4nk/sdk_client
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add user, secretdata and aesgcm modules

Browse Source
This commit is contained in:
Alex Silva 2024-03-21 20:07:56 +01:00
parent b6d350bf2c
commit d081bc1f78
5 changed files with 836 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
crates/sp_client/Cargo.toml
View File

@ -18,6 +18,20 @@ wasm-logger = "0.2.0"
rand = "0.8.5"
log = "0.4.6"
tsify = { git = "https://github.com/Sosthene00/tsify", branch = "next" }
web-sys = { version = "0.3", features = ["console"] }
bs58 = "0.4"
hex = "0.4.3"
sha2 = "0.10.8"
aes-gcm = "0.10.3"
aes = "0.8.3"
base64 = "0.21.7"
image = "0.24.9"
img-parts = "0.3.0"
bytes = "1.5.0"
scrypt = "0.11.0"
shamir = "2.0.0"
bitcoin = { version = "0.31.1", features = ["serde", "base64"] }
[dev-dependencies]
wasm-bindgen-test = "0.3"

177
crates/sp_client/src/aesgcm.rs Normal file
View File

@ -0,0 +1,177 @@
/* This module is temporary. We'll use the module described in key_encription
module defined in sdk_common repository! Some of the methods there were copied here.
*/
use wasm_bindgen::JsValue;
use web_sys::console;
use core::result::Result as CoreResult;
use rand::RngCore;
use serde::{Deserialize, Serialize};
use serde_json::{json, Value};
use aes::cipher::consts::U32;
use aes::cipher::generic_array::GenericArray;
use aes_gcm::{
aead::{AeadInPlace, KeyInit},
Aes256Gcm,
};
use rand::rngs::OsRng;
use hex;
use hex::FromHexError;
pub struct Aes256GcmIv96Bit {
pub key: GenericArray<u8, U32>,
}
impl Aes256GcmIv96Bit {
pub fn new() -> Self {
let mut key_bytes = [0u8; 32];
OsRng.fill_bytes(&mut key_bytes);
let key = GenericArray::from_slice(&key_bytes);
Aes256GcmIv96Bit { key: key.clone() }
}
pub fn encrypt(&self, data: &[u8]) -> CoreResult<Vec<u8>, aes_gcm::Error> {
let cipher = Aes256Gcm::new(&self.key);
let mut nonce = [0u8; 12];
OsRng.fill_bytes(&mut nonce);
let mut buffer = data.to_vec();
cipher.encrypt_in_place(GenericArray::from_slice(&nonce), b"", &mut buffer)?;
Ok([nonce.to_vec(), buffer].concat())
}
pub fn decrypt(&self, data: &[u8]) -> CoreResult<Vec<u8>, aes_gcm::Error> {
if data.len() < 12 {
return Err(aes_gcm::Error); // Remplacer par une erreur appropriée
}
let (nonce, encrypted_data) = data.split_at(12);
let mut buffer = encrypted_data.to_vec();
let cipher = Aes256Gcm::new(&self.key);
cipher.decrypt_in_place(GenericArray::from_slice(nonce), b"", &mut buffer)?;
Ok(buffer)
}
pub fn encrypt_string(&self, data: &str) -> CoreResult<String, String> {
match self.encrypt(data.as_bytes()) {
Ok(encrypted_data) => Ok(base64::encode(encrypted_data)),
Err(_) => Err("Erreur de chiffrement".to_string()),
}
}
pub fn decrypt_string(&self, data: &str) -> CoreResult<String, String> {
let decoded_data = match base64::decode(data) {
Ok(data) => data,
Err(_) => return Err("Erreur de décodage Base64".to_string()),
};
match self.decrypt(&decoded_data) {
Ok(decrypted_data) => match String::from_utf8(decrypted_data) {
Ok(text) => Ok(text),
Err(_) => Err("Erreur de conversion UTF-8".to_string()),
},
