From 8f6dda871bb58cb74eb21f17bf581c35b8c61caa Mon Sep 17 00:00:00 2001 From: hdbg Date: Mon, 16 Feb 2026 20:59:49 +0100 Subject: [PATCH] refactor(actors): rename BootstrapActor to Bootstrapper --- .../arbiter-server/src/actors/bootstrap.rs | 6 +- .../arbiter-server/src/actors/user_agent.rs | 6 +- .../src/actors/user_agent/tests.rs | 12 ++-- server/crates/arbiter-server/src/context.rs | 63 +++++-------------- 4 files changed, 26 insertions(+), 61 deletions(-) diff --git a/server/crates/arbiter-server/src/actors/bootstrap.rs b/server/crates/arbiter-server/src/actors/bootstrap.rs index b25788d..fd69e3d 100644 --- a/server/crates/arbiter-server/src/actors/bootstrap.rs +++ b/server/crates/arbiter-server/src/actors/bootstrap.rs @@ -43,11 +43,11 @@ pub enum BootstrapError { } #[derive(Actor)] -pub struct BootstrapActor { +pub struct Bootstrapper { token: Option, } -impl BootstrapActor { +impl Bootstrapper { pub async fn new(db: &DatabasePool) -> Result { let mut conn = db.get().await?; @@ -77,7 +77,7 @@ impl BootstrapActor { } #[messages] -impl BootstrapActor { +impl Bootstrapper { #[message] pub fn is_correct_token(&self, token: String) -> bool { match &self.token { diff --git a/server/crates/arbiter-server/src/actors/user_agent.rs b/server/crates/arbiter-server/src/actors/user_agent.rs index 0542082..ec788af 100644 --- a/server/crates/arbiter-server/src/actors/user_agent.rs +++ b/server/crates/arbiter-server/src/actors/user_agent.rs @@ -29,7 +29,7 @@ use x25519_dalek::{EphemeralSecret, PublicKey}; use crate::{ ServerContext, actors::{ - bootstrap::{BootstrapActor, ConsumeToken}, + bootstrap::{Bootstrapper, ConsumeToken}, user_agent::state::{ AuthRequestContext, ChallengeContext, DummyContext, UnsealContext, UserAgentEvents, UserAgentStateMachine, UserAgentStates, @@ -49,7 +49,7 @@ pub(crate) use transport::handle_user_agent; #[derive(Actor)] pub struct UserAgentActor { db: db::DatabasePool, - bootstapper: ActorRef, + bootstapper: ActorRef, state: UserAgentStateMachine, // will be used in future _tx: Sender>, @@ -71,7 +71,7 @@ impl UserAgentActor { #[cfg(test)] pub(crate) fn new_manual( db: db::DatabasePool, - bootstapper: ActorRef, + bootstapper: ActorRef, tx: Sender>, ) -> Self { Self { diff --git a/server/crates/arbiter-server/src/actors/user_agent/tests.rs b/server/crates/arbiter-server/src/actors/user_agent/tests.rs index 5b4adca..91dfb8c 100644 --- a/server/crates/arbiter-server/src/actors/user_agent/tests.rs +++ b/server/crates/arbiter-server/src/actors/user_agent/tests.rs @@ -11,7 +11,7 @@ use kameo::actor::Spawn; use crate::{ actors::{ - bootstrap::BootstrapActor, + bootstrap::Bootstrapper, user_agent::{HandleAuthChallengeRequest, HandleAuthChallengeSolution}, }, db::{self, schema}, @@ -24,10 +24,10 @@ use super::UserAgentActor; pub async fn test_bootstrap_token_auth() { let db = db::create_test_pool().await; // explicitly not installing any user_agent pubkeys - let bootstrapper = BootstrapActor::new(&db).await.unwrap(); // this will create bootstrap token + let bootstrapper = Bootstrapper::new(&db).await.unwrap(); // this will create bootstrap token let token = bootstrapper.get_token().unwrap(); - let bootstrapper_ref = BootstrapActor::spawn(bootstrapper); + let bootstrapper_ref = Bootstrapper::spawn(bootstrapper); let user_agent = UserAgentActor::new_manual( db.clone(), bootstrapper_ref, @@ -78,9 +78,9 @@ pub async fn test_bootstrap_token_auth() { pub async fn test_bootstrap_invalid_token_auth() { let db = db::create_test_pool().await; // explicitly not installing any user_agent pubkeys - let bootstrapper = BootstrapActor::new(&db).await.unwrap(); // this will create bootstrap token + let bootstrapper = Bootstrapper::new(&db).await.unwrap(); // this