More refactoring and trying to get keystores to work properly

16 files changed, 91 insertions, 89 deletions

diff --git a/Cargo.lock b/Cargo.lock
index c69f091..1d3b2ea 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -901,7 +901,7 @@ dependencies = [
 name = "lockchain-crypto"
 version = "0.8.1-alpha.0"
 dependencies = [
- "lockchain-core 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lockchain-core 0.9.1-alpha.0",
  "miscreant 0.4.0-beta2 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde 1.0.70 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde_derive 1.0.70 (registry+https://github.com/rust-lang/crates.io-index)",
@@ -911,18 +911,18 @@ dependencies = [
 name = "lockchain-files"
 version = "0.9.1-alpha.0"
 dependencies = [
- "lockchain-core 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lockchain-core 0.9.1-alpha.0",
 ]
 
 [[package]]
 name = "lockchain-http"
-version = "0.4.0"
+version = "0.4.1-alpha.0"
 dependencies = [
  "actix 0.5.8 (registry+https://github.com/rust-lang/crates.io-index)",
  "actix-web 0.6.15 (registry+https://github.com/rust-lang/crates.io-index)",
  "env_logger 0.5.10 (registry+https://github.com/rust-lang/crates.io-index)",
  "futures 0.1.22 (registry+https://github.com/rust-lang/crates.io-index)",
- "lockchain-core 0.9.0 (registry+https://github.com/rust-lang/crates.io-index)",
+ "lockchain-core 0.9.1-alpha.0",
  "serde 1.0.70 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde_derive 1.0.70 (registry+https://github.com/rust-lang/crates.io-index)",
 ]
@@ -935,7 +935,7 @@ dependencies = [
  "insult 2.0.3 (registry+https://github.com/rust-lang/crates.io-index)",
  "lockchain-core 0.9.1-alpha.0",
  "lockchain-files 0.9.1-alpha.0",
- "lockchain-http 0.4.0",
+ "lockchain-http 0.4.1-alpha.0",
 ]
 
 [[package]]
diff --git a/lockchain-core/examples/user_registry.rs b/lockchain-core/examples/user_registry.rs
deleted file mode 100644
index 8bb5c69..0000000
--- a/lockchain-core/examples/user_registry.rs
+++ /dev/null
@@ -1,33 +0,0 @@
-//! User registry in a vault is done via the metadata store
-//! 
-//! In addition to that the `lockchain-core ` provides some simple
-//! utilities to manage Users and UserStore objects, mapping them
-//! onto metadata stores.
-//! 
-//! In this example we will define a function that takes a generic
-//! Vault implementation backend (because lockchain-core doesn't
-//! provide a concrete way of doing this) and registering a user 
-//! into it.
-//! 
-//! Please note you can't actually _run_ this code example, because
-//! no concrete type can be known. The exact same example (with a type)
-//! can however be found in `lockchain-files`
-
-
-extern crate lockchain_core as lockchain;
-use lockchain::users::{User, UserStore, Access, Role};
-use lockchain::traits::Vault;
-use lockchain::EncryptedBody;
-
-fn main() {
-    // register(your_vault_here, "spacekookie", "password");
-}
-
-/// This function takes a generic Vault which MUST implement
-/// the EncryptedBody backend. This would normally be the case
-/// for the `DataVault` provided by `lockchain-files`
-fn register<V: Vault<EncryptedBody>>(vault: &mut V, username: &str, password: &str) {
-    let me = User::register(username, password);
-}
-
-
diff --git a/lockchain-core/src/crypto/utils/encoding.rs b/lockchain-core/src/crypto/encoding.rs
index 0c49490..0c49490 100644
--- a/lockchain-core/src/crypto/utils/encoding.rs
+++ b/lockchain-core/src/crypto/encoding.rs
diff --git a/lockchain-core/src/crypto/utils/hashing.rs b/lockchain-core/src/crypto/hashing.rs
index 4a24a17..4a24a17 100644
--- a/lockchain-core/src/crypto/utils/hashing.rs
+++ b/lockchain-core/src/crypto/hashing.rs
diff --git a/lockchain-core/src/crypto/mod.rs b/lockchain-core/src/crypto/mod.rs
index ad9c0e1..ef52912 100644
--- a/lockchain-core/src/crypto/mod.rs
+++ b/lockchain-core/src/crypto/mod.rs
@@ -13,11 +13,10 @@ mod keys {
 }
 
 mod data;
-mod utils;
-pub use utils::*;
-pub mod keystore;
-pub mod store;
+pub mod encoding;
+pub mod random;
+pub mod hashing;
 
