reduce dependence on protected store and move keys to encrypted table store

This commit is contained in:
John Smith 2023-05-25 18:28:03 +01:00
parent 4994f54039
commit a01e593480
38 changed files with 235 additions and 400 deletions

View File

@ -38,7 +38,7 @@ fn map_to_internal_error<T: ToString>(e: T) -> VeilidAPIError {
fn decode_api_result<T: DeserializeOwned + fmt::Debug>( fn decode_api_result<T: DeserializeOwned + fmt::Debug>(
reader: &api_result::Reader, reader: &api_result::Reader,
) -> Result<T, VeilidAPIError> { ) -> VeilidAPIResult<T> {
match reader.which().map_err(map_to_internal_error)? { match reader.which().map_err(map_to_internal_error)? {
api_result::Which::Ok(v) => { api_result::Which::Ok(v) => {
let ok_val = v.map_err(map_to_internal_error)?; let ok_val = v.map_err(map_to_internal_error)?;
@ -355,7 +355,7 @@ impl ClientApiConnection {
.map_err(map_to_string)? .map_err(map_to_string)?
.get_result() .get_result()
.map_err(map_to_string)?; .map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader); let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string) res.map_err(map_to_string)
} }
@ -379,7 +379,7 @@ impl ClientApiConnection {
.map_err(map_to_string)? .map_err(map_to_string)?
.get_result() .get_result()
.map_err(map_to_string)?; .map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader); let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string) res.map_err(map_to_string)
} }
@ -422,7 +422,7 @@ impl ClientApiConnection {
.map_err(map_to_string)? .map_err(map_to_string)?
.get_result() .get_result()
.map_err(map_to_string)?; .map_err(map_to_string)?;
let res: Result<String, VeilidAPIError> = decode_api_result(&reader); let res: VeilidAPIResult<String> = decode_api_result(&reader);
res.map_err(map_to_string) res.map_err(map_to_string)
} }
@ -453,7 +453,7 @@ impl ClientApiConnection {
.map_err(map_to_string)? .map_err(map_to_string)?
.get_result() .get_result()
.map_err(map_to_string)?; .map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader); let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string) res.map_err(map_to_string)
} }
@ -483,7 +483,7 @@ impl ClientApiConnection {
.map_err(map_to_string)? .map_err(map_to_string)?
.get_result() .get_result()
.map_err(map_to_string)?; .map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader); let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string) res.map_err(map_to_string)
} }

View File

@ -206,7 +206,7 @@ impl VeilidCoreContext {
async fn new_with_config_callback( async fn new_with_config_callback(
update_callback: UpdateCallback, update_callback: UpdateCallback,
config_callback: ConfigCallback, config_callback: ConfigCallback,
) -> Result<VeilidCoreContext, VeilidAPIError> { ) -> VeilidAPIResult<VeilidCoreContext> {
// Set up config from callback // Set up config from callback
trace!("setup config with callback"); trace!("setup config with callback");
let mut config = VeilidConfig::new(); let mut config = VeilidConfig::new();
@ -219,7 +219,7 @@ impl VeilidCoreContext {
async fn new_with_config_json( async fn new_with_config_json(
update_callback: UpdateCallback, update_callback: UpdateCallback,
config_json: String, config_json: String,
) -> Result<VeilidCoreContext, VeilidAPIError> { ) -> VeilidAPIResult<VeilidCoreContext> {
// Set up config from callback // Set up config from callback
trace!("setup config with json"); trace!("setup config with json");
let mut config = VeilidConfig::new(); let mut config = VeilidConfig::new();
@ -231,7 +231,7 @@ impl VeilidCoreContext {
async fn new_common( async fn new_common(
update_callback: UpdateCallback, update_callback: UpdateCallback,
config: VeilidConfig, config: VeilidConfig,
) -> Result<VeilidCoreContext, VeilidAPIError> { ) -> VeilidAPIResult<VeilidCoreContext> {
cfg_if! { cfg_if! {
if #[cfg(target_os = "android")] { if #[cfg(target_os = "android")] {
if !crate::intf::android::is_android_ready() { if !crate::intf::android::is_android_ready() {
@ -281,7 +281,7 @@ lazy_static::lazy_static! {
pub async fn api_startup( pub async fn api_startup(
update_callback: UpdateCallback, update_callback: UpdateCallback,
config_callback: ConfigCallback, config_callback: ConfigCallback,
) -> Result<VeilidAPI, VeilidAPIError> { ) -> VeilidAPIResult<VeilidAPI> {
// See if we have an API started up already // See if we have an API started up already
let mut initialized_lock = INITIALIZED.lock().await; let mut initialized_lock = INITIALIZED.lock().await;
if *initialized_lock { if *initialized_lock {
@ -304,7 +304,7 @@ pub async fn api_startup(
pub async fn api_startup_json( pub async fn api_startup_json(
update_callback: UpdateCallback, update_callback: UpdateCallback,
config_json: String, config_json: String,
) -> Result<VeilidAPI, VeilidAPIError> { ) -> VeilidAPIResult<VeilidAPI> {
// See if we have an API started up already // See if we have an API started up already
let mut initialized_lock = INITIALIZED.lock().await; let mut initialized_lock = INITIALIZED.lock().await;
if *initialized_lock { if *initialized_lock {

View File

@ -66,11 +66,11 @@ where
{ {
fn encode(&self) -> String; fn encode(&self) -> String;
fn encoded_len() -> usize; fn encoded_len() -> usize;
fn try_decode<S: AsRef<str>>(input: S) -> Result<Self, VeilidAPIError> { fn try_decode<S: AsRef<str>>(input: S) -> VeilidAPIResult<Self> {
let b = input.as_ref().as_bytes(); let b = input.as_ref().as_bytes();
Self::try_decode_bytes(b) Self::try_decode_bytes(b)
} }
fn try_decode_bytes(b: &[u8]) -> Result<Self, VeilidAPIError>; fn try_decode_bytes(b: &[u8]) -> VeilidAPIResult<Self>;
} }
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
@ -180,7 +180,7 @@ macro_rules! byte_array_type {
fn encoded_len() -> usize { fn encoded_len() -> usize {
$encoded_size $encoded_size
} }
fn try_decode_bytes(b: &[u8]) -> Result<Self, VeilidAPIError> { fn try_decode_bytes(b: &[u8]) -> VeilidAPIResult<Self> {
let mut bytes = [0u8; $size]; let mut bytes = [0u8; $size];
let res = BASE64URL_NOPAD.decode_len(b.len()); let res = BASE64URL_NOPAD.decode_len(b.len());
match res { match res {

View File

@ -6,36 +6,20 @@ pub trait CryptoSystem {
fn crypto(&self) -> Crypto; fn crypto(&self) -> Crypto;
// Cached Operations // Cached Operations
fn cached_dh( fn cached_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret>;
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError>;
// Generation // Generation
fn random_bytes(&self, len: u32) -> Vec<u8>; fn random_bytes(&self, len: u32) -> Vec<u8>;
fn default_salt_length(&self) -> u32; fn default_salt_length(&self) -> u32;
fn hash_password(&self, password: &[u8], salt: &[u8]) -> Result<String, VeilidAPIError>; fn hash_password(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<String>;
fn verify_password(&self, password: &[u8], password_hash: &str) fn verify_password(&self, password: &[u8], password_hash: &str) -> VeilidAPIResult<bool>;
-> Result<bool, VeilidAPIError>; fn derive_shared_secret(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<SharedSecret>;
fn derive_shared_secret(
&self,
password: &[u8],
salt: &[u8],
) -> Result<SharedSecret, VeilidAPIError>;
fn random_nonce(&self) -> Nonce; fn random_nonce(&self) -> Nonce;
fn random_shared_secret(&self) -> SharedSecret; fn random_shared_secret(&self) -> SharedSecret;
fn compute_dh( fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret>;
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError>;
fn generate_keypair(&self) -> KeyPair; fn generate_keypair(&self) -> KeyPair;
fn generate_hash(&self, data: &[u8]) -> HashDigest; fn generate_hash(&self, data: &[u8]) -> HashDigest;
fn generate_hash_reader( fn generate_hash_reader(&self, reader: &mut dyn std::io::Read) -> VeilidAPIResult<HashDigest>;
&self,
reader: &mut dyn std::io::Read,
) -> Result<HashDigest, VeilidAPIError>;
// Validation // Validation
fn validate_keypair(&self, key: &PublicKey, secret: &SecretKey) -> bool; fn validate_keypair(&self, key: &PublicKey, secret: &SecretKey) -> bool;
@ -44,24 +28,14 @@ pub trait CryptoSystem {
&self, &self,
reader: &mut dyn std::io::Read, reader: &mut dyn std::io::Read,
hash: &HashDigest, hash: &HashDigest,
) -> Result<bool, VeilidAPIError>; ) -> VeilidAPIResult<bool>;
// Distance Metric // Distance Metric
fn distance(&self, key1: &CryptoKey, key2: &CryptoKey) -> CryptoKeyDistance; fn distance(&self, key1: &CryptoKey, key2: &CryptoKey) -> CryptoKeyDistance;
// Authentication // Authentication
fn sign( fn sign(&self, key: &PublicKey, secret: &SecretKey, data: &[u8]) -> VeilidAPIResult<Signature>;
&self, fn verify(&self, key: &PublicKey, data: &[u8], signature: &Signature) -> VeilidAPIResult<()>;
key: &PublicKey,
secret: &SecretKey,
data: &[u8],
) -> Result<Signature, VeilidAPIError>;
fn verify(
&self,
key: &PublicKey,
data: &[u8],
signature: &Signature,
) -> Result<(), VeilidAPIError>;
// AEAD Encrypt/Decrypt // AEAD Encrypt/Decrypt
fn aead_overhead(&self) -> usize; fn aead_overhead(&self) -> usize;
@ -71,28 +45,28 @@ pub trait CryptoSystem {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError>; ) -> VeilidAPIResult<()>;
fn decrypt_aead( fn decrypt_aead(
&self, &self,
body: &[u8], body: &[u8],
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError>; ) -> VeilidAPIResult<Vec<u8>>;
fn encrypt_in_place_aead( fn encrypt_in_place_aead(
&self, &self,
body: &mut Vec<u8>, body: &mut Vec<u8>,
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError>; ) -> VeilidAPIResult<()>;
fn encrypt_aead( fn encrypt_aead(
&self, &self,
body: &[u8], body: &[u8],
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError>; ) -> VeilidAPIResult<Vec<u8>>;
// NoAuth Encrypt/Decrypt // NoAuth Encrypt/Decrypt
fn crypt_in_place_no_auth( fn crypt_in_place_no_auth(

View File

@ -66,7 +66,7 @@ impl Envelope {
} }
} }
pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> Result<Envelope, VeilidAPIError> { pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> VeilidAPIResult<Envelope> {
// Ensure we are at least the length of the envelope // Ensure we are at least the length of the envelope
// Silent drop here, as we use zero length packets as part of the protocol for hole punching // Silent drop here, as we use zero length packets as part of the protocol for hole punching
if data.len() < MIN_ENVELOPE_SIZE { if data.len() < MIN_ENVELOPE_SIZE {
@ -175,7 +175,7 @@ impl Envelope {
crypto: Crypto, crypto: Crypto,
data: &[u8], data: &[u8],
node_id_secret: &SecretKey, node_id_secret: &SecretKey,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
// Get DH secret // Get DH secret
let vcrypto = crypto let vcrypto = crypto
.get(self.crypto_kind) .get(self.crypto_kind)
@ -197,7 +197,7 @@ impl Envelope {
crypto: Crypto, crypto: Crypto,
body: &[u8], body: &[u8],
node_id_secret: &SecretKey, node_id_secret: &SecretKey,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
// Ensure body isn't too long // Ensure body isn't too long
let envelope_size: usize = body.len() + MIN_ENVELOPE_SIZE; let envelope_size: usize = body.len() + MIN_ENVELOPE_SIZE;
if envelope_size > MAX_ENVELOPE_SIZE { if envelope_size > MAX_ENVELOPE_SIZE {

