Land KMS support, yay!

AWS KMS for now, work-in-progress
author: Stuart Stock <stuart@int08h.com> 2018-10-06 22:40:12 -0500
committer: Stuart Stock <stuart@int08h.com> 2018-10-07 15:48:23 -0500
commit: 0b924cc92418f9a210a6b78cef56e427dc9c9d1d (patch)
tree: a7bb33d3a344d973684e6f0de3e35f956de803db /src/config
parent: b43bcb27ad303afd56cfe1d767e95c10cf3d1cb2 (diff)
download: roughenough-0b924cc92418f9a210a6b78cef56e427dc9c9d1d.zip
3 files changed, 31 insertions, 2 deletions
diff --git a/src/config/environment.rs b/src/config/environment.rs
index 5053517..8f91f0c 100644
--- a/src/config/environment.rs
+++ b/src/config/environment.rs
@@ -21,6 +21,7 @@ use std::time::Duration;
 use config::ServerConfig;
 use config::{DEFAULT_BATCH_SIZE, DEFAULT_STATUS_INTERVAL};
 use Error;
+use KeyProtection;
 
 ///
 /// Obtain a Roughenough server configuration ([ServerConfig](trait.ServerConfig.html))
@@ -33,6 +34,7 @@ use Error;
 ///   seed             | `ROUGHENOUGH_SEED`
 ///   batch_size       | `ROUGHENOUGH_BATCH_SIZE`
 ///   status_interval  | `ROUGHENOUGH_STATUS_INTERVAL`
+///   key_protection   | `ROUGHENOUGH_KEY_PROTECTION`
 ///
 pub struct EnvironmentConfig {
     port: u16,
@@ -40,6 +42,7 @@ pub struct EnvironmentConfig {
     seed: Vec<u8>,
     batch_size: u8,
     status_interval: Duration,
+    key_protection: KeyProtection,
 }
 
 const ROUGHENOUGH_PORT: &str = "ROUGHENOUGH_PORT";
@@ -47,6 +50,7 @@ const ROUGHENOUGH_INTERFACE: &str = "ROUGHENOUGH_INTERFACE";
 const ROUGHENOUGH_SEED: &str = "ROUGHENOUGH_SEED";
 const ROUGHENOUGH_BATCH_SIZE: &str = "ROUGHENOUGH_BATCH_SIZE";
 const ROUGHENOUGH_STATUS_INTERVAL: &str = "ROUGHENOUGH_STATUS_INTERVAL";
+const ROUGHENOUGH_KEY_PROTECTION: &str = "ROUGHENOUGH_KEY_PROTECTION";
 
 impl EnvironmentConfig {
     pub fn new() -> Result<Self, Error> {
@@ -56,6 +60,7 @@ impl EnvironmentConfig {
             seed: Vec::new(),
             batch_size: DEFAULT_BATCH_SIZE,
             status_interval: DEFAULT_STATUS_INTERVAL,
+            key_protection: KeyProtection::Plaintext,
         };
 
         if let Ok(port) = env::var(ROUGHENOUGH_PORT) {
@@ -123,4 +128,8 @@ impl ServerConfig for EnvironmentConfig {
             Err(_) => Err(Error::InvalidConfiguration(addr)),
         }
     }
+
+    fn key_protection(&self) -> KeyProtection {
+        self.key_protection
+    }
 }
diff --git a/src/config/file.rs b/src/config/file.rs
index e93ee99..a3b8b92 100644
--- a/src/config/file.rs
+++ b/src/config/file.rs
@@ -23,6 +23,7 @@ use yaml_rust::YamlLoader;
 use config::ServerConfig;
 use config::{DEFAULT_BATCH_SIZE, DEFAULT_STATUS_INTERVAL};
 use Error;
+use KeyProtection;
 
 ///
 /// Read a Roughenough server configuration ([ServerConfig](trait.ServerConfig.html))
@@ -42,6 +43,7 @@ pub struct FileConfig {
     seed: Vec<u8>,
     batch_size: u8,
     status_interval: Duration,
+    key_protection: KeyProtection,
 }
 
 impl FileConfig {
@@ -67,6 +69,7 @@ impl FileConfig {
             seed: Vec::new(),
             batch_size: DEFAULT_BATCH_SIZE,
             status_interval: DEFAULT_STATUS_INTERVAL,
+            key_protection: KeyProtection::Plaintext,
         };
 
         for (key, value) in cfg[0].as_hash().unwrap() {
@@ -124,4 +127,8 @@ impl ServerConfig for FileConfig {
             Err(_) => Err(Error::InvalidConfiguration(addr)),
         }
     }
+
+    fn key_protection(&self) -> KeyProtection {
+        KeyProtection::Plaintext
+    }
 }
diff --git a/src/config/mod.rs b/src/config/mod.rs
index 983338c..ac903b3 100644
--- a/src/config/mod.rs
+++ b/src/config/mod.rs
@@ -35,7 +35,9 @@ mod environment;
 
 pub use self::environment::EnvironmentConfig;
 
+use key;
 use Error;
+use KeyProtection;
 
 /// Maximum number of requests to process in one batch and include the the Merkle tree.
 pub const DEFAULT_BATCH_SIZE: u8 = 64;
@@ -85,6 +87,9 @@ pub trait ServerConfig {
 
     /// Convenience function to create a `SocketAddr` from the provided `interface` and `port`
     fn socket_addr(&self) -> Result<SocketAddr, Error>;
+
+    /// Method used to protect the long-term key pair.
+    fn key_protection(&self) -> KeyProtection;
 }
 
 ///
@@ -127,14 +132,22 @@ pub fn is_valid_config(cfg: &Box<ServerConfig>) -> bool {
         is_valid = false;
     }
     if cfg.batch_size() < 1 || cfg.batch_size() > 64 {
-        error!("batch_size {} is invalid; valid range 1-64", cfg.batch_size());
+        error!(
+            "batch_size {} is invalid; valid range 1-64",
+            cfg.batch_size()
+        );
         is_valid = false;
     }
 
     if is_valid {
         match cfg.socket_addr() {
             Err(e) => {
-                error!("failed to create socket {}:{} {:?}", cfg.interface(), cfg.port(), e);
+                error!(
+                    "failed to create socket {}:{} {:?}",
+                    cfg.interface(),
+                    cfg.port(),
+                    e
+                );
                 is_valid = false;
             }
             _ => (),
author	Stuart Stock <stuart@int08h.com>	2018-10-06 22:40:12 -0500
committer	Stuart Stock <stuart@int08h.com>	2018-10-07 15:48:23 -0500
commit	0b924cc92418f9a210a6b78cef56e427dc9c9d1d (patch)
tree	a7bb33d3a344d973684e6f0de3e35f956de803db /src/config
parent	b43bcb27ad303afd56cfe1d767e95c10cf3d1cb2 (diff)
download	roughenough-0b924cc92418f9a210a6b78cef56e427dc9c9d1d.zip