Err(_) => Err("Erreur de déchiffrement".to_string()),
}
}
pub fn export_key(&self) -> String {
base64::encode(&self.key)
}
pub fn import_key(encoded_key: &str) -> CoreResult<Self, String> {
match base64::decode(encoded_key) {
Ok(decoded_key) => {
if decoded_key.len() == 32 {
let key = GenericArray::from_slice(&decoded_key);
Ok(Aes256GcmIv96Bit { key: key.clone() })
} else {
Err("La taille de la clé n'est pas valide".to_string())
}
}
Err(_) => Err("Échec du décodage de la clé".to_string()),
}
}
}
#[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct KeyEncryption {
pub attribute_name: Option<String>,
pub key: Option<String>,
pub algorithm: Option<String>,
}
impl KeyEncryption {
pub fn new(
attribute_name: Option<String>,
key: Option<String>,
algorithm: Option<String>,
) -> Self {
KeyEncryption {
attribute_name,
key,
algorithm,
}
}
pub fn encode(&self, data: String) -> CoreResult<String, String> {
if let Some(ref key) = self.key {
let decoded_key = Aes256GcmIv96Bit::import_key(key)?;
let encrypted_data = decoded_key.encrypt_string(&data)?;
Ok(encrypted_data)
} else {
Err("Aucune clé n'est définie".to_string())
}
}
pub fn decode(&self, encrypted_data: String) -> CoreResult<String, String> {
if let Some(ref key) = self.key {
let decoded_key = Aes256GcmIv96Bit::import_key(key)?;
let decrypted_data = decoded_key.decrypt_string(&encrypted_data)?;
Ok(decrypted_data)
} else {
Err("Aucune clé n'est définie".to_string())
}
}
pub fn enc(&self, data: Value) -> String {
let data_string = serde_json::to_string(&data).unwrap_or_else(|_| "".to_string());
self.encode(data_string).unwrap_or_else(|_| "".to_string())
}
pub fn enc_string(&self, data: String) -> String {
self.enc(Value::String(data))
}
pub fn enc_i64(&self, data: i64) -> String {
self.enc(Value::Number(data.into()))
}
pub fn enc_u64(&self, data: u64) -> String {
self.enc(Value::Number(data.into()))
}
pub fn enc_u32(&self, data: u32) -> String {
self.enc(Value::Number(data.into()))
}
pub fn enc_vec_string(&self, list: Vec<String>) -> String {
self.enc(Value::Array(list.into_iter().map(Value::String).collect()))
}
pub fn enc_vec_key_encryption(&self, list: Vec<KeyEncryption>) -> String {
// Utilisez `serde_json::to_value` pour convertir chaque `KeyEncryption` en `Value`
let json_list: Vec<Value> = list
.into_iter()
.map(|key_enc| serde_json::to_value(key_enc).unwrap_or_else(|_| json!({})))
.collect();
self.enc(Value::Array(json_list))
}
}
fn hex_to_generic_array(hex_string: &str) -> Result<GenericArray<u8, U32>, FromHexError> {
let byte_vec = hex::decode(hex_string)?;
let array = GenericArray::clone_from_slice(&byte_vec[..32]);
Ok(array)
}

5
crates/sp_client/src/lib.rs
View File

@ -1,3 +1,8 @@
#![allow(warnings)]
pub mod api;
mod injecteurhtml;
mod process;
mod user;
mod aesgcm;
mod secretdata;

266
crates/sp_client/src/secretdata.rs Normal file
View File

@ -0,0 +1,266 @@
use rand::{thread_rng, RngCore};
pub struct SecretData {
pub secret_data: Option<String>,
pub coefficients: Vec<Vec<u8>>,
}
#[derive(Debug)]
pub enum ShamirError {
/// The number of shares must be between 1 and 255
