From 0130e0cb28e838f77c8dfe158c3a7e9af29ea1c0 Mon Sep 17 00:00:00 2001
From: librelois <elois@ifee.fr>
Date: Tue, 3 Sep 2019 20:30:03 +0200
Subject: [PATCH] [ref] pkstl: use same config object for all modes

---
 lib/tools/pkstl/src/agreement.rs              |  3 +-
 lib/tools/pkstl/src/complete.rs               | 38 ++++++++-----------
 .../pkstl/src/complete/serde/serializer.rs    |  6 +--
 lib/tools/pkstl/src/config.rs                 | 29 +++++++-------
 lib/tools/pkstl/src/encryption.rs             |  2 +-
 .../src/encryption/chacha20_poly1305_aead.rs  |  2 +-
 lib/tools/pkstl/src/lib.rs                    |  2 +-
 lib/tools/pkstl/src/minimal.rs                | 36 +++++++++---------
 lib/tools/pkstl/tests/complete_mode.rs        | 12 ++++--
 lib/tools/pkstl/tests/complete_serde_mode.rs  |  4 +-
 lib/tools/pkstl/tests/minimal_mode.rs         |  6 +--
 11 files changed, 69 insertions(+), 71 deletions(-)

diff --git a/lib/tools/pkstl/src/agreement.rs b/lib/tools/pkstl/src/agreement.rs
index 3bc6f370..f9f176c6 100644
--- a/lib/tools/pkstl/src/agreement.rs
+++ b/lib/tools/pkstl/src/agreement.rs
@@ -65,7 +65,7 @@ impl SharedSecret {
     }
 }
 
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 /// Ephemeral public key used once to generate shared secret
 pub struct EphemeralPublicKey(agreement::PublicKey);
 
@@ -76,6 +76,7 @@ impl AsRef<[u8]> for EphemeralPublicKey {
 }
 
 /// Ephemeral key pair used once to generate shared secret
+#[derive(Debug)]
 pub struct EphemeralKeyPair {
     privkey: agreement::EphemeralPrivateKey,
     pubkey: EphemeralPublicKey,
diff --git a/lib/tools/pkstl/src/complete.rs b/lib/tools/pkstl/src/complete.rs
index 10e72212..ee8ebb7f 100644
--- a/lib/tools/pkstl/src/complete.rs
+++ b/lib/tools/pkstl/src/complete.rs
@@ -23,7 +23,7 @@ pub mod writer;
 #[cfg(feature = "ser")]
 pub use self::serde::IncomingMessage;
 
-use crate::{Error, Message, MinimalSecureLayer, Result, SdtlConfig, Seed32};
+use crate::{Error, Message, MinimalSecureLayer, Result, SecureLayerConfig, Seed32};
 use flate2::write::{DeflateDecoder, DeflateEncoder};
 use message::IncomingBinaryMessage;
 use ring::signature::Ed25519KeyPair;
@@ -37,8 +37,8 @@ use ::serde::Serialize;
 use std::fmt::Debug;
 
 /// Secure layer
+#[derive(Debug)]
 pub struct SecureLayer {
-    config: SdtlConfig,
     minimal_secure_layer: MinimalSecureLayer,
     sig_key_pair: Option<Ed25519KeyPair>,
 }
@@ -49,17 +49,14 @@ impl SecureLayer {
         let msl_clone = self.minimal_secure_layer.try_clone()?;
 
         Ok(SecureLayer {
-            config: self.config,
             minimal_secure_layer: msl_clone,
             sig_key_pair: None,
         })
     }
     /// Change configuration
     #[inline]
-    pub fn change_config(&mut self, new_config: SdtlConfig) -> Result<()> {
-        self.minimal_secure_layer
-            .change_config(new_config.minimal)?;
-        self.config = new_config;
+    pub fn change_config(&mut self, new_config: SecureLayerConfig) -> Result<()> {
+        self.minimal_secure_layer.change_config(new_config)?;
         Ok(())
     }
     fn compress(&self, bin_message: &[u8]) -> Result<Vec<u8>> {
@@ -67,11 +64,12 @@ impl SecureLayer {
         let buffer = BufWriter::new(Vec::with_capacity(bin_message.len()));
 
         // Determine compression level
-        let compression_level = if bin_message.len() < self.config.compression_min_size {
-            flate2::Compression::none()
-        } else {
-            self.config.compression
-        };
+        let compression_level =
+            if bin_message.len() < self.minimal_secure_layer.config.compression_min_size {
+                flate2::Compression::none()
+            } else {
+                self.minimal_secure_layer.config.compression
+            };
 
