Git-Mirrors/veilid
1
0
Fork 0
mirror of https://gitlab.com/veilid/veilid.git synced 2025-01-12 07:49:49 -05:00
Code Issues Packages Projects Releases Wiki Activity

reduce dependence on protected store and move keys to encrypted table store

Browse Source
This commit is contained in:
John Smith 2023-05-25 18:28:03 +01:00
parent 4994f54039
commit a01e593480
38 changed files with 235 additions and 400 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
veilid-cli/src/client_api_connection.rs
View File

@ -38,7 +38,7 @@ fn map_to_internal_error<T: ToString>(e: T) -> VeilidAPIError {
fn decode_api_result<T: DeserializeOwned + fmt::Debug>(
reader: &api_result::Reader,
) -> Result<T, VeilidAPIError> {
) -> VeilidAPIResult<T> {
match reader.which().map_err(map_to_internal_error)? {
api_result::Which::Ok(v) => {
let ok_val = v.map_err(map_to_internal_error)?;
@ -355,7 +355,7 @@ impl ClientApiConnection {
.map_err(map_to_string)?
.get_result()
.map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader);
let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string)
}
@ -379,7 +379,7 @@ impl ClientApiConnection {
.map_err(map_to_string)?
.get_result()
.map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader);
let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string)
}
@ -422,7 +422,7 @@ impl ClientApiConnection {
.map_err(map_to_string)?
.get_result()
.map_err(map_to_string)?;
let res: Result<String, VeilidAPIError> = decode_api_result(&reader);
let res: VeilidAPIResult<String> = decode_api_result(&reader);
res.map_err(map_to_string)
}
@ -453,7 +453,7 @@ impl ClientApiConnection {
.map_err(map_to_string)?
.get_result()
.map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader);
let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string)
}
@ -483,7 +483,7 @@ impl ClientApiConnection {
.map_err(map_to_string)?
.get_result()
.map_err(map_to_string)?;
let res: Result<(), VeilidAPIError> = decode_api_result(&reader);
let res: VeilidAPIResult<()> = decode_api_result(&reader);
res.map_err(map_to_string)
}

10
veilid-core/src/core_context.rs
View File

@ -206,7 +206,7 @@ impl VeilidCoreContext {
async fn new_with_config_callback(
update_callback: UpdateCallback,
config_callback: ConfigCallback,
) -> Result<VeilidCoreContext, VeilidAPIError> {
) -> VeilidAPIResult<VeilidCoreContext> {
// Set up config from callback
trace!("setup config with callback");
let mut config = VeilidConfig::new();
@ -219,7 +219,7 @@ impl VeilidCoreContext {
async fn new_with_config_json(
update_callback: UpdateCallback,
config_json: String,
) -> Result<VeilidCoreContext, VeilidAPIError> {
) -> VeilidAPIResult<VeilidCoreContext> {
// Set up config from callback
trace!("setup config with json");
let mut config = VeilidConfig::new();
@ -231,7 +231,7 @@ impl VeilidCoreContext {
async fn new_common(
update_callback: UpdateCallback,
config: VeilidConfig,
) -> Result<VeilidCoreContext, VeilidAPIError> {
) -> VeilidAPIResult<VeilidCoreContext> {
cfg_if! {
if #[cfg(target_os = "android")] {
if !crate::intf::android::is_android_ready() {
@ -281,7 +281,7 @@ lazy_static::lazy_static! {
pub async fn api_startup(
update_callback: UpdateCallback,
config_callback: ConfigCallback,
) -> Result<VeilidAPI, VeilidAPIError> {
) -> VeilidAPIResult<VeilidAPI> {
// See if we have an API started up already
let mut initialized_lock = INITIALIZED.lock().await;
if *initialized_lock {
@ -304,7 +304,7 @@ pub async fn api_startup(
pub async fn api_startup_json(
update_callback: UpdateCallback,
config_json: String,
) -> Result<VeilidAPI, VeilidAPIError> {
) -> VeilidAPIResult<VeilidAPI> {
// See if we have an API started up already
let mut initialized_lock = INITIALIZED.lock().await;
if *initialized_lock {

6
veilid-core/src/crypto/byte_array_types.rs
View File

@ -66,11 +66,11 @@ where
{
fn encode(&self) -> String;
fn encoded_len() -> usize;
fn try_decode<S: AsRef<str>>(input: S) -> Result<Self, VeilidAPIError> {
fn try_decode<S: AsRef<str>>(input: S) -> VeilidAPIResult<Self> {
let b = input.as_ref().as_bytes();
Self::try_decode_bytes(b)
}
fn try_decode_bytes(b: &[u8]) -> Result<Self, VeilidAPIError>;
fn try_decode_bytes(b: &[u8]) -> VeilidAPIResult<Self>;
}
//////////////////////////////////////////////////////////////////////
@ -180,7 +180,7 @@ macro_rules! byte_array_type {
fn encoded_len() -> usize {
$encoded_size
}
fn try_decode_bytes(b: &[u8]) -> Result<Self, VeilidAPIError> {
fn try_decode_bytes(b: &[u8]) -> VeilidAPIResult<Self> {
let mut bytes = [0u8; $size];
let res = BASE64URL_NOPAD.decode_len(b.len());
match res {

52
veilid-core/src/crypto/crypto_system.rs
View File

@ -6,36 +6,20 @@ pub trait CryptoSystem {
fn crypto(&self) -> Crypto;
// Cached Operations
fn cached_dh(
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError>;
fn cached_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret>;
// Generation
fn random_bytes(&self, len: u32) -> Vec<u8>;
fn default_salt_length(&self) -> u32;
fn hash_password(&self, password: &[u8], salt: &[u8]) -> Result<String, VeilidAPIError>;
fn verify_password(&self, password: &[u8], password_hash: &str)
-> Result<bool, VeilidAPIError>;
fn derive_shared_secret(
&self,
password: &[u8],
salt: &[u8],
) -> Result<SharedSecret, VeilidAPIError>;
fn hash_password(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<String>;
fn verify_password(&self, password: &[u8], password_hash: &str) -> VeilidAPIResult<bool>;
fn derive_shared_secret(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<SharedSecret>;
fn random_nonce(&self) -> Nonce;
fn random_shared_secret(&self) -> SharedSecret;
fn compute_dh(
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError>;
fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret>;
fn generate_keypair(&self) -> KeyPair;
fn generate_hash(&self, data: &[u8]) -> HashDigest;
fn generate_hash_reader(
&self,
reader: &mut dyn std::io::Read,
) -> Result<HashDigest, VeilidAPIError>;
fn generate_hash_reader(&self, reader: &mut dyn std::io::Read) -> VeilidAPIResult<HashDigest>;
// Validation
fn validate_keypair(&self, key: &PublicKey, secret: &SecretKey) -> bool;
@ -44,24 +28,14 @@ pub trait CryptoSystem {
&self,
reader: &mut dyn std::io::Read,
hash: &HashDigest,
) -> Result<bool, VeilidAPIError>;
) -> VeilidAPIResult<bool>;
// Distance Metric
fn distance(&self, key1: &CryptoKey, key2: &CryptoKey) -> CryptoKeyDistance;
// Authentication
fn sign(
&self,
key: &PublicKey,
secret: &SecretKey,
data: &[u8],
) -> Result<Signature, VeilidAPIError>;
fn verify(
&self,
key: &PublicKey,
data: &[u8],
signature: &Signature,
) -> Result<(), VeilidAPIError>;
fn sign(&self, key: &PublicKey, secret: &SecretKey, data: &[u8]) -> VeilidAPIResult<Signature>;
fn verify(&self, key: &PublicKey, data: &[u8], signature: &Signature) -> VeilidAPIResult<()>;
// AEAD Encrypt/Decrypt
fn aead_overhead(&self) -> usize;
@ -71,28 +45,28 @@ pub trait CryptoSystem {
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError>;
) -> VeilidAPIResult<()>;
fn decrypt_aead(
&self,
body: &[u8],
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError>;
) -> VeilidAPIResult<Vec<u8>>;
fn encrypt_in_place_aead(
&self,
body: &mut Vec<u8>,
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError>;
) -> VeilidAPIResult<()>;
fn encrypt_aead(
&self,
body: &[u8],
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError>;
) -> VeilidAPIResult<Vec<u8>>;
// NoAuth Encrypt/Decrypt
fn crypt_in_place_no_auth(

6
veilid-core/src/crypto/envelope.rs
View File

@ -66,7 +66,7 @@ impl Envelope {
}
}
pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> Result<Envelope, VeilidAPIError> {
pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> VeilidAPIResult<Envelope> {
// Ensure we are at least the length of the envelope
// Silent drop here, as we use zero length packets as part of the protocol for hole punching
if data.len() < MIN_ENVELOPE_SIZE {
@ -175,7 +175,7 @@ impl Envelope {
crypto: Crypto,
data: &[u8],
node_id_secret: &SecretKey,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
// Get DH secret
let vcrypto = crypto
.get(self.crypto_kind)
@ -197,7 +197,7 @@ impl Envelope {
crypto: Crypto,
body: &[u8],
node_id_secret: &SecretKey,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
// Ensure body isn't too long
let envelope_size: usize = body.len() + MIN_ENVELOPE_SIZE;
if envelope_size > MAX_ENVELOPE_SIZE {