InvalidShareCount,
}
impl SecretData {
pub fn with_secret(secret: &str, threshold: u8) -> SecretData {
let mut coefficients: Vec<Vec<u8>> = vec![];
let mut rng = thread_rng();
let mut rand_container = vec![0u8; (threshold - 1) as usize];
for c in secret.as_bytes() {
rng.fill_bytes(&mut rand_container);
let mut coef: Vec<u8> = vec![*c];
for r in rand_container.iter() {
coef.push(*r);
}
coefficients.push(coef);
}
SecretData {
secret_data: Some(secret.to_string()),
coefficients,
}
}
pub fn get_share(&self, id: u8) -> Result<Vec<u8>, ShamirError> {
if id == 0 {
return Err(ShamirError::InvalidShareCount);
}
let mut share_bytes: Vec<u8> = vec![];
let coefficients = self.coefficients.clone();
for coefficient in coefficients {
//let b = SecretData::accumulate_share_bytes(id, coefficient)?;
let b = r#try!(SecretData::accumulate_share_bytes(id, coefficient));
share_bytes.push(b);
}
share_bytes.insert(0, id);
Ok(share_bytes)
}
pub fn is_valid_share(&self, share: &[u8]) -> bool {
let id = share[0];
match self.get_share(id) {
Ok(s) => s == share,
_ => false,
}
}
pub fn recover_secret(threshold: u8, shares: Vec<Vec<u8>>) -> Option<String> {
if threshold as usize > shares.len() {
println!("Number of shares is below the threshold");
return None;
}
let mut xs: Vec<u8> = vec![];
for share in shares.iter() {
if xs.contains(&share[0]) {
println!("Multiple shares with the same first byte");
return None;
}
if share.len() != shares[0].len() {
println!("Shares have different lengths");
return None;
}
xs.push(share[0].to_owned());
}
let mut mycoefficients: Vec<String> = vec![];
let mut mysecretdata: Vec<u8> = vec![];
let rounds = shares[0].len() - 1;
for byte_to_use in 0..rounds {
let mut fxs: Vec<u8> = vec![];
for share in shares.clone() {
fxs.push(share[1..][byte_to_use]);
}
match SecretData::full_lagrange(&xs, &fxs) {
None => return None,
Some(resulting_poly) => {
mycoefficients.push(String::from_utf8_lossy(&resulting_poly[..]).to_string());
mysecretdata.push(resulting_poly[0]);
}
}
}
match String::from_utf8(mysecretdata) {
Ok(s) => Some(s),
Err(e) => {
println!("{:?}", e);
None
}
}
}
fn accumulate_share_bytes(id: u8, coefficient_bytes: Vec<u8>) -> Result<u8, ShamirError> {
if id == 0 {
return Err(ShamirError::InvalidShareCount);
}
let mut accumulator: u8 = 0;
let mut x_i: u8 = 1;
for c in coefficient_bytes {
accumulator = SecretData::gf256_add(accumulator, SecretData::gf256_mul(c, x_i));
x_i = SecretData::gf256_mul(x_i, id);
}
Ok(accumulator)
}
fn full_lagrange(xs: &[u8], fxs: &[u8]) -> Option<Vec<u8>> {
let mut returned_coefficients: Vec<u8> = vec![];
let len = fxs.len();
for i in 0..len {
let mut this_polynomial: Vec<u8> = vec![1];
for j in 0..len {
if i == j {
continue;
}
let denominator = SecretData::gf256_sub(xs[i], xs[j]);
let first_term = SecretData::gf256_checked_div(xs[j], denominator);
let second_term = SecretData::gf256_checked_div(1, denominator);
match (first_term, second_term) {
(Some(a), Some(b)) => {
let this_term = vec![a, b];
this_polynomial =
SecretData::multiply_polynomials(&this_polynomial, &this_term);