View File

@ -146,7 +146,7 @@ impl Crypto {
if let Err(e) = self if let Err(e) = self
.unlocked_inner .unlocked_inner
.config .config
.init_node_ids(self.clone(), self.unlocked_inner.protected_store.clone()) .init_node_ids(self.clone(), table_store.clone())
.await .await
{ {
return Err(e).wrap_err("init node id failed"); return Err(e).wrap_err("init node id failed");
@ -267,7 +267,7 @@ impl Crypto {
node_ids: &[TypedKey], node_ids: &[TypedKey],
data: &[u8], data: &[u8],
typed_signatures: &[TypedSignature], typed_signatures: &[TypedSignature],
) -> Result<TypedKeySet, VeilidAPIError> { ) -> VeilidAPIResult<TypedKeySet> {
let mut out = TypedKeySet::with_capacity(node_ids.len()); let mut out = TypedKeySet::with_capacity(node_ids.len());
for sig in typed_signatures { for sig in typed_signatures {
for nid in node_ids { for nid in node_ids {
@ -290,7 +290,7 @@ impl Crypto {
data: &[u8], data: &[u8],
typed_key_pairs: &[TypedKeyPair], typed_key_pairs: &[TypedKeyPair],
transform: F, transform: F,
) -> Result<Vec<R>, VeilidAPIError> ) -> VeilidAPIResult<Vec<R>>
where where
F: Fn(&TypedKeyPair, Signature) -> R, F: Fn(&TypedKeyPair, Signature) -> R,
{ {
@ -306,7 +306,7 @@ impl Crypto {
/// Generate keypair /// Generate keypair
/// Does not require startup/init /// Does not require startup/init
pub fn generate_keypair(crypto_kind: CryptoKind) -> Result<TypedKeyPair, VeilidAPIError> { pub fn generate_keypair(crypto_kind: CryptoKind) -> VeilidAPIResult<TypedKeyPair> {
#[cfg(feature = "enable-crypto-vld0")] #[cfg(feature = "enable-crypto-vld0")]
if crypto_kind == CRYPTO_KIND_VLD0 { if crypto_kind == CRYPTO_KIND_VLD0 {
let kp = vld0_generate_keypair(); let kp = vld0_generate_keypair();
@ -327,7 +327,7 @@ impl Crypto {
vcrypto: &T, vcrypto: &T,
key: &PublicKey, key: &PublicKey,
secret: &SecretKey, secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> { ) -> VeilidAPIResult<SharedSecret> {
Ok( Ok(
match self.inner.lock().dh_cache.entry( match self.inner.lock().dh_cache.entry(
DHCacheKey { DHCacheKey {

View File

@ -71,11 +71,7 @@ impl CryptoSystem for CryptoSystemNONE {
} }
// Cached Operations // Cached Operations
fn cached_dh( fn cached_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
self.crypto self.crypto
.cached_dh_internal::<CryptoSystemNONE>(self, key, secret) .cached_dh_internal::<CryptoSystemNONE>(self, key, secret)
} }
@ -89,7 +85,7 @@ impl CryptoSystem for CryptoSystemNONE {
fn default_salt_length(&self) -> u32 { fn default_salt_length(&self) -> u32 {
4 4
} }
fn hash_password(&self, password: &[u8], salt: &[u8]) -> Result<String, VeilidAPIError> { fn hash_password(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<String> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH { if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length"); apibail_generic!("invalid salt length");
} }
@ -99,11 +95,7 @@ impl CryptoSystem for CryptoSystemNONE {
BASE64URL_NOPAD.encode(password) BASE64URL_NOPAD.encode(password)
)) ))
} }
fn verify_password( fn verify_password(&self, password: &[u8], password_hash: &str) -> VeilidAPIResult<bool> {
&self,
password: &[u8],
password_hash: &str,
) -> Result<bool, VeilidAPIError> {
let Some((salt, _)) = password_hash.split_once(":") else { let Some((salt, _)) = password_hash.split_once(":") else {
apibail_generic!("invalid format"); apibail_generic!("invalid format");
}; };
@ -113,11 +105,7 @@ impl CryptoSystem for CryptoSystemNONE {
return Ok(&self.hash_password(password, &salt)? == password_hash); return Ok(&self.hash_password(password, &salt)? == password_hash);
} }
fn derive_shared_secret( fn derive_shared_secret(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<SharedSecret> {
&self,
password: &[u8],
salt: &[u8],
) -> Result<SharedSecret, VeilidAPIError> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH { if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length"); apibail_generic!("invalid salt length");
} }
@ -136,11 +124,7 @@ impl CryptoSystem for CryptoSystemNONE {
random_bytes(&mut s).unwrap(); random_bytes(&mut s).unwrap();
SharedSecret::new(s) SharedSecret::new(s)
} }
fn compute_dh( fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
let s = do_xor_32(&key.bytes, &secret.bytes); let s = do_xor_32(&key.bytes, &secret.bytes);
Ok(SharedSecret::new(s)) Ok(SharedSecret::new(s))
} }
@ -150,10 +134,7 @@ impl CryptoSystem for CryptoSystemNONE {
fn generate_hash(&self, data: &[u8]) -> PublicKey { fn generate_hash(&self, data: &[u8]) -> PublicKey {
PublicKey::new(*blake3::hash(data).as_bytes()) PublicKey::new(*blake3::hash(data).as_bytes())
} }
fn generate_hash_reader( fn generate_hash_reader(&self, reader: &mut dyn std::io::Read) -> VeilidAPIResult<PublicKey> {
&self,
reader: &mut dyn std::io::Read,
) -> Result<PublicKey, VeilidAPIError> {
let mut hasher = blake3::Hasher::new(); let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?; std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
Ok(PublicKey::new(*hasher.finalize().as_bytes())) Ok(PublicKey::new(*hasher.finalize().as_bytes()))
@ -178,7 +159,7 @@ impl CryptoSystem for CryptoSystemNONE {
&self, &self,
reader: &mut dyn std::io::Read, reader: &mut dyn std::io::Read,
dht_key: &PublicKey, dht_key: &PublicKey,
) -> Result<bool, VeilidAPIError> { ) -> VeilidAPIResult<bool> {
let mut hasher = blake3::Hasher::new(); let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?; std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
let bytes = *hasher.finalize().as_bytes(); let bytes = *hasher.finalize().as_bytes();
@ -201,7 +182,7 @@ impl CryptoSystem for CryptoSystemNONE {
dht_key: &PublicKey, dht_key: &PublicKey,
dht_key_secret: &SecretKey, dht_key_secret: &SecretKey,
data: &[u8], data: &[u8],
) -> Result<Signature, VeilidAPIError> { ) -> VeilidAPIResult<Signature> {
if !is_bytes_eq_32(&do_xor_32(&dht_key.bytes, &dht_key_secret.bytes), 0xFFu8) { if !is_bytes_eq_32(&do_xor_32(&dht_key.bytes, &dht_key_secret.bytes), 0xFFu8) {
return Err(VeilidAPIError::parse_error( return Err(VeilidAPIError::parse_error(
"Keypair is invalid", "Keypair is invalid",
@ -224,7 +205,7 @@ impl CryptoSystem for CryptoSystemNONE {
dht_key: &PublicKey, dht_key: &PublicKey,
data: &[u8], data: &[u8],
signature: &Signature, signature: &Signature,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let mut dig = Blake3Digest512::new(); let mut dig = Blake3Digest512::new();
dig.update(data); dig.update(data);
let sig = dig.finalize(); let sig = dig.finalize();
@ -261,7 +242,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
_associated_data: Option<&[u8]>, _associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let mut blob = nonce.bytes.to_vec(); let mut blob = nonce.bytes.to_vec();
blob.extend_from_slice(&[0u8; 8]); blob.extend_from_slice(&[0u8; 8]);
let blob = do_xor_32(&blob, &shared_secret.bytes); let blob = do_xor_32(&blob, &shared_secret.bytes);
@ -283,7 +264,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec(); let mut out = body.to_vec();
self.decrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data) self.decrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string) .map_err(map_to_string)
@ -297,7 +278,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
_associated_data: Option<&[u8]>, _associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let mut blob = nonce.bytes.to_vec(); let mut blob = nonce.bytes.to_vec();
blob.extend_from_slice(&[0u8; 8]); blob.extend_from_slice(&[0u8; 8]);
let blob = do_xor_32(&blob, &shared_secret.bytes); let blob = do_xor_32(&blob, &shared_secret.bytes);
@ -312,7 +293,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec(); let mut out = body.to_vec();
self.encrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data) self.encrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string) .map_err(map_to_string)

View File

@ -49,7 +49,7 @@ impl Receipt {
nonce: Nonce, nonce: Nonce,
sender_id: PublicKey, sender_id: PublicKey,
extra_data: D, extra_data: D,
) -> Result<Self, VeilidAPIError> { ) -> VeilidAPIResult<Self> {
assert!(VALID_ENVELOPE_VERSIONS.contains(&version)); assert!(VALID_ENVELOPE_VERSIONS.contains(&version));
assert!(VALID_CRYPTO_KINDS.contains(&crypto_kind)); assert!(VALID_CRYPTO_KINDS.contains(&crypto_kind));
@ -68,7 +68,7 @@ impl Receipt {
}) })
} }
pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> Result<Receipt, VeilidAPIError> { pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> VeilidAPIResult<Receipt> {
// Ensure we are at least the length of the envelope // Ensure we are at least the length of the envelope
if data.len() < MIN_RECEIPT_SIZE { if data.len() < MIN_RECEIPT_SIZE {
apibail_parse_error!("receipt too small", data.len()); apibail_parse_error!("receipt too small", data.len());
@ -153,11 +153,7 @@ impl Receipt {
}) })
} }
pub fn to_signed_data( pub fn to_signed_data(&self, crypto: Crypto, secret: &SecretKey) -> VeilidAPIResult<Vec<u8>> {
&self,
crypto: Crypto,
secret: &SecretKey,
) -> Result<Vec<u8>, VeilidAPIError> {
// Ensure extra data isn't too long // Ensure extra data isn't too long
let receipt_size: usize = self.extra_data.len() + MIN_RECEIPT_SIZE; let receipt_size: usize = self.extra_data.len() + MIN_RECEIPT_SIZE;
if receipt_size > MAX_RECEIPT_SIZE { if receipt_size > MAX_RECEIPT_SIZE {

View File

@ -39,7 +39,7 @@ impl Encodable for KeyPair {
fn encoded_len() -> usize { fn encoded_len() -> usize {
PublicKey::encoded_len() + 1 + SecretKey::encoded_len() PublicKey::encoded_len() + 1 + SecretKey::encoded_len()
} }
fn try_decode_bytes(b: &[u8]) -> Result<Self, VeilidAPIError> { fn try_decode_bytes(b: &[u8]) -> VeilidAPIResult<Self> {
if b.len() != Self::encoded_len() { if b.len() != Self::encoded_len() {
apibail_parse_error!("input has wrong encoded length", format!("len={}", b.len())); apibail_parse_error!("input has wrong encoded length", format!("len={}", b.len()));
} }

