config: Move config to keylime library

The following changes were made:
 - Moved keylime/src/global_config.rs to keylime/src/config/errors.rs
 - Moved keylime-agent/src/config.rs to keylime/src/config/base.rs
 - Moved the EnvConfig structure to the dedicated file
   keylime/src/config/env.rs
 - Moved the SUPPORTED_API_VERSIONS value from keylime-agent/src/api.rs
   to keylime/src/config/base.rs
 - Added temporary values for DEFAULT_PUSH_API_VERSIONS and
   DEFAULT_PUSH_EK_HANDLE in keylme/src/config/push_model.rs
 - Modified other files as necessary

Signed-off-by: Anderson Toshiyuki Sasaki <[email protected]>

Author: ansasaki

keylime-agent/src/api.rs

@@ -3,13 +3,14 @@ use crate::{
     notifications_handler, quotes_handler, QuoteData,
 };
 use actix_web::{http, web, HttpRequest, HttpResponse, Responder, Scope};
-use keylime::{list_parser::parse_list, version::KeylimeVersion};
+use keylime::{
+    config::SUPPORTED_API_VERSIONS, list_parser::parse_list,
+    version::KeylimeVersion,
+};
 use log::*;
 use serde::{Deserialize, Serialize};
 use thiserror::Error;
 
-pub static SUPPORTED_API_VERSIONS: &[&str] = &["2.1", "2.2"];
-
 #[derive(Error, Debug, PartialEq)]
 pub enum APIError {
     #[error("API version \"{0}\" not supported")]

keylime-agent/src/main.rs

@@ -34,7 +34,6 @@
 mod agent_handler;
 mod api;
 mod common;
-mod config;
 mod errors_handler;
 mod keys_handler;
 mod notifications_handler;
@@ -54,9 +53,10 @@ use futures::{
 use keylime::{
     agent_data::AgentData,
     agent_registration::{AgentRegistration, AgentRegistrationConfig},
+    config,
     crypto::{self, x509::CertificateBuilder},
     device_id::{DeviceID, DeviceIDBuilder},
-    global_config, hash_ek,
+    hash_ek,
     ima::MeasurementList,
     keylime_error::{Error, Result},
     list_parser::parse_list,
@@ -236,7 +236,7 @@ async fn main() -> Result<()> {
 
         error!("Configuration error: {}", &message);
         return Err(Error::Configuration(
-            global_config::KeylimeConfigError::Generic(message),
+            config::KeylimeConfigError::Generic(message),
         ));
     }
 
@@ -266,7 +266,7 @@ async fn main() -> Result<()> {
 
             error!("Configuration error: {}", &message);
             return Err(Error::Configuration(
-                global_config::KeylimeConfigError::Generic(message),
+                config::KeylimeConfigError::Generic(message),
             ));
         }
         info!("Running the service as {}...", user_group);
@@ -295,7 +295,7 @@ async fn main() -> Result<()> {
             if !python_shim.exists() {
                 error!("Could not find python shim at {}", python_shim.display());
                 return Err(Error::Configuration(
-                    global_config::KeylimeConfigError::Generic(format!(
+                    config::KeylimeConfigError::Generic(format!(
                     "Could not find python shim at {}",
                     python_shim.display()
                 ))));
@@ -319,7 +319,7 @@ async fn main() -> Result<()> {
         };
         ctx.tr_set_auth(Hierarchy::Endorsement.into(), auth)
             .map_err(|e| {
-                Error::Configuration(global_config::KeylimeConfigError::Generic(format!(
+                Error::Configuration(config::KeylimeConfigError::Generic(format!(
                     "Failed to set TPM context password for Endorsement Hierarchy: {e}"
                 )))
             })?;
@@ -574,7 +574,7 @@ async fn main() -> Result<()> {
         {
             "" => {
                 error!("Agent mTLS is enabled, but trusted_client_ca option was not provided");
-                return Err(Error::Configuration(global_config::KeylimeConfigError::Generic("Agent mTLS is enabled, but trusted_client_ca option was not provided".to_string())));
+                return Err(Error::Configuration(config::KeylimeConfigError::Generic("Agent mTLS is enabled, but trusted_client_ca option was not provided".to_string())));
             }
             l => l,
         };
@@ -585,7 +585,7 @@ async fn main() -> Result<()> {
             error!(
                 "Trusted client CA certificate list is empty: could not load any certificate"
             );
-            return Err(Error::Configuration(global_config::KeylimeConfigError::Generic(
+            return Err(Error::Configuration(config::KeylimeConfigError::Generic(
                 "Trusted client CA certificate list is empty: could not load any certificate".to_string()
             )));
         }
@@ -657,7 +657,7 @@ async fn main() -> Result<()> {
             error!(
                 "No revocation certificate set in 'revocation_cert' option"
             );
-            return Err(Error::Configuration(global_config::KeylimeConfigError::Generic(
+            return Err(Error::Configuration(config::KeylimeConfigError::Generic(
                 "No revocation certificate set in 'revocation_cert' option"
                     .to_string(),
             )));
@@ -1041,7 +1041,7 @@ mod testing {
                     Err(err) => None,
                 };
 
-            let api_versions = api::SUPPORTED_API_VERSIONS
+            let api_versions = config::SUPPORTED_API_VERSIONS
                 .iter()
                 .map(|&s| s.to_string())
                 .collect::<Vec<String>>();

keylime-agent/src/payloads.rs

@@ -2,16 +2,15 @@
 // Copyright 2021 Keylime Authors
 
 use crate::{
-    config,
     revocation::{Revocation, RevocationMessage},
     Error, Result,
 };
 
 #[cfg(feature = "with-zmq")]
 use crate::revocation::ZmqMessage;
 
-use keylime::global_config;
 use keylime::{
+    config,
     crypto::{
         self,
         encrypted_data::EncryptedData,
@@ -84,14 +83,14 @@ fn setup_unzipped(
     }
 
     match config.agent.dec_payload_file.as_ref() {
-        "" => Err(global_config::KeylimeConfigError::RequiredOption(
+        "" => Err(config::KeylimeConfigError::RequiredOption(
             "dec_payload_path".to_string(),
         )
         .into()),
         p => {
             let dec_payload_path = unzipped.join(p);
             match config.agent.enc_keyname.as_ref() {
-                "" => Err(global_config::KeylimeConfigError::RequiredOption(
+                "" => Err(config::KeylimeConfigError::RequiredOption(
                     "enc_keyname".to_string(),
                 )
                 .into()),