diff --git a/examples/rust/get_started/examples/06-credentials-exchange-client.rs b/examples/rust/get_started/examples/06-credentials-exchange-client.rs index c04415715a1..7433eb74296 100644 --- a/examples/rust/get_started/examples/06-credentials-exchange-client.rs +++ b/examples/rust/get_started/examples/06-credentials-exchange-client.rs @@ -9,7 +9,7 @@ use ockam_vault::{EdDSACurve25519SecretKey, SigningSecret, SoftwareVaultForSigni #[ockam::node] async fn main(ctx: Context) -> Result<()> { - let identity_vault = SoftwareVaultForSigning::create(); + let identity_vault = SoftwareVaultForSigning::create().await?; // Import the signing secret key to the Vault let secret = identity_vault .import_key(SigningSecret::EdDSACurve25519(EdDSACurve25519SecretKey::new( @@ -21,10 +21,10 @@ async fn main(ctx: Context) -> Result<()> { .await?; // Create a default Vault but use the signing vault with our secret in it - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; vault.identity_vault = identity_vault; - let mut node = Node::builder().with_vault(vault).build(&ctx).await?; + let mut node = Node::builder().await?.with_vault(vault).build(&ctx).await?; // Initialize the TCP Transport let tcp = node.create_tcp_transport().await?; diff --git a/examples/rust/get_started/examples/06-credentials-exchange-issuer.rs b/examples/rust/get_started/examples/06-credentials-exchange-issuer.rs index ea89a226439..bb943e3edaf 100644 --- a/examples/rust/get_started/examples/06-credentials-exchange-issuer.rs +++ b/examples/rust/get_started/examples/06-credentials-exchange-issuer.rs @@ -9,7 +9,7 @@ use ockam_vault::{EdDSACurve25519SecretKey, SigningSecret, SoftwareVaultForSigni #[ockam::node] async fn main(ctx: Context) -> Result<()> { - let identity_vault = SoftwareVaultForSigning::create(); + let identity_vault = SoftwareVaultForSigning::create().await?; // Import the signing secret key to the Vault let secret = identity_vault .import_key(SigningSecret::EdDSACurve25519(EdDSACurve25519SecretKey::new( @@ -21,7 +21,7 @@ async fn main(ctx: Context) -> Result<()> { .await?; // Create a default Vault but use the signing vault with our secret in it - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; vault.identity_vault = identity_vault; let node = Node::builder().with_vault(vault).build(&ctx).await?; diff --git a/examples/rust/get_started/examples/06-credentials-exchange-server.rs b/examples/rust/get_started/examples/06-credentials-exchange-server.rs index 404b186f78f..26577c23235 100644 --- a/examples/rust/get_started/examples/06-credentials-exchange-server.rs +++ b/examples/rust/get_started/examples/06-credentials-exchange-server.rs @@ -14,7 +14,7 @@ use ockam_vault::{EdDSACurve25519SecretKey, SigningSecret, SoftwareVaultForSigni #[ockam::node] async fn main(ctx: Context) -> Result<()> { - let identity_vault = SoftwareVaultForSigning::create(); + let identity_vault = SoftwareVaultForSigning::create().await?; // Import the signing secret key to the Vault let secret = identity_vault .import_key(SigningSecret::EdDSACurve25519(EdDSACurve25519SecretKey::new( @@ -26,10 +26,10 @@ async fn main(ctx: Context) -> Result<()> { .await?; // Create a default Vault but use the signing vault with our secret in it - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; vault.identity_vault = identity_vault; - let node = Node::builder().with_vault(vault).build(&ctx).await?; + let node = Node::builder().await?.with_vault(vault).build(&ctx).await?; // Initialize the TCP Transport let tcp = node.create_tcp_transport().await?; diff --git a/examples/rust/get_started/examples/11-attribute-based-authentication-edge-plane.rs b/examples/rust/get_started/examples/11-attribute-based-authentication-edge-plane.rs index 88cba601d18..106107a56d4 100644 --- a/examples/rust/get_started/examples/11-attribute-based-authentication-edge-plane.rs +++ b/examples/rust/get_started/examples/11-attribute-based-authentication-edge-plane.rs @@ -107,8 +107,11 @@ async fn start_node(ctx: Context, project_information_path: &str, token: OneTime .await?; // 3. create an access control policy checking the value of the "component" attribute of the caller - let access_control = - AbacAccessControl::create(identities().identity_attributes_repository(), "component", "control"); + let access_control = AbacAccessControl::create( + identities().await?.identity_attributes_repository(), + "component", + "control", + ); // 4. create a tcp inlet with the above policy diff --git a/examples/rust/tcp_inlet_and_outlet/examples/04-outlet.rs b/examples/rust/tcp_inlet_and_outlet/examples/04-outlet.rs index bc3a3dd45a2..32f9d279c95 100644 --- a/examples/rust/tcp_inlet_and_outlet/examples/04-outlet.rs +++ b/examples/rust/tcp_inlet_and_outlet/examples/04-outlet.rs @@ -6,7 +6,7 @@ use ockam_transport_tcp::TcpTransportExtension; #[ockam::node] async fn main(ctx: Context) -> Result<()> { // Initialize the TCP Transport. - let node = node(ctx); + let node = node(ctx).await?; let tcp = node.create_tcp_transport().await?; let e = node.create_identity().await?; diff --git a/implementations/elixir/ockam/ockly/native/ockly/Cargo.lock b/implementations/elixir/ockam/ockly/native/ockly/Cargo.lock index 1b475190776..76764638a1e 100644 --- a/implementations/elixir/ockam/ockly/native/ockly/Cargo.lock +++ b/implementations/elixir/ockam/ockly/native/ockly/Cargo.lock @@ -923,7 +923,6 @@ checksum = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40" dependencies = [ "futures-channel", "futures-core", - "futures-executor", "futures-io", "futures-sink", "futures-task", @@ -1557,7 +1556,7 @@ dependencies = [ [[package]] name = "ockam_identity" -version = "0.91.0" +version = "0.92.0" dependencies = [ "arrayref", "async-trait", diff --git a/implementations/elixir/ockam/ockly/native/ockly/src/lib.rs b/implementations/elixir/ockam/ockly/native/ockly/src/lib.rs index 7aa3ebfb129..02283f9dc18 100644 --- a/implementations/elixir/ockam/ockly/native/ockly/src/lib.rs +++ b/implementations/elixir/ockam/ockly/native/ockly/src/lib.rs @@ -89,16 +89,19 @@ fn identities_ref() -> NifResult> { fn load_memory_vault() -> bool { block_future(async move { - let identity_vault = SoftwareVaultForSigning::create(); - let secure_channel_vault = SoftwareVaultForSecureChannels::create(); + let identity_vault = SoftwareVaultForSigning::create().await.unwrap(); + let secure_channel_vault = SoftwareVaultForSecureChannels::create().await.unwrap(); *IDENTITY_MEMORY_VAULT.write().unwrap() = Some(identity_vault.clone()); *SECURE_CHANNEL_MEMORY_VAULT.write().unwrap() = Some(secure_channel_vault.clone()); - let builder = ockam_identity::Identities::builder().with_vault(Vault::new( - identity_vault, - secure_channel_vault, - Vault::create_credential_vault(), - Vault::create_verifying_vault(), - )); + let builder = ockam_identity::Identities::builder() + .await + .unwrap() + .with_vault(Vault::new( + identity_vault, + secure_channel_vault, + Vault::create_credential_vault().await.unwrap(), + Vault::create_verifying_vault(), + )); *IDENTITIES.write().unwrap() = Some(builder.build()); }); true @@ -125,12 +128,15 @@ fn setup_aws_kms(key_ids: Vec) -> NifResult { match AwsSigningVault::create_with_config(config).await { Ok(vault) => { let aws_vault = Arc::new(vault); - let builder = ockam_identity::Identities::builder().with_vault(Vault::new( - aws_vault.clone(), - secure_channel_vault, - aws_vault, - Vault::create_verifying_vault(), - )); + let builder = ockam_identity::Identities::builder() + .await + .map_err(|e| Error::Term(Box::new(e.to_string())))? + .with_vault(Vault::new( + aws_vault.clone(), + secure_channel_vault, + aws_vault, + Vault::create_verifying_vault(), + )); *IDENTITIES.write().unwrap() = Some(builder.build()); Ok(true) } diff --git a/implementations/rust/ockam/ockam/src/node.rs b/implementations/rust/ockam/ockam/src/node.rs index d5e4b093efe..523e5f9aae7 100644 --- a/implementations/rust/ockam/ockam/src/node.rs +++ b/implementations/rust/ockam/ockam/src/node.rs @@ -1,27 +1,27 @@ -use ockam_core::compat::string::String; -use ockam_core::compat::sync::Arc; -use ockam_core::flow_control::FlowControls; use ockam_core::{ Address, AsyncTryClone, IncomingAccessControl, Message, OutgoingAccessControl, Processor, Result, Route, Routed, Worker, }; +use ockam_core::compat::string::String; +use ockam_core::compat::sync::Arc; +use ockam_core::flow_control::FlowControls; use ockam_identity::{IdentityAttributesRepository, PurposeKeys, Vault}; use ockam_node::{Context, HasContext, MessageReceiveOptions, MessageSendReceiveOptions}; -use ockam_vault::storage::SecretsRepository; use ockam_vault::SigningSecretKeyHandle; +use ockam_vault::storage::SecretsRepository; -use crate::identity::models::Identifier; -#[cfg(feature = "storage")] -use crate::identity::secure_channels; use crate::identity::{ ChangeHistoryRepository, Credentials, CredentialsServer, Identities, IdentitiesCreation, IdentitiesKeys, SecureChannel, SecureChannelListener, SecureChannelRegistry, SecureChannels, SecureChannelsBuilder, }; use crate::identity::{SecureChannelListenerOptions, SecureChannelOptions}; +use crate::identity::models::Identifier; +#[cfg(feature = "storage")] +use crate::identity::secure_channels; +use crate::OckamError; use crate::remote::{RemoteRelay, RemoteRelayInfo, RemoteRelayOptions}; use crate::stream::Stream; -use crate::OckamError; /// This struct supports all the ockam services for managing identities /// and creating secure channels @@ -41,18 +41,18 @@ pub struct Node { /// use ockam_vault::storage::SecretsSqlxDatabase; /// /// async fn make_node(ctx: Context) -> Result { -/// let node = Node::builder().with_secrets_repository(SecretsSqlxDatabase::create()).build(&ctx).await?; +/// let node = Node::builder().await?.with_secrets_repository(SecretsSqlxDatabase::create().await?).build(&ctx).await?; /// Ok(node) /// } /// /// /// ``` #[cfg(feature = "storage")] -pub fn node(ctx: Context) -> Node { - Node { +pub async fn node(ctx: Context) -> Result { + Ok(Node { context: ctx, - secure_channels: secure_channels(), - } + secure_channels: secure_channels().await?, + }) } impl Node { @@ -159,8 +159,8 @@ impl Node { /// Start a new worker instance at the given address. Default Access Control is AllowAll pub async fn start_worker(&self, address: impl Into
