crypt-config 0.2.2

A crypt module that encrypt/decrypt json data based on the configuration. This might be used as a layer before saving data in Mongo DB or after fetching the data from the DB in order to decrypt them.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

extern crate serde;
extern crate serde_json;

use std::collections::HashMap;

use serde::{Deserialize, Serialize};

use crate::config::{Config, HasherConfig, HasherData};
use crate::error::{CryptError, CryptResult};

#[derive(Serialize, Deserialize)]
struct Cfg {
  algorithm: String,
  rounds:    u32,
  salt:      String
}

#[derive(Serialize, Deserialize)]
struct Hasher {
  configurations: HashMap<String, Cfg>
}

#[derive(Serialize, Deserialize)]
struct Hashers {
  hashers: HashMap<String, Hasher>
}

#[allow(dead_code)]
type HasherLoader = fn(&mut Config, &str) -> CryptResult<()>;

#[allow(dead_code)]
pub fn get_hasher_loader(version: &str) -> HasherLoader {
  if version.starts_with("1.0") {
    hasher_loader_1_0
  } else {
    hasher_loader_unknown
  }
}

#[allow(dead_code)]
fn hasher_loader_unknown(_config: &mut Config, _data: &str) -> CryptResult<()> {
  Err(CryptError::UnsupportedConfigVersion())
}

#[allow(dead_code)]
fn hasher_loader_1_0(config: &mut Config, data: &str) -> CryptResult<()> {
  let hashers: Hashers = serde_json::from_str(data)?;

  for (field, hasher) in hashers.hashers {
    if !config.is_hasher_exist(&field) {
      config.insert_hasher(field.clone(), Box::new(HasherData::new()));
    }

    for (version, cfg) in hasher.configurations {
      if config.is_hasher_version_exist(&field, &version) {
        return Err(CryptError::DuplicationHasherConfigVersion(version));
      }

      if cfg.rounds <= 0 {
        return Err(CryptError::BadIterationCount());
      }

      is_algorithm_supported(&cfg.algorithm)?;

      let salt = base64::decode(&cfg.salt)?;

      config.add_hasher_version(&field, &version, Box::new(HasherConfig::new(cfg.algorithm, cfg.rounds, salt)));
    }
  }

  Ok(())
}

fn is_algorithm_supported(algorithm: &str) -> CryptResult<()> {
  match algorithm {
    "bcrypt" => Ok(()),
    "pbkdf2" => Ok(()),
    _ => Err(CryptError::UnsupportedHasherAlgorithm(algorithm.to_string()))
  }
}

#[cfg(test)]
mod tests {
  use std::fs;
  use std::path::PathBuf;

  use crate::config::get_config_version;
  use crate::config::Config;

  use super::get_hasher_loader;

  fn get_test_data_path(fname: &str) -> PathBuf {
    let mut path = PathBuf::from(file!());
    path.pop();
    path.pop();
    path.pop();
    path.pop();
    path.push("test_data");
    path.push(fname);
    path
  }

  #[test]
  fn load_configuration() {
    let mut config = Config::new();

    let path = get_test_data_path("config.json");
    let content = fs::read_to_string(path).unwrap();

    let version = get_config_version(&content).unwrap();
    let hasher_loader = get_hasher_loader(&version);

    hasher_loader(&mut config, &content).unwrap();

    assert!(config.is_hasher_exist("email"));
    assert_eq!("2.0", config.get_hasher_latest_version("email"));
    assert!(config.is_hasher_version_exist("email", "1.0"));
    assert!(config.is_hasher_version_exist("email", "2.0"));
  }
}