 pub use self::data::PackedData;
-pub use self::keystore::KeyStore;
 pub use self::keys::{Key, KeyType};
+pub use users::KeyStore;
\ No newline at end of file
diff --git a/lockchain-core/src/crypto/utils/random.rs b/lockchain-core/src/crypto/random.rs
index 7d31992..7d31992 100644
--- a/lockchain-core/src/crypto/utils/random.rs
+++ b/lockchain-core/src/crypto/random.rs
diff --git a/lockchain-core/src/crypto/store.rs b/lockchain-core/src/crypto/store.rs
deleted file mode 100644
index f57359d..0000000
--- a/lockchain-core/src/crypto/store.rs
+++ /dev/null
@@ -1,15 +0,0 @@
-
-use std::collections::HashMap;
-
-/// A thin user keystore
-/// 
-/// It's implementation can manage multiple keys per user, of various
-/// types and constrained for limited access rights.
-pub struct KeyStore {
-
-}
-
-struct StoreUser {
-    name: String,
-    HashMap<
-}
\ No newline at end of file
diff --git a/lockchain-core/src/crypto/utils/mod.rs b/lockchain-core/src/crypto/utils/mod.rs
deleted file mode 100644
index d57689c..0000000
--- a/lockchain-core/src/crypto/utils/mod.rs
+++ /dev/null
@@ -1,5 +0,0 @@
-//! A collection of common cryptography utilities.
-
-pub mod encoding;
-pub mod random;
-pub mod hashing;
\ No newline at end of file
diff --git a/lockchain-core/src/crypto/keystore.rs b/lockchain-core/src/users/keystore.rs
index 71d7be2..71d7be2 100644
--- a/lockchain-core/src/crypto/keystore.rs
+++ b/lockchain-core/src/users/keystore.rs
diff --git a/lockchain-core/src/users/mod.rs b/lockchain-core/src/users/mod.rs
index 338cc5e..e9205d1 100644
--- a/lockchain-core/src/users/mod.rs
+++ b/lockchain-core/src/users/mod.rs
@@ -14,10 +14,19 @@
 //! data to load and store them into a metadata store.
 
 mod auth;
+mod rights;
 mod tokens;
+mod keystore;
+
+mod store;
+mod secrets;
+
 pub use self::auth::pam_authenticate;
+pub use self::keystore::KeyStore;
 pub use self::tokens::Token;
+
 pub use errors::AuthError;
+pub use self::rights::{Access, Role};
 
 use crypto::{encoding, hashing, random};
 use std::collections::HashMap;
@@ -26,27 +35,6 @@ use {
     traits::{AutoEncoder, Base64AutoEncoder},
 };
 
-/// Specifies access to a resource
-#[derive(Hash, Serialize, Deserialize, Clone, PartialEq, Eq)]
-pub enum Access {
-    /// Allows access to vault metadata & index files
-    Vault(Role),
-    /// Allows access to a record resource inside a vault
-    Record(Role, String),
-}
-
-impl AutoEncoder for Access {}
-
-/// Specifies the capabilities of a user
-#[derive(Hash, Serialize, Deserialize, Clone, PartialEq, Eq)]
-pub enum Role {
-    Reader,
-    Editor,
-    Admin,
-}
-
-impl AutoEncoder for Role {}
-
 /// A generic user representation
 ///
 /// A user has an identify check built in that can verify a passphrase
@@ -83,7 +71,7 @@ impl User {
         self.pw_hash == encoding::base64_encode(&hashing::blake2(pw, &self.name).to_vec())
     }
     /// Provides a hook to use second-factor authentication to authorise
-    /// 
+    ///
     /// This is meant to be used with an external Yubikey
     pub fn second_auth_verify(&mut self) -> bool {
         unimplemented!()
diff --git a/lockchain-core/src/users/rights.rs b/lockchain-core/src/users/rights.rs
new file mode 100644
index 0000000..4404253
--- /dev/null
+++ b/lockchain-core/src/users/rights.rs
@@ -0,0 +1,22 @@
+use traits::AutoEncoder;
+
+/// Specifies access to a resource
+#[derive(Hash, Serialize, Deserialize, Clone, PartialEq, Eq)]
+pub enum Access {
+    /// Allows access to vault metadata & index files
+    Vault(Role),
+    /// Allows access to a record resource inside a vault
+    Record(Role, String),
+}
+
+impl AutoEncoder for Access {}
+
+/// Specifies the capabilities of a user
+#[derive(Hash, Serialize, Deserialize, Clone, PartialEq, Eq)]
+pub enum Role {
+    Reader,
+    Editor,
+    Admin,
+}
+
+impl AutoEncoder for Role {}
diff --git a/lockchain-core/src/crypto/secrets.rs b/lockchain-core/src/users/secrets.rs
index 87e2c13..8210a09 100644
--- a/lockchain-core/src/crypto/secrets.rs
+++ b/lockchain-core/src/users/secrets.rs
@@ -1,5 +1,7 @@
+use traits::AutoEncoder;
 