10
veilid-core/src/crypto/mod.rs
View File

@ -146,7 +146,7 @@ impl Crypto {
if let Err(e) = self
.unlocked_inner
.config
.init_node_ids(self.clone(), self.unlocked_inner.protected_store.clone())
.init_node_ids(self.clone(), table_store.clone())
.await
{
return Err(e).wrap_err("init node id failed");
@ -267,7 +267,7 @@ impl Crypto {
node_ids: &[TypedKey],
data: &[u8],
typed_signatures: &[TypedSignature],
) -> Result<TypedKeySet, VeilidAPIError> {
) -> VeilidAPIResult<TypedKeySet> {
let mut out = TypedKeySet::with_capacity(node_ids.len());
for sig in typed_signatures {
for nid in node_ids {
@ -290,7 +290,7 @@ impl Crypto {
data: &[u8],
typed_key_pairs: &[TypedKeyPair],
transform: F,
) -> Result<Vec<R>, VeilidAPIError>
) -> VeilidAPIResult<Vec<R>>
where
F: Fn(&TypedKeyPair, Signature) -> R,
{
@ -306,7 +306,7 @@ impl Crypto {
/// Generate keypair
/// Does not require startup/init
pub fn generate_keypair(crypto_kind: CryptoKind) -> Result<TypedKeyPair, VeilidAPIError> {
pub fn generate_keypair(crypto_kind: CryptoKind) -> VeilidAPIResult<TypedKeyPair> {
#[cfg(feature = "enable-crypto-vld0")]
if crypto_kind == CRYPTO_KIND_VLD0 {
let kp = vld0_generate_keypair();
@ -327,7 +327,7 @@ impl Crypto {
vcrypto: &T,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
) -> VeilidAPIResult<SharedSecret> {
Ok(
match self.inner.lock().dh_cache.entry(
DHCacheKey {

45
veilid-core/src/crypto/none/mod.rs
View File

@ -71,11 +71,7 @@ impl CryptoSystem for CryptoSystemNONE {
}
// Cached Operations
fn cached_dh(
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
fn cached_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
self.crypto
.cached_dh_internal::<CryptoSystemNONE>(self, key, secret)
}
@ -89,7 +85,7 @@ impl CryptoSystem for CryptoSystemNONE {
fn default_salt_length(&self) -> u32 {
4
}
fn hash_password(&self, password: &[u8], salt: &[u8]) -> Result<String, VeilidAPIError> {
fn hash_password(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<String> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length");
}
@ -99,11 +95,7 @@ impl CryptoSystem for CryptoSystemNONE {
BASE64URL_NOPAD.encode(password)
))
}
fn verify_password(
&self,
password: &[u8],
password_hash: &str,
) -> Result<bool, VeilidAPIError> {
fn verify_password(&self, password: &[u8], password_hash: &str) -> VeilidAPIResult<bool> {
let Some((salt, _)) = password_hash.split_once(":") else {
apibail_generic!("invalid format");
};
@ -113,11 +105,7 @@ impl CryptoSystem for CryptoSystemNONE {
return Ok(&self.hash_password(password, &salt)? == password_hash);
}
fn derive_shared_secret(
&self,
password: &[u8],
salt: &[u8],
) -> Result<SharedSecret, VeilidAPIError> {
fn derive_shared_secret(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<SharedSecret> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length");
}
@ -136,11 +124,7 @@ impl CryptoSystem for CryptoSystemNONE {
random_bytes(&mut s).unwrap();
SharedSecret::new(s)
}
fn compute_dh(
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
let s = do_xor_32(&key.bytes, &secret.bytes);
Ok(SharedSecret::new(s))
}
@ -150,10 +134,7 @@ impl CryptoSystem for CryptoSystemNONE {
fn generate_hash(&self, data: &[u8]) -> PublicKey {
PublicKey::new(*blake3::hash(data).as_bytes())
}
fn generate_hash_reader(
&self,
reader: &mut dyn std::io::Read,
) -> Result<PublicKey, VeilidAPIError> {
fn generate_hash_reader(&self, reader: &mut dyn std::io::Read) -> VeilidAPIResult<PublicKey> {
let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
Ok(PublicKey::new(*hasher.finalize().as_bytes()))
@ -178,7 +159,7 @@ impl CryptoSystem for CryptoSystemNONE {
&self,
reader: &mut dyn std::io::Read,
dht_key: &PublicKey,
) -> Result<bool, VeilidAPIError> {
) -> VeilidAPIResult<bool> {
let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
let bytes = *hasher.finalize().as_bytes();
@ -201,7 +182,7 @@ impl CryptoSystem for CryptoSystemNONE {
dht_key: &PublicKey,
dht_key_secret: &SecretKey,
data: &[u8],
) -> Result<Signature, VeilidAPIError> {
) -> VeilidAPIResult<Signature> {
if !is_bytes_eq_32(&do_xor_32(&dht_key.bytes, &dht_key_secret.bytes), 0xFFu8) {
return Err(VeilidAPIError::parse_error(
"Keypair is invalid",
@ -224,7 +205,7 @@ impl CryptoSystem for CryptoSystemNONE {
dht_key: &PublicKey,
data: &[u8],
signature: &Signature,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
let mut dig = Blake3Digest512::new();
dig.update(data);
let sig = dig.finalize();
@ -261,7 +242,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce,
shared_secret: &SharedSecret,
_associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
let mut blob = nonce.bytes.to_vec();
blob.extend_from_slice(&[0u8; 8]);
let blob = do_xor_32(&blob, &shared_secret.bytes);
@ -283,7 +264,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec();
self.decrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string)
@ -297,7 +278,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce,
shared_secret: &SharedSecret,
_associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
let mut blob = nonce.bytes.to_vec();
blob.extend_from_slice(&[0u8; 8]);
let blob = do_xor_32(&blob, &shared_secret.bytes);
@ -312,7 +293,7 @@ impl CryptoSystem for CryptoSystemNONE {
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec();
self.encrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string)

10
veilid-core/src/crypto/receipt.rs
View File

@ -49,7 +49,7 @@ impl Receipt {
nonce: Nonce,
sender_id: PublicKey,
extra_data: D,
) -> Result<Self, VeilidAPIError> {
) -> VeilidAPIResult<Self> {
assert!(VALID_ENVELOPE_VERSIONS.contains(&version));
assert!(VALID_CRYPTO_KINDS.contains(&crypto_kind));
@ -68,7 +68,7 @@ impl Receipt {
})
}
pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> Result<Receipt, VeilidAPIError> {
pub fn from_signed_data(crypto: Crypto, data: &[u8]) -> VeilidAPIResult<Receipt> {
// Ensure we are at least the length of the envelope
if data.len() < MIN_RECEIPT_SIZE {
apibail_parse_error!("receipt too small", data.len());
@ -153,11 +153,7 @@ impl Receipt {
})
}
pub fn to_signed_data(
&self,
crypto: Crypto,
secret: &SecretKey,
) -> Result<Vec<u8>, VeilidAPIError> {
pub fn to_signed_data(&self, crypto: Crypto, secret: &SecretKey) -> VeilidAPIResult<Vec<u8>> {
// Ensure extra data isn't too long
let receipt_size: usize = self.extra_data.len() + MIN_RECEIPT_SIZE;
if receipt_size > MAX_RECEIPT_SIZE {

2
veilid-core/src/crypto/types/keypair.rs
View File

@ -39,7 +39,7 @@ impl Encodable for KeyPair {
fn encoded_len() -> usize {
PublicKey::encoded_len() + 1 + SecretKey::encoded_len()
}
fn try_decode_bytes(b: &[u8]) -> Result<Self, VeilidAPIError> {
fn try_decode_bytes(b: &[u8]) -> VeilidAPIResult<Self> {
if b.len() != Self::encoded_len() {
apibail_parse_error!("input has wrong encoded length", format!("len={}", b.len()));
}

