add encryption to the agent protocol

author: Jesse Luehrs <doy@tozt.net> 2020-04-18 01:28:48 -0400
committer: Jesse Luehrs <doy@tozt.net> 2020-04-18 01:28:48 -0400
commit: 777b810db4675305854c373dcd57aedc40061e5d (patch)
tree: ed35c77e39416073fb5222aebdb5ef484c238dd3 /src/bin/rbw-agent
parent: 3babc8801c0d09b7868be9be7751f7cfdf32c8bb (diff)
download: rbw-777b810db4675305854c373dcd57aedc40061e5d.tar.gz
rbw-777b810db4675305854c373dcd57aedc40061e5d.zip
2 files changed, 37 insertions, 0 deletions
diff --git a/src/bin/rbw-agent/actions.rs b/src/bin/rbw-agent/actions.rs
index 2cb012c..7289a25 100644
--- a/src/bin/rbw-agent/actions.rs
+++ b/src/bin/rbw-agent/actions.rs
@@ -192,6 +192,28 @@ pub async fn decrypt(
     Ok(())
 }
 
+pub async fn encrypt(
+    sock: &mut crate::sock::Sock,
+    state: std::sync::Arc<tokio::sync::RwLock<crate::agent::State>>,
+    plaintext: &str,
+) -> anyhow::Result<()> {
+    let state = state.read().await;
+    let keys = if let Some(keys) = &state.priv_key {
+        keys
+    } else {
+        return Err(anyhow::anyhow!(
+            "failed to find encryption keys in in-memory state"
+        ));
+    };
+    let cipherstring =
+        rbw::cipherstring::CipherString::encrypt(keys, plaintext.as_bytes())
+            .context("failed to encrypt plaintext secret")?;
+
+    respond_encrypt(sock, cipherstring.to_string()).await?;
+
+    Ok(())
+}
+
 async fn respond_ack(sock: &mut crate::sock::Sock) -> anyhow::Result<()> {
     sock.send(&rbw::protocol::Response::Ack)
         .await
@@ -211,6 +233,17 @@ async fn respond_decrypt(
     Ok(())
 }
 
+async fn respond_encrypt(
+    sock: &mut crate::sock::Sock,
+    cipherstring: String,
+) -> anyhow::Result<()> {
+    sock.send(&rbw::protocol::Response::Encrypt { cipherstring })
+        .await
+        .context("failed to send response")?;
+
+    Ok(())
+}
+
 async fn config_email() -> anyhow::Result<String> {
     let config = rbw::config::Config::load_async()
         .await
diff --git a/src/bin/rbw-agent/agent.rs b/src/bin/rbw-agent/agent.rs
index 21600c3..e80e1c6 100644
--- a/src/bin/rbw-agent/agent.rs
+++ b/src/bin/rbw-agent/agent.rs
@@ -142,6 +142,10 @@ async fn handle_request(
                 .await?;
             true
         }
+        rbw::protocol::Action::Encrypt { plaintext } => {
+            crate::actions::encrypt(sock, state.clone(), &plaintext).await?;
+            true
+        }
         rbw::protocol::Action::Quit => std::process::exit(0),
     };
author	Jesse Luehrs <doy@tozt.net>	2020-04-18 01:28:48 -0400
committer	Jesse Luehrs <doy@tozt.net>	2020-04-18 01:28:48 -0400
commit	777b810db4675305854c373dcd57aedc40061e5d (patch)
tree	ed35c77e39416073fb5222aebdb5ef484c238dd3 /src/bin/rbw-agent
parent	3babc8801c0d09b7868be9be7751f7cfdf32c8bb (diff)
download	rbw-777b810db4675305854c373dcd57aedc40061e5d.tar.gz rbw-777b810db4675305854c373dcd57aedc40061e5d.zip