 /// Specifies the type of secret that's used to derive a vault user secret
+#[derive(Serialize, Deserialize)]
 pub enum SecretType {
     /// A simple password
     Plain,
@@ -9,6 +11,8 @@ pub enum SecretType {
     Combine,
 }
 
+impl AutoEncoder for SecretType {}
+
 /// The backing secret for user authentication
 /// 
 /// This is _always_ in a non-recoverable form, i.e. a hash
@@ -19,7 +23,10 @@ pub enum SecretType {
 /// might be supported to verify operations. For example, a `Keyfile`
 /// secret can deposit the entire public key in the `content` field, 
 /// then use asymmetric operations to verify operations more thoroughly.
+#[derive(Serialize, Deserialize)]
 pub struct UserSecret {
-    type: SecretType,
+    tt: SecretType,
     content: String,
 }
+
+impl AutoEncoder for UserSecret {}
diff --git a/lockchain-core/src/users/store.rs b/lockchain-core/src/users/store.rs
new file mode 100644
index 0000000..d400668
--- /dev/null
+++ b/lockchain-core/src/users/store.rs
@@ -0,0 +1,39 @@
+use super::rights::Access;
+use super::secrets::SecretType;
+use crypto::Key;
+use std::collections::HashMap;
+
+/// A thin user keystore
+///
+/// It's implementation can manage multiple keys per user, of various
+/// types and constrained for limited access rights.
+pub struct KeyStore {
+    store: HashMap<String, StoreUser>,
+}
+
+struct StoreUser {
+    name: String,
+    keys: HashMap<Access, Key>,
+}
+
+impl KeyStore {
+    /// Create a new, empty keystore
+    ///
+    /// This is most likely *not* what you want. Instead, transform
+    /// a `MetaData` object into a keystore.
+    pub fn new() -> Self {
+        Self {
+            store: HashMap::new(),
+        }
+    }
+
+    pub fn add_user(&mut self) {}
+
+    pub fn rm_user(&mut self) {}
+
+    pub fn add_key(&mut self, user: String, k: Key, access: Access) {}
+
+    pub fn get_key(&self, user: String, access: Access) -> &Key {
+        unimplemented!()
+    }
+}
diff --git a/lockchain-crypto/Cargo.toml b/lockchain-crypto/Cargo.toml
index 656f60f..10a69ae 100644
--- a/lockchain-crypto/Cargo.toml
+++ b/lockchain-crypto/Cargo.toml
@@ -9,7 +9,7 @@ version = "0.8.1-alpha.0"
 authors = ["Katharina Fey <kookie@spacekookie.de>"]
 
 [dependencies]
-lockchain-core = { version = "0.9.0", path = "../lockchain-core" }
+lockchain-core = { version = "0.9.1-alpha.0", path = "../lockchain-core" }
 serde_derive = "1.0"
 serde = "1.0"
 
diff --git a/lockchain-files/Cargo.toml b/lockchain-files/Cargo.toml
index 8656fbf..e63455a 100644
--- a/lockchain-files/Cargo.toml
+++ b/lockchain-files/Cargo.toml
@@ -10,4 +10,4 @@ readme = "README.md"
 license = "MIT/X11 OR Apache-2.0"
 
 [dependencies]
-lockchain-core = { version = "0.9.0" } # lockchain-core = { version = "0.9.1-alpha.0", path = "../lockchain-core" }
+lockchain-core = { version = "0.9.1-alpha.0", path = "../lockchain-core" }
diff --git a/lockchain-http/Cargo.toml b/lockchain-http/Cargo.toml
index 128c9c9..9150033 100644
--- a/lockchain-http/Cargo.toml
+++ b/lockchain-http/Cargo.toml
@@ -10,7 +10,7 @@ readme = "README.md"
 license = "MIT/X11 OR Apache-2.0"
 
 [dependencies]
-lockchain-core = { version = "0.9.0" }# lockchain-core = { version = "0.9.1-alpha.0", path = "../lockchain-core" }
+lockchain-core = { version = "0.9.1-alpha.0", path = "../lockchain-core" }
 env_logger = "0.5"
 
 # Serialisation stack