}
(_, _) => return None,
};
}
if fxs.len() + 1 >= i {
this_polynomial = SecretData::multiply_polynomials(&this_polynomial, &[fxs[i]])
}
returned_coefficients =
SecretData::add_polynomials(&returned_coefficients, &this_polynomial);
}
Some(returned_coefficients)
}
#[inline]
fn gf256_add(a: u8, b: u8) -> u8 {
a ^ b
}
#[inline]
fn gf256_sub(a: u8, b: u8) -> u8 {
SecretData::gf256_add(a, b)
}
#[inline]
fn gf256_mul(a: u8, b: u8) -> u8 {
if a == 0 || b == 0 {
0
} else {
GF256_EXP[((u16::from(GF256_LOG[a as usize]) + u16::from(GF256_LOG[b as usize])) % 255)
as usize]
}
}
#[inline]
fn gf256_checked_div(a: u8, b: u8) -> Option<u8> {
if a == 0 {
Some(0)
} else if b == 0 {
None
} else {
let a_log = i16::from(GF256_LOG[a as usize]);
let b_log = i16::from(GF256_LOG[b as usize]);
let mut diff = a_log - b_log;
if diff < 0 {
diff += 255;
}
Some(GF256_EXP[(diff % 255) as usize])
}
}
#[inline]
fn multiply_polynomials(a: &[u8], b: &[u8]) -> Vec<u8> {
let mut resultterms: Vec<u8> = vec![];
let mut termpadding: Vec<u8> = vec![];
for bterm in b {
let mut thisvalue = termpadding.clone();
for aterm in a {
thisvalue.push(SecretData::gf256_mul(*aterm, *bterm));
}
resultterms = SecretData::add_polynomials(&resultterms, &thisvalue);
termpadding.push(0);
}
resultterms
}
#[inline]
fn add_polynomials(a: &[u8], b: &[u8]) -> Vec<u8> {
let mut a = a.to_owned();
let mut b = b.to_owned();
if a.len() < b.len() {
let mut t = vec![0; b.len() - a.len()];
a.append(&mut t);
} else if a.len() > b.len() {
let mut t = vec![0; a.len() - b.len()];
b.append(&mut t);
}
let mut results: Vec<u8> = vec![];
for i in 0..a.len() {
results.push(SecretData::gf256_add(a[i], b[i]));
}
results
}
}
static GF256_EXP: [u8; 256] = [
0x01, 0x03, 0x05, 0x0f, 0x11, 0x33, 0x55, 0xff, 0x1a, 0x2e, 0x72, 0x96, 0xa1, 0xf8, 0x13, 0x35,
0x5f, 0xe1, 0x38, 0x48, 0xd8, 0x73, 0x95, 0xa4, 0xf7, 0x02, 0x06, 0x0a, 0x1e, 0x22, 0x66, 0xaa,
0xe5, 0x34, 0x5c, 0xe4, 0x37, 0x59, 0xeb, 0x26, 0x6a, 0xbe, 0xd9, 0x70, 0x90, 0xab, 0xe6, 0x31,
0x53, 0xf5, 0x04, 0x0c, 0x14, 0x3c, 0x44, 0xcc, 0x4f, 0xd1, 0x68, 0xb8, 0xd3, 0x6e, 0xb2, 0xcd,
0x4c, 0xd4, 0x67, 0xa9, 0xe0, 0x3b, 0x4d, 0xd7, 0x62, 0xa6, 0xf1, 0x08, 0x18, 0x28, 0x78, 0x88,
0x83, 0x9e, 0xb9, 0xd0, 0x6b, 0xbd, 0xdc, 0x7f, 0x81, 0x98, 0xb3, 0xce, 0x49, 0xdb, 0x76, 0x9a,
0xb5, 0xc4, 0x57, 0xf9, 0x10, 0x30, 0x50, 0xf0, 0x0b, 0x1d, 0x27, 0x69, 0xbb, 0xd6, 0x61, 0xa3,
0xfe, 0x19, 0x2b, 0x7d, 0x87, 0x92, 0xad, 0xec, 0x2f, 0x71, 0x93, 0xae, 0xe9, 0x20, 0x60, 0xa0,
0xfb, 0x16, 0x3a, 0x4e, 0xd2, 0x6d, 0xb7, 0xc2, 0x5d, 0xe7, 0x32, 0x56, 0xfa, 0x15, 0x3f, 0x41,
0xc3, 0x5e, 0xe2, 0x3d, 0x47, 0xc9, 0x40, 0xc0, 0x5b, 0xed, 0x2c, 0x74, 0x9c, 0xbf, 0xda, 0x75,
0x9f, 0xba, 0xd5, 0x64, 0xac, 0xef, 0x2a, 0x7e, 0x82, 0x9d, 0xbc, 0xdf, 0x7a, 0x8e, 0x89, 0x80,
0x9b, 0xb6, 0xc1, 0x58, 0xe8, 0x23, 0x65, 0xaf, 0xea, 0x25, 0x6f, 0xb1, 0xc8, 0x43, 0xc5, 0x54,
0xfc, 0x1f, 0x21, 0x63, 0xa5, 0xf4, 0x07, 0x09, 0x1b, 0x2d, 0x77, 0x99, 0xb0, 0xcb, 0x46, 0xca,
0x45, 0xcf, 0x4a, 0xde, 0x79, 0x8b, 0x86, 0x91, 0xa8, 0xe3, 0x3e, 0x42, 0xc6, 0x51, 0xf3, 0x0e,
