-
Notifications
You must be signed in to change notification settings - Fork 14
/
grpc_service.go
135 lines (115 loc) · 3.62 KB
/
grpc_service.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
package services
import (
"context"
"github.com/monax/hoard/v4"
"github.com/monax/hoard/v4/grant"
"github.com/monax/hoard/v4/reference"
"github.com/monax/hoard/v4/storage"
)
// Here we implement the GRPC Hoard service. It should mostly be plumbing to
// a DeterministicEncryptedStore (for which hoard.hoard is the canonical example)
// and also to Grants.
type grpcService struct {
des hoard.DeterministicEncryptedStore
gs hoard.GrantService
}
func NewHoardServer(des hoard.DeterministicEncryptedStore, gs hoard.GrantService) *grpcService {
return &grpcService{
des: des,
gs: gs,
}
}
func (service *grpcService) Get(ctx context.Context, ref *reference.Ref) (*Plaintext, error) {
data, err := service.des.Get(ref)
if err != nil {
return nil, err
}
return &Plaintext{
Data: data,
Salt: ref.Salt,
}, nil
}
func (service *grpcService) Put(ctx context.Context, plaintext *Plaintext) (*reference.Ref, error) {
return service.des.Put(plaintext.Data, plaintext.Salt)
}
func (service *grpcService) Encrypt(ctx context.Context, plaintext *Plaintext) (*ReferenceAndCiphertext, error) {
ref, encryptedData, err := service.des.Encrypt(plaintext.Data, plaintext.Salt)
if err != nil {
return nil, err
}
return &ReferenceAndCiphertext{
Reference: ref,
Ciphertext: &Ciphertext{
EncryptedData: encryptedData,
},
}, nil
}
func (service *grpcService) Decrypt(ctx context.Context, refAndCiphertext *ReferenceAndCiphertext) (*Plaintext, error) {
data, err := service.des.Decrypt(refAndCiphertext.Reference, refAndCiphertext.Ciphertext.EncryptedData)
if err != nil {
return nil, err
}
return &Plaintext{
Data: data,
Salt: refAndCiphertext.Reference.Salt,
}, nil
}
// StorageServer
func (service *grpcService) Push(ctx context.Context, ciphertext *Ciphertext) (*Address, error) {
address, err := service.des.Store().Put(ciphertext.EncryptedData)
if err != nil {
return nil, err
}
return &Address{
Address: address,
}, nil
}
func (service *grpcService) Pull(ctx context.Context, address *Address) (*Ciphertext, error) {
// Get from the underlying store
encryptedData, err := service.des.Store().Get(address.Address)
if err != nil {
return nil, err
}
return &Ciphertext{
EncryptedData: encryptedData,
}, nil
}
func (service *grpcService) Stat(ctx context.Context, address *Address) (*storage.StatInfo, error) {
statInfo, err := service.des.Store().Stat(address.Address)
if err != nil {
return nil, err
}
// For the master API we provide the address and the canonical
// location in a StatInfo message
statInfo.Address = address.Address
statInfo.Location = service.des.Store().Location(address.Address)
return statInfo, nil
}
// GrantServer
func (service *grpcService) Seal(ctx context.Context, arg *ReferenceAndGrantSpec) (*grant.Grant, error) {
return service.gs.Seal(arg.Reference, arg.GrantSpec)
}
func (service *grpcService) Unseal(ctx context.Context, grt *grant.Grant) (*reference.Ref, error) {
return service.gs.Unseal(grt)
}
func (service *grpcService) Reseal(ctx context.Context, arg *GrantAndGrantSpec) (*grant.Grant, error) {
ref, err := service.gs.Unseal(arg.Grant)
if err != nil {
return nil, err
}
return service.gs.Seal(ref, arg.GrantSpec)
}
func (service *grpcService) PutSeal(ctx context.Context, arg *PlaintextAndGrantSpec) (*grant.Grant, error) {
ref, err := service.des.Put(arg.Plaintext.Data, arg.Plaintext.Salt)
if err != nil {
return nil, err
}
return service.gs.Seal(ref, arg.GrantSpec)
}
func (service *grpcService) UnsealGet(ctx context.Context, grt *grant.Grant) (*Plaintext, error) {
ref, err := service.gs.Unseal(grt)
if err != nil {
return nil, err
}
return service.Get(ctx, ref)
}