49
veilid-core/src/crypto/vld0/mod.rs
View File

@ -17,7 +17,7 @@ use x25519_dalek as xd;
const AEAD_OVERHEAD: usize = 16;
pub const CRYPTO_KIND_VLD0: CryptoKind = FourCC([b'V', b'L', b'D', b'0']);
fn ed25519_to_x25519_pk(key: &ed::PublicKey) -> Result<xd::PublicKey, VeilidAPIError> {
fn ed25519_to_x25519_pk(key: &ed::PublicKey) -> VeilidAPIResult<xd::PublicKey> {
let bytes = key.to_bytes();
let compressed = cd::edwards::CompressedEdwardsY(bytes);
let point = compressed
@ -26,7 +26,7 @@ fn ed25519_to_x25519_pk(key: &ed::PublicKey) -> Result<xd::PublicKey, VeilidAPIE
let mp = point.to_montgomery();
Ok(xd::PublicKey::from(mp.to_bytes()))
}
fn ed25519_to_x25519_sk(key: &ed::SecretKey) -> Result<xd::StaticSecret, VeilidAPIError> {
fn ed25519_to_x25519_sk(key: &ed::SecretKey) -> VeilidAPIResult<xd::StaticSecret> {
let exp = ed::ExpandedSecretKey::from(key);
let bytes: [u8; ed::EXPANDED_SECRET_KEY_LENGTH] = exp.to_bytes();
let lowbytes: [u8; 32] = bytes[0..32].try_into().map_err(VeilidAPIError::internal)?;
@ -65,11 +65,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
}
// Cached Operations
fn cached_dh(
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
fn cached_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
self.crypto
.cached_dh_internal::<CryptoSystemVLD0>(self, key, secret)
}
@ -83,7 +79,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
fn default_salt_length(&self) -> u32 {
16
}
fn hash_password(&self, password: &[u8], salt: &[u8]) -> Result<String, VeilidAPIError> {
fn hash_password(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<String> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length");
}
@ -100,11 +96,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
.to_string();
Ok(password_hash)
}
fn verify_password(
&self,
password: &[u8],
password_hash: &str,
) -> Result<bool, VeilidAPIError> {
fn verify_password(&self, password: &[u8], password_hash: &str) -> VeilidAPIResult<bool> {
let parsed_hash = PasswordHash::new(password_hash).map_err(VeilidAPIError::generic)?;
// Argon2 with default params (Argon2id v19)
let argon2 = Argon2::default();
@ -112,11 +104,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
Ok(argon2.verify_password(password, &parsed_hash).is_ok())
}
fn derive_shared_secret(
&self,
password: &[u8],
salt: &[u8],
) -> Result<SharedSecret, VeilidAPIError> {
fn derive_shared_secret(&self, password: &[u8], salt: &[u8]) -> VeilidAPIResult<SharedSecret> {
if salt.len() < Salt::MIN_LENGTH || salt.len() > Salt::MAX_LENGTH {
apibail_generic!("invalid salt length");
}
@ -141,11 +129,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
random_bytes(&mut s);
SharedSecret::new(s)
}
fn compute_dh(
&self,
key: &PublicKey,
secret: &SecretKey,
) -> Result<SharedSecret, VeilidAPIError> {
fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
let pk_ed = ed::PublicKey::from_bytes(&key.bytes).map_err(VeilidAPIError::internal)?;
let pk_xd = ed25519_to_x25519_pk(&pk_ed)?;
let sk_ed = ed::SecretKey::from_bytes(&secret.bytes).map_err(VeilidAPIError::internal)?;
@ -158,10 +142,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
fn generate_hash(&self, data: &[u8]) -> PublicKey {
PublicKey::new(*blake3::hash(data).as_bytes())
}
fn generate_hash_reader(
&self,
reader: &mut dyn std::io::Read,
) -> Result<PublicKey, VeilidAPIError> {
fn generate_hash_reader(&self, reader: &mut dyn std::io::Read) -> VeilidAPIResult<PublicKey> {
let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
Ok(PublicKey::new(*hasher.finalize().as_bytes()))
@ -187,7 +168,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
&self,
reader: &mut dyn std::io::Read,
dht_key: &PublicKey,
) -> Result<bool, VeilidAPIError> {
) -> VeilidAPIResult<bool> {
let mut hasher = blake3::Hasher::new();
std::io::copy(reader, &mut hasher).map_err(VeilidAPIError::generic)?;
let bytes = *hasher.finalize().as_bytes();
@ -210,7 +191,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
dht_key: &PublicKey,
dht_key_secret: &SecretKey,
data: &[u8],
) -> Result<Signature, VeilidAPIError> {
) -> VeilidAPIResult<Signature> {
let mut kpb: [u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH] =
[0u8; SECRET_KEY_LENGTH + PUBLIC_KEY_LENGTH];
@ -237,7 +218,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
dht_key: &PublicKey,
data: &[u8],
signature: &Signature,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
let pk = ed::PublicKey::from_bytes(&dht_key.bytes)
.map_err(|e| VeilidAPIError::parse_error("Public key is invalid", e))?;
let sig = ed::Signature::from_bytes(&signature.bytes)
@ -261,7 +242,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
let key = ch::Key::from(shared_secret.bytes);
let xnonce = ch::XNonce::from(nonce.bytes);
let aead = ch::XChaCha20Poly1305::new(&key);
@ -276,7 +257,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec();
self.decrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string)
@ -290,7 +271,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
let key = ch::Key::from(shared_secret.bytes);
let xnonce = ch::XNonce::from(nonce.bytes);
let aead = ch::XChaCha20Poly1305::new(&key);
@ -306,7 +287,7 @@ impl CryptoSystem for CryptoSystemVLD0 {
nonce: &Nonce,
shared_secret: &SharedSecret,
associated_data: Option<&[u8]>,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
let mut out = body.to_vec();
self.encrypt_in_place_aead(&mut out, nonce, shared_secret, associated_data)
.map_err(map_to_string)

3
veilid-core/src/intf/mod.rs
View File

@ -9,5 +9,4 @@ mod native;
#[cfg(not(target_arch = "wasm32"))]
pub use native::*;
pub static KNOWN_PROTECTED_STORE_KEYS: [&'static str; 4] =
["node_id", "node_id_secret", "_test_key", "RouteSpecStore"];
pub static KNOWN_PROTECTED_STORE_KEYS: [&'static str; 2] = ["device_encryption_key", "_test_key"];

2
veilid-core/src/network_manager/types/address.rs
View File

@ -115,7 +115,7 @@ impl fmt::Display for Address {
impl FromStr for Address {
type Err = VeilidAPIError;
fn from_str(host: &str) -> Result<Address, VeilidAPIError> {
fn from_str(host: &str) -> VeilidAPIResult<Address> {
if let Ok(addr) = Ipv4Addr::from_str(host) {
Ok(Address::IPV4(addr))
} else if let Ok(addr) = Ipv6Addr::from_str(host) {

10
veilid-core/src/network_manager/types/dial_info/mod.rs
View File

@ -82,7 +82,7 @@ impl fmt::Display for DialInfo {
impl FromStr for DialInfo {
type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<DialInfo, VeilidAPIError> {
fn from_str(s: &str) -> VeilidAPIResult<DialInfo> {
let (proto, rest) = s.split_once('|').ok_or_else(|| {
VeilidAPIError::parse_error("DialInfo::from_str missing protocol '|' separator", s)
})?;
@ -175,7 +175,7 @@ impl DialInfo {
socket_address: socket_address.to_canonical(),
})
}
pub fn try_ws(socket_address: SocketAddress, url: String) -> Result<Self, VeilidAPIError> {
pub fn try_ws(socket_address: SocketAddress, url: String) -> VeilidAPIResult<Self> {
let split_url = SplitUrl::from_str(&url).map_err(|e| {
VeilidAPIError::parse_error(format!("unable to split WS url: {}", e), &url)
})?;
@ -199,7 +199,7 @@ impl DialInfo {
request: url[5..].to_string(),
}))
}
pub fn try_wss(socket_address: SocketAddress, url: String) -> Result<Self, VeilidAPIError> {
pub fn try_wss(socket_address: SocketAddress, url: String) -> VeilidAPIResult<Self> {
let split_url = SplitUrl::from_str(&url).map_err(|e| {
VeilidAPIError::parse_error(format!("unable to split WSS url: {}", e), &url)
})?;
@ -321,7 +321,7 @@ impl DialInfo {
pub fn try_vec_from_short<S: AsRef<str>, H: AsRef<str>>(
short: S,
hostname: H,
) -> Result<Vec<Self>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<Self>> {
let short = short.as_ref();
let hostname = hostname.as_ref();
@ -348,7 +348,7 @@ impl DialInfo {
Self::try_vec_from_url(url)
}
pub fn try_vec_from_url<S: AsRef<str>>(url: S) -> Result<Vec<Self>, VeilidAPIError> {
pub fn try_vec_from_url<S: AsRef<str>>(url: S) -> VeilidAPIResult<Vec<Self>> {
let url = url.as_ref();
let split_url = SplitUrl::from_str(url)
.map_err(|e| VeilidAPIError::parse_error(format!("unable to split url: {}", e), url))?;

2
veilid-core/src/network_manager/types/peer_address.rs
View File

@ -55,7 +55,7 @@ impl fmt::Display for PeerAddress {
impl FromStr for PeerAddress {
type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<PeerAddress, VeilidAPIError> {
fn from_str(s: &str) -> VeilidAPIResult<PeerAddress> {
let Some((first, second)) = s.split_once(':') else {
return Err(VeilidAPIError::parse_error("PeerAddress is missing a colon: {}", s));
};

2
veilid-core/src/network_manager/types/protocol_type.rs
View File

@ -87,7 +87,7 @@ impl fmt::Display for ProtocolType {
impl FromStr for ProtocolType {
type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<ProtocolType, VeilidAPIError> {
fn from_str(s: &str) -> VeilidAPIResult<ProtocolType> {
match s.to_ascii_uppercase().as_str() {
"UDP" => Ok(ProtocolType::UDP),
"TCP" => Ok(ProtocolType::TCP),

2
veilid-core/src/network_manager/types/socket_address.rs
View File

@ -69,7 +69,7 @@ impl fmt::Display for SocketAddress {
impl FromStr for SocketAddress {
type Err = VeilidAPIError;
fn from_str(s: &str) -> Result<SocketAddress, VeilidAPIError> {
fn from_str(s: &str) -> VeilidAPIResult<SocketAddress> {
let sa = SocketAddr::from_str(s)
.map_err(|e| VeilidAPIError::parse_error("Failed to parse SocketAddress", e))?;
Ok(SocketAddress::from_socket_addr(sa))

8
veilid-core/src/routing_table/privacy.rs
View File

@ -22,7 +22,7 @@ pub enum RouteNode {
}
impl RouteNode {
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> {
pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
match self {
RouteNode::NodeId(_) => Ok(()),
RouteNode::PeerInfo(pi) => pi.validate(crypto),
@ -74,7 +74,7 @@ pub struct RouteHop {
pub next_hop: Option<RouteHopData>,
}
impl RouteHop {
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> {
pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
self.node.validate(crypto)
}
}
@ -91,7 +91,7 @@ pub enum PrivateRouteHops {
}
impl PrivateRouteHops {
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> {
pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
match self {
PrivateRouteHops::FirstHop(rh) => rh.validate(crypto),
PrivateRouteHops::Data(_) => Ok(()),
@ -129,7 +129,7 @@ impl PrivateRoute {
}
}
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> {
pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
self.hops.validate(crypto)
}

1
veilid-core/src/routing_table/route_spec_store/route_set_spec_detail.rs
View File

@ -6,7 +6,6 @@ pub struct RouteSpecDetail {
/// Crypto kind
pub crypto_kind: CryptoKind,
/// Secret key
#[with(Skip)]
pub secret_key: SecretKey,
/// Route hops (node id keys)
pub hops: Vec<PublicKey>,

53
veilid-core/src/routing_table/route_spec_store/route_spec_store_content.rs
View File

