&mut self, path: CofferPath, value: CofferValue);
|
fn push(&mut self, key: CofferKey, value: CofferValue);
|
||||||
|
|
||||||
/// Retrieve `value` at path. Errors if there is no `value` at path.
|
/// Retrieve `value` at path. Errors if there is no `value` at path.
|
||||||
fn get(&self, path: CofferPath) -> CofferResult<CofferValue>;
|
fn get(&self, key: &CofferKey) -> CofferResult<CofferValue>;
|
||||||
|
|
||||||
|
/// Retrieve `value` at path. Errors if there is no `value` at path.
|
||||||
|
fn get_shard<T>(&self, shard: T) -> CofferResult<CofferShard>
|
||||||
|
where T: AsRef<str>;
|
||||||
|
|
||||||
|
fn from_toml_file(toml_path: &Path) -> Self
|
||||||
|
where Self: Coffer + Default
|
||||||
|
{
|
||||||
|
// read the secrets file into a temporary string
|
||||||
|
let mut file = BufReader::new(File::open(toml_path).unwrap());
|
||||||
|
let mut secrets_buf = String::new();
|
||||||
|
file.read_to_string(&mut secrets_buf).unwrap();
|
||||||
|
|
||||||
|
Coffer::from_toml(&secrets_buf)
|
||||||
}
|
}
|
||||||
|
|
||||||
impl <T> From<Vec<T>> for CofferPath
|
fn from_toml(toml: &str) -> Self
|
||||||
where T: AsRef<str>
|
where Self: Coffer + Default
|
||||||
{
|
{
|
||||||
fn from(val: Vec<T>) -> Self {
|
// call implementation to create an empty coffer
|
||||||
CofferPath::from(&val)
|
let mut coffer = Self::default();
|
||||||
|
|
||||||
|
// parse the string into a toml Table
|
||||||
|
let clients: toml::value::Table = match toml.parse::<TomlValue>().unwrap() {
|
||||||
|
TomlValue::Table(t) => t,
|
||||||
|
_ => panic!{"Invalid secrets file"}
|
||||||
|
};
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Walk through the table of clients, where each client is a table which
|
||||||
|
* is either empty, or contains a table with at least an id and any
|
||||||
|
* number of secrets
|
||||||
|
*
|
||||||
|
* # Example:
|
||||||
|
*
|
||||||
|
* files.id = "AAAA-BBBB-CCCC"
|
||||||
|
* pad.id = "FFFF-EEEE-DDDD"
|
||||||
|
*
|
||||||
|
* [files]
|
||||||
|
* secret_string = "secret value1"
|
||||||
|
* secret_int = 12345
|
||||||
|
* secret_bool = true
|
||||||
|
*/
|
||||||
|
for (_k, v) in clients {
|
||||||
|
|
||||||
|
let client = match v {
|
||||||
|
TomlValue::Table(t) => t,
|
||||||
|
_ => panic!{"Invalid secrets file"}
|
||||||
|
};
|
||||||
|
|
||||||
|
for (k, v) in client.iter() {
|
||||||
|
|
||||||
|
if "id" == k { continue } // ids are for sharding
|
||||||
|
|
||||||
|
let value = match v {
|
||||||
|
TomlValue::String(s) => CofferValue::String(s.to_owned()),
|
||||||
|
TomlValue::Integer(i) => CofferValue::Integer(*i as i32),
|
||||||
|
TomlValue::Float(f) => CofferValue::Float(*f as f32),
|
||||||
|
TomlValue::Boolean(b) => CofferValue::Boolean(*b),
|
||||||
|
_ => panic!{"Value {:?} unsupported", v}
|
||||||
|
};
|
||||||
|
|
||||||
|
match client.get("id") {
|
||||||
|
Some(TomlValue::String(shard)) => {
|
||||||
|
let shard = shard.to_owned();
|
||||||
|
let key = k.to_owned();
|
||||||
|
coffer.put(CofferKey{shard, key}, value).unwrap();
|
||||||
|
},
|
||||||
|
