Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use new de-mut'd rpki-rs Signer trait. #688

Closed
wants to merge 10 commits into from
Closed

Use new de-mut'd rpki-rs Signer trait. #688

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
397e503
Use a local fork of rpki-rs which depends on bcder 0.6.1-dev instead …
ximon18 Oct 14, 2021
c68d50f
Compilation fixes now that Signer no longer uses &mut.
ximon18 Oct 14, 2021
866e71c
More mut removal.
ximon18 Oct 14, 2021
38fd8d1
More mut removal. Replace RwLocks around SignerProviders with a much …
ximon18 Oct 14, 2021
0bb4300
Broken: cannot make KrillSigner async because CertAuth::process_comma…
ximon18 Oct 18, 2021
dcfe4e5
Use published fork of rpki-rs instead of a local only copy so that GH…
ximon18 Oct 23, 2021
3becfdb
Revert "Broken: cannot make KrillSigner async because CertAuth::proce…
ximon18 Oct 23, 2021
9129caa
Merge branch 'hsm-persistent-signer-key-mappings' into test-integrati…
ximon18 Oct 30, 2021
82cf643
Merge branch 'hsm-persistent-signer-key-mappings' into test-integrati…
ximon18 Nov 1, 2021
3c96561
Use newly released bcder and rpki-rs official releases instead of per…
ximon18 Nov 1, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 2 additions & 6 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ build = "build.rs"
backoff = { version = "0.3.0", optional = true }
base64 = "^0.13"
basic-cookies = { version = "^0.1", optional = true }
bcder = "0.6.1-dev"
bcder = "0.6.1"
bytes = "1"
chrono = { version = "^0.4", features = ["serde"] }
clap = "^2.33"
Expand All @@ -47,7 +47,7 @@ rand = "^0.8"
regex = { version = "^1.4", optional = true, default_features = false, features = ["std"] }
reqwest = { version = "0.11", features = ["json"] }
rpassword = { version = "^5.0", optional = true }
rpki = { version = "0.12.3", features = [ "repository", "rrdp", "serde" ] }
rpki = { version = "0.13.0", features = [ "repository", "rrdp", "serde" ] }
scrypt = { version = "^0.6", optional = true, default-features = false }
serde = { version = "^1.0", features = ["derive"] }
serde_json = "^1.0"
Expand Down Expand Up @@ -189,7 +189,3 @@ shadow-utils = "*"

# END RPM PACKAGING
# ------------------------------------------------------------------------------

[patch.crates-io]
bcder = { git = 'https://github.com/NLnetLabs/bcder' }
rpki = { git = 'https://github.com/ximon18/rpki-rs', branch = '0.12.3-unsigned-from-slice' }
4 changes: 2 additions & 2 deletions src/commons/api/ca.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2585,10 +2585,10 @@ mod test {
fn mft_uri() {
test::test_under_tmp(|d| {
#[cfg(not(feature = "hsm"))]
let mut signer = OpenSslSigner::build(&d).unwrap();
let signer = OpenSslSigner::build(&d).unwrap();

#[cfg(feature = "hsm")]
let mut signer = OpenSslSigner::build(&d, "dummy", None).unwrap();
let signer = OpenSslSigner::build(&d, "dummy", None).unwrap();

let key_id = signer.create_key(PublicKeyFormat::Rsa).unwrap();
let pub_key = signer.get_key_info(&key_id).unwrap();
Expand Down
6 changes: 2 additions & 4 deletions src/commons/crypto/signing/dispatch/krillsigner.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,14 +50,12 @@ impl KrillSigner {

pub fn create_key(&self) -> CryptoResult<KeyIdentifier> {
self.router
.create_key_minimally_locking(PublicKeyFormat::Rsa)
.create_key(PublicKeyFormat::Rsa)
.map_err(crypto::Error::signer)
}

pub fn destroy_key(&self, key_id: &KeyIdentifier) -> CryptoResult<()> {
self.router
.destroy_key_minimally_locking(key_id)
.map_err(crypto::Error::key_error)
self.router.destroy_key(key_id).map_err(crypto::Error::key_error)
}

pub fn get_key_info(&self, key_id: &KeyIdentifier) -> CryptoResult<PublicKey> {
Expand Down
10 changes: 5 additions & 5 deletions src/commons/crypto/signing/dispatch/signerprovider.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ use crate::commons::{api::Handle, crypto::signers::kmip::KmipSigner};
///
/// Named and modelled after the similar AuthProvider concept that already exists in Krill.
#[allow(dead_code)] // Needed as we currently only ever construct one variant
#[derive(Clone, Debug)]
#[derive(Debug)]
pub enum SignerProvider {
OpenSsl(OpenSslSigner),

Expand All @@ -31,7 +31,7 @@ impl SignerProvider {
}

#[cfg(feature = "hsm")]
pub fn create_registration_key(&mut self) -> Result<(PublicKey, String), SignerError> {
pub fn create_registration_key(&self) -> Result<(PublicKey, String), SignerError> {
match self {
SignerProvider::OpenSsl(signer) => signer.create_registration_key(),
#[cfg(feature = "hsm")]
Expand All @@ -53,7 +53,7 @@ impl SignerProvider {
}

#[cfg(feature = "hsm")]
pub fn set_handle(&mut self, handle: Handle) {
pub fn set_handle(&self, handle: Handle) {
match self {
SignerProvider::OpenSsl(signer) => signer.set_handle(handle),
#[cfg(feature = "hsm")]
Expand Down Expand Up @@ -85,7 +85,7 @@ impl Signer for SignerProvider {

type Error = SignerError;

fn create_key(&mut self, algorithm: PublicKeyFormat) -> Result<Self::KeyId, Self::Error> {
fn create_key(&self, algorithm: PublicKeyFormat) -> Result<Self::KeyId, Self::Error> {
match self {
SignerProvider::OpenSsl(signer) => signer.create_key(algorithm),
#[cfg(feature = "hsm")]
Expand All @@ -101,7 +101,7 @@ impl Signer for SignerProvider {
}
}

fn destroy_key(&mut self, key: &Self::KeyId) -> Result<(), KeyError<Self::Error>> {
fn destroy_key(&self, key: &Self::KeyId) -> Result<(), KeyError<Self::Error>> {
match self {
SignerProvider::OpenSsl(signer) => signer.destroy_key(key),
#[cfg(feature = "hsm")]
Expand Down
Loading