0x12, 0x36, 0x5a, 0xee, 0x29, 0x7b, 0x8d, 0x8c, 0x8f, 0x8a, 0x85, 0x94, 0xa7, 0xf2, 0x0d, 0x17,
0x39, 0x4b, 0xdd, 0x7c, 0x84, 0x97, 0xa2, 0xfd, 0x1c, 0x24, 0x6c, 0xb4, 0xc7, 0x52, 0xf6, 0x01,
];
static GF256_LOG: [u8; 256] = [
0x00, 0x00, 0x19, 0x01, 0x32, 0x02, 0x1a, 0xc6, 0x4b, 0xc7, 0x1b, 0x68, 0x33, 0xee, 0xdf, 0x03,
0x64, 0x04, 0xe0, 0x0e, 0x34, 0x8d, 0x81, 0xef, 0x4c, 0x71, 0x08, 0xc8, 0xf8, 0x69, 0x1c, 0xc1,
0x7d, 0xc2, 0x1d, 0xb5, 0xf9, 0xb9, 0x27, 0x6a, 0x4d, 0xe4, 0xa6, 0x72, 0x9a, 0xc9, 0x09, 0x78,
0x65, 0x2f, 0x8a, 0x05, 0x21, 0x0f, 0xe1, 0x24, 0x12, 0xf0, 0x82, 0x45, 0x35, 0x93, 0xda, 0x8e,
0x96, 0x8f, 0xdb, 0xbd, 0x36, 0xd0, 0xce, 0x94, 0x13, 0x5c, 0xd2, 0xf1, 0x40, 0x46, 0x83, 0x38,
0x66, 0xdd, 0xfd, 0x30, 0xbf, 0x06, 0x8b, 0x62, 0xb3, 0x25, 0xe2, 0x98, 0x22, 0x88, 0x91, 0x10,
0x7e, 0x6e, 0x48, 0xc3, 0xa3, 0xb6, 0x1e, 0x42, 0x3a, 0x6b, 0x28, 0x54, 0xfa, 0x85, 0x3d, 0xba,
0x2b, 0x79, 0x0a, 0x15, 0x9b, 0x9f, 0x5e, 0xca, 0x4e, 0xd4, 0xac, 0xe5, 0xf3, 0x73, 0xa7, 0x57,
0xaf, 0x58, 0xa8, 0x50, 0xf4, 0xea, 0xd6, 0x74, 0x4f, 0xae, 0xe9, 0xd5, 0xe7, 0xe6, 0xad, 0xe8,
0x2c, 0xd7, 0x75, 0x7a, 0xeb, 0x16, 0x0b, 0xf5, 0x59, 0xcb, 0x5f, 0xb0, 0x9c, 0xa9, 0x51, 0xa0,
0x7f, 0x0c, 0xf6, 0x6f, 0x17, 0xc4, 0x49, 0xec, 0xd8, 0x43, 0x1f, 0x2d, 0xa4, 0x76, 0x7b, 0xb7,
0xcc, 0xbb, 0x3e, 0x5a, 0xfb, 0x60, 0xb1, 0x86, 0x3b, 0x52, 0xa1, 0x6c, 0xaa, 0x55, 0x29, 0x9d,
0x97, 0xb2, 0x87, 0x90, 0x61, 0xbe, 0xdc, 0xfc, 0xbc, 0x95, 0xcf, 0xcd, 0x37, 0x3f, 0x5b, 0xd1,
0x53, 0x39, 0x84, 0x3c, 0x41, 0xa2, 0x6d, 0x47, 0x14, 0x2a, 0x9e, 0x5d, 0x56, 0xf2, 0xd3, 0xab,
0x44, 0x11, 0x92, 0xd9, 0x23, 0x20, 0x2e, 0x89, 0xb4, 0x7c, 0xb8, 0x26, 0x77, 0x99, 0xe3, 0xa5,
0x67, 0x4a, 0xed, 0xde, 0xc5, 0x31, 0xfe, 0x18, 0x0d, 0x63, 0x8c, 0x80, 0xc0, 0xf7, 0x70, 0x07,
];

374
crates/sp_client/src/user.rs Normal file
View File

@ -0,0 +1,374 @@
use bitcoin::secp256k1::SecretKey;
use serde::{Deserialize, Serialize};
use serde_json::{json, Value};
use rand::{self, Rng,thread_rng, RngCore};
use wasm_bindgen::JsValue;
use wasm_bindgen::prelude::*;
use web_sys::console;
use anyhow::Error;
use crate::aesgcm::{Aes256GcmIv96Bit,KeyEncryption};
use crate::secretdata::SecretData;
use hex;
use sha2::{Sha256, Digest};
use bytes::Bytes;
use std::fs::File;
use crate::api::{generate_sp_wallet_return,generate_sp_wallet};
use sp_backend::spclient::SpendKey;
use sp_backend::spclient::{SpClient, OutputList};
use sp_backend::silentpayments::sending::SilentPaymentAddress;
use img_parts::jpeg::Jpeg;
use img_parts::{ImageEXIF, ImageICC};
use scrypt::{
password_hash::{
rand_core::OsRng,
PasswordHash, PasswordHasher, PasswordVerifier, SaltString
},
Scrypt
};
//extern crate shamir;
//use shamir::SecretData;
#[wasm_bindgen]
#[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct User {
image_recover: ImageRecover,
image_revoke: ImageRevoke,
sharding: Sharding,
pre_id: String,
recovered_spend_key: Option<String>,
}
#[wasm_bindgen]
impl User {
#[wasm_bindgen(constructor)]
pub fn new(new_password: &str, image_to_recover: &[u8], image_to_revoke: &[u8]) -> Self {