_ => panic!{"Invalid secrets file"}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl <T> From<&Vec<T>> for CofferPath
|
return coffer;
|
||||||
where T: AsRef<str>
|
|
||||||
{
|
|
||||||
fn from(val: &Vec<T>) -> Self {
|
|
||||||
let col = val.iter().map(|p| {(*p).as_ref().to_owned()}).collect();
|
|
||||||
CofferPath(col)
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
#[allow(unused_imports)]
|
#[allow(unused_imports)]
|
||||||
use log::{debug, error, info, trace, warn};
|
use log::{debug, error, info, trace, warn};
|
||||||
|
|
||||||
|
use std::path::Path;
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
|
|
||||||
use quick_error::quick_error;
|
use quick_error::quick_error;
|
||||||
|
@ -40,6 +41,15 @@ impl Keyring {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pub fn new_from_path<T>(certificate_path: T) -> Keyring
|
||||||
|
where T: AsRef<Path>
|
||||||
|
{
|
||||||
|
Keyring {
|
||||||
|
certificate: Certificate::from(certificate_path),
|
||||||
|
known_keys: HashMap::new()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
pub fn add_known_key(&mut self, key: &[u8]) -> Result<(), KeyringError> {
|
pub fn add_known_key(&mut self, key: &[u8]) -> Result<(), KeyringError> {
|
||||||
let public_key = box_::PublicKey::from_slice(key)
|
let public_key = box_::PublicKey::from_slice(key)
|
||||||
.ok_or(KeyringError::InvalidClientKey)?;
|
.ok_or(KeyringError::InvalidClientKey)?;
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "coffer-companion"
|
name = "coffer-companion"
|
||||||
version = "0.2.0"
|
version = "0.4.0"
|
||||||
authors = ["Armin Friedl <dev@friedl.net>"]
|
authors = ["Armin Friedl <dev@friedl.net>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
|
||||||
|
@ -14,6 +14,7 @@ structopt = "0.3"
|
||||||
quick-error = "1.2"
|
quick-error = "1.2"
|
||||||
# Key management/Cryptography
|
# Key management/Cryptography
|
||||||
sodiumoxide = "0.2.5"
|
sodiumoxide = "0.2.5"
|
||||||
|
hex = "^0.4"
|
||||||
# Communication
|
# Communication
|
||||||
serde = { version = "1.0", features = ["derive"]}
|
serde = { version = "1.0", features = ["derive"]}
|
||||||
serde_cbor = "0.10.2"
|
serde_cbor = "0.10.2"
|
||||||
|
|
|
@ -13,5 +13,10 @@ pub fn generate_key(out: PathBuf) {
|
||||||
.expect(&format!{"Could not create out file {}", &out.display()});
|
.expect(&format!{"Could not create out file {}", &out.display()});
|
||||||
|
|
||||||
writer.write_all(&cert).unwrap();
|
writer.write_all(&cert).unwrap();
|
||||||
|
}
|
||||||
|
|
||||||
|
pub fn info(out: PathBuf) {
|
||||||
|
let cert = Certificate::new_from_cbor(out).unwrap();
|
||||||
|
println!{"Public Key: {}", hex::encode_upper(cert.public_key())}
|
||||||
|
println!{"Secret Key: {}", hex::encode_upper(cert.secret_key())}
|
||||||
}
|
}
|
|
@ -2,13 +2,16 @@ use coffer_common::certificate::Certificate;
|
||||||
|
|
||||||
use std::path::PathBuf;
|
use std::path::PathBuf;
|
||||||
use std::fs::File;
|
use std::fs::File;
|
||||||
|
use std::io::Read;
|
||||||
use std::io::Write;
|
use std::io::Write;
|
||||||
|
|
||||||
use serde::Deserialize;
|
#[allow(unused)]
|
||||||
use serde_yaml;
|