         // Create compressor
         let mut deflate_encoder = DeflateEncoder::new(buffer, compression_level);
@@ -95,18 +93,14 @@ impl SecureLayer {
     /// Create secure layer
     #[inline]
     pub fn create(
-        config: SdtlConfig,
+        config: SecureLayerConfig,
         sig_key_pair_seed: Option<Seed32>,
         expected_remote_sig_pubkey: Option<Vec<u8>>,
     ) -> Result<Self> {
         let seed = sig_key_pair_seed.unwrap_or_else(Seed32::random);
 
         let secure_layer = SecureLayer {
-            config,
-            minimal_secure_layer: MinimalSecureLayer::create(
-                config.minimal,
-                expected_remote_sig_pubkey,
-            )?,
+            minimal_secure_layer: MinimalSecureLayer::create(config, expected_remote_sig_pubkey)?,
             sig_key_pair: Some(
                 Ed25519KeyPair::from_seed_unchecked(seed.as_ref())
                     .map_err(|_| Error::FailtoGenSigKeyPair)?,
@@ -293,17 +287,17 @@ mod tests {
     use super::*;
     #[cfg(feature = "ser")]
     use crate::MessageFormat;
-    use crate::SdtlMinimalConfig;
+    use crate::{EncryptAlgo, SecureLayerConfig};
 
     #[test]
     fn test_change_config() -> Result<()> {
-        let mut msl = SecureLayer::create(SdtlConfig::default(), None, None)?;
-        msl.change_config(SdtlConfig {
+        let mut msl = SecureLayer::create(SecureLayerConfig::default(), None, None)?;
+        msl.change_config(SecureLayerConfig {
             compression: flate2::Compression::fast(),
             compression_min_size: 8_192,
             #[cfg(feature = "ser")]
             message_format: MessageFormat::RawBinary,
-            minimal: SdtlMinimalConfig::default(),
+            encrypt_algo: EncryptAlgo::default(),
         })
         .expect("change config must be success");
         Ok(())
diff --git a/lib/tools/pkstl/src/complete/serde/serializer.rs b/lib/tools/pkstl/src/complete/serde/serializer.rs
index 5a89e846..70450be6 100644
--- a/lib/tools/pkstl/src/complete/serde/serializer.rs
+++ b/lib/tools/pkstl/src/complete/serde/serializer.rs
@@ -32,7 +32,7 @@ where
 {
     // Serialize and compress custom datas
     let custom_datas = if let Some(custom_datas) = custom_datas {
-        let bin_msg = serialize(custom_datas, sl.config.message_format)?;
+        let bin_msg = serialize(custom_datas, sl.minimal_secure_layer.config.message_format)?;
         Some(sl.compress(&bin_msg[..])?)
     } else {
         None
@@ -53,7 +53,7 @@ where
 {
     // Serialize and compress custom datas
     let custom_datas = if let Some(custom_datas) = custom_datas {
-        let bin_msg = serialize(custom_datas, sl.config.message_format)?;
+        let bin_msg = serialize(custom_datas, sl.minimal_secure_layer.config.message_format)?;
         Some(sl.compress(&bin_msg[..])?)
     } else {
         None
@@ -73,7 +73,7 @@ where
     W: Write,
 {
     // Serialize message
-    let bin_msg = serialize(message, sl.config.message_format)?;
+    let bin_msg = serialize(message, sl.minimal_secure_layer.config.message_format)?;
 
     // Compress message
     let bin_zip_msg = sl.compress(&bin_msg[..])?;
diff --git a/lib/tools/pkstl/src/config.rs b/lib/tools/pkstl/src/config.rs
index c80949b0..b883b231 100644
--- a/lib/tools/pkstl/src/config.rs
+++ b/lib/tools/pkstl/src/config.rs
@@ -26,37 +26,34 @@ use crate::format::MessageFormat;
 #[cfg(feature = "zip-sign")]
 #[derive(Clone, Copy, Debug, PartialEq)]
 /// PKSTL Configuration
-pub struct SdtlConfig {
+pub struct SecureLayerConfig {
+    #[cfg(feature = "zip-sign")]
     /// Compression level
     pub compression: flate2::Compression,
+    #[cfg(feature = "zip-sign")]
     /// Compression minimal size in bytes
     pub compression_min_size: usize,
     #[cfg(feature = "ser")]
     /// Message format
     pub message_format: MessageFormat,
-    /// PKSTL minimum Configuration
-    pub minimal: SdtlMinimalConfig,
+    /// Encryption algorithm
+    pub encrypt_algo: EncryptAlgo,
 }
 
