use crate::*;
use derive_more::*;
ghost_actor::ghost_chan! {
pub chan LairClientEvent<LairError> {
fn request_unlock_passphrase() -> String;
}
}
pub type LairClientEventSenderType =
futures::channel::mpsc::Sender<LairClientEvent>;
pub type LairClientEventReceiver =
futures::channel::mpsc::Receiver<LairClientEvent>;
#[non_exhaustive]
#[repr(u32)]
#[derive(Clone, Copy, Debug, PartialEq)]
pub enum TlsCertAlg {
PkcsEd25519 = 0x00000200,
PkcsEcdsaP256Sha256 = 0x00000201,
PkcsEcdsaP384Sha384 = 0x00000202,
}
impl Default for TlsCertAlg {
fn default() -> Self {
Self::PkcsEd25519
}
}
impl TlsCertAlg {
pub fn parse(d: u32) -> LairResult<Self> {
use TlsCertAlg::*;
Ok(match d {
x if x == PkcsEd25519 as u32 => PkcsEd25519,
x if x == PkcsEcdsaP256Sha256 as u32 => PkcsEcdsaP256Sha256,
x if x == PkcsEcdsaP384Sha384 as u32 => PkcsEcdsaP384Sha384,
_ => return Err("invalide tls cert alg".into()),
})
}
}
#[non_exhaustive]
pub struct TlsCertOptions {
pub alg: TlsCertAlg,
}
impl Default for TlsCertOptions {
fn default() -> Self {
Self {
alg: TlsCertAlg::PkcsEd25519,
}
}
}
#[derive(
Clone,
Copy,
Debug,
Display,
PartialEq,
Eq,
PartialOrd,
Ord,
Hash,
Deref,
From,
Into,
)]
pub struct KeystoreIndex(pub u32);
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
pub struct Cert(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for Cert {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
pub struct CertPrivKey(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for CertPrivKey {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
pub struct CertSni(pub Arc<String>);
impl From<String> for CertSni {
fn from(s: String) -> Self {
Self(Arc::new(s))
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
pub struct CertDigest(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for CertDigest {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
pub struct SignEd25519PubKey(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for SignEd25519PubKey {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
impl SignEd25519PubKey {
pub async fn verify(
&self,
message: Arc<Vec<u8>>,
signature: SignEd25519Signature,
) -> LairResult<bool> {
internal::sign_ed25519::sign_ed25519_verify(
self.clone(),
message,
signature,
)
.await
}
}
#[derive(
Clone, Debug, PartialEq, Eq, PartialOrd, Ord, Hash, Deref, From, Into,
)]
pub struct SignEd25519Signature(pub Arc<Vec<u8>>);
impl From<Vec<u8>> for SignEd25519Signature {
fn from(d: Vec<u8>) -> Self {
Self(Arc::new(d))
}
}
#[non_exhaustive]
#[repr(u32)]
#[derive(Clone, Copy, Debug, PartialEq)]
pub enum LairEntryType {
Invalid = 0x00000000,
TlsCert = 0x00000100,
SignEd25519 = 0x00000200,
}
impl Default for LairEntryType {
fn default() -> Self {
Self::Invalid
}
}
impl LairEntryType {
pub fn parse(d: u32) -> LairResult<Self> {
use LairEntryType::*;
Ok(match d {
x if x == Invalid as u32 => Invalid,
x if x == TlsCert as u32 => TlsCert,
x if x == SignEd25519 as u32 => SignEd25519,
_ => return Err("invalide lair entry type".into()),
})
}
}
#[non_exhaustive]
#[derive(Debug, Default, Clone, PartialEq)]
pub struct LairServerInfo {
pub name: String,
pub version: String,
}
ghost_actor::ghost_chan! {
pub chan LairClientApi<LairError> {
fn lair_get_server_info() -> LairServerInfo;
fn lair_get_last_entry_index() -> KeystoreIndex;
fn lair_get_entry_type(
keystore_index: KeystoreIndex,
) -> LairEntryType;
fn tls_cert_new_self_signed_from_entropy(
options: TlsCertOptions,
) -> (KeystoreIndex, CertSni, CertDigest);
fn tls_cert_get(
keystore_index: KeystoreIndex,
) -> (CertSni, CertDigest);
fn tls_cert_get_cert_by_index(
keystore_index: KeystoreIndex,
) -> Cert;
fn tls_cert_get_cert_by_digest(
cert_digest: CertDigest,
) -> Cert;
fn tls_cert_get_cert_by_sni(
cert_sni: CertSni,
) -> Cert;
fn tls_cert_get_priv_key_by_index(
keystore_index: KeystoreIndex,
) -> CertPrivKey;
fn tls_cert_get_priv_key_by_digest(
cert_digest: CertDigest,
) -> CertPrivKey;
fn tls_cert_get_priv_key_by_sni(
cert_sni: CertSni,
) -> CertPrivKey;
fn sign_ed25519_new_from_entropy(
) -> (KeystoreIndex, SignEd25519PubKey);
fn sign_ed25519_get(
keystore_index: KeystoreIndex,
) -> SignEd25519PubKey;
fn sign_ed25519_sign_by_index(
keystore_index: KeystoreIndex,
message: Arc<Vec<u8>>,
) -> SignEd25519Signature;
fn sign_ed25519_sign_by_pub_key(
pub_key: SignEd25519PubKey,
message: Arc<Vec<u8>>,
) -> SignEd25519Signature;
}
}
pub type LairClientSender = futures::channel::mpsc::Sender<LairClientApi>;