View File

@ -17,7 +17,7 @@ use x25519_dalek as xd;
const AEAD_OVERHEAD: usize = 16; const AEAD_OVERHEAD: usize = 16;
pub const CRYPTO_KIND_VLD0: CryptoKind = FourCC([b'V', b'L', b'D', b'0']); pub const CRYPTO_KIND_VLD0: CryptoKind = FourCC([b'V', b'L', b'D', b'0']);
fn ed25519_to_x25519_pk(key: &ed::PublicKey) -> Result<xd::PublicKey, VeilidAPIError> { fn ed25519_to_x25519_pk(key: &ed::PublicKey) -> VeilidAPIResult<xd::PublicKey> {
let bytes = key.to_bytes(); let bytes = key.to_bytes();
let compressed = cd::edwards::CompressedEdwardsY(bytes); let compressed = cd::edwards::CompressedEdwardsY(bytes);
let point = compressed let point = compressed
@ -26,7 +26,7 @@ fn ed25519_to_x25519_pk(key: &ed::PublicKey) -> Result<xd::PublicKey, VeilidAPIE
let mp = point.to_montgomery(); let mp = point.to_montgomery();
Ok(xd::PublicKey::from(mp.to_bytes())) Ok(xd::PublicKey::from(mp.to_bytes()))
} }
fn ed25519_to_x25519_sk(key: &ed::SecretKey) -> Result<xd::StaticSecret, VeilidAPIError> { fn ed25519_to_x25519_sk(key: &ed::SecretKey) -> VeilidAPIResult<xd::StaticSecret> {
let exp = ed::ExpandedSecretKey::from(key); let exp = ed::ExpandedSecretKey::from(key);
let bytes: [u8; ed::EXPANDED_SECRET_KEY_LENGTH] = exp.to_bytes(); let bytes: [u8; ed::EXPANDED_SECRET_KEY_LENGTH] = exp.to_bytes();
let lowbytes: [u8; 32] = bytes[0..32].try_into().map_err(VeilidAPIError::internal)?; let lowbytes: [u8; 32] = bytes[0..32].try_into().map_err(VeilidAPIError::internal)?;
@ -65,11 +65,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
} }
// Cached Operations // Cached Operations
fn cached_dh( fn cached_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
self.crypto self.crypto
.cached_dh_internal::<CryptoSystemVLD0>(self, key, secret) .cached_dh_internal::<CryptoSystemVLD0>(self, key, secret)
} }
@ -83,7 +79,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
fn default_salt_length(&self) -> u32 { fn default_salt_length(&self) -> u32 {
16 16
} }
fn hash_password(&self, password: &[u8], salt: &[u8]) -> Result<String, VeilidAPIError> { fn hash_password(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<String> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH { if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length"); apibail_generic!("invalid salt length");
} }
@ -100,11 +96,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
.to_string(); .to_string();
Ok(password_hash) Ok(password_hash)
} }
fn verify_password( fn verify_password(&self, password: &[u8], password_hash: &str) -> VeilidAPIResult<bool> {
&self,
password: &[u8],
password_hash: &str,
) -> Result<bool, VeilidAPIError> {
let parsed_hash = PasswordHash::new(password_hash).map_err(VeilidAPIError::generic)?; let parsed_hash = PasswordHash::new(password_hash).map_err(VeilidAPIError::generic)?;
// Argon2 with default params (Argon2id v19) // Argon2 with default params (Argon2id v19)
let argon2 = Argon2::default(); let argon2 = Argon2::default();
@ -112,11 +104,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
Ok(argon2.verify_password(password, &parsed_hash).is_ok()) Ok(argon2.verify_password(password, &parsed_hash).is_ok())
} }
fn derive_shared_secret( fn derive_shared_secret(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<SharedSecret> {
&self,
password: &[u8],
salt: &[u8],
) -> Result<SharedSecret, VeilidAPIError> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH { if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length"); apibail_generic!("invalid salt length");
} }
@ -141,11 +129,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
random_bytes(&mut s); random_bytes(&mut s);
SharedSecret::new(s) SharedSecret::new(s)
} }
fn compute_dh( fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
let pk_ed = ed::PublicKey::from_bytes(&key.bytes).map_err(VeilidAPIError::internal)?; let pk_ed = ed::PublicKey::from_bytes(&key.bytes).map_err(VeilidAPIError::internal)?;
let pk_xd = ed25519_to_x25519_pk(&pk_ed)?; let pk_xd = ed25519_to_x25519_pk(&pk_ed)?;
let sk_ed = ed::SecretKey::from_bytes(&secret.bytes).map_err(VeilidAPIError::internal)?; let sk_ed = ed::SecretKey::from_bytes(&secret.bytes).map_err(VeilidAPIError::internal)?;
@ -158,10 +142,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
fn generate_hash(&self, data: &[u8]) -> PublicKey { fn generate_hash(&self, data: &[u8]) -> PublicKey {
PublicKey::new(*blake3::hash(data).as_bytes()) PublicKey::new(*blake3::hash(data).as_bytes())
} }
fn generate_hash_reader( fn generate_hash_reader(&self, reader: &mut dyn std::io::Read) -> VeilidAPIResult<PublicKey> {
&self,
reader: &mut dyn std::io::Read,
) -> Result<PublicKey, VeilidAPIError> {
let mut hasher = blake3::Hasher::new(); let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?; std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
Ok(PublicKey::new(*hasher.finalize().as_bytes())) Ok(PublicKey::new(*hasher.finalize().as_bytes()))
@ -187,7 +168,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
&self, &self,
reader: &mut dyn std::io::Read, reader: &mut dyn std::io::Read,
dht_key: &PublicKey, dht_key: &PublicKey,
) -> Result<bool, VeilidAPIError> { ) -> VeilidAPIResult<bool> {
let mut hasher = blake3::Hasher::new(); let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?; std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
let bytes = *hasher.finalize().as_bytes(); let bytes = *hasher.finalize().as_bytes();
@ -210,7 +191,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
dht_key: &PublicKey, dht_key: &PublicKey,
dht_key_secret: &SecretKey, dht_key_secret: &SecretKey,
data: &[u8], data: &[u8],
) -> Result<Signature, VeilidAPIError> { ) -> VeilidAPIResult<Signature> {
let mut kpb: [u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH] = let mut kpb: [u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH] =
[0u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH]; [0u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH];
@ -237,7 +218,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
dht_key: &PublicKey, dht_key: &PublicKey,
data: &[u8], data: &[u8],
signature: &Signature, signature: &Signature,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let pk = ed::PublicKey::from_bytes(&dht_key.bytes) let pk = ed::PublicKey::from_bytes(&dht_key.bytes)
.map_err(|e| VeilidAPIError::parse_error("Public key is invalid", e))?; .map_err(|e| VeilidAPIError::parse_error("Public key is invalid", e))?;
let sig = ed::Signature::from_bytes(&signature.bytes) let sig = ed::Signature::from_bytes(&signature.bytes)
@ -261,7 +242,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let key = ch::Key::from(shared_secret.bytes); let key = ch::Key::from(shared_secret.bytes);
let xnonce = ch::XNonce::from(nonce.bytes); let xnonce = ch::XNonce::from(nonce.bytes);
let aead = ch::XChaCha20Poly1305::new(&key); let aead = ch::XChaCha20Poly1305::new(&key);
@ -276,7 +257,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec(); let mut out = body.to_vec();
self.decrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data) self.decrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string) .map_err(map_to_string)
@ -290,7 +271,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let key = ch::Key::from(shared_secret.bytes); let key = ch::Key::from(shared_secret.bytes);
let xnonce = ch::XNonce::from(nonce.bytes); let xnonce = ch::XNonce::from(nonce.bytes);
let aead = ch::XChaCha20Poly1305::new(&key); let aead = ch::XChaCha20Poly1305::new(&key);
@ -306,7 +287,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce, nonce: &Nonce,
shared_secret: &SharedSecret, shared_secret: &SharedSecret,
associated_data: Option<&[u8]>, associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec(); let mut out = body.to_vec();
self.encrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data) self.encrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string) .map_err(map_to_string)

View File

@ -9,5 +9,4 @@ mod native;
#[cfg(not(target_arch = "wasm32"))] #[cfg(not(target_arch = "wasm32"))]
pub use native::*; pub use native::*;
pub static KNOWN_PROTECTED_STORE_KEYS: [&'static str; 4] = pub static KNOWN_PROTECTED_STORE_KEYS: [&'static str; 2] = ["device_encryption_key", "_test_key"];
["node_id", "node_id_secret", "_test_key", "RouteSpecStore"];

View File

@ -115,7 +115,7 @@ impl fmt::Display for Address {
impl FromStr for Address { impl FromStr for Address {
type Err = VeilidAPIError; type Err = VeilidAPIError;
fn from_str(host: &str) -> Result<Address, VeilidAPIError> { fn from_str(host: &str) -> VeilidAPIResult<Address> {
if let Ok(addr) = Ipv4Addr::from_str(host) { if let Ok(addr) = Ipv4Addr::from_str(host) {
Ok(Address::IPV4(addr)) Ok(Address::IPV4(addr))
} else if let Ok(addr) = Ipv6Addr::from_str(host) { } else if let Ok(addr) = Ipv6Addr::from_str(host) {

View File

@ -82,7 +82,7 @@ impl fmt::Display for DialInfo {
impl FromStr for DialInfo { impl FromStr for DialInfo {
type Err = VeilidAPIError; type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<DialInfo, VeilidAPIError> { fn from_str(s: &str) -> VeilidAPIResult<DialInfo> {
let (proto, rest) = s.split_once('|').ok_or_else(|| { let (proto, rest) = s.split_once('|').ok_or_else(|| {
VeilidAPIError::parse_error("DialInfo::from_str missing protocol '|' separator", s) VeilidAPIError::parse_error("DialInfo::from_str missing protocol '|' separator", s)
})?; })?;
@ -175,7 +175,7 @@ impl DialInfo {
socket_address: socket_address.to_canonical(), socket_address: socket_address.to_canonical(),
}) })
} }
pub fn try_ws(socket_address: SocketAddress, url: String) -> Result<Self, VeilidAPIError> { pub fn try_ws(socket_address: SocketAddress, url: String) -> VeilidAPIResult<Self> {
let split_url = SplitUrl::from_str(&url).map_err(|e| { let split_url = SplitUrl::from_str(&url).map_err(|e| {
VeilidAPIError::parse_error(format!("unable to split WS url: {}", e), &url) VeilidAPIError::parse_error(format!("unable to split WS url: {}", e), &url)
})?; })?;
@ -199,7 +199,7 @@ impl DialInfo {
request: url[5..].to_string(), request: url[5..].to_string(),
})) }))
} }
pub fn try_wss(socket_address: SocketAddress, url: String) -> Result<Self, VeilidAPIError> { pub fn try_wss(socket_address: SocketAddress, url: String) -> VeilidAPIResult<Self> {
let split_url = SplitUrl::from_str(&url).map_err(|e| { let split_url = SplitUrl::from_str(&url).map_err(|e| {
VeilidAPIError::parse_error(format!("unable to split WSS url: {}", e), &url) VeilidAPIError::parse_error(format!("unable to split WSS url: {}", e), &url)
})?; })?;
@ -321,7 +321,7 @@ impl DialInfo {
pub fn try_vec_from_short<S: AsRef<str>, H: AsRef<str>>( pub fn try_vec_from_short<S: AsRef<str>, H: AsRef<str>>(
short: S, short: S,
hostname: H, hostname: H,
) -> Result<Vec<Self>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<Self>> {
let short = short.as_ref(); let short = short.as_ref();
let hostname = hostname.as_ref(); let hostname = hostname.as_ref();
@ -348,7 +348,7 @@ impl DialInfo {
Self::try_vec_from_url(url) Self::try_vec_from_url(url)
} }
pub fn try_vec_from_url<S: AsRef<str>>(url: S) -> Result<Vec<Self>, VeilidAPIError> { pub fn try_vec_from_url<S: AsRef<str>>(url: S) -> VeilidAPIResult<Vec<Self>> {
let url = url.as_ref(); let url = url.as_ref();
let split_url = SplitUrl::from_str(url) let split_url = SplitUrl::from_str(url)
.map_err(|e| VeilidAPIError::parse_error(format!("unable to split url: {}", e), url))?; .map_err(|e| VeilidAPIError::parse_error(format!("unable to split url: {}", e), url))?;

View File

@ -55,7 +55,7 @@ impl fmt::Display for PeerAddress {
impl FromStr for PeerAddress { impl FromStr for PeerAddress {
type Err = VeilidAPIError; type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<PeerAddress, VeilidAPIError> { fn from_str(s: &str) -> VeilidAPIResult<PeerAddress> {
let Some((first, second)) = s.split_once(':') else { let Some((first, second)) = s.split_once(':') else {
return Err(VeilidAPIError::parse_error("PeerAddress is missing a colon: {}", s)); return Err(VeilidAPIError::parse_error("PeerAddress is missing a colon: {}", s));
}; };

View File

@ -87,7 +87,7 @@ impl fmt::Display for ProtocolType {
impl FromStr for ProtocolType { impl FromStr for ProtocolType {
type Err = VeilidAPIError; type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<ProtocolType, VeilidAPIError> { fn from_str(s: &str) -> VeilidAPIResult<ProtocolType> {
match s.to_ascii_uppercase().as_str() { match s.to_ascii_uppercase().as_str() {
"UDP" => Ok(ProtocolType::UDP), "UDP" => Ok(ProtocolType::UDP),
"TCP" => Ok(ProtocolType::TCP), "TCP" => Ok(ProtocolType::TCP),

View File

@ -69,7 +69,7 @@ impl fmt::Display for SocketAddress {
impl FromStr for SocketAddress { impl FromStr for SocketAddress {
type Err = VeilidAPIError; type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<SocketAddress, VeilidAPIError> { fn from_str(s: &str) -> VeilidAPIResult<SocketAddress> {
let sa = SocketAddr::from_str(s) let sa = SocketAddr::from_str(s)
.map_err(|e| VeilidAPIError::parse_error("Failed to parse SocketAddress", e))?; .map_err(|e| VeilidAPIError::parse_error("Failed to parse SocketAddress", e))?;
Ok(SocketAddress::from_socket_addr(sa)) Ok(SocketAddress::from_socket_addr(sa))

