Add scan key decryption
This commit is contained in:
Alex Silva
parent
98e94799ef
commit
c50be51775
@ -102,7 +102,8 @@ pub struct User {
|
|||||||
recover_data: Vec<u8>,
|
recover_data: Vec<u8>,
|
||||||
revoke_data: Option<Vec<u8>>,
|
revoke_data: Option<Vec<u8>>,
|
||||||
sharding: Sharding,
|
sharding: Sharding,
|
||||||
// recovered_spend_key: Option<String>,
|
//recovered_spend_key: Option<String>,
|
||||||
|
//recovered_scan_key: Option<String>,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl User {
|
impl User {
|
||||||
@ -112,7 +113,7 @@ impl User {
|
|||||||
process: String
|
process: String
|
||||||
) -> Result<Self> {
|
) -> Result<Self> {
|
||||||
let mut rng = thread_rng();
|
let mut rng = thread_rng();
|
||||||
|
|
||||||
// image revoke
|
// image revoke
|
||||||
// We just take the 2 revoke keys
|
// We just take the 2 revoke keys
|
||||||
let revoke_scan_key = user_keys.get_keys(user_keys.revoke_keys.clone()).scan_key;
|
let revoke_scan_key = user_keys.get_keys(user_keys.revoke_keys.clone()).scan_key;
|
||||||
@ -136,6 +137,7 @@ impl User {
|
|||||||
|
|
||||||
recover_data.extend_from_slice(&entropy_1);
|
recover_data.extend_from_slice(&entropy_1);
|
||||||
recover_data.extend_from_slice(&entropy_2);
|
recover_data.extend_from_slice(&entropy_2);
|
||||||
|
recover_data.extend_from_slice(&entropy_3);
|
||||||
|
|
||||||
// hash the concatenation
|
// hash the concatenation
|
||||||
let mut engine = sha256::HashEngine::default();
|
let mut engine = sha256::HashEngine::default();
|
||||||
@ -205,55 +207,63 @@ impl User {
|
|||||||
//Send messages PRDList
|
//Send messages PRDList
|
||||||
//@todo
|
//@todo
|
||||||
//Receive List Items (PCD)
|
//Receive List Items (PCD)
|
||||||
|
|
||||||
Ok(User {
|
Ok(User {
|
||||||
pre_id: pre_id.to_string(),
|
pre_id: pre_id.to_string(),
|
||||||
process,
|
process,
|
||||||
recover_data,
|
recover_data,
|
||||||
revoke_data: Some(revoke_data),
|
revoke_data: Some(revoke_data),
|
||||||
sharding,
|
sharding,
|
||||||
// recovered_spend_key: None,
|
//recovered_spend_key: None,
|
||||||
|
//recovered_scan_key: None,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn login(user_password: String, recover_data: &[u8], sharding: Sharding) -> Result<SecretKey> {
|
pub fn login(&self,user_password: String, recover_data: &[u8], sharding: Sharding) -> Result<()> {
|
||||||
let mut retrieved_key = [0u8; 32];
|
let mut retrieved_spend_key = [0u8; 32];
|
||||||
|
let mut retrieved_scan_key = [0u8; 32];
|
||||||
let mut entropy1 = [0u8; 32];
|
let mut entropy1 = [0u8; 32];
|
||||||
let mut entropy2 = [0u8; 32];
|
let mut entropy2 = [0u8; 32];
|
||||||
|
let mut entropy3 = [0u8; 32];
|
||||||
|
let mut cipher_scan_key = Vec::with_capacity(32);
|
||||||
let mut part1_ciphertext = Vec::with_capacity(32); // just a guess
|
let mut part1_ciphertext = Vec::with_capacity(32); // just a guess
|
||||||
|
|
||||||
let mut reader = recover_data.reader();
|
let mut reader = recover_data.reader();
|
||||||
reader.read_exact(&mut entropy1)?;
|
reader.read_exact(&mut entropy1)?;
|
||||||
reader.read_exact(&mut entropy2)?;
|
reader.read_exact(&mut entropy2)?;
|
||||||
reader.read_to_end(&mut part1_ciphertext)?;
|
reader.read_exact(&mut entropy3)?;
|
||||||
|
reader.read_exact(&mut part1_ciphertext)?;
|
||||||
|
reader.read_to_end(&mut cipher_scan_key)?;
|
||||||
|
|
||||||
retrieved_key[..16].copy_from_slice(&Self::recover_part1(&user_password, &entropy1, part1_ciphertext)?);
|
retrieved_spend_key[..16].copy_from_slice(&Self::recover_key_slice(&user_password, &entropy1, part1_ciphertext)?);
|
||||||
|
|
||||||
//@todo: get shardings from member managers!
|
//@todo: get shardings from member managers!
|
||||||
let shardings = sharding.shares_vec.clone(); // temporary
|
let shardings = sharding.shares_vec.clone(); // temporary
|
||||||
|
|
||||||
retrieved_key[16..].copy_from_slice(&Self::recover_part2(
|
retrieved_spend_key[16..].copy_from_slice(&Self::recover_part2(
|
||||||
&user_password,
|
&user_password,
|
||||||
&entropy2,
|
&entropy2,
|
||||||
shardings,
|
shardings,
|
||||||
)?);
|
)?);
|
||||||
|
|
||||||
|
retrieved_scan_key[..32].copy_from_slice(&Self::recover_key_slice(&user_password, &entropy3, cipher_scan_key)?);;
|
||||||
|
|
||||||
let key = SecretKey::from_slice(&retrieved_key)?;
|
//@todo: retrieved_scan_key and retrieved_spend_key should be stored somewhere!
|
||||||
|
|
||||||
Ok(key)
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
fn recover_part1(
|
fn recover_key_slice(
|
||||||
password: &str,
|
password: &str,
|
||||||
entropy: &[u8],
|
entropy: &[u8],
|
||||||
part1_ciphertext: Vec<u8>,
|
ciphertext: Vec<u8>,
|
||||||
) -> Result<Vec<u8>> {
|
) -> Result<Vec<u8>> {
|
||||||
let mut engine = sha256::HashEngine::default();
|
let mut engine = sha256::HashEngine::default();
|
||||||
engine.write_all(&password.as_bytes());
|
engine.write_all(&password.as_bytes());
|
||||||
engine.write_all(&entropy);
|
engine.write_all(&entropy);
|
||||||
let hash = sha256::Hash::from_engine(engine);
|
let hash = sha256::Hash::from_engine(engine);
|
||||||
|
|
||||||
let aes_dec = Aes256Decryption::new(Purpose::Login, part1_ciphertext, hash.to_byte_array().to_vec(), None)?;
|
let aes_dec = Aes256Decryption::new(Purpose::Login, ciphertext, hash.to_byte_array().to_vec(), None)?;
|
||||||
|
|
||||||
aes_dec.decrypt_with_key()
|
aes_dec.decrypt_with_key()
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user