feat: update
This commit is contained in:
@@ -2,12 +2,13 @@ use std::sync::Mutex;
|
||||
|
||||
use base64::Engine;
|
||||
use base64::engine::general_purpose::STANDARD;
|
||||
use hyper::StatusCode;
|
||||
use josekit::jwk::alg::rsa::RsaKeyPair;
|
||||
use rusqlite::Connection;
|
||||
use rust_util::{opt_result, simple_error, XResult};
|
||||
use seckey::SecBytes;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use serde_json::{Map, Value};
|
||||
use serde_json::{json, Map, Value};
|
||||
|
||||
use crate::db;
|
||||
|
||||
@@ -29,6 +30,24 @@ macro_rules! do_response {
|
||||
)
|
||||
}
|
||||
|
||||
pub fn ok(body: Value) -> XResult<(StatusCode, Value)> {
|
||||
Ok((StatusCode::OK, body))
|
||||
}
|
||||
|
||||
pub fn error(error: &str) -> XResult<(StatusCode, Value)> {
|
||||
Ok((
|
||||
StatusCode::BAD_REQUEST,
|
||||
json!({ "error": error })
|
||||
))
|
||||
}
|
||||
|
||||
// pub fn bad_request(error: &str, error_message: &str) -> XResult<(StatusCode, Value)> {
|
||||
// Ok((
|
||||
// StatusCode::BAD_REQUEST,
|
||||
// json!({ "error": error, "error_message": error_message })
|
||||
// ))
|
||||
// }
|
||||
|
||||
pub struct MemoryKey {
|
||||
pub database_file: String,
|
||||
pub instance_rsa_key_pair: RsaKeyPair,
|
||||
|
||||
@@ -6,6 +6,7 @@ use serde_json::{json, Value};
|
||||
|
||||
use crate::do_response;
|
||||
use crate::jose;
|
||||
use crate::serve_common;
|
||||
use crate::serve_common::{byte_to_multi_view_map, get_master_key, MultipleViewValue};
|
||||
use crate::serve_common::Result;
|
||||
|
||||
@@ -24,7 +25,7 @@ async fn inner_decrypt(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
|
||||
debugging!("To be decrypted value: {}", &data.encrypted_value);
|
||||
let key = match get_master_key() {
|
||||
None => return Ok((StatusCode::BAD_REQUEST, json!({ "error": "status_not_ready" }))),
|
||||
None => return serve_common::error("status_not_ready"),
|
||||
Some(key) => key,
|
||||
};
|
||||
let decrypted_value = jose::deserialize_jwe_aes(&data.encrypted_value, &*key.read());
|
||||
@@ -45,7 +46,7 @@ async fn inner_encrypt(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
let data: MultipleViewValue = serde_json::from_reader(whole_body.reader())?;
|
||||
let value = data.to_bytes()?;
|
||||
let key = match get_master_key() {
|
||||
None => return Ok((StatusCode::BAD_REQUEST, json!({ "error": "status_not_ready" }))),
|
||||
None => return serve_common::error("status_not_ready"),
|
||||
Some(key) => key,
|
||||
};
|
||||
let encrypt_result = jose::serialize_jwe_aes(&value, &*key.read());
|
||||
|
||||
@@ -51,11 +51,11 @@ async fn inner_init(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
return Ok((StatusCode::INTERNAL_SERVER_ERROR, json!({ "error": "internal_error", "error_message": "not init " })));
|
||||
}
|
||||
} else {
|
||||
return Ok((StatusCode::BAD_REQUEST, json!({ "error": "bad_request", "error_message": "master key is not assigned" })));
|
||||
return serve_common::error("master_key_missing");
|
||||
};
|
||||
|
||||
if clear_master_key.len() != 32 {
|
||||
return Ok((StatusCode::BAD_REQUEST, json!({ "error": "bad_request", "error_message": "bad clear_master_key length" })));
|
||||
return serve_common::error("bad_master_key_length");
|
||||
}
|
||||
|
||||
if let Some(k) = &mut *startup_rw_lock {
|
||||
@@ -81,5 +81,5 @@ async fn inner_init(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
k.master_key = Some(sec_bytes);
|
||||
k.instance_rsa_key_pair = jose::generate_rsa_key(4096)?;
|
||||
}
|
||||
Ok((StatusCode::OK, json!({})))
|
||||
serve_common::ok(json!({}))
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
use hyper::{Body, Request, Response, StatusCode};
|
||||
use hyper::body::Buf;
|
||||
use rust_util::{simple_error, XResult};
|
||||
use rust_util::XResult;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use serde_json::{json, Value};
|
||||
|
||||
@@ -8,6 +8,7 @@ use crate::{db, jose};
|
||||
use crate::db::Key;
|
||||
use crate::do_response;
|
||||