, worker: W) -> Result<()> - where - W: Worker, + where + W: Worker, { self.context.start_worker(address, worker).await } @@ -173,8 +173,8 @@ impl Node { incoming: impl IncomingAccessControl, outgoing: impl OutgoingAccessControl, ) -> Result<()> - where - W: Worker, + where + W: Worker, { self.context .start_worker_with_access_control(address, worker, incoming, outgoing) @@ -183,8 +183,8 @@ impl Node { /// Start a new processor instance at the given address. Default Access Control is DenyAll pub async fn start_processor

(&self, address: impl Into

, processor: P) -> Result<()> - where - P: Processor, + where + P: Processor, { self.context.start_processor(address, processor).await } @@ -197,8 +197,8 @@ impl Node { incoming: impl IncomingAccessControl, outgoing: impl OutgoingAccessControl, ) -> Result<()> - where - P: Processor, + where + P: Processor, { self.context .start_processor_with_access_control(address, processor, incoming, outgoing) @@ -212,17 +212,17 @@ impl Node { /// Send a message to an address or via a fully-qualified route pub async fn send(&self, route: R, msg: M) -> Result<()> - where - R: Into, - M: Message + Send + 'static, + where + R: Into, + M: Message + Send + 'static, { self.context.send(route, msg).await } /// Send a message to an address or via a fully-qualified route and receive a response pub async fn send_and_receive(&self, route: impl Into, msg: impl Message) -> Result - where - M: Message, + where + M: Message, { self.context.send_and_receive(route, msg).await } @@ -234,8 +234,8 @@ impl Node { msg: impl Message, options: MessageSendReceiveOptions, ) -> Result> - where - M: Message, + where + M: Message, { self.context .send_and_receive_extended(route, msg, options) @@ -252,8 +252,8 @@ impl Node { &mut self, options: MessageReceiveOptions, ) -> Result> - where - M: Message, + where + M: Message, { self.context.receive_extended(options).await } @@ -314,8 +314,8 @@ impl Node { /// Return a new builder for top-level services #[cfg(feature = "storage")] - pub fn builder() -> NodeBuilder { - NodeBuilder::new() + pub async fn builder() -> Result { + NodeBuilder::new().await } } @@ -336,10 +336,10 @@ pub struct NodeBuilder { impl NodeBuilder { #[cfg(feature = "storage")] - fn new() -> Self { - Self { - builder: SecureChannels::builder(), - } + async fn new() -> Result { + Ok(Self { + builder: SecureChannels::builder().await?, + }) } /// Set [`Vault`] diff --git a/implementations/rust/ockam/ockam/tests/relay.rs b/implementations/rust/ockam/ockam/tests/relay.rs index 5b24f921231..262cd718260 100644 --- a/implementations/rust/ockam/ockam/tests/relay.rs +++ b/implementations/rust/ockam/ockam/tests/relay.rs @@ -164,7 +164,7 @@ async fn test4(ctx: &mut Context) -> Result<()> { .relay_as_consumer(&cloud_secure_channel_listener_options.spawner_flow_control_id()); RelayService::create(ctx, "forwarding_service", options).await?; - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let cloud = identities_creation.create_identity().await?; secure_channels diff --git a/implementations/rust/ockam/ockam_abac/src/storage/policy_repository_sql.rs b/implementations/rust/ockam/ockam_abac/src/storage/policy_repository_sql.rs index 4879c750f42..ca8e11751b7 100644 --- a/implementations/rust/ockam/ockam_abac/src/storage/policy_repository_sql.rs +++ b/implementations/rust/ockam/ockam_abac/src/storage/policy_repository_sql.rs @@ -22,8 +22,10 @@ impl PolicySqlxDatabase { } /// Create a new in-memory database for policies - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("policies")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("policies").await?, + ))) } } @@ -114,7 +116,7 @@ mod test { #[tokio::test] async fn test_repository() -> Result<()> { - let repository = create_repository(); + let repository = create_repository().await?; // a policy can be associated to a resource and an action let r = Resource::from("outlet"); @@ -143,7 +145,7 @@ mod test { } /// HELPERS - fn create_repository() -> Arc { - PolicySqlxDatabase::create() + async fn create_repository() -> Result> { + Ok(PolicySqlxDatabase::create().await?) } } diff --git a/implementations/rust/ockam/ockam_api/src/authority_node/authority.rs b/implementations/rust/ockam/ockam_api/src/authority_node/authority.rs index e0a05d27a97..ff15099aa24 100644 --- a/implementations/rust/ockam/ockam_api/src/authority_node/authority.rs +++ b/implementations/rust/ockam/ockam_api/src/authority_node/authority.rs @@ -73,6 +73,7 @@ impl Authority { let purpose_keys_repository = Arc::new(PurposeKeysSqlxDatabase::new(database)); let secure_channels = SecureChannels::builder() + .await? .with_vault(vault) .with_identity_attributes_repository(identity_attributes_repository) .with_change_history_repository(change_history_repository) diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/credentials.rs b/implementations/rust/ockam/ockam_api/src/cli_state/credentials.rs index b999d0f7b71..945f7a4aef2 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/credentials.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/credentials.rs @@ -137,7 +137,7 @@ mod test { #[tokio::test] async fn test_cli_spaces() -> Result<()> { let cli = CliState::test().await?; - let identities = identities(); + let identities = identities().await?; let issuer_identifier = identities.identities_creation().create_identity().await?; let issuer = identities.get_identity(&issuer_identifier).await?; let credential = create_credential(identities, &issuer_identifier).await?; diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/enrollments.rs b/implementations/rust/ockam/ockam_api/src/cli_state/enrollments.rs index 788aaae2d84..b0bd7f9280a 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/enrollments.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/enrollments.rs @@ -74,8 +74,10 @@ impl EnrollmentsSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("enrollments")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("enrollments").await?, + ))) } } diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/mod.rs b/implementations/rust/ockam/ockam_api/src/cli_state/mod.rs index 121cc44e564..3eb9ac10e51 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/mod.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/mod.rs @@ -224,6 +224,7 @@ impl CliState { pub async fn get_identities_for_vault(&self, vault: NamedVault) -> Result> { Ok(Identities::builder() + .await? .with_vault(vault.vault().await?) .with_change_history_repository(self.change_history_repository().await?) .with_identity_attributes_repository(self.identity_attributes_repository().await?) diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/projects_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/cli_state/projects_repository_sql.rs index 6135de75ce2..f6135409f8d 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/projects_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/projects_repository_sql.rs @@ -31,8 +31,10 @@ impl ProjectsSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("projects")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("projects").await?, + ))) } } diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/secure_channels.rs b/implementations/rust/ockam/ockam_api/src/cli_state/secure_channels.rs index 70cdac72438..d9f3c8f2dc1 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/secure_channels.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/secure_channels.rs @@ -38,6 +38,7 @@ impl CliState { debug!("create the secure channels service"); let secure_channels = SecureChannels::builder() + .await? .with_vault(vault) .with_change_history_repository(change_history_repository.clone()) .with_identity_attributes_repository(identity_attributes_repository.clone()) diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/spaces_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/cli_state/spaces_repository_sql.rs index d3af1f73b52..08d71939ce6 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/spaces_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/spaces_repository_sql.rs @@ -24,8 +24,10 @@ impl SpacesSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("spaces")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("spaces").await?, + ))) } } diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts.rs b/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts.rs index 63d9f35821c..c47e679f2c1 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts.rs @@ -205,7 +205,7 @@ mod tests { assert_eq!