View File

@ -22,7 +22,7 @@ pub enum RouteNode {
} }
impl RouteNode { impl RouteNode {
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> { pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
match self { match self {
RouteNode::NodeId(_) => Ok(()), RouteNode::NodeId(_) => Ok(()),
RouteNode::PeerInfo(pi) => pi.validate(crypto), RouteNode::PeerInfo(pi) => pi.validate(crypto),
@ -74,7 +74,7 @@ pub struct RouteHop {
pub next_hop: Option<RouteHopData>, pub next_hop: Option<RouteHopData>,
} }
impl RouteHop { impl RouteHop {
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> { pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
self.node.validate(crypto) self.node.validate(crypto)
} }
} }
@ -91,7 +91,7 @@ pub enum PrivateRouteHops {
} }
impl PrivateRouteHops { impl PrivateRouteHops {
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> { pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
match self { match self {
PrivateRouteHops::FirstHop(rh) => rh.validate(crypto), PrivateRouteHops::FirstHop(rh) => rh.validate(crypto),
PrivateRouteHops::Data(_) => Ok(()), PrivateRouteHops::Data(_) => Ok(()),
@ -129,7 +129,7 @@ impl PrivateRoute {
} }
} }
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> { pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
self.hops.validate(crypto) self.hops.validate(crypto)
} }

View File

@ -6,7 +6,6 @@ pub struct RouteSpecDetail {
/// Crypto kind /// Crypto kind
pub crypto_kind: CryptoKind, pub crypto_kind: CryptoKind,
/// Secret key /// Secret key
#[with(Skip)]
pub secret_key: SecretKey, pub secret_key: SecretKey,
/// Route hops (node id keys) /// Route hops (node id keys)
pub hops: Vec<PublicKey>, pub hops: Vec<PublicKey>,

View File

@ -55,47 +55,6 @@ impl RouteSpecStoreContent {
content.remove_detail(&id); content.remove_detail(&id);
} }
// Load secrets from pstore
let pstore = routing_table.network_manager().protected_store();
let secret_key_map: HashMap<PublicKey, SecretKey> = pstore
.load_user_secret_rkyv("RouteSpecStore")
.await?
.unwrap_or_default();
// Ensure we got secret keys for all the public keys
let mut got_secret_key_ids = HashSet::new();
for (rsid, rssd) in content.details.iter_mut() {
let mut found_all = true;
for (pk, rsd) in rssd.iter_route_set_mut() {
if let Some(sk) = secret_key_map.get(pk) {
rsd.secret_key = *sk;
} else {
found_all = false;
break;
}
}
if found_all {
got_secret_key_ids.insert(rsid.clone());
}
}
// If we missed any, nuke those route ids
let dead_ids: Vec<RouteId> = content
.details
.keys()
.filter_map(|id| {
if !got_secret_key_ids.contains(id) {
Some(*id)
} else {
None
}
})
.collect();
for id in dead_ids {
log_rtab!(debug "missing secret key, killing off private route: {}", id);
content.remove_detail(&id);
}
Ok(content) Ok(content)
} }
@ -106,18 +65,6 @@ impl RouteSpecStoreContent {
let rsstdb = table_store.open("RouteSpecStore", 1).await?; let rsstdb = table_store.open("RouteSpecStore", 1).await?;
rsstdb.store_rkyv(0, b"content", self).await?; rsstdb.store_rkyv(0, b"content", self).await?;
// Keep secrets in protected store as well
let pstore = routing_table.network_manager().protected_store();
let mut out: HashMap<PublicKey, SecretKey> = HashMap::new();
for (_rsid, rssd) in self.details.iter() {
for (pk, rsd) in rssd.iter_route_set() {
out.insert(*pk, rsd.secret_key);
}
}
let _ = pstore.save_user_secret_rkyv("RouteSpecStore", &out).await?; // ignore if this previously existed or not
Ok(()) Ok(())
} }

View File

@ -16,7 +16,7 @@ impl PeerInfo {
} }
} }
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> { pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
let validated_node_ids = self.signed_node_info.validate(&self.node_ids, crypto)?; let validated_node_ids = self.signed_node_info.validate(&self.node_ids, crypto)?;
if validated_node_ids.is_empty() { if validated_node_ids.is_empty() {
// Shouldn't get here because signed node info validation also checks this // Shouldn't get here because signed node info validation also checks this

View File

@ -20,11 +20,7 @@ impl SignedDirectNodeInfo {
} }
} }
pub fn validate( pub fn validate(&self, node_ids: &TypedKeySet, crypto: Crypto) -> VeilidAPIResult<TypedKeySet> {
&self,
node_ids: &TypedKeySet,
crypto: Crypto,
) -> Result<TypedKeySet, VeilidAPIError> {
let node_info_bytes = Self::make_signature_bytes(&self.node_info, self.timestamp)?; let node_info_bytes = Self::make_signature_bytes(&self.node_info, self.timestamp)?;
// Verify the signatures that we can // Verify the signatures that we can
@ -41,7 +37,7 @@ impl SignedDirectNodeInfo {
crypto: Crypto, crypto: Crypto,
typed_key_pairs: Vec<TypedKeyPair>, typed_key_pairs: Vec<TypedKeyPair>,
node_info: NodeInfo, node_info: NodeInfo,
) -> Result<Self, VeilidAPIError> { ) -> VeilidAPIResult<Self> {
let timestamp = get_aligned_timestamp(); let timestamp = get_aligned_timestamp();
let node_info_bytes = Self::make_signature_bytes(&node_info, timestamp)?; let node_info_bytes = Self::make_signature_bytes(&node_info, timestamp)?;
let typed_signatures = let typed_signatures =
@ -58,7 +54,7 @@ impl SignedDirectNodeInfo {
fn make_signature_bytes( fn make_signature_bytes(
node_info: &NodeInfo, node_info: &NodeInfo,
timestamp: Timestamp, timestamp: Timestamp,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
let mut node_info_bytes = Vec::new(); let mut node_info_bytes = Vec::new();
// Add nodeinfo to signature // Add nodeinfo to signature

View File

@ -8,11 +8,7 @@ pub enum SignedNodeInfo {
} }
impl SignedNodeInfo { impl SignedNodeInfo {
pub fn validate( pub fn validate(&self, node_ids: &TypedKeySet, crypto: Crypto) -> VeilidAPIResult<TypedKeySet> {
&self,
node_ids: &TypedKeySet,
crypto: Crypto,
) -> Result<TypedKeySet, VeilidAPIError> {
match self { match self {
SignedNodeInfo::Direct(d) => d.validate(node_ids, crypto), SignedNodeInfo::Direct(d) => d.validate(node_ids, crypto),
SignedNodeInfo::Relayed(r) => r.validate(node_ids, crypto), SignedNodeInfo::Relayed(r) => r.validate(node_ids, crypto),

View File

@ -31,11 +31,7 @@ impl SignedRelayedNodeInfo {
} }
} }
pub fn validate( pub fn validate(&self, node_ids: &TypedKeySet, crypto: Crypto) -> VeilidAPIResult<TypedKeySet> {
&self,
node_ids: &TypedKeySet,
crypto: Crypto,
) -> Result<TypedKeySet, VeilidAPIError> {
// Ensure the relay info for the node has a superset of the crypto kinds of the node it is relaying // Ensure the relay info for the node has a superset of the crypto kinds of the node it is relaying
if common_crypto_kinds( if common_crypto_kinds(
self.node_info.crypto_support(), self.node_info.crypto_support(),
@ -68,7 +64,7 @@ impl SignedRelayedNodeInfo {
node_info: NodeInfo, node_info: NodeInfo,
relay_ids: TypedKeySet, relay_ids: TypedKeySet,
relay_info: SignedDirectNodeInfo, relay_info: SignedDirectNodeInfo,
) -> Result<Self, VeilidAPIError> { ) -> VeilidAPIResult<Self> {
let timestamp = get_aligned_timestamp(); let timestamp = get_aligned_timestamp();
let node_info_bytes = let node_info_bytes =
Self::make_signature_bytes(&node_info, &relay_ids, &relay_info, timestamp)?; Self::make_signature_bytes(&node_info, &relay_ids, &relay_info, timestamp)?;
@ -90,7 +86,7 @@ impl SignedRelayedNodeInfo {
relay_ids: &[TypedKey], relay_ids: &[TypedKey],
relay_info: &SignedDirectNodeInfo, relay_info: &SignedDirectNodeInfo,
timestamp: Timestamp, timestamp: Timestamp,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
let mut sig_bytes = Vec::new(); let mut sig_bytes = Vec::new();
// Add nodeinfo to signature // Add nodeinfo to signature

View File

@ -22,7 +22,7 @@ impl StorageManager {
subkey: ValueSubkey, subkey: ValueSubkey,
safety_selection: SafetySelection, safety_selection: SafetySelection,
last_subkey_result: SubkeyResult, last_subkey_result: SubkeyResult,
) -> Result<SubkeyResult, VeilidAPIError> { ) -> VeilidAPIResult<SubkeyResult> {
let routing_table = rpc_processor.routing_table(); let routing_table = rpc_processor.routing_table();
// Get the DHT parameters for 'GetValue' // Get the DHT parameters for 'GetValue'
@ -175,7 +175,7 @@ impl StorageManager {
} }
/// Handle a recieved 'Get Value' query /// Handle a recieved 'Get Value' query
pub async fn inbound_get_value(&self, key: TypedKey, subkey: ValueSubkey, want_descriptor: bool) -> Result<NetworkResult<SubkeyResult>, VeilidAPIError> { pub async fn inbound_get_value(&self, key: TypedKey, subkey: ValueSubkey, want_descriptor: bool) -> VeilidAPIResult<NetworkResult<SubkeyResult>> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
let res = match inner.handle_get_remote_value(key, subkey, want_descriptor).await { let res = match inner.handle_get_remote_value(key, subkey, want_descriptor).await {
Ok(res) => res, Ok(res) => res,

View File

@ -117,7 +117,7 @@ impl StorageManager {
inner.rpc_processor = opt_rpc_processor inner.rpc_processor = opt_rpc_processor
} }
async fn lock(&self) -> Result<AsyncMutexGuardArc<StorageManagerInner>, VeilidAPIError> { async fn lock(&self) -> VeilidAPIResult<AsyncMutexGuardArc<StorageManagerInner>> {
let inner = asyncmutex_lock_arc!(&self.inner); let inner = asyncmutex_lock_arc!(&self.inner);
if !inner.initialized { if !inner.initialized {
apibail_not_initialized!(); apibail_not_initialized!();
@ -131,7 +131,7 @@ impl StorageManager {
kind: CryptoKind, kind: CryptoKind,
schema: DHTSchema, schema: DHTSchema,
safety_selection: SafetySelection, safety_selection: SafetySelection,
) -> Result<DHTRecordDescriptor, VeilidAPIError> { ) -> VeilidAPIResult<DHTRecordDescriptor> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
// Create a new owned local record from scratch // Create a new owned local record from scratch
@ -154,7 +154,7 @@ impl StorageManager {
key: TypedKey, key: TypedKey,
writer: Option<KeyPair>, writer: Option<KeyPair>,
safety_selection: SafetySelection, safety_selection: SafetySelection,
) -> Result<DHTRecordDescriptor, VeilidAPIError> { ) -> VeilidAPIResult<DHTRecordDescriptor> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
// See if we have a local record already or not // See if we have a local record already or not
@ -202,13 +202,13 @@ impl StorageManager {
} }
/// Close an opened local record /// Close an opened local record
pub async fn close_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> { pub async fn close_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
inner.close_record(key) inner.close_record(key)
} }
/// Delete a local record /// Delete a local record
pub async fn delete_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> { pub async fn delete_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
// Ensure the record is closed // Ensure the record is closed
@ -233,7 +233,7 @@ impl StorageManager {
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
force_refresh: bool, force_refresh: bool,
) -> Result<Option<ValueData>, VeilidAPIError> { ) -> VeilidAPIResult<Option<ValueData>> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
let Some(opened_record) = inner.opened_records.remove(&key) else { let Some(opened_record) = inner.opened_records.remove(&key) else {
apibail_generic!("record not open"); apibail_generic!("record not open");
@ -301,7 +301,7 @@ impl StorageManager {
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
data: Vec<u8>, data: Vec<u8>,
) -> Result<Option<ValueData>, VeilidAPIError> { ) -> VeilidAPIResult<Option<ValueData>> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
// Get cryptosystem // Get cryptosystem
@ -395,7 +395,7 @@ impl StorageManager {
subkeys: ValueSubkeyRangeSet, subkeys: ValueSubkeyRangeSet,
expiration: Timestamp, expiration: Timestamp,
count: u32, count: u32,
) -> Result<Timestamp, VeilidAPIError> { ) -> VeilidAPIResult<Timestamp> {
let inner = self.lock().await?; let inner = self.lock().await?;
unimplemented!(); unimplemented!();
} }
@ -404,7 +404,7 @@ impl StorageManager {
&self, &self,
key: TypedKey, key: TypedKey,
subkeys: ValueSubkeyRangeSet, subkeys: ValueSubkeyRangeSet,
) -> Result<bool, VeilidAPIError> { ) -> VeilidAPIResult<bool> {
let inner = self.lock().await?; let inner = self.lock().await?;
unimplemented!(); unimplemented!();
} }

