1//! Read-only C Tor key store support.
23pub(crate) mod client;
4pub(crate) mod err;
5pub(crate) mod service;
67use crate::keystore::fs_utils::{FilesystemAction, FilesystemError, RelKeyPath};
8use crate::{KeystoreId, Result};
9use fs_mistrust::{CheckedDir, Mistrust};
1011use std::path::{Path, PathBuf};
1213use err::CTorKeystoreError;
1415pub use client::CTorClientKeystore;
16pub use service::CTorServiceKeystore;
1718/// Common fields for C Tor keystores.
19struct CTorKeystore {
20/// The root of the key store.
21 ///
22 /// All the keys are read from this directory.
23keystore_dir: CheckedDir,
24/// The unique identifier of this instance.
25id: KeystoreId,
26}
2728impl CTorKeystore {
29/// Create a new `CTorKeystore` rooted at the specified `keystore_dir` directory.
30 ///
31 /// This function returns an error if `keystore_dir` is not a directory,
32 /// or if it does not conform to the requirements of the specified `Mistrust`.
33fn from_path_and_mistrust(
34 keystore_dir: impl AsRef<Path>,
35 mistrust: &Mistrust,
36 id: KeystoreId,
37 ) -> Result<Self> {
38let keystore_dir = mistrust
39 .verifier()
40 .check_content()
41 .secure_dir(&keystore_dir)
42 .map_err(|e| FilesystemError::FsMistrust {
43 action: FilesystemAction::Init,
44 path: keystore_dir.as_ref().into(),
45 err: e.into(),
46 })
47 .map_err(CTorKeystoreError::Filesystem)?;
4849Ok(Self { keystore_dir, id })
50 }
5152/// Return `rel_path` as a [`RelKeyPath`] relative to `keystore_dir`.
53fn rel_path(&self, rel_path: PathBuf) -> RelKeyPath {
54 RelKeyPath::from_parts(&self.keystore_dir, rel_path)
55 }
56}