(result, expected); // 2. with a credential - let identities = identities(); + let identities = identities().await?; let authority_identifier = identities.identities_creation().create_identity().await?; let authority = identities.get_identity(&authority_identifier).await?; let credential = create_credential(identities, &authority_identifier).await?; diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts_repository_sql.rs index 45d169a2098..a2910735d87 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/trust_contexts_repository_sql.rs @@ -36,10 +36,10 @@ impl TrustContextsSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory( - "trust contexts", - )))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("trust contexts").await?, + ))) } } @@ -340,7 +340,7 @@ mod test { async fn test_repository() -> Result<()> { let file = NamedTempFile::new().unwrap(); let repository = create_repository(file.path()).await?; - let identities = identities(); + let identities = identities().await?; let issuer_identifier = identities.identities_creation().create_identity().await?; let issuer = identities.get_identity(&issuer_identifier).await?; diff --git a/implementations/rust/ockam/ockam_api/src/cli_state/users_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/cli_state/users_repository_sql.rs index 4bace33e989..72803695d23 100644 --- a/implementations/rust/ockam/ockam_api/src/cli_state/users_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/cli_state/users_repository_sql.rs @@ -22,8 +22,8 @@ impl UsersSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("users")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new(SqlxDatabase::in_memory("users").await?))) } } diff --git a/implementations/rust/ockam/ockam_api/src/cloud/project.rs b/implementations/rust/ockam/ockam_api/src/cloud/project.rs index 25416de9bbd..88708d63dda 100644 --- a/implementations/rust/ockam/ockam_api/src/cloud/project.rs +++ b/implementations/rust/ockam/ockam_api/src/cloud/project.rs @@ -160,7 +160,7 @@ impl Project { Some(authority_identity) => { let decoded = hex::decode(authority_identity.as_bytes()) .map_err(|e| Error::new(Origin::Api, Kind::Serialization, e.to_string()))?; - let identities = identities(); + let identities = identities().await?; let identifier = identities .identities_creation() .import(None, &decoded) diff --git a/implementations/rust/ockam/ockam_api/src/identity/credentials_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/identity/credentials_repository_sql.rs index 12ceaf26a82..fec3de32dda 100644 --- a/implementations/rust/ockam/ockam_api/src/identity/credentials_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/identity/credentials_repository_sql.rs @@ -24,8 +24,10 @@ impl CredentialsSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("credentials")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("credentials").await?, + ))) } } @@ -115,8 +117,8 @@ mod tests { #[tokio::test] async fn test_credentials_repository() -> Result<()> { - let repository = create_repository(); - let identities = identities(); + let repository = create_repository().await?; + let identities = identities().await?; // a credential can be stored under a name let issuer_identity = identities.identities_creation().create_identity().await?; @@ -144,8 +146,8 @@ mod tests { } /// HELPERS - fn create_repository() -> Arc { - CredentialsSqlxDatabase::create() + async fn create_repository() -> Result> { + Ok(CredentialsSqlxDatabase::create().await?) } async fn create_credential( diff --git a/implementations/rust/ockam/ockam_api/src/identity/identities_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/identity/identities_repository_sql.rs index 505b699883f..417ec275dc5 100644 --- a/implementations/rust/ockam/ockam_api/src/identity/identities_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/identity/identities_repository_sql.rs @@ -25,8 +25,10 @@ impl IdentitiesSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("identities")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("identities").await?, + ))) } } @@ -216,7 +218,7 @@ mod tests { #[tokio::test] async fn test_identities_repository_named_identities() -> Result<()> { - let repository = create_repository(); + let repository = create_repository().await?; // A name can be associated to an identity let identifier1 = @@ -260,7 +262,7 @@ mod tests { #[tokio::test] async fn test_identities_repository_default_identities() -> Result<()> { - let repository = create_repository(); + let repository = create_repository().await?; // A name can be associated to an identity let identifier1 = @@ -297,7 +299,7 @@ mod tests { } /// HELPERS - fn create_repository() -> Arc { - IdentitiesSqlxDatabase::create() + async fn create_repository() -> Result> { + Ok(IdentitiesSqlxDatabase::create().await?) } } diff --git a/implementations/rust/ockam/ockam_api/src/identity/vaults_repository.rs b/implementations/rust/ockam/ockam_api/src/identity/vaults_repository.rs index 4e00f96013c..b0b94a24836 100644 --- a/implementations/rust/ockam/ockam_api/src/identity/vaults_repository.rs +++ b/implementations/rust/ockam/ockam_api/src/identity/vaults_repository.rs @@ -80,7 +80,7 @@ impl NamedVault { pub async fn vault(&self) -> Result { if self.is_kms { - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; let aws_vault = Arc::new(AwsSigningVault::create().await?); vault.identity_vault = aws_vault.clone(); vault.credential_vault = aws_vault; diff --git a/implementations/rust/ockam/ockam_api/src/identity/vaults_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/identity/vaults_repository_sql.rs index 9d32f855371..ead8d10b32d 100644 --- a/implementations/rust/ockam/ockam_api/src/identity/vaults_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/identity/vaults_repository_sql.rs @@ -21,8 +21,10 @@ impl VaultsSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("vaults")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("vaults").await?, + ))) } } @@ -33,7 +35,7 @@ impl VaultsRepository for VaultsSqlxDatabase { let is_already_default = self .get_default_vault() .await? - .map(|v| &v.name() == name) + .map(|v| v.name() == name) .unwrap_or(false); let query = query("INSERT OR REPLACE INTO vault VALUES (?1, ?2, ?3, ?4)") .bind(name.to_sql()) @@ -44,7 +46,7 @@ impl VaultsRepository for VaultsSqlxDatabase { transaction.commit().await.void()?; Ok(NamedVault::new( - &name, + name, path.clone(), is_already_default, is_kms, @@ -152,7 +154,7 @@ mod test { #[tokio::test] async fn test_repository() -> Result<()> { - let repository = create_repository(); + let repository = create_repository().await?; // A vault can be defined with a path and stored under a specific name let named_vault1 = repository @@ -181,7 +183,7 @@ mod test { } /// HELPERS - fn create_repository() -> Arc { - VaultsSqlxDatabase::create() + async fn create_repository() -> Result> { + Ok(VaultsSqlxDatabase::create().await?) } } diff --git a/implementations/rust/ockam/ockam_api/src/kafka/portal_worker.rs b/implementations/rust/ockam/ockam_api/src/kafka/portal_worker.rs index 070809cb7b8..8ddeef6b8fb 100644 --- a/implementations/rust/ockam/ockam_api/src/kafka/portal_worker.rs +++ b/implementations/rust/ockam/ockam_api/src/kafka/portal_worker.rs @@ -741,7 +741,7 @@ mod test { PortRange::new(0, 0).unwrap(), ); - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await.unwrap(); let secure_channel_controller = KafkaSecureChannelControllerImpl::new( secure_channels, ConsumerNodeAddr::Relay(MultiAddr::default()), diff --git a/implementations/rust/ockam/ockam_api/src/nodes/nodes_repository_sql.rs b/implementations/rust/ockam/ockam_api/src/nodes/nodes_repository_sql.rs index c0e8c1442c3..a72c23b45da 100644 --- a/implementations/rust/ockam/ockam_api/src/nodes/nodes_repository_sql.rs +++ b/implementations/rust/ockam/ockam_api/src/nodes/nodes_repository_sql.rs @@ -44,8 +44,8 @@ impl NodesSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("nodes")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new(SqlxDatabase::in_memory("nodes").await?))) } } diff --git a/implementations/rust/ockam/ockam_api/src/nodes/service/node_services.rs b/implementations/rust/ockam/ockam_api/src/nodes/service/node_services.rs index fd9c87c88ae..cbe89e95d47 100644 --- a/implementations/rust/ockam/ockam_api/src/nodes/service/node_services.rs +++ b/implementations/rust/ockam/ockam_api/src/nodes/service/node_services.rs @@ -230,6 +230,7 @@ impl NodeManagerWorker { let decoded_identity = &hex::decode(encoded_identity).map_err(|_| ApiError::core("Unable to decode trust context's public identity when starting credential service."))