-impl Default for SdtlConfig {
+impl Default for SecureLayerConfig {
     fn default() -> Self {
-        SdtlConfig {
+        SecureLayerConfig {
+            #[cfg(feature = "zip-sign")]
             compression: flate2::Compression::fast(),
+            #[cfg(feature = "zip-sign")]
             compression_min_size: DEFAULT_COMPRESSION_MIN_SIZE,
             #[cfg(feature = "ser")]
             message_format: MessageFormat::default(),
-            minimal: SdtlMinimalConfig::default(),
+            encrypt_algo: EncryptAlgo::default(),
         }
     }
 }
 
-#[derive(Clone, Copy, Debug, Default, PartialEq)]
-/// PKSTL minimum Configuration
-pub struct SdtlMinimalConfig {
-    /// Encryption algorithm
-    pub encrypt_algo: EncryptAlgo,
-}
-
 #[cfg(test)]
 mod tests {
 
@@ -65,14 +62,14 @@ mod tests {
     #[test]
     fn test_default_config() {
         assert_eq!(
-            SdtlConfig {
+            SecureLayerConfig {
                 compression: flate2::Compression::fast(),
                 compression_min_size: DEFAULT_COMPRESSION_MIN_SIZE,
                 #[cfg(feature = "ser")]
                 message_format: MessageFormat::default(),
-                minimal: SdtlMinimalConfig::default(),
+                encrypt_algo: EncryptAlgo::default(),
             },
-            SdtlConfig::default()
+            SecureLayerConfig::default()
         )
     }
 }
diff --git a/lib/tools/pkstl/src/encryption.rs b/lib/tools/pkstl/src/encryption.rs
index 1786381e..7e0519da 100644
--- a/lib/tools/pkstl/src/encryption.rs
+++ b/lib/tools/pkstl/src/encryption.rs
@@ -42,7 +42,7 @@ impl EncryptAlgo {
     }
 }
 
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 pub enum EncryptAlgoWithSecretKey {
     Chacha20Poly1305Aead(chacha20_poly1305_aead::SecretKey),
 }
diff --git a/lib/tools/pkstl/src/encryption/chacha20_poly1305_aead.rs b/lib/tools/pkstl/src/encryption/chacha20_poly1305_aead.rs
index 9dd33c0c..acea90c3 100644
--- a/lib/tools/pkstl/src/encryption/chacha20_poly1305_aead.rs
+++ b/lib/tools/pkstl/src/encryption/chacha20_poly1305_aead.rs
@@ -22,7 +22,7 @@ use std::io::{BufWriter, Read, Write};
 
 const CHACHA20_TAG_SIZE: usize = 16;
 
-#[derive(Clone, Default)]
+#[derive(Clone, Debug, Default)]
 /// Secret key used for encryption algo
 pub struct SecretKey {
     key: [u8; 32],
diff --git a/lib/tools/pkstl/src/lib.rs b/lib/tools/pkstl/src/lib.rs
index 09e8bc5b..41d97e7b 100644
--- a/lib/tools/pkstl/src/lib.rs
+++ b/lib/tools/pkstl/src/lib.rs
@@ -46,7 +46,7 @@ mod signature;
 mod status;
 
 pub use agreement::EphemeralPublicKey;
-pub use config::{SdtlConfig, SdtlMinimalConfig};
+pub use config::SecureLayerConfig;
 pub use encryption::EncryptAlgo;
 pub use errors::Error;
 pub use message::{EncapsuledMessage, Message};
diff --git a/lib/tools/pkstl/src/minimal.rs b/lib/tools/pkstl/src/minimal.rs
index a820222f..69fb34e6 100644
--- a/lib/tools/pkstl/src/minimal.rs
+++ b/lib/tools/pkstl/src/minimal.rs
@@ -16,7 +16,7 @@
 //! Manage minimal secure and decentralized transport layer.
 
 use crate::agreement::{EphemeralKeyPair, EphemeralPublicKey};
-use crate::config::SdtlMinimalConfig;
+use crate::config::SecureLayerConfig;
 use crate::constants::*;
 use crate::digest::sha256;
 use crate::encryption::{encrypt, EncryptAlgoWithSecretKey};
@@ -29,10 +29,11 @@ use crate::{Action, ActionSideEffects, Error, MsgType, Result};
 use std::io::{BufReader, BufWriter, Write};
 