|
||||||
|
|
||||||
pub fn encrypt_yaml(yaml:PathBuf, out: PathBuf, certificate: PathBuf) {
|
pub fn encrypt_yaml(yaml:PathBuf, out: PathBuf, certificate: PathBuf) {
|
||||||
let cert = Certificate::new_from_cbor(certificate).unwrap();
|
let cert = Certificate::new_from_cbor(certificate).unwrap();
|
||||||
|
let mut secrets = Vec::new();
|
||||||
|
File::open(yaml).unwrap().read_to_end(&mut secrets).unwrap();
|
||||||
|
|
||||||
let
|
let sealed = cert.seal(&secrets).unwrap();
|
||||||
|
let mut out_file = File::create(out).unwrap();
|
||||||
|
out_file.write_all(&sealed);
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,22 +1,24 @@
|
||||||
use std::path::PathBuf;
|
use std::path::PathBuf;
|
||||||
use structopt::StructOpt;
|
use structopt::StructOpt;
|
||||||
|
|
||||||
mod generate;
|
mod certificate;
|
||||||
mod encrypt;
|
mod encrypt;
|
||||||
|
|
||||||
#[derive(StructOpt, Debug)]
|
#[derive(StructOpt, Debug)]
|
||||||
enum Args {
|
enum Args {
|
||||||
Certificate {
|
Certificate {
|
||||||
#[structopt(short, long, parse(from_os_str))]
|
#[structopt(short, long, parse(from_os_str))]
|
||||||
out: PathBuf
|
out: PathBuf,
|
||||||
|
#[structopt(short, long)]
|
||||||
|
info: bool
|
||||||
},
|
},
|
||||||
Encrypt {
|
Encrypt {
|
||||||
|
#[structopt(short, long, parse(from_os_str))]
|
||||||
|
certificate: PathBuf,
|
||||||
#[structopt(short, long, parse(from_os_str))]
|
#[structopt(short, long, parse(from_os_str))]
|
||||||
yaml: PathBuf,
|
yaml: PathBuf,
|
||||||
#[structopt(short, long, parse(from_os_str))]
|
#[structopt(short, long, parse(from_os_str))]
|
||||||
out: PathBuf,
|
out: PathBuf
|
||||||
#[structopt(short, long, parse(from_os_str))]
|
|
||||||
certificate: PathBuf,
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -24,7 +26,10 @@ fn main() {
|
||||||
let args: Args = Args::from_args();
|
let args: Args = Args::from_args();
|
||||||
|
|
||||||
match args {
|
match args {
|
||||||
Args::Certificate {out} => generate::generate_key(out),
|
Args::Certificate {out, info} => {
|
||||||
Args::Encrypt {yaml, out, certificate} => {}
|
if info { certificate::info(out) }
|
||||||
|
else { certificate::generate_key(out) }
|
||||||
|
}
|
||||||
|
_ => unimplemented![]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "coffer-server"
|
name = "coffer-server"
|
||||||
version = "0.2.0"
|
version = "0.4.0"
|
||||||
authors = ["Armin Friedl <dev@friedl.net>"]
|
authors = ["Armin Friedl <dev@friedl.net>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
|
|
||||||
|
|
|
@ -1,47 +1,89 @@
|
||||||
//! A simple, thread-safe coffer implementation backed by a hash map
|
//! Thread-safe coffer implementation backed by hash map
|
||||||
|
|
||||||
#[allow(unused_imports)]
|
#[allow(unused_imports)]
|
||||||
use log::{debug, error, info, trace, warn};
|
use log::{debug, error, info, trace, warn};
|
||||||
|
|
||||||
use std::sync::RwLock;
|
use std::sync::RwLock;
|
||||||
|
use std::sync::RwLockReadGuard;
|
||||||
|
use std::sync::RwLockWriteGuard;
|
||||||
|
|
||||||
use std::collections::HashMap;
|
use std::collections::HashMap;
|