View File

@ -241,11 +241,7 @@ where
Ok(()) Ok(())
} }
pub async fn new_record( pub async fn new_record(&mut self, key: TypedKey, record: Record<D>) -> VeilidAPIResult<()> {
&mut self,
key: TypedKey,
record: Record<D>,
) -> Result<(), VeilidAPIError> {
let rtk = RecordTableKey { key }; let rtk = RecordTableKey { key };
if self.record_index.contains_key(&rtk) { if self.record_index.contains_key(&rtk) {
apibail_internal!("record already exists"); apibail_internal!("record already exists");
@ -290,7 +286,7 @@ where
Ok(()) Ok(())
} }
pub async fn delete_record(&mut self, key: TypedKey) -> Result<(), VeilidAPIError> { pub async fn delete_record(&mut self, key: TypedKey) -> VeilidAPIResult<()> {
// Get the record table key // Get the record table key
let rtk = RecordTableKey { key }; let rtk = RecordTableKey { key };
@ -357,7 +353,7 @@ where
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
want_descriptor: bool, want_descriptor: bool,
) -> Result<Option<SubkeyResult>, VeilidAPIError> { ) -> VeilidAPIResult<Option<SubkeyResult>> {
// record from index // record from index
let Some((subkey_count, opt_descriptor)) = self.with_record(key, |record| { let Some((subkey_count, opt_descriptor)) = self.with_record(key, |record| {
(record.subkey_count(), if want_descriptor { (record.subkey_count(), if want_descriptor {
@ -419,7 +415,7 @@ where
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
signed_value_data: SignedValueData, signed_value_data: SignedValueData,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
// Check size limit for data // Check size limit for data
if signed_value_data.value_data().data().len() > self.limits.max_subkey_size { if signed_value_data.value_data().data().len() > self.limits.max_subkey_size {
apibail_invalid_argument!( apibail_invalid_argument!(

View File

@ -21,7 +21,7 @@ impl StorageManager {
safety_selection: SafetySelection, safety_selection: SafetySelection,
value: SignedValueData, value: SignedValueData,
descriptor: SignedValueDescriptor, descriptor: SignedValueDescriptor,
) -> Result<SignedValueData, VeilidAPIError> { ) -> VeilidAPIResult<SignedValueData> {
let routing_table = rpc_processor.routing_table(); let routing_table = rpc_processor.routing_table();
// Get the DHT parameters for 'SetValue' // Get the DHT parameters for 'SetValue'
@ -164,7 +164,7 @@ impl StorageManager {
/// Handle a recieved 'Set Value' query /// Handle a recieved 'Set Value' query
/// Returns a None if the value passed in was set /// Returns a None if the value passed in was set
/// Returns a Some(current value) if the value was older and the current value was kept /// Returns a Some(current value) if the value was older and the current value was kept
pub async fn inbound_set_value(&self, key: TypedKey, subkey: ValueSubkey, value: SignedValueData, descriptor: Option<SignedValueDescriptor>) -> Result<NetworkResult<Option<SignedValueData>>, VeilidAPIError> { pub async fn inbound_set_value(&self, key: TypedKey, subkey: ValueSubkey, value: SignedValueData, descriptor: Option<SignedValueDescriptor>) -> VeilidAPIResult<NetworkResult<Option<SignedValueData>>> {
let mut inner = self.lock().await?; let mut inner = self.lock().await?;
// See if the subkey we are modifying has a last known local value // See if the subkey we are modifying has a last known local value

View File

@ -172,7 +172,7 @@ impl StorageManagerInner {
kind: CryptoKind, kind: CryptoKind,
schema: DHTSchema, schema: DHTSchema,
safety_selection: SafetySelection, safety_selection: SafetySelection,
) -> Result<(TypedKey, KeyPair), VeilidAPIError> { ) -> VeilidAPIResult<(TypedKey, KeyPair)> {
// Get cryptosystem // Get cryptosystem
let Some(vcrypto) = self.unlocked_inner.crypto.get(kind) else { let Some(vcrypto) = self.unlocked_inner.crypto.get(kind) else {
apibail_generic!("unsupported cryptosystem"); apibail_generic!("unsupported cryptosystem");
@ -214,7 +214,7 @@ impl StorageManagerInner {
key: TypedKey, key: TypedKey,
writer: Option<KeyPair>, writer: Option<KeyPair>,
safety_selection: SafetySelection, safety_selection: SafetySelection,
) -> Result<Option<DHTRecordDescriptor>, VeilidAPIError> { ) -> VeilidAPIResult<Option<DHTRecordDescriptor>> {
// Ensure the record is closed // Ensure the record is closed
if self.opened_records.contains_key(&key) { if self.opened_records.contains_key(&key) {
apibail_generic!("record is already open and should be closed first"); apibail_generic!("record is already open and should be closed first");
@ -268,7 +268,7 @@ impl StorageManagerInner {
subkey: ValueSubkey, subkey: ValueSubkey,
subkey_result: SubkeyResult, subkey_result: SubkeyResult,
safety_selection: SafetySelection, safety_selection: SafetySelection,
) -> Result<DHTRecordDescriptor, VeilidAPIError> { ) -> VeilidAPIResult<DHTRecordDescriptor> {
// Ensure the record is closed // Ensure the record is closed
if self.opened_records.contains_key(&key) { if self.opened_records.contains_key(&key) {
panic!("new record should never be opened at this point"); panic!("new record should never be opened at this point");
@ -325,7 +325,7 @@ impl StorageManagerInner {
Ok(descriptor) Ok(descriptor)
} }
pub fn close_record(&mut self, key: TypedKey) -> Result<(), VeilidAPIError> { pub fn close_record(&mut self, key: TypedKey) -> VeilidAPIResult<()> {
let Some(_opened_record) = self.opened_records.remove(&key) else { let Some(_opened_record) = self.opened_records.remove(&key) else {
apibail_generic!("record not open"); apibail_generic!("record not open");
}; };
@ -337,7 +337,7 @@ impl StorageManagerInner {
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
want_descriptor: bool, want_descriptor: bool,
) -> Result<SubkeyResult, VeilidAPIError> { ) -> VeilidAPIResult<SubkeyResult> {
// See if it's in the local record store // See if it's in the local record store
let Some(local_record_store) = self.local_record_store.as_mut() else { let Some(local_record_store) = self.local_record_store.as_mut() else {
apibail_not_initialized!(); apibail_not_initialized!();
@ -357,7 +357,7 @@ impl StorageManagerInner {
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
signed_value_data: SignedValueData, signed_value_data: SignedValueData,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
// See if it's in the local record store // See if it's in the local record store
let Some(local_record_store) = self.local_record_store.as_mut() else { let Some(local_record_store) = self.local_record_store.as_mut() else {
apibail_not_initialized!(); apibail_not_initialized!();
@ -376,7 +376,7 @@ impl StorageManagerInner {
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
want_descriptor: bool, want_descriptor: bool,
) -> Result<SubkeyResult, VeilidAPIError> { ) -> VeilidAPIResult<SubkeyResult> {
// See if it's in the remote record store // See if it's in the remote record store
let Some(remote_record_store) = self.remote_record_store.as_mut() else { let Some(remote_record_store) = self.remote_record_store.as_mut() else {
apibail_not_initialized!(); apibail_not_initialized!();
@ -397,7 +397,7 @@ impl StorageManagerInner {
subkey: ValueSubkey, subkey: ValueSubkey,
signed_value_data: SignedValueData, signed_value_data: SignedValueData,
signed_value_descriptor: SignedValueDescriptor, signed_value_descriptor: SignedValueDescriptor,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
// See if it's in the remote record store // See if it's in the remote record store
let Some(remote_record_store) = self.remote_record_store.as_mut() else { let Some(remote_record_store) = self.remote_record_store.as_mut() else {
apibail_not_initialized!(); apibail_not_initialized!();

View File

@ -27,7 +27,7 @@ where
cur_ts: Timestamp, cur_ts: Timestamp,
descriptor: SignedValueDescriptor, descriptor: SignedValueDescriptor,
detail: D, detail: D,
) -> Result<Self, VeilidAPIError> { ) -> VeilidAPIResult<Self> {
let schema = descriptor.schema()?; let schema = descriptor.schema()?;
let subkey_count = schema.subkey_count(); let subkey_count = schema.subkey_count();
Ok(Self { Ok(Self {

View File

@ -34,7 +34,7 @@ impl SignedValueData {
owner: &PublicKey, owner: &PublicKey,
subkey: ValueSubkey, subkey: ValueSubkey,
vcrypto: CryptoSystemVersion, vcrypto: CryptoSystemVersion,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let node_info_bytes = Self::make_signature_bytes(&self.value_data, owner, subkey)?; let node_info_bytes = Self::make_signature_bytes(&self.value_data, owner, subkey)?;
// validate signature // validate signature
vcrypto.verify(&self.value_data.writer(), &node_info_bytes, &self.signature) vcrypto.verify(&self.value_data.writer(), &node_info_bytes, &self.signature)
@ -46,7 +46,7 @@ impl SignedValueData {
subkey: ValueSubkey, subkey: ValueSubkey,
vcrypto: CryptoSystemVersion, vcrypto: CryptoSystemVersion,
writer_secret: SecretKey, writer_secret: SecretKey,
) -> Result<Self, VeilidAPIError> { ) -> VeilidAPIResult<Self> {
let node_info_bytes = Self::make_signature_bytes(&value_data, owner, subkey)?; let node_info_bytes = Self::make_signature_bytes(&value_data, owner, subkey)?;
// create signature // create signature
@ -77,7 +77,7 @@ impl SignedValueData {
value_data: &ValueData, value_data: &ValueData,
owner: &PublicKey, owner: &PublicKey,
subkey: ValueSubkey, subkey: ValueSubkey,
) -> Result<Vec<u8>, VeilidAPIError> { ) -> VeilidAPIResult<Vec<u8>> {
let mut node_info_bytes = let mut node_info_bytes =
Vec::with_capacity(PUBLIC_KEY_LENGTH + 4 + 4 + value_data.data().len()); Vec::with_capacity(PUBLIC_KEY_LENGTH + 4 + 4 + value_data.data().len());

View File

@ -31,7 +31,7 @@ impl SignedValueDescriptor {
} }
} }
pub fn validate(&self, vcrypto: CryptoSystemVersion) -> Result<(), VeilidAPIError> { pub fn validate(&self, vcrypto: CryptoSystemVersion) -> VeilidAPIResult<()> {
// validate signature // validate signature
vcrypto.verify(&self.owner, &self.schema_data, &self.signature) vcrypto.verify(&self.owner, &self.schema_data, &self.signature)
} }
@ -44,7 +44,7 @@ impl SignedValueDescriptor {
&self.schema_data &self.schema_data
} }
pub fn schema(&self) -> Result<DHTSchema, VeilidAPIError> { pub fn schema(&self) -> VeilidAPIResult<DHTSchema> {
DHTSchema::try_from(self.schema_data.as_slice()) DHTSchema::try_from(self.schema_data.as_slice())
} }
@ -57,7 +57,7 @@ impl SignedValueDescriptor {
schema_data: Vec<u8>, schema_data: Vec<u8>,
vcrypto: CryptoSystemVersion, vcrypto: CryptoSystemVersion,
owner_secret: SecretKey, owner_secret: SecretKey,
) -> Result<Self, VeilidAPIError> { ) -> VeilidAPIResult<Self> {
// create signature // create signature
let signature = vcrypto.sign(&owner, &owner_secret, &schema_data)?; let signature = vcrypto.sign(&owner, &owner_secret, &schema_data)?;
Ok(Self { Ok(Self {

View File

@ -169,7 +169,7 @@ impl TableStore {
// Get device encryption key from protected store // Get device encryption key from protected store
let mut encryption_key: Option<TypedSharedSecret> = self let mut encryption_key: Option<TypedSharedSecret> = self
.protected_store .protected_store
.load_user_secret_rkyv("device_encryption_key") .load_user_secret_json("device_encryption_key")
.await?; .await?;
if let Some(encryption_key) = encryption_key { if let Some(encryption_key) = encryption_key {
@ -183,7 +183,14 @@ impl TableStore {
let best_kind = best_crypto_kind(); let best_kind = best_crypto_kind();
let mut shared_secret = SharedSecret::default(); let mut shared_secret = SharedSecret::default();
random_bytes(&mut shared_secret.bytes); random_bytes(&mut shared_secret.bytes);
encryption_key = Some(TypedSharedSecret::new(best_kind, shared_secret)); let device_encryption_key = TypedSharedSecret::new(best_kind, shared_secret);
// Save the new device encryption key
self.protected_store
.save_user_secret_json("device_encryption_key", &device_encryption_key)
.await?;
encryption_key = Some(device_encryption_key);
} }
// Deserialize all table names // Deserialize all table names

