redact-client 1.5.9

Receives request for private data and decrypts it to display securely in browser
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

use crate::{
    error::ClientError,
    render::{HandlebarsRenderer, RenderError},
};
use redact_config::Configurator;
use redact_crypto::{
    Algorithm, Builder, CryptoError, Entry, HasBuilder, State, StorableType, TypeBuilderContainer,
};
use std::{collections::HashMap, convert::TryInto};

pub fn setup_html_render_engine<'reg>() -> Result<HandlebarsRenderer<'reg>, RenderError> {
    let mut template_mapping = HashMap::new();
    template_mapping.insert("unsecure", "./static/unsecure.handlebars");
    template_mapping.insert("secure", "./static/secure.handlebars");
    HandlebarsRenderer::new(template_mapping)
}

pub async fn setup_entry<Z: StorableType, T: Configurator>(
    config: &T,
    config_path: &str,
) -> Result<Entry<Z>, ClientError> {
    let mut entry = config
        .get::<Entry<Z>>(config_path)
        .map_err(|e| ClientError::ConfigError { source: e })?;
    match entry.resolve().await {
        Ok(_) => Ok(entry),
        Err(e) => match e {
            CryptoError::NotFound { .. } => match entry.value {
                State::Referenced { .. } => Err(ClientError::CryptoError { source: e }),
                State::Unsealed { ref mut bytes } => {
                    let sakb: <Z as HasBuilder>::Builder = TypeBuilderContainer(entry.builder)
                        .try_into()
                        .map_err(|e| ClientError::CryptoError { source: e })?;
                    let sak = sakb
                        .build(None)
                        .map_err(|e| ClientError::CryptoError { source: e })?;
                    bytes
                        .set(
                            sak.byte_source()
                                .get()
                                .map_err(|e| ClientError::SourceError { source: e })?,
                        )
                        .map_err(|e| ClientError::SourceError { source: e })?;
                    Ok(entry)
                }
                State::Sealed {
                    ref mut ciphertext,
                    ref algorithm,
                } => {
                    let sakb: <Z as HasBuilder>::Builder = TypeBuilderContainer(entry.builder)
                        .try_into()
                        .map_err(|e| ClientError::CryptoError { source: e })?;
                    let sak = sakb
                        .build(None)
                        .map_err(|e| ClientError::CryptoError { source: e })?;
                    let sak_ciphertext = algorithm
                        .seal(&sak.byte_source())
                        .await
                        .map_err(|e| ClientError::CryptoError { source: e })?;
                    ciphertext
                        .set(
                            sak_ciphertext
                                .get()
                                .map_err(|e| ClientError::SourceError { source: e })?,
                        )
                        .map_err(|e| ClientError::SourceError { source: e })?;
                    Ok(entry)
                }
            },
            _ => Err(ClientError::CryptoError { source: e }),
        },
    }
}