||||||
|
|
||||||
use coffer_common::coffer::*;
|
use coffer_common::coffer::*;
|
||||||
|
|
||||||
pub struct CofferMap {
|
type ShardedCoffer = HashMap<String, HashMap<String, CofferValue>>;
|
||||||
coffer: RwLock<HashMap<CofferPath, CofferValue>>
|
pub struct CofferMap(RwLock<ShardedCoffer>);
|
||||||
}
|
|
||||||
|
|
||||||
impl CofferMap {
|
impl CofferMap {
|
||||||
pub fn new() -> CofferMap {
|
pub fn new() -> CofferMap {
|
||||||
CofferMap {
|
CofferMap(RwLock::new(HashMap::new()))
|
||||||
coffer: RwLock::new(HashMap::new())
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
fn read(&self) -> RwLockReadGuard<'_, ShardedCoffer> {
|
||||||
|
self.0.read().unwrap()
|
||||||
|
}
|
||||||
|
|
||||||
|
fn write(&self) -> RwLockWriteGuard<'_, ShardedCoffer> {
|
||||||
|
self.0.write().unwrap()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
impl Coffer for CofferMap {
|
impl Coffer for CofferMap {
|
||||||
fn put(&mut self, path: CofferPath, value: CofferValue) -> CofferResult<()> {
|
fn put(&mut self, key: CofferKey, value: CofferValue) -> CofferResult<()> {
|
||||||
let mut lock = self.coffer.write().unwrap();
|
let mut lock = self.write();
|
||||||
|
|
||||||
match (*lock).contains_key(&path) {
|
match lock.get_mut(&key.shard) {
|
||||||
true => Err(CofferError::Msg("test")),
|
Some(shard) => {
|
||||||
false => {(*lock).insert(path, value); Ok(())}
|
if shard.contains_key(&key.key) { Err(CofferError::Msg("Key exists")) }
|
||||||
|
else { shard.insert(key.key, value); Ok(()) }
|
||||||
|
}
|
||||||
|
None => {
|
||||||
|
lock.insert(key.shard.clone(), HashMap::new());
|
||||||
|
lock.get_mut(&key.shard).unwrap().insert(key.key, value);
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn push(&mut self, path: CofferPath, value: CofferValue) {
|
fn push(&mut self, key: CofferKey, value: CofferValue) {
|
||||||
let mut lock = self.coffer.write().unwrap();
|
let mut lock = self.write();
|
||||||
|
|
||||||
(*lock).insert(path, value);
|
match lock.get_mut(&key.shard) {
|
||||||
|
Some(shard) => {
|
||||||
|
shard.insert(key.key, value);
|
||||||
|
}
|
||||||
|
None => {
|
||||||
|
lock.insert(key.shard.clone(), HashMap::new());
|
||||||
|
lock.get_mut(&key.shard).unwrap().insert(key.key, value);
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get(&self, path: CofferPath) -> CofferResult<CofferValue> {
|
fn get(&self, key: &CofferKey) -> CofferResult<CofferValue> {
|
||||||
let lock = self.coffer.read().unwrap();
|
let lock = self.read();
|
||||||
|
|
||||||
(*lock).get(&path)
|
let res = lock.get(&key.shard)
|
||||||
.and_then(|v| Some(v.clone()))
|
.and_then( |shard| { shard.get(&key.key) } )
|
||||||
.ok_or(CofferError::Msg("Key not found"))
|
.ok_or(CofferError::Msg("Key not found"))?;
|
||||||
|
|
||||||
|
Ok(res.clone())
|
||||||
|
}
|
||||||
|
|
||||||
|
fn get_shard<T>(&self, shard: T) -> CofferResult<CofferShard>
|
||||||
|
where T: AsRef<str>
|
||||||
|
{
|
||||||
|
let lock = self.read();
|
||||||
|
|
||||||
|
let coffer_shard = lock.get(shard.as_ref())
|
||||||
|
.ok_or(CofferError::Msg("Shard {} not found"))?;