?; let i = identities() + .await? .identities_creation() .import(None, decoded_identity) .await?; diff --git a/implementations/rust/ockam/ockam_api/src/nodes/service/secure_channel.rs b/implementations/rust/ockam/ockam_api/src/nodes/service/secure_channel.rs index 92b91657e95..d3afdac32a3 100644 --- a/implementations/rust/ockam/ockam_api/src/nodes/service/secure_channel.rs +++ b/implementations/rust/ockam/ockam_api/src/nodes/service/secure_channel.rs @@ -508,6 +508,7 @@ impl NodeManager { let vault = self.get_secure_channels_vault(vault_name.clone()).await?; let registry = self.secure_channels.secure_channel_registry(); Ok(SecureChannels::builder() + .await? .with_vault(vault) .with_change_history_repository( self.secure_channels diff --git a/implementations/rust/ockam/ockam_api/tests/authority.rs b/implementations/rust/ockam/ockam_api/tests/authority.rs index 2a9acffea41..bcbaa0ba100 100644 --- a/implementations/rust/ockam/ockam_api/tests/authority.rs +++ b/implementations/rust/ockam/ockam_api/tests/authority.rs @@ -1,8 +1,3 @@ -use std::collections::BTreeMap; -use std::sync::atomic::{AtomicBool, Ordering}; -use std::sync::Arc; -use std::time::Duration; - use ockam::identity::utils::now; use ockam::identity::{secure_channels, AttributesEntry, Identifier, SecureChannels}; use ockam::AsyncTryClone; @@ -10,7 +5,6 @@ use ockam_api::authenticator::enrollment_tokens::Members; use ockam_api::authority_node::{Authority, Configuration}; use ockam_api::bootstrapped_identities_store::PreTrustedIdentities; use ockam_api::cloud::AuthorityNode; -use ockam_api::config::lookup::InternetAddress; use ockam_api::nodes::NodeManager; use ockam_api::{authority_node, DefaultAddress}; use ockam_core::{Address, Result}; @@ -18,7 +12,12 @@ use ockam_multiaddr::MultiAddr; use ockam_node::Context; use ockam_transport_tcp::TcpTransport; use rand::{thread_rng, Rng}; +use std::collections::BTreeMap; +use std::sync::atomic::{AtomicBool, Ordering}; +use std::sync::Arc; +use std::time::Duration; use tempfile::NamedTempFile; +use ockam_api::config::lookup::InternetAddress; #[ockam_macros::test] async fn authority_starts_with_default_configuration(ctx: &mut Context) -> Result<()> { @@ -39,7 +38,7 @@ async fn authority_starts_with_default_configuration(ctx: &mut Context) -> Resul async fn controlling_authority_by_member_times_out(ctx: &mut Context) -> Result<()> { use std::collections::HashMap; - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let admins = setup(ctx, secure_channels.clone(), 1).await?; let admin = &admins[0]; @@ -88,7 +87,7 @@ async fn controlling_authority_by_member_times_out(ctx: &mut Context) -> Result< #[ockam_macros::test] async fn one_admin_test_api(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let admins = setup(ctx, secure_channels.clone(), 1).await?; let admin = &admins[0]; @@ -128,7 +127,7 @@ async fn one_admin_test_api(ctx: &mut Context) -> Result<()> { async fn test_one_admin_one_member(ctx: &mut Context) -> Result<()> { use std::collections::HashMap; - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let admins = setup(ctx, secure_channels.clone(), 1).await?; let admin = &admins[0]; @@ -200,7 +199,7 @@ async fn test_one_admin_one_member(ctx: &mut Context) -> Result<()> { async fn two_admins_two_members_exist_in_one_global_scope(ctx: &mut Context) -> Result<()> { use std::collections::HashMap; - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let admins = setup(ctx, secure_channels.clone(), 2).await?; let admin1 = &admins[0]; diff --git a/implementations/rust/ockam/ockam_api/tests/credential_issuer.rs b/implementations/rust/ockam/ockam_api/tests/credential_issuer.rs index 850507a6be5..de24e13f42e 100644 --- a/implementations/rust/ockam/ockam_api/tests/credential_issuer.rs +++ b/implementations/rust/ockam/ockam_api/tests/credential_issuer.rs @@ -23,7 +23,7 @@ async fn credential(ctx: &mut Context) -> Result<()> { let auth_worker_addr = Address::random_local(); // create 2 identities to populate the trusted identities - let identities = identities(); + let identities = identities().await?; let auth_identifier = identities.identities_creation().create_identity().await?; let member_identifier = identities.identities_creation().create_identity().await?; let member_identity = identities.get_identity(&member_identifier).await?; @@ -49,12 +49,14 @@ async fn credential(ctx: &mut Context) -> Result<()> { // (so that the authority can verify its signature) // and the repository containing the trusted identities let identities = Identities::builder() + .await? .with_change_history_repository(identities.change_history_repository()) .with_identity_attributes_repository(Arc::new(bootstrapped)) .with_vault(identities.vault()) .with_purpose_keys_repository(identities.purpose_keys_repository()) .build(); let secure_channels = SecureChannels::builder() + .await? .with_identities(identities.clone()) .build(); let identities_creation = identities.identities_creation(); diff --git a/implementations/rust/ockam/ockam_app_lib/src/state/repository.rs b/implementations/rust/ockam/ockam_app_lib/src/state/repository.rs index 0a16c537cfa..d0f31f4020d 100644 --- a/implementations/rust/ockam/ockam_app_lib/src/state/repository.rs +++ b/implementations/rust/ockam/ockam_app_lib/src/state/repository.rs @@ -47,8 +47,10 @@ impl ModelStateSqlxDatabase { /// Create a new in-memory database #[allow(unused)] - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("model state")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("model state").await?, + ))) } } @@ -140,12 +142,15 @@ impl PersistentIncomingServiceRow { #[cfg(test)] mod tests { - use super::*; - use ockam_api::nodes::models::portal::OutletStatus; - use ockam_core::Address; use std::path::Path; + use tempfile::NamedTempFile; + use ockam_api::nodes::models::portal::OutletStatus; + use ockam_core::Address; + + use super::*; + #[tokio::test] async fn store_and_load() -> Result<()> { let db_file = NamedTempFile::new()?; diff --git a/implementations/rust/ockam/ockam_identity/src/credentials/credentials.rs b/implementations/rust/ockam/ockam_identity/src/credentials/credentials.rs index aa6f422b6f8..d4c6cba29ca 100644 --- a/implementations/rust/ockam/ockam_identity/src/credentials/credentials.rs +++ b/implementations/rust/ockam/ockam_identity/src/credentials/credentials.rs @@ -84,7 +84,7 @@ mod tests { #[tokio::test] async fn test_issue_credential() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let creation = identities.identities_creation(); let issuer = creation.create_identity().await?; diff --git a/implementations/rust/ockam/ockam_identity/src/identities/identities.rs b/implementations/rust/ockam/ockam_identity/src/identities/identities.rs index 2ad9843a98b..e4e0d0bdb98 100644 --- a/implementations/rust/ockam/ockam_identity/src/identities/identities.rs +++ b/implementations/rust/ockam/ockam_identity/src/identities/identities.rs @@ -127,12 +127,12 @@ impl Identities { /// Return a default builder for identities #[cfg(feature = "storage")] - pub fn builder() -> IdentitiesBuilder { - IdentitiesBuilder { - vault: Vault::create(), - change_history_repository: ChangeHistorySqlxDatabase::create(), - identity_attributes_repository: IdentityAttributesSqlxDatabase::create(), - purpose_keys_repository: PurposeKeysSqlxDatabase::create(), - } + pub async fn builder() -> Result { + Ok(IdentitiesBuilder { + vault: Vault::create().await?, + change_history_repository: ChangeHistorySqlxDatabase::create().await?, + identity_attributes_repository: IdentityAttributesSqlxDatabase::create().await?, + purpose_keys_repository: PurposeKeysSqlxDatabase::create().await?, + }) } } diff --git a/implementations/rust/ockam/ockam_identity/src/identities/identities_builder.rs b/implementations/rust/ockam/ockam_identity/src/identities/identities_builder.rs index 106ac6f68bb..b5bb1d84c08 100644 --- a/implementations/rust/ockam/ockam_identity/src/identities/identities_builder.rs +++ b/implementations/rust/ockam/ockam_identity/src/identities/identities_builder.rs @@ -1,4 +1,5 @@ use ockam_core::compat::sync::Arc; +use ockam_core::Result; use ockam_vault::storage::SecretsRepository; use crate::identities::{ChangeHistoryRepository, Identities}; @@ -16,8 +17,8 @@ pub struct IdentitiesBuilder { /// Return a default identities #[cfg(feature = "storage")] -pub fn identities() -> Arc { - Identities::builder().build() +pub async fn identities() -> Result> { + Ok(Identities::builder().await?.build()) } impl IdentitiesBuilder { diff --git a/implementations/rust/ockam/ockam_identity/src/identities/identity_keys.rs b/implementations/rust/ockam/ockam_identity/src/identities/identity_keys.rs index be7c72df686..f9367d0eaf5 100644 --- a/implementations/rust/ockam/ockam_identity/src/identities/identity_keys.rs +++ b/implementations/rust/ockam/ockam_identity/src/identities/identity_keys.rs @@ -169,7 +169,7 @@ mod test { #[ockam_macros::test] async fn test_basic_identity_key_ops(ctx: &mut Context) -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_keys = identities.identities_keys(); let key1 = identities_keys diff --git a/implementations/rust/ockam/ockam_identity/src/identities/storage/change_history_repository_sql.rs