use crate::*;
use derive_more::*;
use internal::crypto_box;
use internal::sign_ed25519;
use internal::x25519;
ghost_actor::ghost_chan! {
pub chan LairClientEvent<LairError> {
fn request_unlock_passphrase() -> String;
}
}
pub type LairClientEventSenderType =
futures::channel::mpsc::Sender<LairClientEvent>;
pub type LairClientEventReceiver =
futures::channel::mpsc::Receiver<LairClientEvent>;
#[non_exhaustive]
#[repr(u32)]
#[derive(Clone, Copy, Debug, PartialEq)]
pub enum TlsCertAlg {
PkcsEd25519 = 0x00000200,
PkcsEcdsaP256Sha256 = 0x00000201,
PkcsEcdsaP384Sha384 = 0x00000202,
}
impl Default for TlsCertAlg {
fn default() -> Self {
Self::PkcsEd25519
}
}
impl TlsCertAlg {
pub fn parse(d: u32) -> LairResult<Self> {
use TlsCertAlg::*;
Ok(match d {
x if x == PkcsEd25519 as u32 => PkcsEd25519,
x if x == PkcsEcdsaP256Sha256 as u32 => PkcsEcdsaP256Sha256,
x if x == PkcsEcdsaP384Sha384 as u32 => PkcsEcdsaP384Sha384,
_ => return Err("invalid tls cert alg".into()),
})
}
}
#[non_exhaustive]
pub struct TlsCertOptions {
pub alg: TlsCertAlg,
}
impl Default for TlsCertOptions {
fn default() -> Self {
Self {
alg: TlsCertAlg::PkcsEd25519,
}
}
}
#[derive(
Clone,
Copy,
Debug,
Display,
PartialEq,
Eq,
PartialOrd,
Ord,
Hash,
Deref,
From,
Into,
)]
pub struct KeystoreIndex(pub u32);
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
#[allow(clippy::rc_buffer)]
pub struct Cert(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for Cert {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
#[allow(clippy::rc_buffer)]
pub struct CertPrivKey(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for CertPrivKey {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
#[allow(clippy::rc_buffer)]
pub struct CertSni(pub Arc<String>);
impl From<String> for CertSni {
fn from(s: String) -> Self {
Self(Arc::new(s))
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
#[allow(clippy::rc_buffer)]
pub struct CertDigest(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for CertDigest {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
#[non_exhaustive]
#[repr(u32)]
#[derive(Clone, Copy, Debug, PartialEq)]
pub enum LairEntryType {
Invalid = 0x00000000,
TlsCert = 0x00000100,
SignEd25519 = 0x00000200,
X25519 = 0x00000300,
}
impl Default for LairEntryType {
fn default() -> Self {
Self::Invalid
}
}
impl LairEntryType {
pub fn parse(d: u32) -> LairResult<Self> {
use LairEntryType::*;
Ok(match d {
x if x == Invalid as u32 => Invalid,
x if x == TlsCert as u32 => TlsCert,
x if x == SignEd25519 as u32 => SignEd25519,
x if x == X25519 as u32 => X25519,
_ => return Err("invalide lair entry type".into()),
})
}
}
#[non_exhaustive]
#[derive(Debug, Default, Clone, PartialEq)]
pub struct LairServerInfo {
pub name: String,
pub version: String,
}
ghost_actor::ghost_chan! {
pub chan LairClientApi<LairError> {
fn lair_get_server_info() -> LairServerInfo;
fn lair_get_last_entry_index() -> KeystoreIndex;
fn lair_get_entry_type(
keystore_index: KeystoreIndex,
) -> LairEntryType;
fn tls_cert_new_self_signed_from_entropy(
options: TlsCertOptions,
) -> (KeystoreIndex, CertSni, CertDigest);
fn tls_cert_get(
keystore_index: KeystoreIndex,
) -> (CertSni, CertDigest);
fn tls_cert_get_cert_by_index(
keystore_index: KeystoreIndex,
) -> Cert;
fn tls_cert_get_cert_by_digest(
cert_digest: CertDigest,
) -> Cert;
fn tls_cert_get_cert_by_sni(
cert_sni: CertSni,
) -> Cert;
fn tls_cert_get_priv_key_by_index(
keystore_index: KeystoreIndex,
) -> CertPrivKey;
fn tls_cert_get_priv_key_by_digest(
cert_digest: CertDigest,
) -> CertPrivKey;
fn tls_cert_get_priv_key_by_sni(
cert_sni: CertSni,
) -> CertPrivKey;
fn sign_ed25519_new_from_entropy(
) -> (KeystoreIndex, sign_ed25519::SignEd25519PubKey);
fn sign_ed25519_get(
keystore_index: KeystoreIndex,
) -> sign_ed25519::SignEd25519PubKey;
fn sign_ed25519_sign_by_index(
keystore_index: KeystoreIndex,
message: Arc<Vec<u8>>,
) -> sign_ed25519::SignEd25519Signature;
fn sign_ed25519_sign_by_pub_key(
pub_key: sign_ed25519::SignEd25519PubKey,
message: Arc<Vec<u8>>,
) -> sign_ed25519::SignEd25519Signature;
fn x25519_new_from_entropy() -> (KeystoreIndex, x25519::X25519PubKey);
fn x25519_get(
keystore_index: KeystoreIndex,
) -> x25519::X25519PubKey;
fn crypto_box_by_index(
keystore_index: KeystoreIndex,
recipient: x25519::X25519PubKey,
data: Arc<crypto_box::CryptoBoxData>,
) -> crypto_box::CryptoBoxEncryptedData;
fn crypto_box_by_pub_key(
pub_key: x25519::X25519PubKey,
recipient: x25519::X25519PubKey,
data: Arc<crypto_box::CryptoBoxData>,
) -> crypto_box::CryptoBoxEncryptedData;
fn crypto_box_open_by_index(
keystore_index: KeystoreIndex,
sender: x25519::X25519PubKey,
encrypted_data: Arc<crypto_box::CryptoBoxEncryptedData>,
) -> Option<crypto_box::CryptoBoxData>;
fn crypto_box_open_by_pub_key(
pub_key: x25519::X25519PubKey,
sender: x25519::X25519PubKey,
encrypted_data: Arc<crypto_box::CryptoBoxEncryptedData>
) -> Option<crypto_box::CryptoBoxData>;
}
}
pub type LairClientSender = futures::channel::mpsc::Sender<LairClientApi>;