|
||||||
|
|
||||||
|
let mut res = CofferShard(Vec::new());
|
||||||
|
|
||||||
|
for (k,v) in coffer_shard {
|
||||||
|
res.0.push((k.clone(), v.clone()));
|
||||||
|
}
|
||||||
|
|
||||||
|
Ok(res)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -4,29 +4,31 @@ use log::{debug, error, info, trace, warn};
|
||||||
use env_logger;
|
use env_logger;
|
||||||
|
|
||||||
use std::path::PathBuf;
|
use std::path::PathBuf;
|
||||||
|
use std::fs::File;
|
||||||
|
use std::io::{Read};
|
||||||
use structopt::StructOpt;
|
use structopt::StructOpt;
|
||||||
use std::net::SocketAddr;
|
use std::net::SocketAddr;
|
||||||
|
|
||||||
use coffer_common::certificate::Certificate;
|
|
||||||
use coffer_common::keyring::Keyring;
|
use coffer_common::keyring::Keyring;
|
||||||
|
use coffer_common::coffer::Coffer;
|
||||||
|
|
||||||
mod server;
|
mod server;
|
||||||
mod coffer_map;
|
mod coffer_map;
|
||||||
mod protocol;
|
mod protocol;
|
||||||
|
|
||||||
use server::ServerBuilder;
|
use server::Server;
|
||||||
use coffer_map::CofferMap;
|
use coffer_map::CofferMap;
|
||||||
|
|
||||||
#[derive(StructOpt, Debug)]
|
#[derive(StructOpt, Debug)]
|
||||||
struct Args {
|
struct Args {
|
||||||
/// Path to the server certificate. Will be deleted after processing.
|
/// Path to the server certificate. Will be deleted after processing.
|
||||||
#[structopt(short, long, parse(from_os_str), env = "COFFER_SERVER_CERTIFICATE", hide_env_values = true)]
|
#[structopt(short, long, parse(from_os_str), env = "COFFER_SERVER_CERTIFICATE", hide_env_values = true)]
|
||||||
certificate: Option<PathBuf>,
|
certificate: PathBuf,
|
||||||
|
|
||||||
/// Path to secrets file. Will be deleted after processing.
|
/// Path to secrets file. Will be deleted after processing.
|
||||||
/// Must be sealed by the public key of the server certificate
|
/// Must be sealed by the public key of the server certificate
|
||||||
#[structopt(short, long, parse(from_os_str), env = "COFFER_SERVER_SECRETS", hide_env_values = true)]
|
#[structopt(short, long, parse(from_os_str), env = "COFFER_SERVER_SECRETS", hide_env_values = true)]
|
||||||
secrets: Option<PathBuf>,
|
secrets: PathBuf,
|
||||||
|
|
||||||
/// Address, the coffer server should bind to
|
/// Address, the coffer server should bind to
|
||||||
#[structopt(short, long, parse(try_from_str), env = "COFFER_SERVER_ADDRESS", default_value = "127.0.0.1:9187")]
|
#[structopt(short, long, parse(try_from_str), env = "COFFER_SERVER_ADDRESS", default_value = "127.0.0.1:9187")]
|
||||||
|
@ -40,12 +42,16 @@ async fn main() {
|
||||||
|
|
||||||
_print_banner();
|
_print_banner();
|
||||||
|
|
||||||
let server = ServerBuilder::new()
|
let keyring = Keyring::new_from_path(&args.certificate);
|
||||||
.with_keyring(args.certificate.and_then(|cert_path| Some(Keyring::new(Certificate::from(cert_path)))))
|
|
||||||
.with_coffer(Some(CofferMap::new()))
|
|
||||||
.build()
|
|
||||||
.expect("Couldn't build server");
|
|
||||||
|
|
||||||
|
// decrypt secrets file and put into coffer
|
||||||
|
let mut secrets_file = File::open(&args.secrets).unwrap();