b/implementations/rust/ockam/ockam_identity/src/identities/storage/change_history_repository_sql.rs index 51045d67c90..3aa40e4497e 100644 --- a/implementations/rust/ockam/ockam_identity/src/identities/storage/change_history_repository_sql.rs +++ b/implementations/rust/ockam/ockam_identity/src/identities/storage/change_history_repository_sql.rs @@ -26,10 +26,10 @@ impl ChangeHistorySqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory( - "change history", - )))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("change history").await?, + ))) } } diff --git a/implementations/rust/ockam/ockam_identity/src/identities/storage/identity_attributes_repository_sql.rs b/implementations/rust/ockam/ockam_identity/src/identities/storage/identity_attributes_repository_sql.rs index 936f2fcb3b6..4cff11fa04b 100644 --- a/implementations/rust/ockam/ockam_identity/src/identities/storage/identity_attributes_repository_sql.rs +++ b/implementations/rust/ockam/ockam_identity/src/identities/storage/identity_attributes_repository_sql.rs @@ -28,10 +28,10 @@ impl IdentityAttributesSqlxDatabase { } /// Create a new in-memory database - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory( - "identity attributes", - )))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("identity attributes").await?, + ))) } } @@ -145,7 +145,7 @@ mod tests { #[tokio::test] async fn test_identities_attributes_repository() -> Result<()> { - let repository = create_repository(); + let repository = create_repository().await?; // store and retrieve attributes by identity let identifier1 = @@ -246,7 +246,7 @@ mod tests { )) } - fn create_repository() -> Arc { - IdentityAttributesSqlxDatabase::create() + async fn create_repository() -> Result> { + Ok(IdentityAttributesSqlxDatabase::create().await?) } } diff --git a/implementations/rust/ockam/ockam_identity/src/identity/identity.rs b/implementations/rust/ockam/ockam_identity/src/identity/identity.rs index 92f82745181..92b7b412e5f 100644 --- a/implementations/rust/ockam/ockam_identity/src/identity/identity.rs +++ b/implementations/rust/ockam/ockam_identity/src/identity/identity.rs @@ -1,17 +1,18 @@ -use crate::models::{Change, ChangeHash, ChangeHistory, Identifier}; -use crate::verified_change::VerifiedChange; -use crate::IdentityHistoryComparison; -use crate::{IdentityError, Vault}; - use core::cmp::Ordering; use core::fmt; use core::fmt::{Display, Formatter}; + use ockam_core::compat::string::String; use ockam_core::compat::sync::Arc; use ockam_core::compat::vec::Vec; use ockam_core::Result; use ockam_vault::{VaultForVerifyingSignatures, VerifyingPublicKey}; +use crate::models::{Change, ChangeHash, ChangeHistory, Identifier}; +use crate::verified_change::VerifiedChange; +use crate::IdentityHistoryComparison; +use crate::{IdentityError, Vault}; + /// Verified Identity #[derive(Clone, Debug)] pub struct Identity { @@ -212,16 +213,20 @@ impl Display for ChangeHistory { #[cfg(test)] mod tests { - use super::*; - use crate::{identities, Identities, Vault}; use core::str::FromStr; + + use rand::thread_rng; + use ockam_core::compat::rand::RngCore; use ockam_vault::{EdDSACurve25519SecretKey, SigningSecret, SoftwareVaultForSigning}; - use rand::thread_rng; + + use crate::{identities, Identities, Vault}; + + use super::*; #[tokio::test] - async fn test_display() { - let identities = identities(); + async fn test_display() -> Result<()> { + let identities = identities().await?; let data = hex::decode("81a201583ba20101025835a4028201815820bd144a3f6472ba2215b6b86b2820b23304f9473622847ca80dfda0d10f12eebc03f4041a64c956a9051a64c956a9028201815840c1598a6f85215c118a4744310bebfae71ec19353e1ede1582787592013d65a70c80aa4a4855d16d9b696a887be9bd97b2271245124857d67c07e0203564c3706").unwrap(); let identifier = identities .identities_creation() @@ -237,14 +242,15 @@ mod tests { let expected = r#"Identifier: Ie2424922b4194cd4ab57f952ef04c44e5e70ab2f Change history: 81a201583ba20101025835a4028201815820bd144a3f6472ba2215b6b86b2820b23304f9473622847ca80dfda0d10f12eebc03f4041a64c956a9051a64c956a9028201815840c1598a6f85215c118a4744310bebfae71ec19353e1ede1582787592013d65a70c80aa4a4855d16d9b696a887be9bd97b2271245124857d67c07e0203564c3706 "#; - assert_eq!(actual, expected) + assert_eq!(actual, expected); + Ok(()) } #[tokio::test] async fn test_compare() -> Result<()> { - let signing_vault0 = SoftwareVaultForSigning::create(); - let signing_vault01 = SoftwareVaultForSigning::create(); - let signing_vault02 = SoftwareVaultForSigning::create(); + let signing_vault0 = SoftwareVaultForSigning::create().await?; + let signing_vault01 = SoftwareVaultForSigning::create().await?; + let signing_vault02 = SoftwareVaultForSigning::create().await?; let mut key0_bin = [0u8; 32]; thread_rng().fill_bytes(&mut key0_bin); @@ -266,10 +272,11 @@ Change history: 81a201583ba20101025835a4028201815820bd144a3f6472ba2215b6b86b2820 .await?; let identities0 = Identities::builder() + .await? .with_vault(Vault::new( signing_vault0, - Vault::create_secure_channel_vault(), - Vault::create_credential_vault(), + Vault::create_secure_channel_vault().await?, + Vault::create_credential_vault().await?, Vault::create_verifying_vault(), )) .build(); @@ -284,18 +291,20 @@ Change history: 81a201583ba20101025835a4028201815820bd144a3f6472ba2215b6b86b2820 let identity0_bin = identities0.export_identity(&identifier0).await?; let identities01 = Identities::builder() + .await? .with_vault(Vault::new( signing_vault01, - Vault::create_secure_channel_vault(), - Vault::create_credential_vault(), + Vault::create_secure_channel_vault().await?, + Vault::create_credential_vault().await?, Vault::create_verifying_vault(), )) .build(); let identities02 = Identities::builder() + .await? .with_vault(Vault::new( signing_vault02, - Vault::create_secure_channel_vault(), - Vault::create_credential_vault(), + Vault::create_secure_channel_vault().await?, + Vault::create_credential_vault().await?, Vault::create_verifying_vault(), )) .build(); diff --git a/implementations/rust/ockam/ockam_identity/src/models/credential_and_purpose_key.rs b/implementations/rust/ockam/ockam_identity/src/models/credential_and_purpose_key.rs index 3e62a36bfb7..79cc572d681 100644 --- a/implementations/rust/ockam/ockam_identity/src/models/credential_and_purpose_key.rs +++ b/implementations/rust/ockam/ockam_identity/src/models/credential_and_purpose_key.rs @@ -84,7 +84,7 @@ mod tests { /// HELPERS async fn create_credential() -> Result { - let identities = identities(); + let identities = identities().await?; let issuer = identities.identities_creation().create_identity().await?; let subject = identities.identities_creation().create_identity().await?; diff --git a/implementations/rust/ockam/ockam_identity/src/purpose_keys/purpose_keys.rs b/implementations/rust/ockam/ockam_identity/src/purpose_keys/purpose_keys.rs index 8761d47a545..f2301647c7f 100644 --- a/implementations/rust/ockam/ockam_identity/src/purpose_keys/purpose_keys.rs +++ b/implementations/rust/ockam/ockam_identity/src/purpose_keys/purpose_keys.rs @@ -62,7 +62,7 @@ mod tests { #[tokio::test] async fn create_purpose_keys() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let purpose_keys = identities.purpose_keys(); @@ -93,7 +93,7 @@ mod tests { #[tokio::test] async fn test_purpose_keys_are_persisted() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let purpose_keys = identities.purpose_keys(); diff --git a/implementations/rust/ockam/ockam_identity/src/purpose_keys/storage/purpose_keys_repository_sql.rs b/implementations/rust/ockam/ockam_identity/src/purpose_keys/storage/purpose_keys_repository_sql.rs index be4fb464d73..0abb4312208 100644 --- a/implementations/rust/ockam/ockam_identity/src/purpose_keys/storage/purpose_keys_repository_sql.rs +++ b/implementations/rust/ockam/ockam_identity/src/purpose_keys/storage/purpose_keys_repository_sql.rs @@ -30,8 +30,10 @@ impl PurposeKeysSqlxDatabase { } /// Create a new in-memory database for purpose keys - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("purpose keys")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("purpose keys").await?, + ))) } } @@ -130,7 +132,7 @@ mod tests { #[tokio::test] async fn test_purpose_keys_repository() -> Result<()> { - let repository = create_repository(); + let repository = create_repository().await?; // A purpose key can be stored and retrieved, given the owning identifier and purpose type let identity1 = Identifier::try_from("Ie86be15e83d1c93e24dd1967010b01b6df491b45").unwrap(); @@ -169,7 +171,7 @@ mod tests { } /// HELPERS - fn create_repository() -> Arc { - PurposeKeysSqlxDatabase::create() + async fn create_repository() -> Result> { + Ok(PurposeKeysSqlxDatabase::create().await?) } } diff --git a/implementations/rust/ockam/ockam_identity/src/secure_channel/handshake/handshake.rs b/implementations/rust/ockam/ockam_identity/src/secure_channel/handshake/handshake.rs index bd040d5ef2e..ddc2617629f 100644 --- a/implementations/rust/ockam/ockam_identity/src/secure_channel/handshake/handshake.rs +++ b/implementations/rust/ockam/ockam_identity/src/secure_channel/handshake/handshake.rs @@ -606,7 +606,7 @@ mod tests { #[tokio::test] async