hatter/local-mini-kms
1
1
Fork 0
Code Issues 2 Pull Requests Projects Releases Wiki Activity

feat: add read/write

Browse Source
This commit is contained in:
Hatter Jiang
2023-08-13 15:26:49 +08:00
parent b431a94ef9
commit 167e37f9f8
12 changed files with 439 additions and 245 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
src/serve_encrypt_decrypt.rs Normal file
View File

@@ -0,0 +1,59 @@
use hyper::{Body, Request, Response, StatusCode};
use hyper::body::Buf;
use rust_util::{debugging, XResult};
use serde::{Deserialize, Serialize};
use serde_json::{json, Value};
use crate::do_response;
use crate::jose;
use crate::serve_common::{byte_to_multi_view_map, get_master_key, MultipleViewValue};
use crate::serve_common::Result;
#[derive(Serialize, Deserialize)]
struct DecryptRequest {
encrypted_value: String,
}
pub async fn decrypt(req: Request<Body>) -> Result<Response<Body>> {
do_response!(inner_decrypt(req).await)
}
async fn inner_decrypt(req: Request<Body>) -> XResult<(StatusCode, Value)> {
let whole_body = hyper::body::aggregate(req).await?;
let data: DecryptRequest = serde_json::from_reader(whole_body.reader())?;
debugging!("To be decrypted value: {}", &data.encrypted_value);
let key = match get_master_key() {
None => return Ok((StatusCode::BAD_REQUEST, json!({ "error": "status_not_ready" }))),
Some(key) => key,
};
let decrypted_value = jose::deserialize_jwe_aes(&data.encrypted_value, &*key.read());
drop(key);
decrypted_value.map(|v| {
let map = byte_to_multi_view_map(&v.0);
(StatusCode::OK, Value::Object(map))
})
}
pub async fn encrypt(req: Request<Body>) -> Result<Response<Body>> {
do_response!(inner_encrypt(req).await)
}
async fn inner_encrypt(req: Request<Body>) -> XResult<(StatusCode, Value)> {
let whole_body = hyper::body::aggregate(req).await?;
let data: MultipleViewValue = serde_json::from_reader(whole_body.reader())?;
let value = data.to_bytes()?;
let key = match get_master_key() {
None => return Ok((StatusCode::BAD_REQUEST, json!({ "error": "status_not_ready" }))),
Some(key) => key,
};
let encrypt_result = jose::serialize_jwe_aes(&value, &*key.read());
drop(key);
encrypt_result.map(|e| {
(StatusCode::OK, json!({
"encrypted_value": e,
}))
})
}