let password = new_password.to_string();
let random_seed1 = generate_random_key(32);
let random_seed2 = generate_random_key(32);
//wallet recover
let wallet_rec: String = match generate_sp_wallet(None,50000, true) {
Some(sp_wallet) => sp_wallet.sp_client_json,
None => panic!("No wallet recover available"),
};
let sp_client_rec: SpClient = serde_json::from_str(&wallet_rec).unwrap();
let priv_recover_scan_key_bytes = sp_client_rec.get_scan_key().secret_bytes();
let priv_recover_scan_key = from_b64_to_hex(&base64::encode(priv_recover_scan_key_bytes));
let priv_recover_spend_key_bytes = match sp_client_rec.get_spend_key(){
SpendKey::Secret(key)=> key.secret_bytes(),
SpendKey::Public(_) => panic!("No recover spend key created on Signet"),
};
let priv_recover_spend_key = from_b64_to_hex(&base64::encode(priv_recover_spend_key_bytes));
console::log_2(&"priv_recover_spend_key".into(),&JsValue::from_str(&priv_recover_spend_key));
//wallet revoke
let wallet_rev: String = match generate_sp_wallet(None, 50000, true) {
Some(sp_wallet) => sp_wallet.sp_client_json,
None => panic!("No wallet revoke available"),
};
let sp_client_rev: SpClient = serde_json::from_str(&wallet_rec).unwrap();
let priv_revoke_scan_key_bytes = sp_client_rev.get_scan_key().secret_bytes();
let priv_revoke_scan_key = from_b64_to_hex(&base64::encode(priv_revoke_scan_key_bytes));
let priv_revoke_spend_key_bytes = match sp_client_rev.get_spend_key(){
SpendKey::Secret(key)=> key.secret_bytes(),
SpendKey::Public(_) => panic!("No revoke spend key created on Signet"),
};
let priv_revoke_spend_key = from_b64_to_hex(&base64::encode(priv_revoke_spend_key_bytes));
//split recover spend key
let (part1_key, part2_key) = priv_recover_spend_key.split_at(priv_recover_spend_key.len()/2);
//part1 enc
let pwd_hash_part1 = from_hex_to_b64(&sha_256(&format!("{}{}",password, &random_seed1)));
let key_enc_part1 = KeyEncryption::new(None, Some(pwd_hash_part1.clone()), None);
let part1_key_enc = key_enc_part1.enc_string(part1_key.to_string());
//part2 enc
let pwd_hash_part2 = from_hex_to_b64(&sha_256(&format!("{}{}", password, random_seed2)));
let key_enc_part2 = KeyEncryption::new(None, Some(pwd_hash_part2.clone()), None);
let part2_key_enc = key_enc_part2.enc_string(part2_key.to_string());
//image recover
let image_recover = ImageRecover::new(image_to_recover, &random_seed1, &random_seed2,&part1_key_enc);
//image revoke
//let priv_revoke_spend_key = wallet.priv_revoke_spend_key.to_owned();
//let priv_revoke_scan_key = wallet.priv_revoke_scan_key.to_owned();
let image_revoke = ImageRevoke::new(image_to_revoke,&priv_revoke_spend_key,&priv_revoke_scan_key);
//create shardings
let sharding = Sharding::new(&part2_key_enc, 10u8); //nMembers = 10 for testing, need to recover nmember elsewhere
//Pre ID
let pre_id = sha_256(&format!("{}{}",password, part2_key_enc));
//Create PRDList
//@todo
//Send messages PRDList
//@todo
//Receive List Items (PCD)
console::log_1(&"authentication: ok".into());
User {image_recover,
image_revoke,
sharding,
pre_id,