will create bootstrap token - let bootstrapper_ref = BootstrapActor::spawn(bootstrapper); + let bootstrapper_ref = Bootstrapper::spawn(bootstrapper); let user_agent = UserAgentActor::new_manual( db.clone(), bootstrapper_ref, @@ -126,7 +126,7 @@ pub async fn test_bootstrap_invalid_token_auth() { pub async fn test_challenge_auth() { let db = db::create_test_pool().await; - let bootstrapper_ref = BootstrapActor::spawn(BootstrapActor::new(&db).await.unwrap()); + let bootstrapper_ref = Bootstrapper::spawn(Bootstrapper::new(&db).await.unwrap()); let user_agent = UserAgentActor::new_manual( db.clone(), bootstrapper_ref, diff --git a/server/crates/arbiter-server/src/context.rs b/server/crates/arbiter-server/src/context.rs index 0afffd2..c8c40b7 100644 --- a/server/crates/arbiter-server/src/context.rs +++ b/server/crates/arbiter-server/src/context.rs @@ -4,20 +4,17 @@ use diesel::OptionalExtension as _; use diesel_async::RunQueryDsl as _; use kameo::actor::{ActorRef, Spawn}; use miette::Diagnostic; -use rand::rngs::StdRng; -use smlang::statemachine; use thiserror::Error; -use tokio::sync::RwLock; use crate::{ - actors::bootstrap::{self, BootstrapActor}, context::tls::{TlsDataRaw, TlsManager}, db::{ - self, - models::ArbiterSetting, - schema::arbiter_settings, - } + actors::{ + bootstrap::{self, Bootstrapper}, + keyholder::KeyHolder, + }, + context::tls::{TlsDataRaw, TlsManager}, + db::{self, models::ArbiterSetting, schema::arbiter_settings}, }; - pub mod tls; #[derive(Error, Debug, Diagnostic)] @@ -42,41 +39,20 @@ pub enum InitError { #[diagnostic(code(arbiter_server::init::bootstrap_token))] BootstrapToken(#[from] bootstrap::BootstrapError), + #[error("KeyHolder initialization failed: {0}")] + #[diagnostic(code(arbiter_server::init::keyholder_init))] + KeyHolder(#[from] crate::actors::keyholder::Error), + #[error("I/O Error: {0}")] #[diagnostic(code(arbiter_server::init::io))] Io(#[from] std::io::Error), } -// TODO: Placeholder for secure root key cell implementation -pub struct KeyStorage; - -statemachine! { - name: Server, - transitions: { - *NotBootstrapped + Bootstrapped = Sealed, - Sealed + Unsealed(KeyStorage) / move_key = Ready(KeyStorage), - Ready(KeyStorage) + Sealed / dispose_key = Sealed, - } -} -pub struct _Context; -impl ServerStateMachineContext for _Context { - fn move_key(&mut self, _event_data: KeyStorage) -> Result { - todo!() - } - - #[allow(missing_docs)] - #[allow(clippy::unused_unit)] - fn dispose_key(&mut self, _state_data: &KeyStorage) -> Result<(), ()> { - todo!() - } -} - pub struct _ServerContextInner { pub db: db::DatabasePool, - pub state: RwLock>, - pub rng: StdRng, pub tls: TlsManager, - pub bootstrapper: ActorRef, + pub bootstrapper: ActorRef, + pub keyholder: ActorRef, } #[derive(Clone)] pub struct ServerContext(Arc<_ServerContextInner>); @@ -124,7 +100,6 @@ impl ServerContext { pub async fn new(db: db::DatabasePool) -> Result { let mut conn = db.get().await?; - let rng = rand::make_rng(); let settings = arbiter_settings::table .first::(&mut conn) @@ -135,21 +110,11 @@ impl ServerContext { drop(conn); - let mut state = ServerStateMachine::new(_Context); - - if let Some(settings) = &settings - && settings.root_key_id.is_some() - { - // TODO: pass the encrypted root key to the state machine and let it handle decryption and transition to Sealed - let _ = state.process_event(ServerEvents::Bootstrapped); - } - Ok(Self(Arc::new(_ServerContextInner { - bootstrapper: BootstrapActor::spawn(BootstrapActor::new(&db).await?), + bootstrapper: Bootstrapper::spawn(Bootstrapper::new(&db).await?), + keyholder: KeyHolder::spawn(KeyHolder::new(db.clone()).await?), db, - rng, tls, - state: RwLock::new(state), }))) } }