use crate::serve_common::{byte_to_multi_view_map, get_master_key, MultipleViewValue, open_local_db};
|
||||
use crate::serve_common;
|
||||
use crate::serve_common::Result;
|
||||
|
||||
#[derive(Serialize, Deserialize)]
|
||||
@@ -31,7 +32,7 @@ async fn inner_read(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
let named: Named = serde_json::from_reader(whole_body.reader())?;
|
||||
let name = &named.name;
|
||||
if name.is_empty() {
|
||||
return simple_error!("Key name cannot be empty");
|
||||
return serve_common::error("key_name_is_empty");
|
||||
}
|
||||
let db_key_name = db::make_db_key_name(name);
|
||||
|
||||
@@ -39,12 +40,12 @@ async fn inner_read(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
let db_key = db::find_key(&conn, &db_key_name)?;
|
||||
|
||||
let db_key_value = match db_key {
|
||||
None => return simple_error!("Key '{}' already exists", name),
|
||||
None => return serve_common::error("key_name_not_exists"),
|
||||
Some(k) => k,
|
||||
};
|
||||
|
||||
let key = match get_master_key() {
|
||||
None => return Ok((StatusCode::BAD_REQUEST, json!({ "error": "status_not_ready" }))),
|
||||
None => return serve_common::error("status_not_ready"),
|
||||
Some(key) => key,
|
||||
};
|
||||
let data = jose::deserialize_jwe_aes(&db_key_value.encrypted_key, &*key.read())?;
|
||||
@@ -52,7 +53,7 @@ async fn inner_read(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
|
||||
let mut map = byte_to_multi_view_map(&data.0);
|
||||
map.insert("name".to_string(), Value::String(name.to_string()));
|
||||
Ok((StatusCode::OK, Value::Object(map)))
|
||||
serve_common::ok(Value::Object(map))
|
||||
}
|
||||
|
||||
pub async fn write(req: Request<Body>) -> Result<Response<Body>> {
|
||||
@@ -64,7 +65,7 @@ async fn inner_write(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
let named_value: NamedValue = serde_json::from_reader(whole_body.reader())?;
|
||||
let name = &named_value.name;
|
||||
if name.is_empty() {
|
||||
return simple_error!("Key name cannot be empty");
|
||||
return serve_common::error("key_name_is_empty");
|
||||
}
|
||||
let db_key_name = db::make_db_key_name(name);
|
||||
let force_write = named_value.force_write.unwrap_or(false);
|
||||
@@ -73,12 +74,12 @@ async fn inner_write(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
let db_key = db::find_key(&conn, &db_key_name)?;
|
||||
|
||||
if db_key.is_some() && !force_write {
|
||||
return simple_error!("Key '{}' already exists", name);
|
||||
return serve_common::error("key_name_exists");
|
||||
}
|
||||
|
||||
let value = named_value.value.to_bytes()?;
|
||||
let key = match get_master_key() {
|
||||
None => return Ok((StatusCode::BAD_REQUEST, json!({ "error": "status_not_ready" }))),
|
||||
None => return serve_common::error("status_not_ready"),
|
||||
Some(key) => key,
|
||||
};
|
||||
let encrypt_value = jose::serialize_jwe_aes(&value, &*key.read())?;
|
||||
@@ -88,13 +89,9 @@ async fn inner_write(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
name: db_key_name,
|
||||
encrypted_key: encrypt_value.clone(),
|
||||
};
|
||||
if db_key.is_some() {
|
||||
db::update_key(&conn, &new_db_key)?;
|
||||
} else {
|
||||
db::insert_key(&conn, &new_db_key)?;
|
||||
}
|
||||
|
||||
let response_body = if let Some(db_key) = db_key {
|
||||
db::update_key(&conn, &new_db_key)?;
|
||||
json!({
|
||||
"name": name.to_string(),
|
||||
"override": true,
|
||||
@@ -102,11 +99,12 @@ async fn inner_write(req: Request<Body>) -> XResult<(StatusCode, Value)> {
|
||||
"previous_encrypted_value": db_key.encrypted_key,
|
||||
})
|
||||
} else {
|
||||
db::insert_key(&conn, &new_db_key)?;
|
||||
json!({
|
||||
"name": name.to_string(),
|
||||
"override": false,
|
||||
"encrypted_value": encrypt_value,
|
||||
})
|
||||
};
|
||||
Ok((StatusCode::OK, response_body))
|
||||
serve_common::ok(response_body)
|
||||
}
|
||||
|
||||
@@ -25,5 +25,5 @@ async fn inner_status() -> XResult<(StatusCode, Value)> {
|
||||
}),
|
||||
}
|
||||
};
|
||||
Ok((StatusCode::OK, body))
|
||||
serve_common::ok(body)
|
||||
}
|
||||
Reference in New Issue
Block a user