recovered_spend_key:None
}
}
pub fn login(&self,password: &str, image_recover: &[u8]) -> Option<String>{
let exif_image_bytes = read_exif(image_recover).unwrap_or_else(|error| {
panic!("Unable to read the image exif: {}", error);
});
let exif_image_string = String::from_utf8(exif_image_bytes.to_vec()).unwrap();
let exif_image_json: Value = serde_json::from_str(&exif_image_string).unwrap();
let random_seed1 = exif_image_json["random_seed1"].as_str().unwrap_or("N/A");
let random_seed2 = exif_image_json["random_seed2"].as_str().unwrap_or("N/A");
let part1_key_enc = exif_image_json["part1_key_enc"].as_str().unwrap_or("N/A");
let part1_recovered = Self::recover_part1(password,random_seed1,part1_key_enc);
let part1_trimmed = part1_recovered.trim_matches('"');
//@todo: get shardings from member managers!!
let shardings = self.sharding.shares_vec.clone(); // temporary
let part2_recovered = Self::recover_part2(&password,&random_seed2, shardings);
let part2_trimmed = part2_recovered.trim_matches('"');
let recover_key_hex: String = format!("{}{}", part1_trimmed, part2_trimmed);
Some(recover_key_hex)
}
fn recover_part1(password: &str, random_seed1: &str, part1_key_enc: & str) -> String{
let pwd_hash_part1 = from_hex_to_b64(&sha_256(&format!("{}{}",password, random_seed1)));
let key_dec_part1 = KeyEncryption::new(None, Some(pwd_hash_part1), None);
let part1_key_recovered = key_dec_part1.decode(part1_key_enc.to_string()).unwrap_or_else(|_| "".to_string());
part1_key_recovered
}
fn recover_part2(password: &str, random_seed2: &str, shares_vec: Vec<Vec<u8>>) -> String{
let quorum_sharding = (Sharding::QUORUM_SHARD * f32::from(shares_vec.len() as u8)).round() as u8;
let part2_key_enc = SecretData::recover_secret(quorum_sharding, shares_vec).unwrap();
let pwd_hash_part2 = from_hex_to_b64(&sha_256(&format!("{}{}",password, random_seed2)));
let key_dec_part2 = KeyEncryption::new(None, Some(pwd_hash_part2), None);
let part2_key_recovered = key_dec_part2.decode(part2_key_enc).unwrap_or_else(|_| "".to_string());
part2_key_recovered
}
//not used
pub fn pbkdf2(password: &str, data: & str)->String {
let data_salt = data.trim_end_matches('=');
let salt = SaltString::from_b64(data_salt)
.map(|s| { s })
.unwrap_or_else(|_| {
panic!("Failed to parse salt value from base64 string")
});
let mut password_hash = String::new();
if let Ok(pwd) = Scrypt.hash_password(password.as_bytes(), &salt) {
password_hash.push_str(&pwd.to_string());
}
sha_256(&password_hash)
}
pub fn get_image_recover(&self)-> Vec<u8>{
return self.image_recover.image_recover_bytes.clone();
}
pub fn get_exif_image(&self,image:&[u8])-> Vec<u8>{
return read_exif(image).expect("Error reading the exif");
}
pub fn get_image_revoke(&self)-> Vec<u8>{
return self.image_revoke.image_revoke_bytes.clone();
}
// Test sharing JS side
pub fn get_shares(&self)->Vec<String>{
self.sharding.shares_format_str.clone()
}
//Test sharing Js side
pub fn get_secret(&self,shardings: Vec<String>)->String{
let mut shares_vec = Vec::new();
for s in shardings.iter(){
let bytes_vec: Vec<u8> = s