fn test_initialization() -> Result<()> { let vault = Arc::new(SoftwareVaultForSecureChannels::new( - SecretsSqlxDatabase::create(), + SecretsSqlxDatabase::create().await?, )); let static_key = vault.generate_static_x25519_secret_key().await?; @@ -688,7 +688,7 @@ mod tests { } async fn check_handshake(messages: HandshakeMessages) -> Result<()> { - let vault = SoftwareVaultForSecureChannels::create(); + let vault = SoftwareVaultForSecureChannels::create().await?; let initiator_static_key_id = vault .import_static_x25519_secret(messages.initiator_static_key) diff --git a/implementations/rust/ockam/ockam_identity/src/secure_channel/mod.rs b/implementations/rust/ockam/ockam_identity/src/secure_channel/mod.rs index 2da815dc4fe..31c324536b1 100644 --- a/implementations/rust/ockam/ockam_identity/src/secure_channel/mod.rs +++ b/implementations/rust/ockam/ockam_identity/src/secure_channel/mod.rs @@ -132,8 +132,8 @@ mod tests { } async fn create_encryptor_decryptor() -> Result<(Encryptor, Decryptor)> { - let vault1 = SoftwareVaultForSecureChannels::create(); - let vault2 = SoftwareVaultForSecureChannels::create(); + let vault1 = SoftwareVaultForSecureChannels::create().await?; + let vault2 = SoftwareVaultForSecureChannels::create().await?; let mut rng = thread_rng(); let mut key = [0u8; 32]; diff --git a/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels.rs b/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels.rs index 335b5d5b3d7..6078a8213ab 100644 --- a/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels.rs +++ b/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels.rs @@ -50,11 +50,11 @@ impl SecureChannels { /// Create a builder for secure channels #[cfg(feature = "storage")] - pub fn builder() -> SecureChannelsBuilder { - SecureChannelsBuilder { - identities_builder: Identities::builder(), + pub async fn builder() -> Result { + Ok(SecureChannelsBuilder { + identities_builder: Identities::builder().await?, registry: SecureChannelRegistry::new(), - } + }) } } diff --git a/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels_builder.rs b/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels_builder.rs index e140700f8c5..cc03d5f7a10 100644 --- a/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels_builder.rs +++ b/implementations/rust/ockam/ockam_identity/src/secure_channels/secure_channels_builder.rs @@ -1,4 +1,5 @@ use ockam_core::compat::sync::Arc; +use ockam_core::Result; use ockam_vault::storage::SecretsRepository; use crate::identities::{ChangeHistoryRepository, Identities}; @@ -17,8 +18,8 @@ pub struct SecureChannelsBuilder { /// Create default, in-memory, secure channels (mostly for examples and testing) #[cfg(feature = "storage")] -pub fn secure_channels() -> Arc { - SecureChannels::builder().build() +pub async fn secure_channels() -> Result> { + Ok(SecureChannels::builder().await?.build()) } impl SecureChannelsBuilder { diff --git a/implementations/rust/ockam/ockam_identity/src/vault.rs b/implementations/rust/ockam/ockam_identity/src/vault.rs index 0a6ed075311..c1a753ac40a 100644 --- a/implementations/rust/ockam/ockam_identity/src/vault.rs +++ b/implementations/rust/ockam/ockam_identity/src/vault.rs @@ -1,4 +1,5 @@ use ockam_core::compat::sync::Arc; +use ockam_core::Result; #[cfg(feature = "storage")] use ockam_node::database::SqlxDatabase; use ockam_vault::storage::SecretsRepository; @@ -40,33 +41,37 @@ impl Vault { /// Create Software implementation Vault with an in-memory storage #[cfg(feature = "storage")] - pub fn create() -> Self { - Self::new( - Self::create_identity_vault(), - Self::create_secure_channel_vault(), - Self::create_credential_vault(), + pub async fn create() -> Result { + Ok(Self::new( + Self::create_identity_vault().await?, + Self::create_secure_channel_vault().await?, + Self::create_credential_vault().await?, Self::create_verifying_vault(), - ) + )) } /// Create [`SoftwareVaultForSigning`] with an in-memory storage #[cfg(feature = "storage")] - pub fn create_identity_vault() -> Arc { - Arc::new(SoftwareVaultForSigning::new(SecretsSqlxDatabase::create())) + pub async fn create_identity_vault() -> Result> { + Ok(Arc::new(SoftwareVaultForSigning::new( + SecretsSqlxDatabase::create().await?, + ))) } /// Create [`SoftwareSecureChannelVault`] with an in-memory storage #[cfg(feature = "storage")] - pub fn create_secure_channel_vault() -> Arc { - Arc::new(SoftwareVaultForSecureChannels::new( - SecretsSqlxDatabase::create(), - )) + pub async fn create_secure_channel_vault() -> Result> { + Ok(Arc::new(SoftwareVaultForSecureChannels::new( + SecretsSqlxDatabase::create().await?, + ))) } /// Create [`SoftwareVaultForSigning`] with an in-memory storage #[cfg(feature = "storage")] - pub fn create_credential_vault() -> Arc { - Arc::new(SoftwareVaultForSigning::new(SecretsSqlxDatabase::create())) + pub async fn create_credential_vault() -> Result> { + Ok(Arc::new(SoftwareVaultForSigning::new( + SecretsSqlxDatabase::create().await?, + ))) } /// Create [`SoftwareVaultForVerifyingSignatures`] @@ -78,9 +83,7 @@ impl Vault { impl Vault { /// Create Software Vaults and persist them to a given path #[cfg(feature = "storage")] - pub async fn create_with_persistent_storage_path( - path: &std::path::Path, - ) -> ockam_core::Result { + pub async fn create_with_persistent_storage_path(path: &std::path::Path) -> Result { Ok(Self::create_with_database(Arc::new( SqlxDatabase::create(path).await?, ))) diff --git a/implementations/rust/ockam/ockam_identity/tests/aws.rs b/implementations/rust/ockam/ockam_identity/tests/aws.rs index 36232db31dd..5cfa604dce7 100644 --- a/implementations/rust/ockam/ockam_identity/tests/aws.rs +++ b/implementations/rust/ockam/ockam_identity/tests/aws.rs @@ -16,10 +16,13 @@ use std::time::Duration; #[tokio::test] #[ignore] async fn create_identity_with_aws_pregenerated_key() -> Result<()> { - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; let aws_vault = Arc::new(AwsSigningVault::create().await?); vault.identity_vault = aws_vault.clone(); - let identities = Identities::builder().with_vault(vault.clone()).build(); + let identities = Identities::builder() + .await? + .with_vault(vault.clone()) + .build(); // create a secret key using the AWS KMS let key_id = aws_vault @@ -47,10 +50,13 @@ async fn create_identity_with_aws_pregenerated_key() -> Result<()> { #[tokio::test] #[ignore] async fn create_identity_with_aws_random_key() -> Result<()> { - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; let aws_vault = Arc::new(AwsSigningVault::create().await?); vault.identity_vault = aws_vault.clone(); - let identities = Identities::builder().with_vault(vault.clone()).build(); + let identities = Identities::builder() + .await? + .with_vault(vault.clone()) + .build(); let identifier = identities .identities_creation() @@ -78,10 +84,13 @@ async fn create_identity_with_aws_random_key() -> Result<()> { #[tokio::test] #[ignore] async fn create_credential_aws_key() -> Result<()> { - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; let aws_vault = Arc::new(AwsSigningVault::create().await?); vault.credential_vault = aws_vault.clone(); - let identities = Identities::builder().with_vault(vault.clone()).build(); + let identities = Identities::builder() + .await? + .with_vault(vault.clone()) + .build(); let identifier = identities.identities_creation().create_identity().await?; diff --git a/implementations/rust/ockam/ockam_identity/tests/channel.rs b/implementations/rust/ockam/ockam_identity/tests/channel.rs index fc4821abb6c..a782bff899b 100644 --- a/implementations/rust/ockam/ockam_identity/tests/channel.rs +++ b/implementations/rust/ockam/ockam_identity/tests/channel.rs @@ -1,4 +1,6 @@ use core::time::Duration; +use std::sync::atomic::{AtomicU8, Ordering}; + use ockam_core::compat::sync::Arc; use ockam_core::{route, Address, AllowAll, Any, DenyAll, Mailboxes, Result, Routed, Worker}; use ockam_identity::models::{CredentialSchemaIdentifier, Identifier}; @@ -14,11 +16,10 @@ use ockam_node::{Context, MessageReceiveOptions, WorkerBuilder}; use ockam_vault::{ SoftwareVaultForSecureChannels, SoftwareVaultForSigning, SoftwareVaultForVerifyingSignatures, }; -use std::sync::atomic::{AtomicU8, Ordering}; #[ockam_macros::test] async fn test_channel(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -82,7 +83,7 @@ async fn test_channel(ctx: &mut Context) -> Result<()> { #[ockam_macros::test] async fn test_channel_send_credentials(context: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let authority = identities_creation.create_identity().await?; @@ -223,7 +224,7 @@ async fn test_channel_send_credentials(context: &mut Context) -> Result<()> { #[ockam_macros::test] async fn test_channel_rejected_trust_policy(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -279,7 +280,7 @@ async fn test_channel_rejected_trust_policy(ctx: &mut Context) -> Result<()> { #[ockam_macros::test] async fn test_channel_send_multiple_messages_both_directions(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -340,7 +341,7 @@ async fn test_channel_send_multiple_messages_both_directions(ctx: &mut Context) #[ockam_macros::test] async fn