-
-
Notifications
You must be signed in to change notification settings - Fork 557
/
encryptor_worker.rs
127 lines (106 loc) · 3.46 KB
/
encryptor_worker.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
use crate::identity::IdentityError;
use crate::secure_channel::addresses::Addresses;
use crate::secure_channel::api::{EncryptionRequest, EncryptionResponse};
use crate::secure_channel::encryptor::Encryptor;
use ockam_core::compat::boxed::Box;
use ockam_core::{async_trait, Decodable, Encodable, Route};
use ockam_core::{Any, Result, Routed, TransportMessage, Worker};
use ockam_node::Context;
use tracing::debug;
pub(crate) struct EncryptorWorker {
//for debug purposes only
role: &'static str,
addresses: Addresses,
remote_route: Route,
encryptor: Encryptor,
}
impl EncryptorWorker {
pub fn new(
role: &'static str,
addresses: Addresses,
remote_route: Route,
encryptor: Encryptor,
) -> Self {
Self {
role,
addresses,
remote_route,
encryptor,
}
}
async fn handle_encrypt_api(
&mut self,
ctx: &mut <Self as Worker>::Context,
msg: Routed<<Self as Worker>::Message>,
) -> Result<()> {
debug!(
"SecureChannel {} received Encrypt API {}",
self.role, &self.addresses.encryptor
);
let return_route = msg.return_route();
// Decode raw payload binary
let request = EncryptionRequest::decode(&msg.into_transport_message().payload)?;
// Encrypt the message
let encrypted_payload = self.encryptor.encrypt(&request.0).await;
let response = match encrypted_payload {
Ok(payload) => EncryptionResponse::Ok(payload),
Err(err) => EncryptionResponse::Err(err),
};
// Send the reply to the caller
ctx.send_from_address(return_route, response, self.addresses.encryptor_api.clone())
.await?;
Ok(())
}
async fn handle_encrypt(
&mut self,
ctx: &mut <Self as Worker>::Context,
msg: Routed<<Self as Worker>::Message>,
) -> Result<()> {
debug!(
"SecureChannel {} received Encrypt {}",
self.role, &self.addresses.encryptor
);
let mut onward_route = msg.onward_route();
let return_route = msg.return_route();
// Remove our address
let _ = onward_route.step();
let msg = TransportMessage::v1(
onward_route,
return_route,
msg.into_transport_message().payload,
);
// Encrypt the message
let encrypted_payload = self.encryptor.encrypt(&msg.encode()?).await?;
// Send the message to the decryptor on the other side
ctx.send_from_address(
self.remote_route.clone(),
encrypted_payload,
self.addresses.encryptor.clone(),
)
.await?;
Ok(())
}
}
#[async_trait]
impl Worker for EncryptorWorker {
type Message = Any;
type Context = Context;
async fn handle_message(
&mut self,
ctx: &mut Self::Context,
msg: Routed<Self::Message>,
) -> Result<()> {
let msg_addr = msg.msg_addr();
if msg_addr == self.addresses.encryptor {
self.handle_encrypt(ctx, msg).await?;
} else if msg_addr == self.addresses.encryptor_api {
self.handle_encrypt_api(ctx, msg).await?;
} else {
return Err(IdentityError::UnknownChannelMsgDestination.into());
}
Ok(())
}
async fn shutdown(&mut self, _context: &mut Self::Context) -> Result<()> {
self.encryptor.shutdown().await
}
}