 /// Minimal secure layer
+#[derive(Debug)]
 pub struct MinimalSecureLayer {
     ack_msg_recv_too_early: Option<Vec<u8>>,
     cloned: bool,
-    config: SdtlMinimalConfig,
+    pub(crate) config: SecureLayerConfig,
     pub(crate) encrypt_algo_with_secret: Option<EncryptAlgoWithSecretKey>,
     ephemeral_kp: Option<EphemeralKeyPair>,
     pub(crate) ephemeral_pubkey: EphemeralPublicKey,
@@ -64,7 +65,7 @@ impl MinimalSecureLayer {
         }
     }
     /// Change configuration
-    pub fn change_config(&mut self, new_config: SdtlMinimalConfig) -> Result<()> {
+    pub fn change_config(&mut self, new_config: SecureLayerConfig) -> Result<()> {
         if !self.cloned {
             self.config = new_config;
             Ok(())
@@ -74,7 +75,7 @@ impl MinimalSecureLayer {
     }
     /// Create minimal secure layer
     pub fn create(
-        config: SdtlMinimalConfig,
+        config: SecureLayerConfig,
         expected_remote_sig_public_key: Option<Vec<u8>>,
     ) -> Result<Self> {
         let ephemeral_kp = EphemeralKeyPair::generate()?;
@@ -409,9 +410,10 @@ mod tests {
 
     #[test]
     fn test_change_config() -> Result<()> {
-        let mut msl = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
-        msl.change_config(SdtlMinimalConfig {
+        let mut msl = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
+        msl.change_config(SecureLayerConfig {
             encrypt_algo: EncryptAlgo::Chacha20Poly1305Aead,
+            ..SecureLayerConfig::default()
         })
         .expect("change config must be success");
         Ok(())
@@ -419,8 +421,8 @@ mod tests {
 
     #[test]
     fn test_compute_shared_secret_twice() -> Result<()> {
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
-        let msl2 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
+        let msl2 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         msl1.compute_shared_secret(msl2.ephemeral_pubkey.as_ref())?;
         msl1.compute_shared_secret(msl2.ephemeral_pubkey.as_ref())?;
@@ -429,7 +431,7 @@ mod tests {
 
     #[test]
     fn test_status_update_to_fail() -> Result<()> {
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
         let fake_encrypted_incoming_datas = &[0, 0, 0, 0];
         let result = msl1.read(fake_encrypted_incoming_datas);
 
@@ -455,7 +457,7 @@ mod tests {
         incoming_datas.append(&mut [0u8; 32].to_vec()); // fake sig
 
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         // Read ack msg
         let result = msl1.read(&incoming_datas[..]);
@@ -471,7 +473,7 @@ mod tests {
     #[test]
     fn test_write_user_msg_before_nego() -> Result<()> {
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         // Try to create ack message before connect message
         let result = msl1.write_message(&[], &mut BufWriter::new(Vec::new()));
@@ -486,7 +488,7 @@ mod tests {
     #[test]
     fn test_create_ack_msg_before_connect() -> Result<()> {
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         // Try to create ack message before connect message
         let result = msl1.create_ack_message(None);
@@ -505,7 +507,7 @@ mod tests {
             .map_err(|_| Error::FailtoGenSigKeyPair)?;
 
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         let _ = msl1.create_connect_message(sig_kp.public_key().as_ref(), None)?;
 
@@ -539,7 +541,7 @@ mod tests {
         incoming_datas.append(&mut [0u8; 32].to_vec()); // fake sig
 
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         // Read connect msg
         let result = msl1.read(&incoming_datas[..]);
@@ -566,7 +568,7 @@ mod tests {
             create_connect_msg_bytes(ephemeral_kp.public_key().as_ref().to_vec(), &sig_kp)?;
 
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         // Read connect message
         let _ = msl1.read(&incoming_datas[..])?;
@@ -588,7 +590,7 @@ mod tests {
             .map_err(|_| Error::FailtoGenSigKeyPair)?;
 
