-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathredis_data_vault.rs
169 lines (160 loc) · 6.15 KB
/
redis_data_vault.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
use async_trait::async_trait;
use credit_card::CreditCard;
use deadpool_redis::redis::{AsyncCommands};
use crate::traits::{DataVault, PoolErrors};
use crate::config::DeadpoolRedisConfig;
use crate::encryption::traits::Encryption;
use crate::tokenizer::{Tokenizer};
use std::error;
/// Use redis as a data vault back end
///
/// This implementation uses deadpool_redis
///
/// Connection setup is available as environment
/// variables or a .env file with the following
/// options:
/// REDIS_URL=redis://127.0.0.1/
/// REDIS_POOL_MAX_SIZE=16
///
/// # Examples
/// ```rust
/// use data_vault::{DataVault, RedisDataVault};
/// use data_vault::encryption::AesGcmSivEncryption;
/// use data_vault::tokenizer::Blake3Tokenizer;
/// let data_vault = RedisDataVault::<AesGcmSivEncryption, Blake3Tokenizer>::new().unwrap();
/// ```
pub struct RedisDataVault<E, T> {
pool: deadpool_redis::Pool,
encryption: E,
tokenizer: T,
}
#[async_trait]
impl<E, T> DataVault for RedisDataVault<E, T>
where
E: Encryption + std::marker::Sync + std::marker::Send,
T: Tokenizer + std::marker::Sync + std::marker::Send,
{
/// Create new RedisDataVault backend
/// # examples
/// ```rust
/// use data_vault::{DataVault, RedisDataVault};
/// use data_vault::encryption::AesGcmSivEncryption;
/// use data_vault::tokenizer::Blake3Tokenizer;
/// let data_vault = RedisDataVault::<AesGcmSivEncryption, Blake3Tokenizer>::new().unwrap();
/// ```
fn new() -> Result<Self, Box<dyn error::Error>> {
let cfg = DeadpoolRedisConfig::from_env()?;
let pool = cfg.redis.create_pool()?;
let redis_data_vault = RedisDataVault {
pool,
encryption: E::new(),
tokenizer: T::new()
};
Ok(redis_data_vault)
}
/// Encrypt and Store a string with the given token as the redis key
/// Arguments:
/// * `CreditCard` - the cc object that you wish to store
/// return:
/// the token as String
/// # example
/// ```rust
/// use data_vault::{DataVault, RedisDataVault};
/// use data_vault::encryption::AesGcmSivEncryption;
/// use data_vault::tokenizer::Blake3Tokenizer;
///
/// let token = String::from("abc123");
/// let credit_card_string = String::from("{number: 123}");
/// let data_vault = RedisDataVault::<AesGcmSivEncryption, Blake3Tokenizer>::new().unwrap();
/// data_vault.store(&token, &credit_card_string);
/// ```
async fn store(&self, token: &String, string: &String) -> Result<(), PoolErrors> {
let mut conn = self.pool.get().await?;
let encrypted_json = self.encryption.encrypt(string.as_bytes());
let _:() = conn.set(token, encrypted_json).await.unwrap();
Ok(())
}
/// Store the credit card in the data vault
/// Arguments:
/// * `CreditCard` - the cc object that you wish to store
/// return:
/// A new token as String
/// # example
/// ```rust
/// use data_vault::{DataVault, RedisDataVault};
/// use data_vault::encryption::AesGcmSivEncryption;
/// use data_vault::tokenizer::Blake3Tokenizer;
/// use credit_card::CreditCard;
///
/// let cc = CreditCard {
/// number: "4111111111111111".to_string(),
/// cardholder_name: "Graydon Hoare".to_string(),
/// expiration_month: "01".to_string(),
/// expiration_year: "2023".to_string(),
/// brand: None,
/// security_code: None
/// };
///
/// let data_vault = RedisDataVault::<AesGcmSivEncryption, Blake3Tokenizer>::new().unwrap();
/// let token = data_vault.store_credit_card(&cc);
/// ```
async fn store_credit_card(&self, credit_card: &CreditCard) -> Result<String, PoolErrors> {
let token = self.tokenizer.generate(&credit_card);
let credit_card_json = serde_json::to_string(&credit_card).unwrap();
let _:() = self.store(&token, &credit_card_json).await?;
Ok(token)
}
/// Get decrypted arbitrary data from the vault by token
/// Arguments:
/// * `token`: the string form of the ID of the data
/// returns:
/// * the decrypted string of data
/// # example
/// ```rust,ignore
/// use data_vault::DataVault;
/// use data_vault::RedisDataVault;
/// use data_vault::encryption::AesGcmSivEncryption;
/// use data_vault::tokenizer::Blake3Tokenizer;
///
/// let token = String::from("abc123");
/// let cc_string = String::from("{number: 123}");
/// let data_vault = RedisDataVault::<AesGcmSivEncryption, Blake3Tokenizer>::new().unwrap();
/// data_vault.store(&token, &cc_string).await;
/// let credit_card_string = data_vault.retrieve(&token)
/// ```
async fn retrieve(&self, token: &String) -> Result<String, PoolErrors> {
let mut conn = self.pool.get().await?;
let encrypted_credit_card_json: Vec<u8> = conn.get(token).await.unwrap();
Ok(self.encryption.decrypt(encrypted_credit_card_json.as_slice()))
}
/// Get the credit card from the data vault given a token
/// Arguments:
/// * `token`: the string form of the ID of the data
/// returns:
/// * `CreditCard` object
/// # Example
/// ```rust,ignore
/// use data_vault::DataVault;
/// use data_vault::RedisDataVault;
/// use data_vault::encryption::AesGcmSivEncryption;
/// use data_vault::tokenizer::Blake3Tokenizer;
/// use credit_card::CreditCard;
///
/// let cc = CreditCard {
/// number: "4111111111111111".to_string(),
/// cardholder_name: "Graydon Hoare".to_string(),
/// expiration_month: "01".to_string(),
/// expiration_year: "2023".to_string(),
/// brand: None,
/// security_code: None
/// };
///
/// let data_vault = RedisDataVault::<AesGcmSivEncryption, Blake3Tokenizer>::new().unwrap();
/// let token = data_vault.store_credit_card(&cc).await;
/// let credit_card = data_vault.retrieve_credit_card(&token).await;
/// ```
async fn retrieve_credit_card(&self, token: &String) -> Result<CreditCard, PoolErrors> {
let credit_card_json = self.retrieve(token).await?;
Ok(serde_json::from_str(&credit_card_json).unwrap_or_default())
}
}