|
||||||
|
let mut secrets_buf = Vec::new();
|
||||||
|
secrets_file.read_to_end(&mut secrets_buf).unwrap();
|
||||||
|
let secrets_buf_clear = String::from_utf8(keyring.open(&secrets_buf).unwrap()).unwrap();
|
||||||
|
let coffer = CofferMap::from_toml(&secrets_buf_clear);
|
||||||
|
|
||||||
|
let server = Server::new(keyring, coffer);
|
||||||
server.run(args.address).await;
|
server.run(args.address).await;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,15 +9,12 @@ use tokio::io::{AsyncRead,
|
||||||
AsyncReadExt,
|
AsyncReadExt,
|
||||||
AsyncWriteExt};
|
AsyncWriteExt};
|
||||||
use tokio::net::TcpStream;
|
use tokio::net::TcpStream;
|
||||||
use tokio::sync::RwLock;
|
|
||||||
|
|
||||||
use serde_cbor;
|
use serde_cbor;
|
||||||
|
|
||||||
use quick_error::quick_error;
|
use quick_error::quick_error;
|
||||||
|
|
||||||
use coffer_common::coffer::{CofferValue,
|
use coffer_common::coffer::Coffer;
|
||||||
CofferPath,
|
|
||||||
Coffer};
|
|
||||||
use coffer_common::keyring::Keyring;
|
use coffer_common::keyring::Keyring;
|
||||||
use hex;
|
use hex;
|
||||||
|
|
||||||
|
@ -38,25 +35,23 @@ quick_error! {
|
||||||
enum State {
|
enum State {
|
||||||
Start,
|
Start,
|
||||||
Link,
|
Link,
|
||||||
Error,
|
Bye,
|
||||||
End
|
End
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(Debug)]
|
#[derive(Debug)]
|
||||||
enum Request {
|
enum Request {
|
||||||
Hello(Vec<u8>),
|
Hello(Vec<u8>),
|
||||||
Put(Vec<u8>),
|
Get,
|
||||||
Get(Vec<u8>),
|
Bye
|
||||||
Bye,
|
|
||||||
Error
|
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct Protocol<C>
|
pub struct Protocol<C>
|
||||||
where C: Coffer
|
where C: Coffer
|
||||||
{
|
{
|
||||||
stream: TcpStream,
|
stream: TcpStream,
|
||||||
coffer: Arc<RwLock<C>>,
|
coffer: Arc<C>,
|
||||||
keyring: Arc<RwLock<Keyring>>,
|
keyring: Arc<Keyring>,
|
||||||
client: Option<Vec<u8>>,
|
client: Option<Vec<u8>>,
|
||||||
state: State
|
state: State
|
||||||
}
|
}
|
||||||
|
@ -64,11 +59,7 @@ where C: Coffer
|
||||||
impl<C> Protocol<C>
|
impl<C> Protocol<C>
|
||||||
where C: Coffer
|
where C: Coffer
|
||||||
{
|
{
|
||||||
pub fn new(
|
pub fn new(stream: TcpStream, coffer: Arc<C>, keyring: Arc<Keyring>) -> Protocol<C>
|
||||||
stream: TcpStream,
|
|
||||||
coffer: Arc<RwLock<C>>,
|
|
||||||
keyring: Arc<RwLock<Keyring>>
|
|
||||||
) -> Protocol<C>
|
|
||||||
{
|
{
|
||||||
let state = State::Start;
|
let state = State::Start;
|
||||||
let client = None;
|
let client = None;
|
||||||
|
@ -104,11 +95,9 @@ where C: Coffer
|
||||||
|
|
||||||
match msg_type {
|
match msg_type {
|
||||||
0x00 => Request::Hello(message),
|
0x00 => Request::Hello(message),
|
||||||
0x02 => Request::Put(message),
|
0x02 => Request::Get,
|
||||||
0x03 => Request::Get(message),
|
0x99 => Request::Bye,
|
||||||
0x63 => Request::Bye,
|
_ => panic!{"Invalid message type {}", msg_type}
|
||||||
0xff => Request::Error,
|
|
||||||
_ => Request::Error
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -171,30 +160,19 @@ where C: Coffer
|
||||||
match (&self.state, event) {
|
match (&self.state, event) {
|
||||||