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         // Create ack msg bytes
         let incoming_datas =
@@ -609,7 +611,7 @@ mod tests {
     #[test]
     fn test_recv_user_msg_before_nego() -> Result<()> {
         // Create secure layer
-        let mut msl1 = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+        let mut msl1 = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
         // Create empty user msg fakely encryted
         let mut incoming_datas = Vec::with_capacity(100);
diff --git a/lib/tools/pkstl/tests/complete_mode.rs b/lib/tools/pkstl/tests/complete_mode.rs
index f41f763f..47dcecc8 100644
--- a/lib/tools/pkstl/tests/complete_mode.rs
+++ b/lib/tools/pkstl/tests/complete_mode.rs
@@ -39,7 +39,8 @@ mod tests {
         let seed = Seed32::random();
 
         // Create server secure layer
-        let server_msl = SecureLayer::create(SdtlConfig::default(), Some(seed.clone()), None)?;
+        let server_msl =
+            SecureLayer::create(SecureLayerConfig::default(), Some(seed.clone()), None)?;
 
         // Get server sig pubkey
         let server_sig_pubkey = Ed25519KeyPair::from_seed_unchecked(seed.as_ref())
@@ -53,8 +54,11 @@ mod tests {
 
     fn client_infos(expected_server_sig_pubkey: Option<Vec<u8>>) -> Result<SecureLayer> {
         // Create client secure layer
-        let client_msl =
-            SecureLayer::create(SdtlConfig::default(), None, expected_server_sig_pubkey)?;
+        let client_msl = SecureLayer::create(
+            SecureLayerConfig::default(),
+            None,
+            expected_server_sig_pubkey,
+        )?;
 
         Ok(client_msl)
     }
@@ -254,7 +258,7 @@ mod tests {
         server_msl.try_clone()?;
 
         // After clone, we can't change config
-        let result = client_msl.change_config(SdtlConfig::default());
+        let result = client_msl.change_config(SecureLayerConfig::default());
         if let Err(Error::ForbidChangeConfAfterClone) = result {
             // OK
         } else {
diff --git a/lib/tools/pkstl/tests/complete_serde_mode.rs b/lib/tools/pkstl/tests/complete_serde_mode.rs
index 8d4e8883..ab7e5817 100644
--- a/lib/tools/pkstl/tests/complete_serde_mode.rs
+++ b/lib/tools/pkstl/tests/complete_serde_mode.rs
@@ -29,7 +29,7 @@ mod tests {
         let seed = Seed32::random();
 
         // Create server secure layer
-        let mut conf = SdtlConfig::default();
+        let mut conf = SecureLayerConfig::default();
         conf.message_format = format;
         let server_msl = SecureLayer::create(conf, Some(seed.clone()), None)?;
 
@@ -48,7 +48,7 @@ mod tests {
         format: MessageFormat,
     ) -> Result<SecureLayer> {
         // Create client secure layer
-        let mut conf = SdtlConfig::default();
+        let mut conf = SecureLayerConfig::default();
         conf.message_format = format;
         let client_msl = SecureLayer::create(conf, None, expected_server_sig_pubkey)?;
 
diff --git a/lib/tools/pkstl/tests/minimal_mode.rs b/lib/tools/pkstl/tests/minimal_mode.rs
index e1667e9d..6f753720 100644
--- a/lib/tools/pkstl/tests/minimal_mode.rs
+++ b/lib/tools/pkstl/tests/minimal_mode.rs
@@ -39,14 +39,14 @@ fn client_infos(server_sig_kp: &[u8]) -> Result<(MinimalSecureLayer, Ed25519KeyP
 
     // Create client secure layer
     let client_msl =
-        MinimalSecureLayer::create(SdtlMinimalConfig::default(), Some(server_sig_kp.to_vec()))?;
+        MinimalSecureLayer::create(SecureLayerConfig::default(), Some(server_sig_kp.to_vec()))?;
 
     Ok((client_msl, client_sig_kp))
 }
 
 fn server_infos() -> Result<(MinimalSecureLayer, Ed25519KeyPair)> {
     // Create server secure layer
-    let server_msl = MinimalSecureLayer::create(SdtlMinimalConfig::default(), None)?;
+    let server_msl = MinimalSecureLayer::create(SecureLayerConfig::default(), None)?;
 
     // Create server sig keypair
     let server_sig_kp = Ed25519KeyPair::from_seed_unchecked(Seed32::random().as_ref())
@@ -461,7 +461,7 @@ fn ordered_passing_case() -> Result<()> {
     server_msl.try_clone()?;
 
     // After clone, we can't change config
-    let result = client_msl.change_config(SdtlMinimalConfig::default());
+    let result = client_msl.change_config(SecureLayerConfig::default());
     if let Err(Error::ForbidChangeConfAfterClone) = result {
         // OK
     } else {
-- 
GitLab