@ -55,47 +55,6 @@ impl RouteSpecStoreContent {
content.remove_detail(&id);
}
// Load secrets from pstore
let pstore = routing_table.network_manager().protected_store();
let secret_key_map: HashMap<PublicKey, SecretKey> = pstore
.load_user_secret_rkyv("RouteSpecStore")
.await?
.unwrap_or_default();
// Ensure we got secret keys for all the public keys
let mut got_secret_key_ids = HashSet::new();
for (rsid, rssd) in content.details.iter_mut() {
let mut found_all = true;
for (pk, rsd) in rssd.iter_route_set_mut() {
if let Some(sk) = secret_key_map.get(pk) {
rsd.secret_key = *sk;
} else {
found_all = false;
break;
}
}
if found_all {
got_secret_key_ids.insert(rsid.clone());
}
}
// If we missed any, nuke those route ids
let dead_ids: Vec<RouteId> = content
.details
.keys()
.filter_map(|id| {
if !got_secret_key_ids.contains(id) {
Some(*id)
} else {
None
}
})
.collect();
for id in dead_ids {
log_rtab!(debug "missing secret key, killing off private route: {}", id);
content.remove_detail(&id);
}
Ok(content)
}
@ -106,18 +65,6 @@ impl RouteSpecStoreContent {
let rsstdb = table_store.open("RouteSpecStore", 1).await?;
rsstdb.store_rkyv(0, b"content", self).await?;
// Keep secrets in protected store as well
let pstore = routing_table.network_manager().protected_store();
let mut out: HashMap<PublicKey, SecretKey> = HashMap::new();
for (_rsid, rssd) in self.details.iter() {
for (pk, rsd) in rssd.iter_route_set() {
out.insert(*pk, rsd.secret_key);
}
}
let _ = pstore.save_user_secret_rkyv("RouteSpecStore", &out).await?; // ignore if this previously existed or not
Ok(())
}

2
veilid-core/src/routing_table/types/peer_info.rs
View File

@ -16,7 +16,7 @@ impl PeerInfo {
}
}
pub fn validate(&self, crypto: Crypto) -> Result<(), VeilidAPIError> {
pub fn validate(&self, crypto: Crypto) -> VeilidAPIResult<()> {
let validated_node_ids = self.signed_node_info.validate(&self.node_ids, crypto)?;
if validated_node_ids.is_empty() {
// Shouldn't get here because signed node info validation also checks this

10
veilid-core/src/routing_table/types/signed_direct_node_info.rs
View File

@ -20,11 +20,7 @@ impl SignedDirectNodeInfo {
}
}
pub fn validate(
&self,
node_ids: &TypedKeySet,
crypto: Crypto,
) -> Result<TypedKeySet, VeilidAPIError> {
pub fn validate(&self, node_ids: &TypedKeySet, crypto: Crypto) -> VeilidAPIResult<TypedKeySet> {
let node_info_bytes = Self::make_signature_bytes(&self.node_info, self.timestamp)?;
// Verify the signatures that we can
@ -41,7 +37,7 @@ impl SignedDirectNodeInfo {
crypto: Crypto,
typed_key_pairs: Vec<TypedKeyPair>,
node_info: NodeInfo,
) -> Result<Self, VeilidAPIError> {
) -> VeilidAPIResult<Self> {
let timestamp = get_aligned_timestamp();
let node_info_bytes = Self::make_signature_bytes(&node_info, timestamp)?;
let typed_signatures =
@ -58,7 +54,7 @@ impl SignedDirectNodeInfo {
fn make_signature_bytes(
node_info: &NodeInfo,
timestamp: Timestamp,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
let mut node_info_bytes = Vec::new();
// Add nodeinfo to signature

6
veilid-core/src/routing_table/types/signed_node_info.rs
View File

@ -8,11 +8,7 @@ pub enum SignedNodeInfo {
}
impl SignedNodeInfo {
pub fn validate(
&self,
node_ids: &TypedKeySet,
crypto: Crypto,
) -> Result<TypedKeySet, VeilidAPIError> {
pub fn validate(&self, node_ids: &TypedKeySet, crypto: Crypto) -> VeilidAPIResult<TypedKeySet> {
match self {
SignedNodeInfo::Direct(d) => d.validate(node_ids, crypto),
SignedNodeInfo::Relayed(r) => r.validate(node_ids, crypto),

10
veilid-core/src/routing_table/types/signed_relayed_node_info.rs
View File

@ -31,11 +31,7 @@ impl SignedRelayedNodeInfo {
}
}
pub fn validate(
&self,
node_ids: &TypedKeySet,
crypto: Crypto,
) -> Result<TypedKeySet, VeilidAPIError> {
pub fn validate(&self, node_ids: &TypedKeySet, crypto: Crypto) -> VeilidAPIResult<TypedKeySet> {
// Ensure the relay info for the node has a superset of the crypto kinds of the node it is relaying
if common_crypto_kinds(
self.node_info.crypto_support(),
@ -68,7 +64,7 @@ impl SignedRelayedNodeInfo {
node_info: NodeInfo,
relay_ids: TypedKeySet,
relay_info: SignedDirectNodeInfo,
) -> Result<Self, VeilidAPIError> {
) -> VeilidAPIResult<Self> {
let timestamp = get_aligned_timestamp();
let node_info_bytes =
Self::make_signature_bytes(&node_info, &relay_ids, &relay_info, timestamp)?;
@ -90,7 +86,7 @@ impl SignedRelayedNodeInfo {
relay_ids: &[TypedKey],
relay_info: &SignedDirectNodeInfo,
timestamp: Timestamp,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
let mut sig_bytes = Vec::new();
// Add nodeinfo to signature

4
veilid-core/src/storage_manager/get_value.rs
View File

@ -22,7 +22,7 @@ impl StorageManager {
subkey: ValueSubkey,
safety_selection: SafetySelection,
last_subkey_result: SubkeyResult,
) -> Result<SubkeyResult, VeilidAPIError> {
) -> VeilidAPIResult<SubkeyResult> {
let routing_table = rpc_processor.routing_table();
// Get the DHT parameters for 'GetValue'
@ -175,7 +175,7 @@ impl StorageManager {
}
/// Handle a recieved 'Get Value' query
pub async fn inbound_get_value(&self, key: TypedKey, subkey: ValueSubkey, want_descriptor: bool) -> Result<NetworkResult<SubkeyResult>, VeilidAPIError> {
pub async fn inbound_get_value(&self, key: TypedKey, subkey: ValueSubkey, want_descriptor: bool) -> VeilidAPIResult<NetworkResult<SubkeyResult>> {
let mut inner = self.lock().await?;
let res = match inner.handle_get_remote_value(key, subkey, want_descriptor).await {
Ok(res) => res,

18
veilid-core/src/storage_manager/mod.rs
View File

@ -117,7 +117,7 @@ impl StorageManager {
inner.rpc_processor = opt_rpc_processor
}
async fn lock(&self) -> Result<AsyncMutexGuardArc<StorageManagerInner>, VeilidAPIError> {
async fn lock(&self) -> VeilidAPIResult<AsyncMutexGuardArc<StorageManagerInner>> {
let inner = asyncmutex_lock_arc!(&self.inner);
if !inner.initialized {
apibail_not_initialized!();
@ -131,7 +131,7 @@ impl StorageManager {
kind: CryptoKind,
schema: DHTSchema,
safety_selection: SafetySelection,
) -> Result<DHTRecordDescriptor, VeilidAPIError> {
) -> VeilidAPIResult<DHTRecordDescriptor> {
let mut inner = self.lock().await?;
// Create a new owned local record from scratch
@ -154,7 +154,7 @@ impl StorageManager {
key: TypedKey,
writer: Option<KeyPair>,
safety_selection: SafetySelection,
) -> Result<DHTRecordDescriptor, VeilidAPIError> {
) -> VeilidAPIResult<DHTRecordDescriptor> {
let mut inner = self.lock().await?;
// See if we have a local record already or not
@ -202,13 +202,13 @@ impl StorageManager {
}
/// Close an opened local record
pub async fn close_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> {
pub async fn close_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let mut inner = self.lock().await?;
inner.close_record(key)
}
/// Delete a local record
pub async fn delete_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> {
pub async fn delete_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let mut inner = self.lock().await?;
// Ensure the record is closed
@ -233,7 +233,7 @@ impl StorageManager {
key: TypedKey,
subkey: ValueSubkey,
force_refresh: bool,
) -> Result<Option<ValueData>, VeilidAPIError> {
) -> VeilidAPIResult<Option<ValueData>> {
let mut inner = self.lock().await?;
let Some(opened_record) = inner.opened_records.remove(&key) else {
apibail_generic!("record not open");
@ -301,7 +301,7 @@ impl StorageManager {
key: TypedKey,
subkey: ValueSubkey,
data: Vec<u8>,
) -> Result<Option<ValueData>, VeilidAPIError> {
) -> VeilidAPIResult<Option<ValueData>> {
let mut inner = self.lock().await?;
// Get cryptosystem
@ -395,7 +395,7 @@ impl StorageManager {
subkeys: ValueSubkeyRangeSet,
expiration: Timestamp,
count: u32,
) -> Result<Timestamp, VeilidAPIError> {
) -> VeilidAPIResult<Timestamp> {
let inner = self.lock().await?;
unimplemented!();
}
@ -404,7 +404,7 @@ impl StorageManager {
&self,
key: TypedKey,
subkeys: ValueSubkeyRangeSet,
) -> Result<bool, VeilidAPIError> {
) -> VeilidAPIResult<bool> {
let inner = self.lock().await?;
unimplemented!();
}