test_channel_registry(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -411,7 +412,7 @@ async fn test_channel_registry(ctx: &mut Context) -> Result<()> { #[ockam_macros::test] async fn test_channel_api(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -521,7 +522,7 @@ async fn test_channel_api(ctx: &mut Context) -> Result<()> { #[ockam_macros::test] async fn test_tunneled_secure_channel_works(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -596,7 +597,7 @@ async fn test_tunneled_secure_channel_works(ctx: &mut Context) -> Result<()> { #[ockam_macros::test] async fn test_double_tunneled_secure_channel_works(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -687,7 +688,7 @@ async fn test_double_tunneled_secure_channel_works(ctx: &mut Context) -> Result< #[ockam_macros::test] async fn test_many_times_tunneled_secure_channel_works(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -786,7 +787,7 @@ async fn access_control__known_participant__should_pass_messages(ctx: &mut Conte received_count: received_count.clone(), }; - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -836,7 +837,7 @@ async fn access_control__unknown_participant__should_not_pass_messages( received_count: received_count.clone(), }; - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; @@ -908,26 +909,32 @@ async fn access_control__no_secure_channel__should_not_pass_messages( #[ockam_macros::test] async fn test_channel_delete_ephemeral_keys(ctx: &mut Context) -> Result<()> { - let alice_identity_vault = SoftwareVaultForSigning::create(); - let alice_sc_vault = SoftwareVaultForSecureChannels::create(); + let alice_identity_vault = SoftwareVaultForSigning::create().await?; + let alice_sc_vault = SoftwareVaultForSecureChannels::create().await?; let alice_vault = Vault::new( alice_identity_vault.clone(), alice_sc_vault.clone(), - SoftwareVaultForSigning::create(), + SoftwareVaultForSigning::create().await?, SoftwareVaultForVerifyingSignatures::create(), ); - let bob_identity_vault = SoftwareVaultForSigning::create(); - let bob_sc_vault = SoftwareVaultForSecureChannels::create(); + let bob_identity_vault = SoftwareVaultForSigning::create().await?; + let bob_sc_vault = SoftwareVaultForSecureChannels::create().await?; let bob_vault = Vault::new( bob_identity_vault.clone(), bob_sc_vault.clone(), - SoftwareVaultForSigning::create(), + SoftwareVaultForSigning::create().await?, SoftwareVaultForVerifyingSignatures::create(), ); - let secure_channels_alice = SecureChannels::builder().with_vault(alice_vault).build(); - let secure_channels_bob = SecureChannels::builder().with_vault(bob_vault).build(); + let secure_channels_alice = SecureChannels::builder() + .await? + .with_vault(alice_vault) + .build(); + let secure_channels_bob = SecureChannels::builder() + .await? + .with_vault(bob_vault) + .build(); let identities_creation_alice = secure_channels_alice.identities().identities_creation(); let identities_creation_bob = secure_channels_bob.identities().identities_creation(); @@ -1030,7 +1037,7 @@ async fn test_channel_delete_ephemeral_keys(ctx: &mut Context) -> Result<()> { async fn should_stop_encryptor__and__decryptor__in__secure_channel( ctx: &mut Context, ) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let alice = identities_creation.create_identity().await?; diff --git a/implementations/rust/ockam/ockam_identity/tests/common/message_flow_auth.rs b/implementations/rust/ockam/ockam_identity/tests/common/message_flow_auth.rs index d4954a076b8..fe3f2410880 100644 --- a/implementations/rust/ockam/ockam_identity/tests/common/message_flow_auth.rs +++ b/implementations/rust/ockam/ockam_identity/tests/common/message_flow_auth.rs @@ -106,7 +106,7 @@ pub async fn create_secure_channel_listener( ctx: &Context, flow_control_id: &FlowControlId, ) -> Result { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let identifier = identities_creation.create_identity().await?; @@ -134,7 +134,7 @@ pub async fn create_secure_channel( ctx: &Context, connection: &Address, ) -> Result { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities_creation = secure_channels.identities().identities_creation(); let identifier = identities_creation.create_identity().await?; diff --git a/implementations/rust/ockam/ockam_identity/tests/credentials.rs b/implementations/rust/ockam/ockam_identity/tests/credentials.rs index 39d7a7ea54f..a2e4ff0649c 100644 --- a/implementations/rust/ockam/ockam_identity/tests/credentials.rs +++ b/implementations/rust/ockam/ockam_identity/tests/credentials.rs @@ -15,7 +15,7 @@ use ockam_node::{Context, WorkerBuilder}; #[ockam_macros::test] async fn full_flow_oneway(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities = secure_channels.identities(); let identities_creation = identities.identities_creation(); let identity_attributes_repository = identities.identity_attributes_repository(); @@ -96,7 +96,7 @@ async fn full_flow_oneway(ctx: &mut Context) -> Result<()> { #[ockam_macros::test] async fn full_flow_twoway(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities = secure_channels.identities(); let identities_creation = identities.identities_creation(); let identity_attributes_repository = identities.identity_attributes_repository(); @@ -207,7 +207,7 @@ async fn full_flow_twoway(ctx: &mut Context) -> Result<()> { #[ockam_macros::test] async fn access_control(ctx: &mut Context) -> Result<()> { - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let identities = secure_channels.identities(); let identities_creation = identities.identities_creation(); let identity_attributes_repository = identities.identity_attributes_repository(); diff --git a/implementations/rust/ockam/ockam_identity/tests/identity_creation.rs b/implementations/rust/ockam/ockam_identity/tests/identity_creation.rs index 001495ffc68..bbff76d3ad3 100644 --- a/implementations/rust/ockam/ockam_identity/tests/identity_creation.rs +++ b/implementations/rust/ockam/ockam_identity/tests/identity_creation.rs @@ -7,7 +7,7 @@ use ockam_vault::SigningKeyType; #[tokio::test] async fn create_and_retrieve() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let identities_keys = identities.identities_keys(); @@ -39,7 +39,7 @@ async fn create_and_retrieve() -> Result<()> { #[tokio::test] async fn create_p256() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let identities_keys = identities.identities_keys(); diff --git a/implementations/rust/ockam/ockam_identity/tests/identity_verification.rs b/implementations/rust/ockam/ockam_identity/tests/identity_verification.rs index 8ff89bd7557..4b7f149492c 100644 --- a/implementations/rust/ockam/ockam_identity/tests/identity_verification.rs +++ b/implementations/rust/ockam/ockam_identity/tests/identity_verification.rs @@ -10,7 +10,7 @@ mod common; #[tokio::test] async fn test_valid_identity() -> Result<()> { - let identities = Identities::builder().build(); + let identities = Identities::builder().await?.build(); let identities_creation = identities.identities_creation(); let identifier = identities_creation.create_identity().await?; @@ -25,13 +25,13 @@ async fn test_valid_identity() -> Result<()> { #[tokio::test] async fn test_invalid_signature() -> Result<()> { - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; let crazy_signing_vault = Arc::new(CrazySigningVault::new(0.1, vault.identity_vault)); vault.identity_vault = crazy_signing_vault.clone(); vault.verifying_vault = Arc::new(CrazyVerifyingVault { verifying_vault: vault.verifying_vault, }); - let identities = Identities::builder().with_vault(vault).build(); + let identities = Identities::builder().await?.with_vault(vault).build(); let identities_creation = identities.identities_creation(); let identifier = identities_creation.create_identity().await?; let identity = identities.get_identity(&identifier).await?; @@ -64,7 +64,7 @@ async fn test_invalid_signature() -> Result<()> { #[tokio::test] async fn test_eject_signatures() -> Result<()> { - let identities = Identities::builder().build(); + let identities = Identities::builder().await?.build(); let identities_creation = identities.identities_creation(); let identifier = identities_creation.create_identity().await?; diff --git a/implementations/rust/ockam/ockam_identity/tests/plaintext_message_flow_auth.rs b/implementations/rust/ockam/ockam_identity/tests/plaintext_message_flow_auth.rs index 79eaff15bfe..c1e48585513 100644 --- a/implementations/rust/ockam/ockam_identity/tests/plaintext_message_flow_auth.rs +++ b/implementations/rust/ockam/ockam_identity/tests/plaintext_message_flow_auth.rs @@ -1,13 +1,11 @@ -use std::time::Duration; - +use crate::common::message_flow_auth::{ + message_should_not_pass, message_should_not_pass_with_ctx, message_should_pass_with_ctx, +}; use ockam_core::{route, AllowAll, Result}; use ockam_identity::{secure_channels, SecureChannelListenerOptions, SecureChannelOptions}; use ockam_node::Context; use ockam_transport_tcp::{TcpConnectionOptions, TcpListenerOptions, TcpTransport}; - -use crate::common::message_flow_auth::{ - message_should_not_pass, message_should_not_pass_with_ctx, message_should_pass_with_ctx, -}; +use std::time::Duration; mod common; @@ -15,8 +13,8 @@ mod common; // Bob: Secure Channel listener #[ockam_macros::test] async fn test1(ctx: &mut Context) -> Result<()> { - let alice_secure_channels = secure_channels(); - let bob_secure_channels = secure_channels(); + let alice_secure_channels = secure_channels().await?; + let bob_secure_channels = secure_channels().await?; let alice = alice_secure_channels .identities() @@ -86,8 +84,8 @@ async fn test2(ctx: &mut Context) -> Result<()> { message_should_not_pass(ctx, &connection_to_bob.clone().into()).await?; message_should_not_pass(ctx, connection_to_alice.address()).await?; - let alice_secure_channels = secure_channels(); - let bob_secure_channels = secure_channels(); + let alice_secure_channels = secure_channels().await?; + let bob_secure_channels = secure_channels().await?; let alice = alice_secure_channels .identities() diff --git a/implementations/rust/ockam/ockam_identity/tests/purpose_key_creation.rs b/implementations/rust/ockam/ockam_identity/tests/purpose_key_creation.rs index ca09e75a6f9..6d7b0ff8973 100644 --- a/implementations/rust/ockam/ockam_identity/tests/purpose_key_creation.rs +++ b/implementations/rust/ockam/ockam_identity/tests/purpose_key_creation.rs @@ -4,7 +4,7 @@ use ockam_vault::{SigningKeyType, VerifyingPublicKey}; #[tokio::test] async fn create_default_purpose_keys() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let purpose_keys = identities.purpose_keys(); @@ -58,7 +58,7 @@ async fn create_default_purpose_keys() -> Result<()> { #[tokio::test] async fn create_custom_type() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let purpose_keys = identities.purpose_keys(); @@ -89,7 +89,7 @@ async fn create_custom_type() -> Result<()> { #[tokio::test] async fn create_with_p256_identity() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let purpose_keys = identities.purpose_keys(); @@ -147,7 +147,7 @@ async fn create_with_p256_identity() -> Result<()> { #[tokio::test] async fn create_with_rotated_identity() -> Result<()> { - let identities = identities(); + let identities = identities().await?; let identities_creation = identities.identities_creation(); let purpose_keys = identities.purpose_keys(); diff --git a/implementations/rust/ockam/ockam_identity/tests/purpose_key_verification.rs b/implementations/rust/ockam/ockam_identity/tests/purpose_key_verification.rs index a4831c9b0bd..9393362683c 100644 --- a/implementations/rust/ockam/ockam_identity/tests/purpose_key_verification.rs +++ b/implementations/rust/ockam/ockam_identity/tests/purpose_key_verification.rs @@ -8,15 +8,15 @@ mod common; #[tokio::test] async fn test_invalid_signature() -> Result<()> { - let mut vault = Vault::create(); + let mut vault = Vault::create().await?; let crazy_signing_vault = Arc::new(CrazySigningVault::new(0.1, vault.identity_vault)); vault.identity_vault = crazy_signing_vault.clone(); vault.verifying_vault = Arc::new(CrazyVerifyingVault { verifying_vault: vault.verifying_vault, }); - let identities_remote = identities(); - let identities = Identities::builder().with_vault(vault).build(); + let identities_remote = identities().await?; + let identities = Identities::builder().await?.with_vault(vault).build(); let identities_creation = identities.identities_creation(); let identifier = identities_creation.create_identity().await?; let identity = identities.get_identity(&identifier).await?; diff --git a/implementations/rust/ockam/ockam_node/Cargo.toml b/implementations/rust/ockam/ockam_node/Cargo.toml index 063c668c67a..4643829e9a9 100644 --- a/implementations/rust/ockam/ockam_node/Cargo.toml +++ b/implementations/rust/ockam/ockam_node/Cargo.toml @@ -65,7 +65,7 @@ metrics = [] # message flows within Ockam apps. debugger = ["ockam_core/debugger"] -storage = ["std", "time", "serde_json", "sqlx", "tokio-retry", "futures/executor"] +storage = ["std", "time", "serde_json", "sqlx", "tokio-retry"] [dependencies] cfg-if = "1.0.0" diff --git a/implementations/rust/ockam/ockam_node/src/storage/database/sqlx_database.rs b/implementations/rust/ockam/ockam_node/src/storage/database/sqlx_database.rs index 949ee5d2600..685116f05a4 100644 --- a/implementations/rust/ockam/ockam_node/src/storage/database/sqlx_database.rs +++ b/implementations/rust/ockam/ockam_node/src/storage/database/sqlx_database.rs @@ -1,16 +1,16 @@ use core::fmt::{Debug, Formatter}; +use sqlx::sqlite::SqliteConnectOptions; use std::ops::Deref; use std::path::Path; -use futures::executor; -use sqlx::sqlite::SqliteConnectOptions; +use ockam_core::errcode::{Kind, Origin}; use sqlx::{ConnectOptions, SqlitePool}; use tokio_retry::strategy::{jitter, FixedInterval}; use tokio_retry::Retry; use tracing::debug; use tracing::log::LevelFilter; -use ockam_core::errcode::{Kind, Origin}; +use ockam_core::compat::sync::Arc; use ockam_core::{Error, Result}; /// We use sqlx as our primary interface for interacting with the database @@ -62,16 +62,12 @@ impl SqlxDatabase { /// The implementation blocks during the creation of the database /// so that we don't have to propagate async in all the code base when using an /// in-memory database, especially when writing examples - pub fn in_memory(usage: &str) -> Self { - executor::block_on(async { - debug!("create an in memory database for {usage}"); - let pool = Self::create_in_memory_connection_pool() - .await - .expect("creating an in-memory connection should work"); - let db = SqlxDatabase { pool }; - db.migrate().await.expect("the migration should work"); - db - }) + pub async fn in_memory(usage: &str) -> Result> { + debug!("create an in memory database for {usage}"); + let pool = Self::create_in_memory_connection_pool().await?; + let db = SqlxDatabase { pool }; + db.migrate().await?; + Ok(Arc::new(db)) } async fn create_at(path: &Path) -> Result { diff --git a/implementations/rust/ockam/ockam_transport_ble/examples/05-secure-channel-over-ble-transport-initiator.rs b/implementations/rust/ockam/ockam_transport_ble/examples/05-secure-channel-over-ble-transport-initiator.rs index 4532bc2a34a..177db500a00 100644 --- a/implementations/rust/ockam/ockam_transport_ble/examples/05-secure-channel-over-ble-transport-initiator.rs +++ b/implementations/rust/ockam/ockam_transport_ble/examples/05-secure-channel-over-ble-transport-initiator.rs @@ -3,7 +3,6 @@ use ockam_core::{route, Result}; use ockam_identity::{secure_channels, SecureChannelOptions}; use ockam_node::Context; - use ockam_transport_ble::driver::btleplug::BleAdapter; use ockam_transport_ble::driver::BleClient; use ockam_transport_ble::{BleTransport, BLE}; @@ -25,7 +24,7 @@ async fn async_main(mut ctx: Context) -> Result<()> { let ble = BleTransport::create(&ctx).await?; // Create an Entity to represent Alice. - let secure_channels = secure_channels(); + let secure_channels = secure_channels().await?; let alice = secure_channels .identities() .identities_creation() diff --git a/implementations/rust/ockam/ockam_vault/src/software/vault_for_secure_channels/vault_for_secure_channels.rs b/implementations/rust/ockam/ockam_vault/src/software/vault_for_secure_channels/vault_for_secure_channels.rs index fab4de58fe5..c84f8c4c151 100644 --- a/implementations/rust/ockam/ockam_vault/src/software/vault_for_secure_channels/vault_for_secure_channels.rs +++ b/implementations/rust/ockam/ockam_vault/src/software/vault_for_secure_channels/vault_for_secure_channels.rs @@ -42,8 +42,8 @@ impl SoftwareVaultForSecureChannels { /// Create Software implementation Vault with an in-memory implementation to store secrets #[cfg(feature = "storage")] - pub fn create() -> Arc { - Arc::new(Self::new(SecretsSqlxDatabase::create())) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new(SecretsSqlxDatabase::create().await?))) } } diff --git a/implementations/rust/ockam/ockam_vault/src/software/vault_for_signing/vault_for_signing.rs b/implementations/rust/ockam/ockam_vault/src/software/vault_for_signing/vault_for_signing.rs index 886638f73bd..f271c2f5f3a 100644 --- a/implementations/rust/ockam/ockam_vault/src/software/vault_for_signing/vault_for_signing.rs +++ b/implementations/rust/ockam/ockam_vault/src/software/vault_for_signing/vault_for_signing.rs @@ -33,8 +33,8 @@ impl SoftwareVaultForSigning { /// Create an in-memory Software implementation Vault #[cfg(feature = "storage")] - pub fn create() -> Arc { - Arc::new(Self::new(SecretsSqlxDatabase::create())) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new(SecretsSqlxDatabase::create().await?))) } /// Import a key from a binary diff --git a/implementations/rust/ockam/ockam_vault/src/storage/secrets_repository_sql.rs b/implementations/rust/ockam/ockam_vault/src/storage/secrets_repository_sql.rs index 1467fa987b9..3e25f05d851 100644 --- a/implementations/rust/ockam/ockam_vault/src/storage/secrets_repository_sql.rs +++ b/implementations/rust/ockam/ockam_vault/src/storage/secrets_repository_sql.rs @@ -29,8 +29,10 @@ impl SecretsSqlxDatabase { } /// Create a new in-memory database for policies - pub fn create() -> Arc { - Arc::new(Self::new(Arc::new(SqlxDatabase::in_memory("secrets")))) + pub async fn create() -> Result> { + Ok(Arc::new(Self::new( + SqlxDatabase::in_memory("secrets").await?, + ))) } }