tor_keymgr/keystore/
ctor.rs

1//! Read-only C Tor key store support.
2
3pub(crate) mod client;
4pub(crate) mod err;
5pub(crate) mod service;
6
7use crate::keystore::fs_utils::{FilesystemAction, FilesystemError, RelKeyPath};
8use crate::{KeystoreId, Result};
9
10use fs_mistrust::{CheckedDir, Mistrust};
11
12use std::path::{Path, PathBuf};
13
14use err::CTorKeystoreError;
15
16pub use client::CTorClientKeystore;
17pub use service::CTorServiceKeystore;
18
19/// Common fields for C Tor keystores.
20struct CTorKeystore {
21    /// The root of the key store.
22    ///
23    /// All the keys are read from this directory.
24    keystore_dir: CheckedDir,
25    /// The unique identifier of this instance.
26    id: KeystoreId,
27}
28
29impl CTorKeystore {
30    /// Create a new `CTorKeystore` rooted at the specified `keystore_dir` directory.
31    ///
32    /// This function returns an error if `keystore_dir` is not a directory,
33    /// or if it does not conform to the requirements of the specified `Mistrust`.
34    fn from_path_and_mistrust(
35        keystore_dir: impl AsRef<Path>,
36        mistrust: &Mistrust,
37        id: KeystoreId,
38    ) -> Result<Self> {
39        let keystore_dir = mistrust
40            .verifier()
41            .check_content()
42            .secure_dir(&keystore_dir)
43            .map_err(|e| FilesystemError::FsMistrust {
44                action: FilesystemAction::Init,
45                path: keystore_dir.as_ref().into(),
46                err: e.into(),
47            })
48            .map_err(CTorKeystoreError::Filesystem)?;
49
50        Ok(Self { keystore_dir, id })
51    }
52
53    /// Return `rel_path` as a [`RelKeyPath`] relative to `keystore_dir`.
54    fn rel_path(&self, rel_path: PathBuf) -> RelKeyPath {
55        RelKeyPath::from_parts(&self.keystore_dir, rel_path)
56    }
57}
tor_keymgr/keystore/ctor.rs

tor_keymgr/keystore/
ctor.rs
