cdh/kms: add enum to replace provider type

Signed-off-by: Xynnn007 <[email protected]>
confidential-containers · Aug 20, 2023 · 7601425 · 7601425
1 parent 910bd3d
commit 7601425
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 6 deletions.
diff --git a/confidential-data-hub/kms/Cargo.toml b/confidential-data-hub/kms/Cargo.toml
@@ -24,6 +24,7 @@ sha2 = { workspace = true, optional = true }
 serde.workspace = true
 serde_json.workspace = true
 sev = { path = "../../attestation-agent/deps/sev", optional = true }
+strum.workspace = true
 reqwest = { version = "0.11", optional = true }
 thiserror.workspace = true
 tokio = { workspace = true, features = ["fs"] }

diff --git a/confidential-data-hub/kms/src/plugins/mod.rs b/confidential-data-hub/kms/src/plugins/mod.rs
@@ -3,6 +3,8 @@
 // SPDX-License-Identifier: Apache-2.0
 //
 
+use strum::{AsRefStr, EnumString};
+
 use crate::{Decrypter, Error, Getter, ProviderSettings, Result};
 
 const _IN_GUEST_DEFAULT_KEY_PATH: &str = "/run/confidential-containers/cdh/kms-credential";
@@ -12,27 +14,41 @@ pub mod aliyun;
 
 pub mod kbs;
 
+#[derive(AsRefStr, EnumString)]
+pub enum DecryptorProvider {
+    #[cfg(feature = "aliyun")]
+    Aliyun,
+}
+
 /// Create a new [`Decrypter`] by given provider name and [`ProviderSettings`]
 pub async fn new_decryptor(
-    provider: &str,
+    provider_name: &str,
     _provider_settings: ProviderSettings,
 ) -> Result<Box<dyn Decrypter>> {
+    let provider = DecryptorProvider::try_from(provider_name)
+        .map_err(|_| Error::UnsupportedProvider(provider_name.to_string()))?;
     match provider {
         #[cfg(feature = "aliyun")]
-        "aliyun" => Ok(Box::new(
+        DecryptorProvider::Aliyun => Ok(Box::new(
             aliyun::AliyunKmsClient::from_provider_settings(&_provider_settings).await?,
         ) as Box<dyn Decrypter>),
-        p => Err(Error::UnsupportedProvider(p.to_string())),
     }
 }
 
+#[derive(AsRefStr, EnumString)]
+pub enum VaultProvider {
+    #[cfg(feature = "kbs")]
+    Kbs,
+}
+
 /// Create a new [`Getter`] by given provider name and [`ProviderSettings`]
 pub async fn new_getter(
-    provider: &str,
+    provider_name: &str,
     _provider_settings: ProviderSettings,
 ) -> Result<Box<dyn Getter>> {
+    let provider = VaultProvider::try_from(provider_name)
+        .map_err(|_| Error::UnsupportedProvider(provider_name.to_string()))?;
     match provider {
-        "kbs" => Ok(Box::new(kbs::KbcClient::new().await?) as Box<dyn Getter>),
-        p => Err(Error::UnsupportedProvider(p.to_string())),
+        VaultProvider::Kbs => Ok(Box::new(kbs::KbcClient::new().await?) as Box<dyn Getter>),
     }
 }