View File

@ -49,70 +49,70 @@ impl VeilidAPI {
//////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////
// Accessors // Accessors
pub fn config(&self) -> Result<VeilidConfig, VeilidAPIError> { pub fn config(&self) -> VeilidAPIResult<VeilidConfig> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.config.clone()); return Ok(context.config.clone());
} }
Err(VeilidAPIError::NotInitialized) Err(VeilidAPIError::NotInitialized)
} }
pub fn crypto(&self) -> Result<Crypto, VeilidAPIError> { pub fn crypto(&self) -> VeilidAPIResult<Crypto> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.crypto.clone()); return Ok(context.crypto.clone());
} }
Err(VeilidAPIError::NotInitialized) Err(VeilidAPIError::NotInitialized)
} }
pub fn table_store(&self) -> Result<TableStore, VeilidAPIError> { pub fn table_store(&self) -> VeilidAPIResult<TableStore> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.table_store.clone()); return Ok(context.table_store.clone());
} }
Err(VeilidAPIError::not_initialized()) Err(VeilidAPIError::not_initialized())
} }
pub fn block_store(&self) -> Result<BlockStore, VeilidAPIError> { pub fn block_store(&self) -> VeilidAPIResult<BlockStore> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.block_store.clone()); return Ok(context.block_store.clone());
} }
Err(VeilidAPIError::not_initialized()) Err(VeilidAPIError::not_initialized())
} }
pub fn protected_store(&self) -> Result<ProtectedStore, VeilidAPIError> { pub fn protected_store(&self) -> VeilidAPIResult<ProtectedStore> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.protected_store.clone()); return Ok(context.protected_store.clone());
} }
Err(VeilidAPIError::not_initialized()) Err(VeilidAPIError::not_initialized())
} }
pub fn attachment_manager(&self) -> Result<AttachmentManager, VeilidAPIError> { pub fn attachment_manager(&self) -> VeilidAPIResult<AttachmentManager> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.attachment_manager.clone()); return Ok(context.attachment_manager.clone());
} }
Err(VeilidAPIError::not_initialized()) Err(VeilidAPIError::not_initialized())
} }
pub fn network_manager(&self) -> Result<NetworkManager, VeilidAPIError> { pub fn network_manager(&self) -> VeilidAPIResult<NetworkManager> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.attachment_manager.network_manager()); return Ok(context.attachment_manager.network_manager());
} }
Err(VeilidAPIError::not_initialized()) Err(VeilidAPIError::not_initialized())
} }
pub fn rpc_processor(&self) -> Result<RPCProcessor, VeilidAPIError> { pub fn rpc_processor(&self) -> VeilidAPIResult<RPCProcessor> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.attachment_manager.network_manager().rpc_processor()); return Ok(context.attachment_manager.network_manager().rpc_processor());
} }
Err(VeilidAPIError::NotInitialized) Err(VeilidAPIError::NotInitialized)
} }
pub fn routing_table(&self) -> Result<RoutingTable, VeilidAPIError> { pub fn routing_table(&self) -> VeilidAPIResult<RoutingTable> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.attachment_manager.network_manager().routing_table()); return Ok(context.attachment_manager.network_manager().routing_table());
} }
Err(VeilidAPIError::NotInitialized) Err(VeilidAPIError::NotInitialized)
} }
pub fn storage_manager(&self) -> Result<StorageManager, VeilidAPIError> { pub fn storage_manager(&self) -> VeilidAPIResult<StorageManager> {
let inner = self.inner.lock(); let inner = self.inner.lock();
if let Some(context) = &inner.context { if let Some(context) = &inner.context {
return Ok(context.storage_manager.clone()); return Ok(context.storage_manager.clone());
@ -124,7 +124,7 @@ impl VeilidAPI {
// Attach/Detach // Attach/Detach
/// Get a full copy of the current state /// Get a full copy of the current state
pub async fn get_state(&self) -> Result<VeilidState, VeilidAPIError> { pub async fn get_state(&self) -> VeilidAPIResult<VeilidState> {
let attachment_manager = self.attachment_manager()?; let attachment_manager = self.attachment_manager()?;
let network_manager = attachment_manager.network_manager(); let network_manager = attachment_manager.network_manager();
let config = self.config()?; let config = self.config()?;
@ -142,7 +142,7 @@ impl VeilidAPI {
/// Connect to the network /// Connect to the network
#[instrument(level = "debug", err, skip_all)] #[instrument(level = "debug", err, skip_all)]
pub async fn attach(&self) -> Result<(), VeilidAPIError> { pub async fn attach(&self) -> VeilidAPIResult<()> {
let attachment_manager = self.attachment_manager()?; let attachment_manager = self.attachment_manager()?;
if !attachment_manager.attach().await { if !attachment_manager.attach().await {
apibail_generic!("Already attached"); apibail_generic!("Already attached");
@ -152,7 +152,7 @@ impl VeilidAPI {
/// Disconnect from the network /// Disconnect from the network
#[instrument(level = "debug", err, skip_all)] #[instrument(level = "debug", err, skip_all)]
pub async fn detach(&self) -> Result<(), VeilidAPIError> { pub async fn detach(&self) -> VeilidAPIResult<()> {
let attachment_manager = self.attachment_manager()?; let attachment_manager = self.attachment_manager()?;
if !attachment_manager.detach().await { if !attachment_manager.detach().await {
apibail_generic!("Already detached"); apibail_generic!("Already detached");
@ -175,7 +175,7 @@ impl VeilidAPI {
/// Returns a route id and a publishable 'blob' with the route encrypted with each crypto kind /// Returns a route id and a publishable 'blob' with the route encrypted with each crypto kind
/// Those nodes importing the blob will have their choice of which crypto kind to use /// Those nodes importing the blob will have their choice of which crypto kind to use
#[instrument(level = "debug", skip(self))] #[instrument(level = "debug", skip(self))]
pub async fn new_private_route(&self) -> Result<(RouteId, Vec<u8>), VeilidAPIError> { pub async fn new_private_route(&self) -> VeilidAPIResult<(RouteId, Vec<u8>)> {
self.new_custom_private_route( self.new_custom_private_route(
&VALID_CRYPTO_KINDS, &VALID_CRYPTO_KINDS,
Stability::default(), Stability::default(),
@ -191,7 +191,7 @@ impl VeilidAPI {
crypto_kinds: &[CryptoKind], crypto_kinds: &[CryptoKind],
stability: Stability, stability: Stability,
sequencing: Sequencing, sequencing: Sequencing,
) -> Result<(RouteId, Vec<u8>), VeilidAPIError> { ) -> VeilidAPIResult<(RouteId, Vec<u8>)> {
let default_route_hop_count: usize = { let default_route_hop_count: usize = {
let config = self.config()?; let config = self.config()?;
let c = config.get(); let c = config.get();
@ -238,14 +238,14 @@ impl VeilidAPI {
} }
#[instrument(level = "debug", skip(self))] #[instrument(level = "debug", skip(self))]
pub fn import_remote_private_route(&self, blob: Vec<u8>) -> Result<RouteId, VeilidAPIError> { pub fn import_remote_private_route(&self, blob: Vec<u8>) -> VeilidAPIResult<RouteId> {
let rss = self.routing_table()?.route_spec_store(); let rss = self.routing_table()?.route_spec_store();
rss.import_remote_private_route(blob) rss.import_remote_private_route(blob)
.map_err(|e| VeilidAPIError::invalid_argument(e, "blob", "private route blob")) .map_err(|e| VeilidAPIError::invalid_argument(e, "blob", "private route blob"))
} }
#[instrument(level = "debug", skip(self))] #[instrument(level = "debug", skip(self))]
pub fn release_private_route(&self, route_id: RouteId) -> Result<(), VeilidAPIError> { pub fn release_private_route(&self, route_id: RouteId) -> VeilidAPIResult<()> {
let rss = self.routing_table()?.route_spec_store(); let rss = self.routing_table()?.route_spec_store();
if !rss.release_route(route_id) { if !rss.release_route(route_id) {
apibail_invalid_argument!("release_private_route", "key", route_id); apibail_invalid_argument!("release_private_route", "key", route_id);
@ -257,11 +257,7 @@ impl VeilidAPI {
// App Calls // App Calls
#[instrument(level = "debug", skip(self))] #[instrument(level = "debug", skip(self))]
pub async fn app_call_reply( pub async fn app_call_reply(&self, id: OperationId, message: Vec<u8>) -> VeilidAPIResult<()> {
&self,
id: OperationId,
message: Vec<u8>,
) -> Result<(), VeilidAPIError> {
let rpc_processor = self.rpc_processor()?; let rpc_processor = self.rpc_processor()?;
rpc_processor rpc_processor
.app_call_reply(id, message) .app_call_reply(id, message)
@ -277,7 +273,7 @@ impl VeilidAPI {
&self, &self,
_endpoint_mode: TunnelMode, _endpoint_mode: TunnelMode,
_depth: u8, _depth: u8,
) -> Result<PartialTunnel, VeilidAPIError> { ) -> VeilidAPIResult<PartialTunnel> {
panic!("unimplemented"); panic!("unimplemented");
} }
@ -287,12 +283,12 @@ impl VeilidAPI {
_endpoint_mode: TunnelMode, _endpoint_mode: TunnelMode,
_depth: u8, _depth: u8,
_partial_tunnel: PartialTunnel, _partial_tunnel: PartialTunnel,
) -> Result<FullTunnel, VeilidAPIError> { ) -> VeilidAPIResult<FullTunnel> {
panic!("unimplemented"); panic!("unimplemented");
} }
#[instrument(level = "debug", err, skip(self))] #[instrument(level = "debug", err, skip(self))]
pub async fn cancel_tunnel(&self, _tunnel_id: TunnelId) -> Result<bool, VeilidAPIError> { pub async fn cancel_tunnel(&self, _tunnel_id: TunnelId) -> VeilidAPIResult<bool> {
panic!("unimplemented"); panic!("unimplemented");
} }
} }

