use crate::crypto::hybrid::{MLADecryptionPrivateKey, MLAEncryptionPublicKey};
use crate::crypto::mlakey::{MLASignatureVerificationPublicKey, MLASigningPrivateKey};
use crate::errors::ConfigError;
use crate::layers::compress::CompressionConfig;
use crate::layers::encrypt::{EncryptionConfig, EncryptionReaderConfig};
use crate::layers::signature::{SignatureConfig, SignatureReaderConfig};
pub use crate::layers::compress::DEFAULT_COMPRESSION_LEVEL;
pub struct ArchiveWriterConfig {
pub(crate) compression_config: Option<CompressionConfig>,
pub(crate) encryption_config: Option<EncryptionConfig>,
pub(crate) signature_config: Option<SignatureConfig>,
}
impl ArchiveWriterConfig {
pub fn with_encryption_with_signature(
encryption_public_keys: &[MLAEncryptionPublicKey],
signing_private_keys: &[MLASigningPrivateKey],
) -> Result<Self, ConfigError> {
Ok(ArchiveWriterConfig {
compression_config: Some(CompressionConfig::default()),
encryption_config: Some(EncryptionConfig::new(encryption_public_keys)?),
signature_config: Some(SignatureConfig::new(signing_private_keys)?),
})
}
pub fn with_encryption_without_signature(
encryption_public_keys: &[MLAEncryptionPublicKey],
) -> Result<Self, ConfigError> {
Ok(ArchiveWriterConfig {
compression_config: Some(CompressionConfig::default()),
encryption_config: Some(EncryptionConfig::new(encryption_public_keys)?),
signature_config: None,
})
}
pub fn without_encryption_with_signature(
signing_private_keys: &[MLASigningPrivateKey],
) -> Result<Self, ConfigError> {
Ok(ArchiveWriterConfig {
compression_config: Some(CompressionConfig::default()),
encryption_config: None,
signature_config: Some(SignatureConfig::new(signing_private_keys)?),
})
}
pub fn without_encryption_without_signature() -> Result<Self, ConfigError> {
Ok(ArchiveWriterConfig {
compression_config: Some(CompressionConfig::default()),
encryption_config: None,
signature_config: None,
})
}
pub fn with_compression_level(self, compression_level: u32) -> Result<Self, ConfigError> {
let ArchiveWriterConfig {
compression_config,
encryption_config,
signature_config,
} = self;
let mut compression_config = compression_config.unwrap_or_default();
compression_config.set_compression_level(compression_level)?;
Ok(ArchiveWriterConfig {
compression_config: Some(compression_config),
encryption_config,
signature_config,
})
}
pub fn without_compression(mut self) -> ArchiveWriterConfig {
self.compression_config = None;
self
}
}
pub struct ArchiveReaderConfig {
pub(crate) accept_unencrypted: bool,
pub(crate) encrypt: EncryptionReaderConfig,
pub(crate) signature_reader_config: SignatureReaderConfig,
}
impl ArchiveReaderConfig {
pub fn with_signature_verification(
signature_verification_public_keys: &[MLASignatureVerificationPublicKey],
) -> IncompleteArchiveReaderConfig {
let mut signature_reader_config = SignatureReaderConfig::default();
signature_reader_config.set_public_keys(signature_verification_public_keys);
IncompleteArchiveReaderConfig {
signature_reader_config,
}
}
pub fn without_signature_verification() -> IncompleteArchiveReaderConfig {
let mut signature_reader_config = SignatureReaderConfig::default();
signature_reader_config.signature_check = false;
IncompleteArchiveReaderConfig {
signature_reader_config,
}
}
}
pub struct IncompleteArchiveReaderConfig {
signature_reader_config: SignatureReaderConfig,
}
impl IncompleteArchiveReaderConfig {
pub fn with_encryption(
self,
decryption_private_keys: &[MLADecryptionPrivateKey],
) -> ArchiveReaderConfig {
let mut encrypt = EncryptionReaderConfig::default();
encrypt.set_private_keys(decryption_private_keys);
ArchiveReaderConfig {
accept_unencrypted: false,
encrypt,
signature_reader_config: self.signature_reader_config,
}
}
pub fn with_encryption_accept_unencrypted(
self,
decryption_private_keys: &[MLADecryptionPrivateKey],
) -> ArchiveReaderConfig {
let mut encrypt = EncryptionReaderConfig::default();
encrypt.set_private_keys(decryption_private_keys);
ArchiveReaderConfig {
accept_unencrypted: false,
encrypt,
signature_reader_config: self.signature_reader_config,
}
}
pub fn without_encryption(self) -> ArchiveReaderConfig {
let encrypt = EncryptionReaderConfig::default();
ArchiveReaderConfig {
accept_unencrypted: true,
encrypt,
signature_reader_config: self.signature_reader_config,
}
}
}
#[derive(Default, Clone, Copy, Eq, PartialEq, Debug)]
pub enum TruncatedReaderDecryptionMode {
#[default]
OnlyAuthenticatedData,
DataEvenUnauthenticated,
}
pub struct TruncatedReaderConfig {
pub(crate) accept_unencrypted: bool,
pub(crate) encrypt: EncryptionReaderConfig,
pub(crate) truncated_decryption_mode: TruncatedReaderDecryptionMode,
}
impl TruncatedReaderConfig {
pub fn without_signature_verification_with_encryption(
decryption_private_keys: &[MLADecryptionPrivateKey],
failsafe_mode: TruncatedReaderDecryptionMode,
) -> TruncatedReaderConfig {
let mut encrypt = EncryptionReaderConfig::default();
encrypt.set_private_keys(decryption_private_keys);
TruncatedReaderConfig {
accept_unencrypted: false,
encrypt,
truncated_decryption_mode: failsafe_mode,
}
}
pub fn without_signature_verification_with_encryption_accept_unencrypted(
decryption_private_keys: &[MLADecryptionPrivateKey],
failsafe_mode: TruncatedReaderDecryptionMode,
) -> TruncatedReaderConfig {
let mut encrypt = EncryptionReaderConfig::default();
encrypt.set_private_keys(decryption_private_keys);
TruncatedReaderConfig {
accept_unencrypted: false,
encrypt,
truncated_decryption_mode: failsafe_mode,
}
}
pub fn without_signature_verification_without_encryption() -> TruncatedReaderConfig {
let encrypt = EncryptionReaderConfig::default();
TruncatedReaderConfig {
accept_unencrypted: true,
encrypt,
truncated_decryption_mode: Default::default(),
}
}
}