12
veilid-core/src/storage_manager/record_store.rs
View File

@ -241,11 +241,7 @@ where
Ok(())
}
pub async fn new_record(
&mut self,
key: TypedKey,
record: Record<D>,
) -> Result<(), VeilidAPIError> {
pub async fn new_record(&mut self, key: TypedKey, record: Record<D>) -> VeilidAPIResult<()> {
let rtk = RecordTableKey { key };
if self.record_index.contains_key(&rtk) {
apibail_internal!("record already exists");
@ -290,7 +286,7 @@ where
Ok(())
}
pub async fn delete_record(&mut self, key: TypedKey) -> Result<(), VeilidAPIError> {
pub async fn delete_record(&mut self, key: TypedKey) -> VeilidAPIResult<()> {
// Get the record table key
let rtk = RecordTableKey { key };
@ -357,7 +353,7 @@ where
key: TypedKey,
subkey: ValueSubkey,
want_descriptor: bool,
) -> Result<Option<SubkeyResult>, VeilidAPIError> {
) -> VeilidAPIResult<Option<SubkeyResult>> {
// record from index
let Some((subkey_count, opt_descriptor)) = self.with_record(key, |record| {
(record.subkey_count(), if want_descriptor {
@ -419,7 +415,7 @@ where
key: TypedKey,
subkey: ValueSubkey,
signed_value_data: SignedValueData,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
// Check size limit for data
if signed_value_data.value_data().data().len() > self.limits.max_subkey_size {
apibail_invalid_argument!(

4
veilid-core/src/storage_manager/set_value.rs
View File

@ -21,7 +21,7 @@ impl StorageManager {
safety_selection: SafetySelection,
value: SignedValueData,
descriptor: SignedValueDescriptor,
) -> Result<SignedValueData, VeilidAPIError> {
) -> VeilidAPIResult<SignedValueData> {
let routing_table = rpc_processor.routing_table();
// Get the DHT parameters for 'SetValue'
@ -164,7 +164,7 @@ impl StorageManager {
/// Handle a recieved 'Set Value' query
/// Returns a None if the value passed in was set
/// Returns a Some(current value) if the value was older and the current value was kept
pub async fn inbound_set_value(&self, key: TypedKey, subkey: ValueSubkey, value: SignedValueData, descriptor: Option<SignedValueDescriptor>) -> Result<NetworkResult<Option<SignedValueData>>, VeilidAPIError> {
pub async fn inbound_set_value(&self, key: TypedKey, subkey: ValueSubkey, value: SignedValueData, descriptor: Option<SignedValueDescriptor>) -> VeilidAPIResult<NetworkResult<Option<SignedValueData>>> {
let mut inner = self.lock().await?;
// See if the subkey we are modifying has a last known local value

16
veilid-core/src/storage_manager/storage_manager_inner.rs
View File

@ -172,7 +172,7 @@ impl StorageManagerInner {
kind: CryptoKind,
schema: DHTSchema,
safety_selection: SafetySelection,
) -> Result<(TypedKey, KeyPair), VeilidAPIError> {
) -> VeilidAPIResult<(TypedKey, KeyPair)> {
// Get cryptosystem
let Some(vcrypto) = self.unlocked_inner.crypto.get(kind) else {
apibail_generic!("unsupported cryptosystem");
@ -214,7 +214,7 @@ impl StorageManagerInner {
key: TypedKey,
writer: Option<KeyPair>,
safety_selection: SafetySelection,
) -> Result<Option<DHTRecordDescriptor>, VeilidAPIError> {
) -> VeilidAPIResult<Option<DHTRecordDescriptor>> {
// Ensure the record is closed
if self.opened_records.contains_key(&key) {
apibail_generic!("record is already open and should be closed first");
@ -268,7 +268,7 @@ impl StorageManagerInner {
subkey: ValueSubkey,
subkey_result: SubkeyResult,
safety_selection: SafetySelection,
) -> Result<DHTRecordDescriptor, VeilidAPIError> {
) -> VeilidAPIResult<DHTRecordDescriptor> {
// Ensure the record is closed
if self.opened_records.contains_key(&key) {
panic!("new record should never be opened at this point");
@ -325,7 +325,7 @@ impl StorageManagerInner {
Ok(descriptor)
}
pub fn close_record(&mut self, key: TypedKey) -> Result<(), VeilidAPIError> {
pub fn close_record(&mut self, key: TypedKey) -> VeilidAPIResult<()> {
let Some(_opened_record) = self.opened_records.remove(&key) else {
apibail_generic!("record not open");
};
@ -337,7 +337,7 @@ impl StorageManagerInner {
key: TypedKey,
subkey: ValueSubkey,
want_descriptor: bool,
) -> Result<SubkeyResult, VeilidAPIError> {
) -> VeilidAPIResult<SubkeyResult> {
// See if it's in the local record store
let Some(local_record_store) = self.local_record_store.as_mut() else {
apibail_not_initialized!();
@ -357,7 +357,7 @@ impl StorageManagerInner {
key: TypedKey,
subkey: ValueSubkey,
signed_value_data: SignedValueData,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
// See if it's in the local record store
let Some(local_record_store) = self.local_record_store.as_mut() else {
apibail_not_initialized!();
@ -376,7 +376,7 @@ impl StorageManagerInner {
key: TypedKey,
subkey: ValueSubkey,
want_descriptor: bool,
) -> Result<SubkeyResult, VeilidAPIError> {
) -> VeilidAPIResult<SubkeyResult> {
// See if it's in the remote record store
let Some(remote_record_store) = self.remote_record_store.as_mut() else {
apibail_not_initialized!();
@ -397,7 +397,7 @@ impl StorageManagerInner {
subkey: ValueSubkey,
signed_value_data: SignedValueData,
signed_value_descriptor: SignedValueDescriptor,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
// See if it's in the remote record store
let Some(remote_record_store) = self.remote_record_store.as_mut() else {
apibail_not_initialized!();

2
veilid-core/src/storage_manager/types/record.rs
View File

@ -27,7 +27,7 @@ where
cur_ts: Timestamp,
descriptor: SignedValueDescriptor,
detail: D,
) -> Result<Self, VeilidAPIError> {
) -> VeilidAPIResult<Self> {
let schema = descriptor.schema()?;
let subkey_count = schema.subkey_count();
Ok(Self {

6
veilid-core/src/storage_manager/types/signed_value_data.rs
View File

@ -34,7 +34,7 @@ impl SignedValueData {
owner: &PublicKey,
subkey: ValueSubkey,
vcrypto: CryptoSystemVersion,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
let node_info_bytes = Self::make_signature_bytes(&self.value_data, owner, subkey)?;
// validate signature
vcrypto.verify(&self.value_data.writer(), &node_info_bytes, &self.signature)
@ -46,7 +46,7 @@ impl SignedValueData {
subkey: ValueSubkey,
vcrypto: CryptoSystemVersion,
writer_secret: SecretKey,
) -> Result<Self, VeilidAPIError> {
) -> VeilidAPIResult<Self> {
let node_info_bytes = Self::make_signature_bytes(&value_data, owner, subkey)?;
// create signature
@ -77,7 +77,7 @@ impl SignedValueData {
value_data: &ValueData,
owner: &PublicKey,
subkey: ValueSubkey,
) -> Result<Vec<u8>, VeilidAPIError> {
) -> VeilidAPIResult<Vec<u8>> {
let mut node_info_bytes =
Vec::with_capacity(PUBLIC_KEY_LENGTH + 4 + 4 + value_data.data().len());

6
veilid-core/src/storage_manager/types/signed_value_descriptor.rs
View File

@ -31,7 +31,7 @@ impl SignedValueDescriptor {
}
}
pub fn validate(&self, vcrypto: CryptoSystemVersion) -> Result<(), VeilidAPIError> {
pub fn validate(&self, vcrypto: CryptoSystemVersion) -> VeilidAPIResult<()> {
// validate signature
vcrypto.verify(&self.owner, &self.schema_data, &self.signature)
}
@ -44,7 +44,7 @@ impl SignedValueDescriptor {
&self.schema_data
}
pub fn schema(&self) -> Result<DHTSchema, VeilidAPIError> {
pub fn schema(&self) -> VeilidAPIResult<DHTSchema> {
DHTSchema::try_from(self.schema_data.as_slice())
}
@ -57,7 +57,7 @@ impl SignedValueDescriptor {
schema_data: Vec<u8>,
vcrypto: CryptoSystemVersion,
owner_secret: SecretKey,
) -> Result<Self, VeilidAPIError> {
) -> VeilidAPIResult<Self> {
// create signature
let signature = vcrypto.sign(&owner, &owner_secret, &schema_data)?;
Ok(Self {

11
veilid-core/src/table_store/table_store.rs
View File

@ -169,7 +169,7 @@ impl TableStore {
// Get device encryption key from protected store
let mut encryption_key: Option<TypedSharedSecret> = self
.protected_store
.load_user_secret_rkyv("device_encryption_key")
.load_user_secret_json("device_encryption_key")
.await?;
if let Some(encryption_key) = encryption_key {
@ -183,7 +183,14 @@ impl TableStore {
let best_kind = best_crypto_kind();
let mut shared_secret = SharedSecret::default();
random_bytes(&mut shared_secret.bytes);
encryption_key = Some(TypedSharedSecret::new(best_kind, shared_secret));
let device_encryption_key = TypedSharedSecret::new(best_kind, shared_secret);
// Save the new device encryption key
self.protected_store
.save_user_secret_json("device_encryption_key", &device_encryption_key)
.await?;
encryption_key = Some(device_encryption_key);
}
// Deserialize all table names