View File

@ -305,7 +305,7 @@ fn get_debug_argument<T, G: FnOnce(&str) -> Option<T>>(
context: &str, context: &str,
argument: &str, argument: &str,
getter: G, getter: G,
) -> Result<T, VeilidAPIError> { ) -> VeilidAPIResult<T> {
let Some(val) = getter(value) else { let Some(val) = getter(value) else {
apibail_invalid_argument!(context, argument, value); apibail_invalid_argument!(context, argument, value);
}; };
@ -317,7 +317,7 @@ fn get_debug_argument_at<T, G: FnOnce(&str) -> Option<T>>(
context: &str, context: &str,
argument: &str, argument: &str,
getter: G, getter: G,
) -> Result<T, VeilidAPIError> { ) -> VeilidAPIResult<T> {
if pos >= debug_args.len() { if pos >= debug_args.len() {
apibail_missing_argument!(context, argument); apibail_missing_argument!(context, argument);
} }
@ -329,7 +329,7 @@ fn get_debug_argument_at<T, G: FnOnce(&str) -> Option<T>>(
} }
impl VeilidAPI { impl VeilidAPI {
async fn debug_buckets(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_buckets(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect(); let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let mut min_state = BucketEntryState::Unreliable; let mut min_state = BucketEntryState::Unreliable;
if args.len() == 1 { if args.len() == 1 {
@ -345,19 +345,19 @@ impl VeilidAPI {
Ok(routing_table.debug_info_buckets(min_state)) Ok(routing_table.debug_info_buckets(min_state))
} }
async fn debug_dialinfo(&self, _args: String) -> Result<String, VeilidAPIError> { async fn debug_dialinfo(&self, _args: String) -> VeilidAPIResult<String> {
// Dump routing table dialinfo // Dump routing table dialinfo
let routing_table = self.network_manager()?.routing_table(); let routing_table = self.network_manager()?.routing_table();
Ok(routing_table.debug_info_dialinfo()) Ok(routing_table.debug_info_dialinfo())
} }
async fn debug_txtrecord(&self, _args: String) -> Result<String, VeilidAPIError> { async fn debug_txtrecord(&self, _args: String) -> VeilidAPIResult<String> {
// Dump routing table txt record // Dump routing table txt record
let routing_table = self.network_manager()?.routing_table(); let routing_table = self.network_manager()?.routing_table();
Ok(routing_table.debug_info_txtrecord().await) Ok(routing_table.debug_info_txtrecord().await)
} }
async fn debug_entries(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_entries(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect(); let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let mut min_state = BucketEntryState::Unreliable; let mut min_state = BucketEntryState::Unreliable;
@ -374,7 +374,7 @@ impl VeilidAPI {
Ok(routing_table.debug_info_entries(min_state)) Ok(routing_table.debug_info_entries(min_state))
} }
async fn debug_entry(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_entry(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect(); let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let routing_table = self.network_manager()?.routing_table(); let routing_table = self.network_manager()?.routing_table();
@ -391,13 +391,13 @@ impl VeilidAPI {
Ok(routing_table.debug_info_entry(node_ref)) Ok(routing_table.debug_info_entry(node_ref))
} }
async fn debug_nodeinfo(&self, _args: String) -> Result<String, VeilidAPIError> { async fn debug_nodeinfo(&self, _args: String) -> VeilidAPIResult<String> {
// Dump routing table entry // Dump routing table entry
let routing_table = self.network_manager()?.routing_table(); let routing_table = self.network_manager()?.routing_table();
Ok(routing_table.debug_info_nodeinfo()) Ok(routing_table.debug_info_nodeinfo())
} }
async fn debug_config(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_config(&self, args: String) -> VeilidAPIResult<String> {
let config = self.config()?; let config = self.config()?;
let args = args.trim_start(); let args = args.trim_start();
if args.is_empty() { if args.is_empty() {
@ -426,7 +426,7 @@ impl VeilidAPI {
Ok("Config value set".to_owned()) Ok("Config value set".to_owned())
} }
async fn debug_restart(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_restart(&self, args: String) -> VeilidAPIResult<String> {
let args = args.trim_start(); let args = args.trim_start();
if args.is_empty() { if args.is_empty() {
apibail_missing_argument!("debug_restart", "arg_0"); apibail_missing_argument!("debug_restart", "arg_0");
@ -452,7 +452,7 @@ impl VeilidAPI {
} }
} }
async fn debug_purge(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_purge(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect(); let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
if !args.is_empty() { if !args.is_empty() {
if args[0] == "buckets" { if args[0] == "buckets" {
@ -504,7 +504,7 @@ impl VeilidAPI {
} }
} }
async fn debug_attach(&self, _args: String) -> Result<String, VeilidAPIError> { async fn debug_attach(&self, _args: String) -> VeilidAPIResult<String> {
if !matches!( if !matches!(
self.get_state().await?.attachment.state, self.get_state().await?.attachment.state,
AttachmentState::Detached AttachmentState::Detached
@ -517,7 +517,7 @@ impl VeilidAPI {
Ok("Attached".to_owned()) Ok("Attached".to_owned())
} }
async fn debug_detach(&self, _args: String) -> Result<String, VeilidAPIError> { async fn debug_detach(&self, _args: String) -> VeilidAPIResult<String> {
if matches!( if matches!(
self.get_state().await?.attachment.state, self.get_state().await?.attachment.state,
AttachmentState::Detaching AttachmentState::Detaching
@ -530,7 +530,7 @@ impl VeilidAPI {
Ok("Detached".to_owned()) Ok("Detached".to_owned())
} }
async fn debug_contact(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_contact(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect(); let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let network_manager = self.network_manager()?; let network_manager = self.network_manager()?;
@ -551,7 +551,7 @@ impl VeilidAPI {
Ok(format!("{:#?}", cm)) Ok(format!("{:#?}", cm))
} }
async fn debug_ping(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_ping(&self, args: String) -> VeilidAPIResult<String> {
let netman = self.network_manager()?; let netman = self.network_manager()?;
let routing_table = netman.routing_table(); let routing_table = netman.routing_table();
let rpc = netman.rpc_processor(); let rpc = netman.rpc_processor();
@ -593,7 +593,7 @@ impl VeilidAPI {
Ok(format!("{:#?}", out)) Ok(format!("{:#?}", out))
} }
async fn debug_route_allocate(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_allocate(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// [ord|*ord] [rel] [<count>] [in|out] [avoid_node_id] // [ord|*ord] [rel] [<count>] [in|out] [avoid_node_id]
let netman = self.network_manager()?; let netman = self.network_manager()?;
@ -652,7 +652,7 @@ impl VeilidAPI {
Ok(out) Ok(out)
} }
async fn debug_route_release(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_release(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id> // <route id>
let netman = self.network_manager()?; let netman = self.network_manager()?;
let routing_table = netman.routing_table(); let routing_table = netman.routing_table();
@ -684,7 +684,7 @@ impl VeilidAPI {
Ok(out) Ok(out)
} }
async fn debug_route_publish(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_publish(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id> [full] // <route id> [full]
let netman = self.network_manager()?; let netman = self.network_manager()?;
let routing_table = netman.routing_table(); let routing_table = netman.routing_table();
@ -736,7 +736,7 @@ impl VeilidAPI {
Ok(out) Ok(out)
} }
async fn debug_route_unpublish(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_unpublish(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id> // <route id>
let netman = self.network_manager()?; let netman = self.network_manager()?;
let routing_table = netman.routing_table(); let routing_table = netman.routing_table();
@ -758,7 +758,7 @@ impl VeilidAPI {
}; };
Ok(out) Ok(out)
} }
async fn debug_route_print(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_print(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id> // <route id>
let netman = self.network_manager()?; let netman = self.network_manager()?;
let routing_table = netman.routing_table(); let routing_table = netman.routing_table();
@ -777,7 +777,7 @@ impl VeilidAPI {
None => Ok("Route does not exist".to_owned()), None => Ok("Route does not exist".to_owned()),
} }
} }
async fn debug_route_list(&self, _args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_list(&self, _args: Vec<String>) -> VeilidAPIResult<String> {
// //
let netman = self.network_manager()?; let netman = self.network_manager()?;
let routing_table = netman.routing_table(); let routing_table = netman.routing_table();
@ -800,7 +800,7 @@ impl VeilidAPI {
Ok(out) Ok(out)
} }
async fn debug_route_import(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_import(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <blob> // <blob>
let blob = get_debug_argument_at(&args, 1, "debug_route", "blob", get_string)?; let blob = get_debug_argument_at(&args, 1, "debug_route", "blob", get_string)?;
@ -820,7 +820,7 @@ impl VeilidAPI {
return Ok(out); return Ok(out);
} }
async fn debug_route_test(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_route_test(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id> // <route id>
let netman = self.network_manager()?; let netman = self.network_manager()?;
let routing_table = netman.routing_table(); let routing_table = netman.routing_table();
@ -848,7 +848,7 @@ impl VeilidAPI {
return Ok(out); return Ok(out);
} }
async fn debug_route(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_route(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect(); let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let command = get_debug_argument_at(&args, 0, "debug_route", "command", get_string)?; let command = get_debug_argument_at(&args, 0, "debug_route", "command", get_string)?;
@ -874,7 +874,7 @@ impl VeilidAPI {
} }
} }
async fn debug_record_list(&self, args: Vec<String>) -> Result<String, VeilidAPIError> { async fn debug_record_list(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <local|remote> // <local|remote>
let storage_manager = self.storage_manager()?; let storage_manager = self.storage_manager()?;
@ -895,7 +895,7 @@ impl VeilidAPI {
return Ok(out); return Ok(out);
} }
async fn debug_record(&self, args: String) -> Result<String, VeilidAPIError> { async fn debug_record(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect(); let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let command = get_debug_argument_at(&args, 0, "debug_record", "command", get_string)?; let command = get_debug_argument_at(&args, 0, "debug_record", "command", get_string)?;
@ -907,7 +907,7 @@ impl VeilidAPI {
} }
} }
pub async fn debug_help(&self, _args: String) -> Result<String, VeilidAPIError> { pub async fn debug_help(&self, _args: String) -> VeilidAPIResult<String> {
Ok(r#">>> Debug commands: Ok(r#">>> Debug commands:
help help
buckets [dead|reliable] buckets [dead|reliable]
@ -947,7 +947,7 @@ impl VeilidAPI {
.to_owned()) .to_owned())
} }
pub async fn debug(&self, args: String) -> Result<String, VeilidAPIError> { pub async fn debug(&self, args: String) -> VeilidAPIResult<String> {
let res = { let res = {
let args = args.trim_start(); let args = args.trim_start();
if args.is_empty() { if args.is_empty() {

View File

@ -45,11 +45,11 @@ impl RoutingContext {
} }
} }
pub fn with_privacy(self) -> Result<Self, VeilidAPIError> { pub fn with_privacy(self) -> VeilidAPIResult<Self> {
self.with_custom_privacy(Stability::default()) self.with_custom_privacy(Stability::default())
} }
pub fn with_custom_privacy(self, stability: Stability) -> Result<Self, VeilidAPIError> { pub fn with_custom_privacy(self, stability: Stability) -> VeilidAPIResult<Self> {
let config = self.api.config()?; let config = self.api.config()?;
let c = config.get(); let c = config.get();
@ -96,10 +96,7 @@ impl RoutingContext {
self.api.clone() self.api.clone()
} }
async fn get_destination( async fn get_destination(&self, target: Target) -> VeilidAPIResult<rpc_processor::Destination> {
&self,
target: Target,
) -> Result<rpc_processor::Destination, VeilidAPIError> {
let rpc_processor = self.api.rpc_processor()?; let rpc_processor = self.api.rpc_processor()?;
match target { match target {
@ -141,11 +138,7 @@ impl RoutingContext {
// App-level Messaging // App-level Messaging
#[instrument(level = "debug", err, skip(self))] #[instrument(level = "debug", err, skip(self))]
pub async fn app_call( pub async fn app_call(&self, target: Target, request: Vec<u8>) -> VeilidAPIResult<Vec<u8>> {
&self,
target: Target,
request: Vec<u8>,
) -> Result<Vec<u8>, VeilidAPIError> {
let rpc_processor = self.api.rpc_processor()?; let rpc_processor = self.api.rpc_processor()?;
// Get destination // Get destination
@ -170,11 +163,7 @@ impl RoutingContext {
} }
#[instrument(level = "debug", err, skip(self))] #[instrument(level = "debug", err, skip(self))]
pub async fn app_message( pub async fn app_message(&self, target: Target, message: Vec<u8>) -> VeilidAPIResult<()> {
&self,
target: Target,
message: Vec<u8>,
) -> Result<(), VeilidAPIError> {
let rpc_processor = self.api.rpc_processor()?; let rpc_processor = self.api.rpc_processor()?;
// Get destination // Get destination
@ -206,7 +195,7 @@ impl RoutingContext {
&self, &self,
kind: CryptoKind, kind: CryptoKind,
schema: DHTSchema, schema: DHTSchema,
) -> Result<DHTRecordDescriptor, VeilidAPIError> { ) -> VeilidAPIResult<DHTRecordDescriptor> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager storage_manager
.create_record(kind, schema, self.unlocked_inner.safety_selection) .create_record(kind, schema, self.unlocked_inner.safety_selection)
@ -220,7 +209,7 @@ impl RoutingContext {
&self, &self,
key: TypedKey, key: TypedKey,
writer: Option<KeyPair>, writer: Option<KeyPair>,
) -> Result<DHTRecordDescriptor, VeilidAPIError> { ) -> VeilidAPIResult<DHTRecordDescriptor> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager storage_manager
.open_record(key, writer, self.unlocked_inner.safety_selection) .open_record(key, writer, self.unlocked_inner.safety_selection)
@ -229,7 +218,7 @@ impl RoutingContext {
/// Closes a DHT record at a specific key that was opened with create_dht_record or open_dht_record. /// Closes a DHT record at a specific key that was opened with create_dht_record or open_dht_record.
/// Closing a record allows you to re-open it with a different routing context /// Closing a record allows you to re-open it with a different routing context
pub async fn close_dht_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> { pub async fn close_dht_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager.close_record(key).await storage_manager.close_record(key).await
} }
@ -237,7 +226,7 @@ impl RoutingContext {
/// Deletes a DHT record at a specific key. If the record is opened, it must be closed before it is deleted. /// Deletes a DHT record at a specific key. If the record is opened, it must be closed before it is deleted.
/// Deleting a record does not delete it from the network, but will remove the storage of the record /// Deleting a record does not delete it from the network, but will remove the storage of the record
/// locally, and will prevent its value from being refreshed on the network by this node. /// locally, and will prevent its value from being refreshed on the network by this node.
pub async fn delete_dht_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> { pub async fn delete_dht_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager.delete_record(key).await storage_manager.delete_record(key).await
} }
@ -251,7 +240,7 @@ impl RoutingContext {
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
force_refresh: bool, force_refresh: bool,
) -> Result<Option<ValueData>, VeilidAPIError> { ) -> VeilidAPIResult<Option<ValueData>> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager.get_value(key, subkey, force_refresh).await storage_manager.get_value(key, subkey, force_refresh).await
} }
@ -264,7 +253,7 @@ impl RoutingContext {
key: TypedKey, key: TypedKey,
subkey: ValueSubkey, subkey: ValueSubkey,
data: Vec<u8>, data: Vec<u8>,
) -> Result<Option<ValueData>, VeilidAPIError> { ) -> VeilidAPIResult<Option<ValueData>> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager.set_value(key, subkey, data).await storage_manager.set_value(key, subkey, data).await
} }
@ -280,7 +269,7 @@ impl RoutingContext {
subkeys: ValueSubkeyRangeSet, subkeys: ValueSubkeyRangeSet,
expiration: Timestamp, expiration: Timestamp,
count: u32, count: u32,
) -> Result<Timestamp, VeilidAPIError> { ) -> VeilidAPIResult<Timestamp> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager storage_manager
.watch_values(key, subkeys, expiration, count) .watch_values(key, subkeys, expiration, count)
@ -293,7 +282,7 @@ impl RoutingContext {
&self, &self,
key: TypedKey, key: TypedKey,
subkeys: ValueSubkeyRangeSet, subkeys: ValueSubkeyRangeSet,
) -> Result<bool, VeilidAPIError> { ) -> VeilidAPIResult<bool> {
let storage_manager = self.api.storage_manager()?; let storage_manager = self.api.storage_manager()?;
storage_manager.cancel_watch_values(key, subkeys).await storage_manager.cancel_watch_values(key, subkeys).await
} }
@ -301,11 +290,11 @@ impl RoutingContext {
/////////////////////////////////// ///////////////////////////////////
/// Block Store /// Block Store
pub async fn find_block(&self, _block_id: PublicKey) -> Result<Vec<u8>, VeilidAPIError> { pub async fn find_block(&self, _block_id: PublicKey) -> VeilidAPIResult<Vec<u8>> {
panic!("unimplemented"); panic!("unimplemented");
} }
pub async fn supply_block(&self, _block_id: PublicKey) -> Result<bool, VeilidAPIError> { pub async fn supply_block(&self, _block_id: PublicKey) -> VeilidAPIResult<bool> {
panic!("unimplemented"); panic!("unimplemented");
} }
} }

