dat 1.1.0

DAT - Data Access Token
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102

use crate::dat::DatPayload;
use crate::dat_key::{DatKey, Kid};
use crate::error::DatError;
use crate::util::{get_dat_dot_indices, now_unix_timestamp, to_kid};
use itertools::Itertools;
use std::sync::RwLock;
use crate::signature_key::SignatureKeyOutOption;

pub struct DatBank<T: Kid> {
    padding_keys: RwLock<Vec<DatKey<T>>>,
    issue_key: RwLock<Option<DatKey<T>>>,
    verify_keys: RwLock<Vec<DatKey<T>>>,
}

impl <T: Kid> DatBank<T> {
    pub fn new() -> Self {
        DatBank {
            padding_keys: RwLock::new(vec![]),
            issue_key: RwLock::new(None),
            verify_keys: RwLock::new(vec![]),
        }
    }

    pub fn to_dat(&self, plain: &str, secure: &str) -> Result<String, DatError> {
        if let Some(key) = self.issue_key.read().unwrap().as_ref() {
            key.to_dat(plain, secure)
        } else {
            Err(DatError::NoAvailableKey)
        }
    }

    pub fn to_payload_verify(&self, dat: &str) -> Result<DatPayload, DatError> {
        let di = get_dat_dot_indices(&dat)?;
        let kid = to_kid::<T>(&dat[di[0] + 1 .. di[1]])?;
        if let Some(key) = self.verify_keys.read().unwrap().iter().find(|e| e.kid == kid) {
            key.to_payload_with_indices(dat, di)
        } else {
            Err(DatError::InvalidBase64Format)
        }
    }

    pub fn to_payload_without_verify(&self, dat: &str) -> Result<DatPayload, DatError> {
        let di = get_dat_dot_indices(&dat)?;
        let kid = to_kid::<T>(&dat[di[0] + 1 .. di[1]])?;
        if let Some(key) = self.verify_keys.read().unwrap().iter().find(|e| e.kid == kid) {
            let plain_base64 = &dat[di[1] + 1 .. di[2]];
            let secure_base64 = &dat[di[2] + 1 .. di[3]];
            key.decode_payload_base64(plain_base64, secure_base64)
        } else {
            Err(DatError::InvalidBase64Format)
        }
    }

    pub fn export_kids(&self) -> Vec<T> {
        self.verify_keys.read().unwrap().iter().map(|key| key.kid.clone()).collect()
    }

    pub fn export_keys_format(&self, signature_key_out_option: SignatureKeyOutOption) -> String {
        self.padding_keys.read().unwrap().iter().map(|key| key.format(signature_key_out_option).unwrap()).join("\n")
    }

    pub fn export_keys(&self) -> Vec<DatKey<T>> {
        self.padding_keys.read().unwrap().iter().cloned().collect()
    }

    pub fn import_keys_format(&self, format: String, clear: bool) -> Result<(), DatError> {
        let new_keys = format.lines()
            .filter(|e| !e.is_empty())
            .map(|e| e.parse::<DatKey<T>>())
            .collect::<Result<Vec<DatKey<T>>, DatError>>()?;
        self.import_keys(new_keys, clear)
    }

    pub fn import_keys(&self, new_keys: Vec<DatKey<T>>, clear: bool) -> Result<(), DatError> {
        let now = now_unix_timestamp();
        let mut keys = if clear { vec![] } else { self.padding_keys.read().unwrap().clone() };

        for key in new_keys {
            if !keys.contains(&key) {
                keys.push(key);
            }
        }

        let keys = keys.into_iter()
            .filter(|key| key.key_expire() >= now)
            .sorted_by(|a, b| a.issue_begin.cmp(&b.issue_begin))
            .collect::<Vec<DatKey<T>>>();

        let issue_key_set: Option<DatKey<T>> = keys.iter()
            .rev()
            .find(|e| e.issue_begin() < now)
            .map(|e| e.clone());

        let verify_key_set_list: Vec<DatKey<T>> = keys.clone();

        *self.padding_keys.write().unwrap() = keys;
        *self.issue_key.write().unwrap() = issue_key_set;
        *self.verify_keys.write().unwrap() = verify_key_set_list;

        Ok(())
    }
}