46
veilid-core/src/veilid_api/api.rs
View File

@ -49,70 +49,70 @@ impl VeilidAPI {
////////////////////////////////////////////////////////////////
// Accessors
pub fn config(&self) -> Result<VeilidConfig, VeilidAPIError> {
pub fn config(&self) -> VeilidAPIResult<VeilidConfig> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.config.clone());
}
Err(VeilidAPIError::NotInitialized)
}
pub fn crypto(&self) -> Result<Crypto, VeilidAPIError> {
pub fn crypto(&self) -> VeilidAPIResult<Crypto> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.crypto.clone());
}
Err(VeilidAPIError::NotInitialized)
}
pub fn table_store(&self) -> Result<TableStore, VeilidAPIError> {
pub fn table_store(&self) -> VeilidAPIResult<TableStore> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.table_store.clone());
}
Err(VeilidAPIError::not_initialized())
}
pub fn block_store(&self) -> Result<BlockStore, VeilidAPIError> {
pub fn block_store(&self) -> VeilidAPIResult<BlockStore> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.block_store.clone());
}
Err(VeilidAPIError::not_initialized())
}
pub fn protected_store(&self) -> Result<ProtectedStore, VeilidAPIError> {
pub fn protected_store(&self) -> VeilidAPIResult<ProtectedStore> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.protected_store.clone());
}
Err(VeilidAPIError::not_initialized())
}
pub fn attachment_manager(&self) -> Result<AttachmentManager, VeilidAPIError> {
pub fn attachment_manager(&self) -> VeilidAPIResult<AttachmentManager> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.attachment_manager.clone());
}
Err(VeilidAPIError::not_initialized())
}
pub fn network_manager(&self) -> Result<NetworkManager, VeilidAPIError> {
pub fn network_manager(&self) -> VeilidAPIResult<NetworkManager> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.attachment_manager.network_manager());
}
Err(VeilidAPIError::not_initialized())
}
pub fn rpc_processor(&self) -> Result<RPCProcessor, VeilidAPIError> {
pub fn rpc_processor(&self) -> VeilidAPIResult<RPCProcessor> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.attachment_manager.network_manager().rpc_processor());
}
Err(VeilidAPIError::NotInitialized)
}
pub fn routing_table(&self) -> Result<RoutingTable, VeilidAPIError> {
pub fn routing_table(&self) -> VeilidAPIResult<RoutingTable> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.attachment_manager.network_manager().routing_table());
}
Err(VeilidAPIError::NotInitialized)
}
pub fn storage_manager(&self) -> Result<StorageManager, VeilidAPIError> {
pub fn storage_manager(&self) -> VeilidAPIResult<StorageManager> {
let inner = self.inner.lock();
if let Some(context) = &inner.context {
return Ok(context.storage_manager.clone());
@ -124,7 +124,7 @@ impl VeilidAPI {
// Attach/Detach
/// Get a full copy of the current state
pub async fn get_state(&self) -> Result<VeilidState, VeilidAPIError> {
pub async fn get_state(&self) -> VeilidAPIResult<VeilidState> {
let attachment_manager = self.attachment_manager()?;
let network_manager = attachment_manager.network_manager();
let config = self.config()?;
@ -142,7 +142,7 @@ impl VeilidAPI {
/// Connect to the network
#[instrument(level = "debug", err, skip_all)]
pub async fn attach(&self) -> Result<(), VeilidAPIError> {
pub async fn attach(&self) -> VeilidAPIResult<()> {
let attachment_manager = self.attachment_manager()?;
if !attachment_manager.attach().await {
apibail_generic!("Already attached");
@ -152,7 +152,7 @@ impl VeilidAPI {
/// Disconnect from the network
#[instrument(level = "debug", err, skip_all)]
pub async fn detach(&self) -> Result<(), VeilidAPIError> {
pub async fn detach(&self) -> VeilidAPIResult<()> {
let attachment_manager = self.attachment_manager()?;
if !attachment_manager.detach().await {
apibail_generic!("Already detached");
@ -175,7 +175,7 @@ impl VeilidAPI {
/// Returns a route id and a publishable 'blob' with the route encrypted with each crypto kind
/// Those nodes importing the blob will have their choice of which crypto kind to use
#[instrument(level = "debug", skip(self))]
pub async fn new_private_route(&self) -> Result<(RouteId, Vec<u8>), VeilidAPIError> {
pub async fn new_private_route(&self) -> VeilidAPIResult<(RouteId, Vec<u8>)> {
self.new_custom_private_route(
&VALID_CRYPTO_KINDS,
Stability::default(),
@ -191,7 +191,7 @@ impl VeilidAPI {
crypto_kinds: &[CryptoKind],
stability: Stability,
sequencing: Sequencing,
) -> Result<(RouteId, Vec<u8>), VeilidAPIError> {
) -> VeilidAPIResult<(RouteId, Vec<u8>)> {
let default_route_hop_count: usize = {
let config = self.config()?;
let c = config.get();
@ -238,14 +238,14 @@ impl VeilidAPI {
}
#[instrument(level = "debug", skip(self))]
pub fn import_remote_private_route(&self, blob: Vec<u8>) -> Result<RouteId, VeilidAPIError> {
pub fn import_remote_private_route(&self, blob: Vec<u8>) -> VeilidAPIResult<RouteId> {
let rss = self.routing_table()?.route_spec_store();
rss.import_remote_private_route(blob)
.map_err(|e| VeilidAPIError::invalid_argument(e, "blob", "private route blob"))
}
#[instrument(level = "debug", skip(self))]
pub fn release_private_route(&self, route_id: RouteId) -> Result<(), VeilidAPIError> {
pub fn release_private_route(&self, route_id: RouteId) -> VeilidAPIResult<()> {
let rss = self.routing_table()?.route_spec_store();
if !rss.release_route(route_id) {
apibail_invalid_argument!("release_private_route", "key", route_id);
@ -257,11 +257,7 @@ impl VeilidAPI {
// App Calls
#[instrument(level = "debug", skip(self))]
pub async fn app_call_reply(
&self,
id: OperationId,
message: Vec<u8>,
) -> Result<(), VeilidAPIError> {
pub async fn app_call_reply(&self, id: OperationId, message: Vec<u8>) -> VeilidAPIResult<()> {
let rpc_processor = self.rpc_processor()?;
rpc_processor
.app_call_reply(id, message)
@ -277,7 +273,7 @@ impl VeilidAPI {
&self,
_endpoint_mode: TunnelMode,
_depth: u8,
) -> Result<PartialTunnel, VeilidAPIError> {
) -> VeilidAPIResult<PartialTunnel> {
panic!("unimplemented");
}
@ -287,12 +283,12 @@ impl VeilidAPI {
_endpoint_mode: TunnelMode,
_depth: u8,
_partial_tunnel: PartialTunnel,
) -> Result<FullTunnel, VeilidAPIError> {
) -> VeilidAPIResult<FullTunnel> {
panic!("unimplemented");
}
#[instrument(level = "debug", err, skip(self))]
pub async fn cancel_tunnel(&self, _tunnel_id: TunnelId) -> Result<bool, VeilidAPIError> {
pub async fn cancel_tunnel(&self, _tunnel_id: TunnelId) -> VeilidAPIResult<bool> {
panic!("unimplemented");
}
}

