2023-05-14 17:47:49 +00:00
|
|
|
use crate::config::{NebulaConfig, CONFIG};
|
|
|
|
use ed25519_dalek::{SigningKey, VerifyingKey};
|
2023-05-15 18:51:27 +00:00
|
|
|
use log::debug;
|
2023-05-14 17:47:49 +00:00
|
|
|
use serde::{Deserialize, Serialize};
|
|
|
|
use std::error::Error;
|
|
|
|
use std::fs;
|
|
|
|
use trifid_pki::cert::NebulaCertificate;
|
|
|
|
use trifid_pki::x25519_dalek::PublicKey;
|
|
|
|
|
2023-05-15 17:39:15 +00:00
|
|
|
#[derive(Serialize, Deserialize, Clone)]
|
2023-05-14 17:47:49 +00:00
|
|
|
pub struct Keystore {
|
|
|
|
#[serde(default = "default_vec")]
|
|
|
|
pub hosts: Vec<KeystoreHostInformation>,
|
|
|
|
}
|
|
|
|
|
|
|
|
fn default_vec<T>() -> Vec<T> {
|
|
|
|
vec![]
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn keystore_init() -> Result<Keystore, Box<dyn Error>> {
|
|
|
|
let mut ks_fp = CONFIG.crypto.local_keystore_directory.clone();
|
2023-05-15 17:39:15 +00:00
|
|
|
ks_fp.push("tfks.toml");
|
2023-05-14 17:47:49 +00:00
|
|
|
|
|
|
|
if !ks_fp.exists() {
|
2023-05-15 18:51:27 +00:00
|
|
|
return Ok(Keystore { hosts: vec![] });
|
2023-05-14 17:47:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
let f_str = fs::read_to_string(ks_fp)?;
|
|
|
|
let keystore: Keystore = toml::from_str(&f_str)?;
|
|
|
|
|
|
|
|
Ok(keystore)
|
|
|
|
}
|
|
|
|
|
|
|
|
pub fn keystore_flush(ks: &Keystore) -> Result<(), Box<dyn Error>> {
|
|
|
|
let mut ks_fp = CONFIG.crypto.local_keystore_directory.clone();
|
2023-05-15 17:39:15 +00:00
|
|
|
ks_fp.push("tfks.toml");
|
|
|
|
|
|
|
|
debug!("writing to {}", ks_fp.display());
|
2023-05-14 17:47:49 +00:00
|
|
|
|
|
|
|
fs::write(ks_fp, toml::to_string(ks)?)?;
|
|
|
|
|
|
|
|
Ok(())
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Serialize, Deserialize, Clone)]
|
|
|
|
pub struct KeystoreHostInformation {
|
|
|
|
pub id: String,
|
|
|
|
|
|
|
|
pub current_signing_key: u64,
|
|
|
|
pub current_client_key: u64,
|
|
|
|
|
|
|
|
pub current_config: u64,
|
|
|
|
pub current_cert: u64,
|
|
|
|
|
|
|
|
pub certs: Vec<KSCert>,
|
|
|
|
pub config: Vec<KSConfig>,
|
|
|
|
pub signing_keys: Vec<KSSigningKey>,
|
|
|
|
pub client_keys: Vec<KSClientKey>,
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Serialize, Deserialize, Clone)]
|
|
|
|
pub struct KSCert {
|
|
|
|
pub id: u64,
|
|
|
|
pub cert: NebulaCertificate,
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Serialize, Deserialize, Clone)]
|
|
|
|
pub struct KSConfig {
|
|
|
|
pub id: u64,
|
|
|
|
pub config: NebulaConfig,
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Serialize, Deserialize, Clone)]
|
|
|
|
pub struct KSSigningKey {
|
|
|
|
pub id: u64,
|
|
|
|
pub key: SigningKey,
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Serialize, Deserialize, Clone)]
|
|
|
|
pub struct KSClientKey {
|
|
|
|
pub id: u64,
|
|
|
|
pub dh_pub: PublicKey,
|
|
|
|
pub ed_pub: VerifyingKey,
|
|
|
|
}
|