1//! Read-only C Tor key store support.
23pub(crate) mod client;
4pub(crate) mod err;
5pub(crate) mod service;
67use crate::keystore::fs_utils::{FilesystemAction, FilesystemError, RelKeyPath};
8use crate::{KeystoreId, Result};
910use fs_mistrust::{CheckedDir, Mistrust};
1112use std::path::{Path, PathBuf};
1314use err::CTorKeystoreError;
1516pub use client::CTorClientKeystore;
17pub use service::CTorServiceKeystore;
1819/// Common fields for C Tor keystores.
20struct CTorKeystore {
21/// The root of the key store.
22 ///
23 /// All the keys are read from this directory.
24keystore_dir: CheckedDir,
25/// The unique identifier of this instance.
26id: KeystoreId,
27}
2829impl CTorKeystore {
30/// Create a new `CTorKeystore` rooted at the specified `keystore_dir` directory.
31 ///
32 /// This function returns an error if `keystore_dir` is not a directory,
33 /// or if it does not conform to the requirements of the specified `Mistrust`.
34fn from_path_and_mistrust(
35 keystore_dir: impl AsRef<Path>,
36 mistrust: &Mistrust,
37 id: KeystoreId,
38 ) -> Result<Self> {
39let keystore_dir = mistrust
40 .verifier()
41 .check_content()
42 .secure_dir(&keystore_dir)
43 .map_err(|e| FilesystemError::FsMistrust {
44 action: FilesystemAction::Init,
45 path: keystore_dir.as_ref().into(),
46 err: e.into(),
47 })
48 .map_err(CTorKeystoreError::Filesystem)?;
4950Ok(Self { keystore_dir, id })
51 }
5253/// Return `rel_path` as a [`RelKeyPath`] relative to `keystore_dir`.
54fn rel_path(&self, rel_path: PathBuf) -> RelKeyPath {
55 RelKeyPath::from_parts(&self.keystore_dir, rel_path)
56 }
57}