56
veilid-core/src/veilid_api/debug.rs
View File

@ -305,7 +305,7 @@ fn get_debug_argument<T, G: FnOnce(&str) -> Option<T>>(
context: &str,
argument: &str,
getter: G,
) -> Result<T, VeilidAPIError> {
) -> VeilidAPIResult<T> {
let Some(val) = getter(value) else {
apibail_invalid_argument!(context, argument, value);
};
@ -317,7 +317,7 @@ fn get_debug_argument_at<T, G: FnOnce(&str) -> Option<T>>(
context: &str,
argument: &str,
getter: G,
) -> Result<T, VeilidAPIError> {
) -> VeilidAPIResult<T> {
if pos >= debug_args.len() {
apibail_missing_argument!(context, argument);
}
@ -329,7 +329,7 @@ fn get_debug_argument_at<T, G: FnOnce(&str) -> Option<T>>(
}
impl VeilidAPI {
async fn debug_buckets(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_buckets(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let mut min_state = BucketEntryState::Unreliable;
if args.len() == 1 {
@ -345,19 +345,19 @@ impl VeilidAPI {
Ok(routing_table.debug_info_buckets(min_state))
}
async fn debug_dialinfo(&self, _args: String) -> Result<String, VeilidAPIError> {
async fn debug_dialinfo(&self, _args: String) -> VeilidAPIResult<String> {
// Dump routing table dialinfo
let routing_table = self.network_manager()?.routing_table();
Ok(routing_table.debug_info_dialinfo())
}
async fn debug_txtrecord(&self, _args: String) -> Result<String, VeilidAPIError> {
async fn debug_txtrecord(&self, _args: String) -> VeilidAPIResult<String> {
// Dump routing table txt record
let routing_table = self.network_manager()?.routing_table();
Ok(routing_table.debug_info_txtrecord().await)
}
async fn debug_entries(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_entries(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let mut min_state = BucketEntryState::Unreliable;
@ -374,7 +374,7 @@ impl VeilidAPI {
Ok(routing_table.debug_info_entries(min_state))
}
async fn debug_entry(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_entry(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let routing_table = self.network_manager()?.routing_table();
@ -391,13 +391,13 @@ impl VeilidAPI {
Ok(routing_table.debug_info_entry(node_ref))
}
async fn debug_nodeinfo(&self, _args: String) -> Result<String, VeilidAPIError> {
async fn debug_nodeinfo(&self, _args: String) -> VeilidAPIResult<String> {
// Dump routing table entry
let routing_table = self.network_manager()?.routing_table();
Ok(routing_table.debug_info_nodeinfo())
}
async fn debug_config(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_config(&self, args: String) -> VeilidAPIResult<String> {
let config = self.config()?;
let args = args.trim_start();
if args.is_empty() {
@ -426,7 +426,7 @@ impl VeilidAPI {
Ok("Config value set".to_owned())
}
async fn debug_restart(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_restart(&self, args: String) -> VeilidAPIResult<String> {
let args = args.trim_start();
if args.is_empty() {
apibail_missing_argument!("debug_restart", "arg_0");
@ -452,7 +452,7 @@ impl VeilidAPI {
}
}
async fn debug_purge(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_purge(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
if !args.is_empty() {
if args[0] == "buckets" {
@ -504,7 +504,7 @@ impl VeilidAPI {
}
}
async fn debug_attach(&self, _args: String) -> Result<String, VeilidAPIError> {
async fn debug_attach(&self, _args: String) -> VeilidAPIResult<String> {
if !matches!(
self.get_state().await?.attachment.state,
AttachmentState::Detached
@ -517,7 +517,7 @@ impl VeilidAPI {
Ok("Attached".to_owned())
}
async fn debug_detach(&self, _args: String) -> Result<String, VeilidAPIError> {
async fn debug_detach(&self, _args: String) -> VeilidAPIResult<String> {
if matches!(
self.get_state().await?.attachment.state,
AttachmentState::Detaching
@ -530,7 +530,7 @@ impl VeilidAPI {
Ok("Detached".to_owned())
}
async fn debug_contact(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_contact(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let network_manager = self.network_manager()?;
@ -551,7 +551,7 @@ impl VeilidAPI {
Ok(format!("{:#?}", cm))
}
async fn debug_ping(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_ping(&self, args: String) -> VeilidAPIResult<String> {
let netman = self.network_manager()?;
let routing_table = netman.routing_table();
let rpc = netman.rpc_processor();
@ -593,7 +593,7 @@ impl VeilidAPI {
Ok(format!("{:#?}", out))
}
async fn debug_route_allocate(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_allocate(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// [ord|*ord] [rel] [<count>] [in|out] [avoid_node_id]
let netman = self.network_manager()?;
@ -652,7 +652,7 @@ impl VeilidAPI {
Ok(out)
}
async fn debug_route_release(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_release(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id>
let netman = self.network_manager()?;
let routing_table = netman.routing_table();
@ -684,7 +684,7 @@ impl VeilidAPI {
Ok(out)
}
async fn debug_route_publish(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_publish(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id> [full]
let netman = self.network_manager()?;
let routing_table = netman.routing_table();
@ -736,7 +736,7 @@ impl VeilidAPI {
Ok(out)
}
async fn debug_route_unpublish(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_unpublish(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id>
let netman = self.network_manager()?;
let routing_table = netman.routing_table();
@ -758,7 +758,7 @@ impl VeilidAPI {
};
Ok(out)
}
async fn debug_route_print(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_print(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id>
let netman = self.network_manager()?;
let routing_table = netman.routing_table();
@ -777,7 +777,7 @@ impl VeilidAPI {
None => Ok("Route does not exist".to_owned()),
}
}
async fn debug_route_list(&self, _args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_list(&self, _args: Vec<String>) -> VeilidAPIResult<String> {
//
let netman = self.network_manager()?;
let routing_table = netman.routing_table();
@ -800,7 +800,7 @@ impl VeilidAPI {
Ok(out)
}
async fn debug_route_import(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_import(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <blob>
let blob = get_debug_argument_at(&args, 1, "debug_route", "blob", get_string)?;
@ -820,7 +820,7 @@ impl VeilidAPI {
return Ok(out);
}
async fn debug_route_test(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_route_test(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <route id>
let netman = self.network_manager()?;
let routing_table = netman.routing_table();
@ -848,7 +848,7 @@ impl VeilidAPI {
return Ok(out);
}
async fn debug_route(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_route(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let command = get_debug_argument_at(&args, 0, "debug_route", "command", get_string)?;
@ -874,7 +874,7 @@ impl VeilidAPI {
}
}
async fn debug_record_list(&self, args: Vec<String>) -> Result<String, VeilidAPIError> {
async fn debug_record_list(&self, args: Vec<String>) -> VeilidAPIResult<String> {
// <local|remote>
let storage_manager = self.storage_manager()?;
@ -895,7 +895,7 @@ impl VeilidAPI {
return Ok(out);
}
async fn debug_record(&self, args: String) -> Result<String, VeilidAPIError> {
async fn debug_record(&self, args: String) -> VeilidAPIResult<String> {
let args: Vec<String> = args.split_whitespace().map(|s| s.to_owned()).collect();
let command = get_debug_argument_at(&args, 0, "debug_record", "command", get_string)?;
@ -907,7 +907,7 @@ impl VeilidAPI {
}
}
pub async fn debug_help(&self, _args: String) -> Result<String, VeilidAPIError> {
pub async fn debug_help(&self, _args: String) -> VeilidAPIResult<String> {
Ok(r#">>> Debug commands:
help
buckets [dead|reliable]
@ -947,7 +947,7 @@ impl VeilidAPI {
.to_owned())
}
pub async fn debug(&self, args: String) -> Result<String, VeilidAPIError> {
pub async fn debug(&self, args: String) -> VeilidAPIResult<String> {
let res = {
let args = args.trim_start();
if args.is_empty() {

41
veilid-core/src/veilid_api/routing_context.rs
View File

@ -45,11 +45,11 @@ impl RoutingContext {
}
}
pub fn with_privacy(self) -> Result<Self, VeilidAPIError> {
pub fn with_privacy(self) -> VeilidAPIResult<Self> {
self.with_custom_privacy(Stability::default())
}
pub fn with_custom_privacy(self, stability: Stability) -> Result<Self, VeilidAPIError> {
pub fn with_custom_privacy(self, stability: Stability) -> VeilidAPIResult<Self> {
let config = self.api.config()?;
let c = config.get();
@ -96,10 +96,7 @@ impl RoutingContext {
self.api.clone()
}
async fn get_destination(
&self,
target: Target,
) -> Result<rpc_processor::Destination, VeilidAPIError> {
async fn get_destination(&self, target: Target) -> VeilidAPIResult<rpc_processor::Destination> {
let rpc_processor = self.api.rpc_processor()?;
match target {
@ -141,11 +138,7 @@ impl RoutingContext {
// App-level Messaging
#[instrument(level = "debug", err, skip(self))]
pub async fn app_call(
&self,
target: Target,
request: Vec<u8>,
) -> Result<Vec<u8>, VeilidAPIError> {
pub async fn app_call(&self, target: Target, request: Vec<u8>) -> VeilidAPIResult<Vec<u8>> {
let rpc_processor = self.api.rpc_processor()?;
// Get destination
@ -170,11 +163,7 @@ impl RoutingContext {
}
#[instrument(level = "debug", err, skip(self))]
pub async fn app_message(
&self,
target: Target,
message: Vec<u8>,
) -> Result<(), VeilidAPIError> {
pub async fn app_message(&self, target: Target, message: Vec<u8>) -> VeilidAPIResult<()> {
let rpc_processor = self.api.rpc_processor()?;
// Get destination
@ -206,7 +195,7 @@ impl RoutingContext {
&self,
kind: CryptoKind,
schema: DHTSchema,
) -> Result<DHTRecordDescriptor, VeilidAPIError> {
) -> VeilidAPIResult<DHTRecordDescriptor> {
let storage_manager = self.api.storage_manager()?;
storage_manager
.create_record(kind, schema, self.unlocked_inner.safety_selection)
@ -220,7 +209,7 @@ impl RoutingContext {
&self,
key: TypedKey,
writer: Option<KeyPair>,
) -> Result<DHTRecordDescriptor, VeilidAPIError> {
) -> VeilidAPIResult<DHTRecordDescriptor> {
let storage_manager = self.api.storage_manager()?;
storage_manager
.open_record(key, writer, self.unlocked_inner.safety_selection)
@ -229,7 +218,7 @@ impl RoutingContext {
/// Closes a DHT record at a specific key that was opened with create_dht_record or open_dht_record.
/// Closing a record allows you to re-open it with a different routing context
pub async fn close_dht_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> {
pub async fn close_dht_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let storage_manager = self.api.storage_manager()?;
storage_manager.close_record(key).await
}
@ -237,7 +226,7 @@ impl RoutingContext {
/// Deletes a DHT record at a specific key. If the record is opened, it must be closed before it is deleted.
/// Deleting a record does not delete it from the network, but will remove the storage of the record
/// locally, and will prevent its value from being refreshed on the network by this node.
pub async fn delete_dht_record(&self, key: TypedKey) -> Result<(), VeilidAPIError> {
pub async fn delete_dht_record(&self, key: TypedKey) -> VeilidAPIResult<()> {
let storage_manager = self.api.storage_manager()?;
storage_manager.delete_record(key).await
}
@ -251,7 +240,7 @@ impl RoutingContext {
key: TypedKey,
subkey: ValueSubkey,
force_refresh: bool,
) -> Result<Option<ValueData>, VeilidAPIError> {
) -> VeilidAPIResult<Option<ValueData>> {
let storage_manager = self.api.storage_manager()?;
storage_manager.get_value(key, subkey, force_refresh).await
}
@ -264,7 +253,7 @@ impl RoutingContext {
key: TypedKey,
subkey: ValueSubkey,
data: Vec<u8>,
) -> Result<Option<ValueData>, VeilidAPIError> {
) -> VeilidAPIResult<Option<ValueData>> {
let storage_manager = self.api.storage_manager()?;
storage_manager.set_value(key, subkey, data).await
}
@ -280,7 +269,7 @@ impl RoutingContext {
subkeys: ValueSubkeyRangeSet,
expiration: Timestamp,
count: u32,
) -> Result<Timestamp, VeilidAPIError> {
) -> VeilidAPIResult<Timestamp> {
let storage_manager = self.api.storage_manager()?;
storage_manager
.watch_values(key, subkeys, expiration, count)
@ -293,7 +282,7 @@ impl RoutingContext {
&self,
key: TypedKey,
subkeys: ValueSubkeyRangeSet,
) -> Result<bool, VeilidAPIError> {
) -> VeilidAPIResult<bool> {
let storage_manager = self.api.storage_manager()?;
storage_manager.cancel_watch_values(key, subkeys).await
}
@ -301,11 +290,11 @@ impl RoutingContext {
///////////////////////////////////
/// Block Store
pub async fn find_block(&self, _block_id: PublicKey) -> Result<Vec<u8>, VeilidAPIError> {
pub async fn find_block(&self, _block_id: PublicKey) -> VeilidAPIResult<Vec<u8>> {
panic!("unimplemented");
}
pub async fn supply_block(&self, _block_id: PublicKey) -> Result<bool, VeilidAPIError> {
pub async fn supply_block(&self, _block_id: PublicKey) -> VeilidAPIResult<bool> {
panic!("unimplemented");
}
}

