diff options
author | Stuart Stock <stuart@int08h.com> | 2018-10-06 22:40:12 -0500 |
---|---|---|
committer | Stuart Stock <stuart@int08h.com> | 2018-10-07 15:48:23 -0500 |
commit | 0b924cc92418f9a210a6b78cef56e427dc9c9d1d (patch) | |
tree | a7bb33d3a344d973684e6f0de3e35f956de803db /src/config | |
parent | b43bcb27ad303afd56cfe1d767e95c10cf3d1cb2 (diff) | |
download | roughenough-0b924cc92418f9a210a6b78cef56e427dc9c9d1d.zip |
Land KMS support, yay!
AWS KMS for now, work-in-progress
Diffstat (limited to 'src/config')
-rw-r--r-- | src/config/environment.rs | 9 | ||||
-rw-r--r-- | src/config/file.rs | 7 | ||||
-rw-r--r-- | src/config/mod.rs | 17 |
3 files changed, 31 insertions, 2 deletions
diff --git a/src/config/environment.rs b/src/config/environment.rs index 5053517..8f91f0c 100644 --- a/src/config/environment.rs +++ b/src/config/environment.rs @@ -21,6 +21,7 @@ use std::time::Duration; use config::ServerConfig; use config::{DEFAULT_BATCH_SIZE, DEFAULT_STATUS_INTERVAL}; use Error; +use KeyProtection; /// /// Obtain a Roughenough server configuration ([ServerConfig](trait.ServerConfig.html)) @@ -33,6 +34,7 @@ use Error; /// seed | `ROUGHENOUGH_SEED` /// batch_size | `ROUGHENOUGH_BATCH_SIZE` /// status_interval | `ROUGHENOUGH_STATUS_INTERVAL` +/// key_protection | `ROUGHENOUGH_KEY_PROTECTION` /// pub struct EnvironmentConfig { port: u16, @@ -40,6 +42,7 @@ pub struct EnvironmentConfig { seed: Vec<u8>, batch_size: u8, status_interval: Duration, + key_protection: KeyProtection, } const ROUGHENOUGH_PORT: &str = "ROUGHENOUGH_PORT"; @@ -47,6 +50,7 @@ const ROUGHENOUGH_INTERFACE: &str = "ROUGHENOUGH_INTERFACE"; const ROUGHENOUGH_SEED: &str = "ROUGHENOUGH_SEED"; const ROUGHENOUGH_BATCH_SIZE: &str = "ROUGHENOUGH_BATCH_SIZE"; const ROUGHENOUGH_STATUS_INTERVAL: &str = "ROUGHENOUGH_STATUS_INTERVAL"; +const ROUGHENOUGH_KEY_PROTECTION: &str = "ROUGHENOUGH_KEY_PROTECTION"; impl EnvironmentConfig { pub fn new() -> Result<Self, Error> { @@ -56,6 +60,7 @@ impl EnvironmentConfig { seed: Vec::new(), batch_size: DEFAULT_BATCH_SIZE, status_interval: DEFAULT_STATUS_INTERVAL, + key_protection: KeyProtection::Plaintext, }; if let Ok(port) = env::var(ROUGHENOUGH_PORT) { @@ -123,4 +128,8 @@ impl ServerConfig for EnvironmentConfig { Err(_) => Err(Error::InvalidConfiguration(addr)), } } + + fn key_protection(&self) -> KeyProtection { + self.key_protection + } } diff --git a/src/config/file.rs b/src/config/file.rs index e93ee99..a3b8b92 100644 --- a/src/config/file.rs +++ b/src/config/file.rs @@ -23,6 +23,7 @@ use yaml_rust::YamlLoader; use config::ServerConfig; use config::{DEFAULT_BATCH_SIZE, DEFAULT_STATUS_INTERVAL}; use Error; +use KeyProtection; /// /// Read a Roughenough server configuration ([ServerConfig](trait.ServerConfig.html)) @@ -42,6 +43,7 @@ pub struct FileConfig { seed: Vec<u8>, batch_size: u8, status_interval: Duration, + key_protection: KeyProtection, } impl FileConfig { @@ -67,6 +69,7 @@ impl FileConfig { seed: Vec::new(), batch_size: DEFAULT_BATCH_SIZE, status_interval: DEFAULT_STATUS_INTERVAL, + key_protection: KeyProtection::Plaintext, }; for (key, value) in cfg[0].as_hash().unwrap() { @@ -124,4 +127,8 @@ impl ServerConfig for FileConfig { Err(_) => Err(Error::InvalidConfiguration(addr)), } } + + fn key_protection(&self) -> KeyProtection { + KeyProtection::Plaintext + } } diff --git a/src/config/mod.rs b/src/config/mod.rs index 983338c..ac903b3 100644 --- a/src/config/mod.rs +++ b/src/config/mod.rs @@ -35,7 +35,9 @@ mod environment; pub use self::environment::EnvironmentConfig; +use key; use Error; +use KeyProtection; /// Maximum number of requests to process in one batch and include the the Merkle tree. pub const DEFAULT_BATCH_SIZE: u8 = 64; @@ -85,6 +87,9 @@ pub trait ServerConfig { /// Convenience function to create a `SocketAddr` from the provided `interface` and `port` fn socket_addr(&self) -> Result<SocketAddr, Error>; + + /// Method used to protect the long-term key pair. + fn key_protection(&self) -> KeyProtection; } /// @@ -127,14 +132,22 @@ pub fn is_valid_config(cfg: &Box<ServerConfig>) -> bool { is_valid = false; } if cfg.batch_size() < 1 || cfg.batch_size() > 64 { - error!("batch_size {} is invalid; valid range 1-64", cfg.batch_size()); + error!( + "batch_size {} is invalid; valid range 1-64", + cfg.batch_size() + ); is_valid = false; } if is_valid { match cfg.socket_addr() { Err(e) => { - error!("failed to create socket {}:{} {:?}", cfg.interface(), cfg.port(), e); + error!( + "failed to create socket {}:{} {:?}", + cfg.interface(), + cfg.port(), + e + ); is_valid = false; } _ => (), |