ppaass-v3-protocol 0.1.1

The ppaass v3 protocol
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112

use crate::UnifiedAddress;
use bytes::Bytes;
use chrono::{DateTime, Utc};
use serde::{Deserialize, Serialize};
/// The encryption in Handshake message used to
/// switch the encryption key
#[derive(Debug, Serialize, Deserialize, Clone)]
pub enum Encryption {
    /// The data will send in plain
    Plain,
    /// The data will send with aes encryption
    Aes(#[serde(with = "crate::hex")] Bytes),
    /// The data will send with blowfish encryption
    Blowfish(#[serde(with = "crate::hex")] Bytes),
}

/// The handshake message between agent and proxy.
/// When the tcp connection created between agent and proxy,
/// the handshake will happen as the first message used to
/// communicate the authentication information and exchange
/// the encryption key.
///
/// The **encryption key** is encrypted with **RSA private key**
/// which assigned to each user. The other side should decrypt
/// the encryption key with **RSA public key** to raw key.
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct HandshakeRequest {
    /// The authentication information, usually it should be a JWT or
    /// a username, or even username&password with some kind of format
    pub authentication: String,
    /// The encryption used to carry the **encryption key**
    pub encryption: Encryption,
}

/// The handshake response, exchange the proxy side encryption
/// to agent
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct HandshakeResponse {
    /// The encryption used to carry the **encryption key**
    pub encryption: Encryption,
}

#[derive(Debug, Serialize, Deserialize, Clone)]
pub enum TunnelControlRequest {
    Heartbeat(HeartbeatRequest),
    TunnelInit(TunnelInitRequest),
}

#[derive(Debug, Serialize, Deserialize, Clone)]
pub enum TunnelControlResponse {
    Heartbeat(HeartbeatResponse),
    TunnelInit(TunnelInitResponse),
}

/// The tcp destination initialize message used to initialize the destination
#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct TunnelInitRequest {
    /// The destination that the destination is going to connect
    pub destination_address: UnifiedAddress,
    /// If the destination should keep alive
    pub keep_alive: bool,
}

/// The failure reason for destination init
#[derive(Debug, Serialize, Deserialize, Clone)]
pub enum TunnelInitFailureReason {
    /// Authenticate the user fail
    AuthenticateFail,
    /// Initialize destination with destination fail
    InitWithDestinationFail,
}

/// The tcp destination initialize message used to initialize the destination
#[derive(Debug, Serialize, Deserialize, Clone)]
pub enum TunnelInitResponse {
    Success,
    Failure(TunnelInitFailureReason),
}

#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct HeartbeatRequest {
    request_date_time: DateTime<Utc>,
}

impl HeartbeatRequest {
    pub fn new() -> Self {
        Self {
            request_date_time: Utc::now(),
        }
    }

    pub fn request_date_time(&self) -> &DateTime<Utc> {
        &self.request_date_time
    }
}

#[derive(Debug, Serialize, Deserialize, Clone)]
pub struct HeartbeatResponse {
    response_date_time: DateTime<Utc>,
}

impl HeartbeatResponse {
    pub fn new() -> Self {
        Self {
            response_date_time: Utc::now(),
        }
    }

    pub fn response_date_time(&self) -> &DateTime<Utc> {
        &self.response_date_time
    }
}