(State::Start, Request::Hello(pk)) => {
|
(State::Start, Request::Hello(pk)) => {
|
||||||
debug!{"Reading public key"}
|
debug!{"Reading public key"}
|
||||||
self.keyring.write().await
|
|
||||||
.add_known_key(&pk)
|
|
||||||
.unwrap();
|
|
||||||
self.client = Some(pk);
|
self.client = Some(pk);
|
||||||
self.state = State::Link;
|
self.state = State::Link;
|
||||||
}
|
}
|
||||||
|
|
||||||
(State::Link, Request::Get(req)) => {
|
(State::Link, Request::Get) => {
|
||||||
debug!{"Writing response"}
|
debug!{"Writing response"}
|
||||||
let mut req: CofferPath =
|
let shard_id = hex::encode(self.client.as_ref().unwrap());
|
||||||
serde_cbor::from_slice(
|
|
||||||
&self.keyring.read().await
|
|
||||||
.open(&req)
|
|
||||||
.unwrap()
|
|
||||||
).unwrap();
|
|
||||||
|
|
||||||
req.0.insert(0, hex::encode(self.client.as_ref().unwrap()));
|
let res = self.coffer
|
||||||
|
.get_shard(shard_id)
|
||||||
let res = self.coffer.read().await
|
|
||||||
.get(req)
|
|
||||||
.unwrap();
|
.unwrap();
|
||||||
|
|
||||||
let response = self.keyring.read().await
|
let response = self.keyring.seal(
|
||||||
.seal(
|
|
||||||
&self.client.as_ref().unwrap(),
|
&self.client.as_ref().unwrap(),
|
||||||
&serde_cbor::to_vec(&res).unwrap()
|
&serde_cbor::to_vec(&res).unwrap()
|
||||||
).unwrap();
|
).unwrap();
|
||||||
|
@ -205,35 +183,11 @@ where C: Coffer
|
||||||
// TODO Proper result handling
|
// TODO Proper result handling
|
||||||
self.stream.write_all(&frame).await.unwrap();
|
self.stream.write_all(&frame).await.unwrap();
|
||||||
|
|
||||||
self.state = State::Link;
|
self.state = State::Bye;
|
||||||
}
|
}
|
||||||
|
|
||||||
(State::Link, Request::Put(put)) => {
|
(State::Link, Request::Bye) => self.state = State::End,
|
||||||
debug!{"Putting secrets"}
|
(State::Bye, Request::Bye) => self.state = State::End,
|
||||||
let mut put: Vec<(CofferPath, CofferValue)> =
|
|
||||||
serde_cbor::from_slice(
|
|
||||||
&self.keyring.read().await
|
|
||||||
.open(&put)
|
|
||||||
.unwrap()
|
|
||||||
).unwrap();
|
|
||||||
|
|
||||||
let key_string = hex::encode(self.client.as_ref().unwrap());
|
|
||||||
|
|
||||||
put.iter_mut().map( |(cp, _cv)| &mut cp.0)
|
|
||||||
.for_each(|cp| cp.insert(0, key_string.clone()));
|
|
||||||
|
|
||||||
for (coffer_path, coffer_value) in put {
|
|
||||||
self.coffer.write().await
|
|
||||||
.put(coffer_path, coffer_value)
|
|
||||||
.unwrap();
|
|
||||||
}
|
|
||||||
|
|
||||||
self.state = State::Link;
|
|
||||||
}
|
|
||||||
|
|
||||||
(_, Request::Bye) => self.state = State::End,
|
|
||||||
|
|
||||||
(_, Request::Error) => self.state = State::End,
|
|
||||||
|
|
||||||
_ => self.state = State::End
|
_ => self.state = State::End
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,14 +5,13 @@ use quick_error::quick_error;
|
||||||
|
|
||||||
use tokio::net::{TcpListener};
|
use tokio::net::{TcpListener};
|
||||||
use tokio::stream::StreamExt;
|
use tokio::stream::StreamExt;
|
||||||
use tokio::sync::RwLock;
|
|
||||||
|
|
||||||
use std::net::{ToSocketAddrs, SocketAddr};
|
use std::net::{ToSocketAddrs, SocketAddr};