View File

@ -3,9 +3,7 @@ use super::*;
// Don't trace these functions as they are used in the transfer of API logs, which will recurse! // Don't trace these functions as they are used in the transfer of API logs, which will recurse!
// #[instrument(level = "trace", ret, err)] // #[instrument(level = "trace", ret, err)]
pub fn deserialize_json<'a, T: de::Deserialize<'a> + Debug>( pub fn deserialize_json<'a, T: de::Deserialize<'a> + Debug>(arg: &'a str) -> VeilidAPIResult<T> {
arg: &'a str,
) -> Result<T, VeilidAPIError> {
serde_json::from_str(arg).map_err(|e| VeilidAPIError::ParseError { serde_json::from_str(arg).map_err(|e| VeilidAPIError::ParseError {
message: e.to_string(), message: e.to_string(),
value: format!( value: format!(
@ -19,7 +17,7 @@ pub fn deserialize_json<'a, T: de::Deserialize<'a> + Debug>(
// #[instrument(level = "trace", ret, err)] // #[instrument(level = "trace", ret, err)]
pub fn deserialize_opt_json<T: de::DeserializeOwned + Debug>( pub fn deserialize_opt_json<T: de::DeserializeOwned + Debug>(
arg: Option<String>, arg: Option<String>,
) -> Result<T, VeilidAPIError> { ) -> VeilidAPIResult<T> {
let arg = arg.as_ref().ok_or_else(|| VeilidAPIError::ParseError { let arg = arg.as_ref().ok_or_else(|| VeilidAPIError::ParseError {
message: "invalid null string".to_owned(), message: "invalid null string".to_owned(),
value: format!( value: format!(

View File

@ -1,7 +1,7 @@
use crate::*; use crate::*;
//////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////////////
pub type ConfigCallbackReturn = Result<Box<dyn core::any::Any + Send>, VeilidAPIError>; pub type ConfigCallbackReturn = VeilidAPIResult<Box<dyn core::any::Any + Send>>;
pub type ConfigCallback = Arc<dyn Fn(String) -> ConfigCallbackReturn + Send + Sync>; pub type ConfigCallback = Arc<dyn Fn(String) -> ConfigCallbackReturn + Send + Sync>;
/// Enable and configure HTTPS access to the Veilid node /// Enable and configure HTTPS access to the Veilid node
@ -585,7 +585,7 @@ impl VeilidConfig {
&mut self, &mut self,
config: String, config: String,
update_cb: UpdateCallback, update_cb: UpdateCallback,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
self.update_cb = Some(update_cb); self.update_cb = Some(update_cb);
self.with_mut(|inner| { self.with_mut(|inner| {
@ -594,11 +594,7 @@ impl VeilidConfig {
}) })
} }
pub fn setup( pub fn setup(&mut self, cb: ConfigCallback, update_cb: UpdateCallback) -> VeilidAPIResult<()> {
&mut self,
cb: ConfigCallback,
update_cb: UpdateCallback,
) -> Result<(), VeilidAPIError> {
self.update_cb = Some(update_cb); self.update_cb = Some(update_cb);
self.with_mut(|inner| { self.with_mut(|inner| {
// Simple config transformation // Simple config transformation
@ -738,9 +734,9 @@ impl VeilidConfig {
safe_cfg safe_cfg
} }
pub fn with_mut<F, R>(&self, f: F) -> Result<R, VeilidAPIError> pub fn with_mut<F, R>(&self, f: F) -> VeilidAPIResult<R>
where where
F: FnOnce(&mut VeilidConfigInner) -> Result<R, VeilidAPIError>, F: FnOnce(&mut VeilidConfigInner) -> VeilidAPIResult<R>,
{ {
let out = { let out = {
let inner = &mut *self.inner.write(); let inner = &mut *self.inner.write();
@ -764,7 +760,7 @@ impl VeilidConfig {
Ok(out) Ok(out)
} }
pub fn get_key_json(&self, key: &str) -> Result<String, VeilidAPIError> { pub fn get_key_json(&self, key: &str) -> VeilidAPIResult<String> {
let c = self.get(); let c = self.get();
// Generate json from whole config // Generate json from whole config
@ -787,7 +783,7 @@ impl VeilidConfig {
Ok(out.to_string()) Ok(out.to_string())
} }
} }
pub fn set_key_json(&self, key: &str, value: &str) -> Result<(), VeilidAPIError> { pub fn set_key_json(&self, key: &str, value: &str) -> VeilidAPIResult<()> {
self.with_mut(|c| { self.with_mut(|c| {
// Split key into path parts // Split key into path parts
let keypath: Vec<&str> = key.split('.').collect(); let keypath: Vec<&str> = key.split('.').collect();
@ -824,7 +820,7 @@ impl VeilidConfig {
}) })
} }
fn validate(inner: &VeilidConfigInner) -> Result<(), VeilidAPIError> { fn validate(inner: &VeilidConfigInner) -> VeilidAPIResult<()> {
if inner.program_name.is_empty() { if inner.program_name.is_empty() {
apibail_generic!("Program name must not be empty in 'program_name'"); apibail_generic!("Program name must not be empty in 'program_name'");
} }
@ -929,12 +925,12 @@ impl VeilidConfig {
Ok(()) Ok(())
} }
#[cfg(not(test))] //xxx#[cfg(not(test))]
async fn init_node_id( async fn init_node_id(
&self, &self,
vcrypto: CryptoSystemVersion, vcrypto: CryptoSystemVersion,
protected_store: intf::ProtectedStore, table_store: TableStore,
) -> Result<(TypedKey, TypedSecret), VeilidAPIError> { ) -> VeilidAPIResult<(TypedKey, TypedSecret)> {
let ck = vcrypto.kind(); let ck = vcrypto.kind();
let mut node_id = self.inner.read().network.routing_table.node_id.get(ck); let mut node_id = self.inner.read().network.routing_table.node_id.get(ck);
let mut node_id_secret = self let mut node_id_secret = self
@ -945,45 +941,36 @@ impl VeilidConfig {
.node_id_secret .node_id_secret
.get(ck); .get(ck);
// See if node id was previously stored in the protected store // See if node id was previously stored in the table store
let config_table = table_store.open("__veilid_config", 1).await?;
let table_key_node_id = format!("node_id_{}", ck);
let table_key_node_id_secret = format!("node_id_secret_{}", ck);
if node_id.is_none() { if node_id.is_none() {
debug!("pulling node_id_{} from storage", ck); debug!("pulling {} from storage", table_key_node_id);
if let Some(s) = protected_store if let Ok(Some(stored_node_id)) = config_table
.load_user_secret_string(format!("node_id_{}", ck)) .load_json::<TypedKey>(0, table_key_node_id.as_bytes())
.await .await
.map_err(VeilidAPIError::internal)?
{ {
debug!("node_id_{} found in storage", ck); debug!("{} found in storage", table_key_node_id);
node_id = match TypedKey::from_str(s.as_str()) { node_id = Some(stored_node_id);
Ok(v) => Some(v),
Err(_) => {
debug!("node id in protected store is not valid");
None
}
}
} else { } else {
debug!("node_id_{} not found in storage", ck); debug!("{} not found in storage", table_key_node_id);
} }
} }
// See if node id secret was previously stored in the protected store // See if node id secret was previously stored in the protected store
if node_id_secret.is_none() { if node_id_secret.is_none() {
debug!("pulling node id secret from storage"); debug!("pulling {} from storage", table_key_node_id_secret);
if let Some(s) = protected_store if let Ok(Some(stored_node_id_secret)) = config_table
.load_user_secret_string(format!("node_id_secret_{}", ck)) .load_json::<TypedSecret>(0, table_key_node_id_secret.as_bytes())
.await .await
.map_err(VeilidAPIError::internal)?
{ {
debug!("node_id_secret_{} found in storage", ck); debug!("{} found in storage", table_key_node_id_secret);
node_id_secret = match TypedSecret::from_str(s.as_str()) { node_id_secret = Some(stored_node_id_secret);
Ok(v) => Some(v),
Err(_) => {
debug!("node id secret in protected store is not valid");
None
}
}
} else { } else {
debug!("node_id_secret_{} not found in storage", ck); debug!("{} not found in storage", table_key_node_id_secret);
} }
} }
@ -1007,14 +994,12 @@ impl VeilidConfig {
info!("Node Id: {}", node_id); info!("Node Id: {}", node_id);
// Save the node id / secret in storage // Save the node id / secret in storage
protected_store config_table
.save_user_secret_string(format!("node_id_{}", ck), node_id.to_string()) .store_json(0, table_key_node_id.as_bytes(), &node_id)
.await .await?;
.map_err(VeilidAPIError::internal)?; config_table
protected_store .store_json(0, table_key_node_id_secret.as_bytes(), &node_id_secret)
.save_user_secret_string(format!("node_id_secret_{}", ck), node_id_secret.to_string()) .await?;
.await
.map_err(VeilidAPIError::internal)?;
Ok((node_id, node_id_secret)) Ok((node_id, node_id_secret))
} }
@ -1025,8 +1010,8 @@ impl VeilidConfig {
pub async fn init_node_ids( pub async fn init_node_ids(
&self, &self,
crypto: Crypto, crypto: Crypto,
protected_store: intf::ProtectedStore, table_store: TableStore,
) -> Result<(), VeilidAPIError> { ) -> VeilidAPIResult<()> {
let mut out_node_id = TypedKeySet::new(); let mut out_node_id = TypedKeySet::new();
let mut out_node_id_secret = TypedSecretSet::new(); let mut out_node_id_secret = TypedSecretSet::new();
@ -1041,8 +1026,7 @@ impl VeilidConfig {
(TypedKey::new(ck, kp.key), TypedSecret::new(ck, kp.secret)) (TypedKey::new(ck, kp.key), TypedSecret::new(ck, kp.secret))
}; };
#[cfg(not(test))] #[cfg(not(test))]
let (node_id, node_id_secret) = let (node_id, node_id_secret) = self.init_node_id(vcrypto, table_store.clone()).await?;
self.init_node_id(vcrypto, protected_store.clone()).await?;
// Save for config // Save for config
out_node_id.add(node_id); out_node_id.add(node_id);

View File

@ -19,7 +19,7 @@ use veilid_core::*;
// Encoding for ApiResult // Encoding for ApiResult
fn encode_api_result<T: Serialize + fmt::Debug>( fn encode_api_result<T: Serialize + fmt::Debug>(
result: &Result<T, VeilidAPIError>, result: &VeilidAPIResult<T>,
builder: &mut api_result::Builder, builder: &mut api_result::Builder,
) { ) {
match result { match result {