6
veilid-core/src/veilid_api/serialize_helpers/serialize_json.rs
View File

@ -3,9 +3,7 @@ use super::*;
// Don't trace these functions as they are used in the transfer of API logs, which will recurse!
// #[instrument(level = "trace", ret, err)]
pub fn deserialize_json<'a, T: de::Deserialize<'a> + Debug>(
arg: &'a str,
) -> Result<T, VeilidAPIError> {
pub fn deserialize_json<'a, T: de::Deserialize<'a> + Debug>(arg: &'a str) -> VeilidAPIResult<T> {
serde_json::from_str(arg).map_err(|e| VeilidAPIError::ParseError {
message: e.to_string(),
value: format!(
@ -19,7 +17,7 @@ pub fn deserialize_json<'a, T: de::Deserialize<'a> + Debug>(
// #[instrument(level = "trace", ret, err)]
pub fn deserialize_opt_json<T: de::DeserializeOwned + Debug>(
arg: Option<String>,
) -> Result<T, VeilidAPIError> {
) -> VeilidAPIResult<T> {
let arg = arg.as_ref().ok_or_else(|| VeilidAPIError::ParseError {
message: "invalid null string".to_owned(),
value: format!(

92
veilid-core/src/veilid_config.rs
View File

@ -1,7 +1,7 @@
use crate::*;
////////////////////////////////////////////////////////////////////////////////////////////////
pub type ConfigCallbackReturn = Result<Box<dyn core::any::Any + Send>, VeilidAPIError>;
pub type ConfigCallbackReturn = VeilidAPIResult<Box<dyn core::any::Any + Send>>;
pub type ConfigCallback = Arc<dyn Fn(String) -> ConfigCallbackReturn + Send + Sync>;
/// Enable and configure HTTPS access to the Veilid node
@ -585,7 +585,7 @@ impl VeilidConfig {
&mut self,
config: String,
update_cb: UpdateCallback,
) -> Result<(), VeilidAPIError> {
) -> VeilidAPIResult<()> {
self.update_cb = Some(update_cb);
self.with_mut(|inner| {
@ -594,11 +594,7 @@ impl VeilidConfig {
})
}
pub fn setup(
&mut self,
cb: ConfigCallback,
update_cb: UpdateCallback,
) -> Result<(), VeilidAPIError> {
pub fn setup(&mut self, cb: ConfigCallback, update_cb: UpdateCallback) -> VeilidAPIResult<()> {
self.update_cb = Some(update_cb);
self.with_mut(|inner| {
// Simple config transformation
@ -738,9 +734,9 @@ impl VeilidConfig {
safe_cfg
}
pub fn with_mut<F, R>(&self, f: F) -> Result<R, VeilidAPIError>
pub fn with_mut<F, R>(&self, f: F) -> VeilidAPIResult<R>
where
F: FnOnce(&mut VeilidConfigInner) -> Result<R, VeilidAPIError>,
F: FnOnce(&mut VeilidConfigInner) -> VeilidAPIResult<R>,
{
let out = {
let inner = &mut *self.inner.write();
@ -764,7 +760,7 @@ impl VeilidConfig {
Ok(out)
}
pub fn get_key_json(&self, key: &str) -> Result<String, VeilidAPIError> {
pub fn get_key_json(&self, key: &str) -> VeilidAPIResult<String> {
let c = self.get();
// Generate json from whole config
@ -787,7 +783,7 @@ impl VeilidConfig {
Ok(out.to_string())
}
}
pub fn set_key_json(&self, key: &str, value: &str) -> Result<(), VeilidAPIError> {
pub fn set_key_json(&self, key: &str, value: &str) -> VeilidAPIResult<()> {
self.with_mut(|c| {
// Split key into path parts
let keypath: Vec<&str> = key.split('.').collect();
@ -824,7 +820,7 @@ impl VeilidConfig {
})
}
fn validate(inner: &VeilidConfigInner) -> Result<(), VeilidAPIError> {
fn validate(inner: &VeilidConfigInner) -> VeilidAPIResult<()> {
if inner.program_name.is_empty() {
apibail_generic!("Program name must not be empty in 'program_name'");
}
@ -929,12 +925,12 @@ impl VeilidConfig {
Ok(())
}
#[cfg(not(test))]
//xxx#[cfg(not(test))]
async fn init_node_id(
&self,
vcrypto: CryptoSystemVersion,
protected_store: intf::ProtectedStore,
) -> Result<(TypedKey, TypedSecret), VeilidAPIError> {
table_store: TableStore,
) -> VeilidAPIResult<(TypedKey, TypedSecret)> {
let ck = vcrypto.kind();
let mut node_id = self.inner.read().network.routing_table.node_id.get(ck);
let mut node_id_secret = self
@ -945,45 +941,36 @@ impl VeilidConfig {
.node_id_secret
.get(ck);
// See if node id was previously stored in the protected store
// See if node id was previously stored in the table store
let config_table = table_store.open("__veilid_config", 1).await?;
let table_key_node_id = format!("node_id_{}", ck);
let table_key_node_id_secret = format!("node_id_secret_{}", ck);
if node_id.is_none() {
debug!("pulling node_id_{} from storage", ck);
if let Some(s) = protected_store
.load_user_secret_string(format!("node_id_{}", ck))
debug!("pulling {} from storage", table_key_node_id);
if let Ok(Some(stored_node_id)) = config_table
.load_json::<TypedKey>(0, table_key_node_id.as_bytes())
.await
.map_err(VeilidAPIError::internal)?
{
debug!("node_id_{} found in storage", ck);
node_id = match TypedKey::from_str(s.as_str()) {
Ok(v) => Some(v),
Err(_) => {
debug!("node id in protected store is not valid");
None
}
}
debug!("{} found in storage", table_key_node_id);
node_id = Some(stored_node_id);
} else {
debug!("node_id_{} not found in storage", ck);
debug!("{} not found in storage", table_key_node_id);
}
}
// See if node id secret was previously stored in the protected store
if node_id_secret.is_none() {
debug!("pulling node id secret from storage");
if let Some(s) = protected_store
.load_user_secret_string(format!("node_id_secret_{}", ck))
debug!("pulling {} from storage", table_key_node_id_secret);
if let Ok(Some(stored_node_id_secret)) = config_table
.load_json::<TypedSecret>(0, table_key_node_id_secret.as_bytes())
.await
.map_err(VeilidAPIError::internal)?
{
debug!("node_id_secret_{} found in storage", ck);
node_id_secret = match TypedSecret::from_str(s.as_str()) {
Ok(v) => Some(v),
Err(_) => {
debug!("node id secret in protected store is not valid");
None
}
}
debug!("{} found in storage", table_key_node_id_secret);
node_id_secret = Some(stored_node_id_secret);
} else {
debug!("node_id_secret_{} not found in storage", ck);
debug!("{} not found in storage", table_key_node_id_secret);
}
}
@ -1007,14 +994,12 @@ impl VeilidConfig {
info!("Node Id: {}", node_id);
// Save the node id / secret in storage
protected_store
.save_user_secret_string(format!("node_id_{}", ck), node_id.to_string())
.await
.map_err(VeilidAPIError::internal)?;
protected_store
.save_user_secret_string(format!("node_id_secret_{}", ck), node_id_secret.to_string())
.await
.map_err(VeilidAPIError::internal)?;
config_table
.store_json(0, table_key_node_id.as_bytes(), &node_id)
.await?;
config_table
.store_json(0, table_key_node_id_secret.as_bytes(), &node_id_secret)
.await?;
Ok((node_id, node_id_secret))
}
@ -1025,8 +1010,8 @@ impl VeilidConfig {
pub async fn init_node_ids(
&self,
crypto: Crypto,
protected_store: intf::ProtectedStore,
) -> Result<(), VeilidAPIError> {
table_store: TableStore,
) -> VeilidAPIResult<()> {
let mut out_node_id = TypedKeySet::new();
let mut out_node_id_secret = TypedSecretSet::new();
@ -1041,8 +1026,7 @@ impl VeilidConfig {
(TypedKey::new(ck, kp.key), TypedSecret::new(ck, kp.secret))
};
#[cfg(not(test))]
let (node_id, node_id_secret) =
self.init_node_id(vcrypto, protected_store.clone()).await?;
let (node_id, node_id_secret) = self.init_node_id(vcrypto, table_store.clone()).await?;
// Save for config
out_node_id.add(node_id);

2
veilid-server/src/client_api.rs
View File

@ -19,7 +19,7 @@ use veilid_core::*;
// Encoding for ApiResult
fn encode_api_result<T: Serialize + fmt::Debug>(
result: &Result<T, VeilidAPIError>,
result: &VeilidAPIResult<T>,
builder: &mut api_result::Builder,
) {
match result {