|
||||||
use std::sync::Arc;
|
use std::sync::Arc;
|
||||||
|
|
||||||
use coffer_common::keyring::Keyring;
|
use coffer_common::keyring::Keyring;
|
||||||
use coffer_common::coffer::Coffer;
|
use coffer_common::coffer::Coffer;
|
||||||
use coffer_common::certificate::{Certificate, CertificateError};
|
use coffer_common::certificate::CertificateError;
|
||||||
|
|
||||||
use crate::protocol::Protocol;
|
use crate::protocol::Protocol;
|
||||||
|
|
||||||
|
@ -35,13 +34,19 @@ quick_error! {
|
||||||
pub struct Server<C>
|
pub struct Server<C>
|
||||||
where C: Coffer
|
where C: Coffer
|
||||||
{
|
{
|
||||||
keyring: Arc<RwLock<Keyring>>,
|
keyring: Arc<Keyring>,
|
||||||
coffer: Arc<RwLock<C>>
|
coffer: Arc<C>
|
||||||
}
|
}
|
||||||
|
|
||||||
impl <C> Server <C>
|
impl <C> Server <C>
|
||||||
where C: Coffer + Send + Sync + 'static
|
where C: Coffer + Send + Sync + 'static
|
||||||
{
|
{
|
||||||
|
|
||||||
|
pub fn new(keyring: Keyring, coffer: C) -> Self {
|
||||||
|
Server { keyring: Arc::new(keyring),
|
||||||
|
coffer: Arc::new(coffer) }
|
||||||
|
}
|
||||||
|
|
||||||
pub async fn run<T>(self, addr: T)
|
pub async fn run<T>(self, addr: T)
|
||||||
where T: ToSocketAddrs
|
where T: ToSocketAddrs
|
||||||
{
|
{
|
||||||
|
@ -70,6 +75,7 @@ where C: Coffer + Send + Sync + 'static
|
||||||
let coffer = self.coffer.clone();
|
let coffer = self.coffer.clone();
|
||||||
|
|
||||||
let protocol = Protocol::new(tcp_stream, coffer, keyring);
|
let protocol = Protocol::new(tcp_stream, coffer, keyring);
|
||||||
|
|
||||||
tokio::spawn(async move {
|
tokio::spawn(async move {
|
||||||
protocol.run().await;
|
protocol.run().await;
|
||||||
});
|
});
|
||||||
|
@ -84,43 +90,3 @@ where C: Coffer + Send + Sync + 'static
|
||||||
server.await
|
server.await
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub struct ServerBuilder<C>
|
|
||||||
where C: Coffer
|
|
||||||
{
|
|
||||||
keyring: Option<Keyring>,
|
|
||||||
coffer: Option<C>
|
|
||||||
}
|
|
||||||
|
|
||||||
impl <'a, C> ServerBuilder<C>
|
|
||||||
where C: Coffer + Default
|
|
||||||
{
|
|
||||||
pub fn new() -> ServerBuilder<C> {
|
|
||||||
ServerBuilder {
|
|
||||||
keyring: None,
|
|
||||||
coffer: None
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn with_keyring(mut self, keyring: Option<Keyring>) -> ServerBuilder<C> {
|
|
||||||
self.keyring = keyring;
|
|
||||||
self
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn with_coffer(mut self, coffer: Option<C>) -> ServerBuilder<C> {
|
|
||||||
self.coffer = coffer;
|
|
||||||
self
|
|
||||||
}
|
|
||||||
|
|
||||||
pub fn build(self) -> Result<Server<C>, ServerError> {
|
|
||||||
let keyring = match self.keyring {
|
|
||||||
Some(k) => Arc::new(RwLock::new(k)),
|
|
||||||
None => {let cert = Certificate::new()?;
|
|
||||||
Arc::new(RwLock::new(Keyring::new(cert)))}
|
|
||||||
};
|
|
||||||
|
|
||||||
let coffer = Arc::new(RwLock::new(self.coffer.unwrap_or_else(|| { C::default() } )));
|
|
||||||
|
|
||||||
Ok(Server {keyring, coffer})
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
Loading…
Reference in a new issue