.trim_matches(|c| c == '[' || c == ']')
.split(',')
.filter_map(|s| s.trim().parse().ok())
.collect();
shares_vec.push(bytes_vec);
}
self.sharding.recover_secrete(shares_vec.clone())
}
}
#[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct ImageRecover {
image_recover_bytes: Vec<u8>,
}
impl ImageRecover{
pub fn new(image_to_recover: &[u8],
random_seed1: &str,
random_seed2: &str,
part1_key_enc: &str,
) -> Self{
let data_exif_json = json!({
"random_seed1": random_seed1,
"random_seed2": random_seed2,
"part1_key_enc": part1_key_enc
});
let data = serde_json::to_string(&data_exif_json).unwrap();
let image_recover = write_exif(image_to_recover, &data);
ImageRecover{
image_recover_bytes: image_recover.expect("Image recover not generated!")
}
}
}
#[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct ImageRevoke {
image_revoke_bytes: Vec<u8>,
}
impl ImageRevoke{
pub fn new(image_to_revoke: &[u8],
priv_revoke_spend_key: &str,
priv_revoke_scan_key: &str,
)->Self{
let data_exif_json = json!({
"priv_revoke_spend_key":priv_revoke_spend_key,
"priv_revoke_scan_key":priv_revoke_scan_key
});
let data = serde_json::to_string(&data_exif_json).unwrap();
let image_revoke = write_exif(image_to_revoke, &data);
ImageRevoke{
image_revoke_bytes: image_revoke.expect("Image revoke not generated!")
}
}
}
#[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)]
pub struct Sharding {
shares_vec: Vec<Vec<u8>>,
shares_format_str: Vec<String>,
}
impl Sharding{
const QUORUM_SHARD: f32= 0.80_f32;
pub fn new(
part2_key_enc: &str,
number_members: u8,
)->Self{
let secret_data = SecretData::with_secret(part2_key_enc, number_members);
let mut shares_format_str: Vec<String> = Vec::new();
let shares_vec = (1..=number_members).map(|i| match secret_data.get_share(i)
{
Ok(share) => {
let string = format!("[{}]", share.clone().iter()
.map(|b| format!("{}", b))
.collect::<Vec<_>>()
.join(","));
shares_format_str.push(string.clone());
share
},
Err(_) => panic!("Not able to recover the shares!"),
}
).collect::<Vec<_>>();
Sharding{
shares_vec,
shares_format_str
}
}
pub fn recover_secrete(&self, shares: Vec<Vec<u8>>) -> String {
let quorum_sharding = (Self::QUORUM_SHARD * f32::from(shares.len() as u8)).round() as u8;
SecretData::recover_secret(quorum_sharding, shares).unwrap()
}
}
//associated functions
pub fn generate_random_key(length:usize) ->String {
let mut rng = rand::thread_rng();
let random_bytes: Vec<u8> = (0..length)
.map(|_| rng.gen_range(0x00..=0xFF))
.collect();
base64::encode(random_bytes)
}
pub fn sha_256(data: &str)-> String{
let mut hasher = Sha256::new();
hasher.update(data);
let result = hasher.finalize();
hex::encode(result)
}
pub fn write_exif(image_to_recover: &[u8], data: &str) -> Result<Vec<u8>, String>{
let image_to_recover_bytes = Bytes::from(image_to_recover.to_vec());
let mut jpeg = Jpeg::from_bytes(image_to_recover_bytes).unwrap();
let data_bytes = Bytes::from(data.as_bytes().to_vec());
jpeg.set_exif(Some(data_bytes));
let output_image_bytes = jpeg.encoder().bytes();
let output_image = output_image_bytes.as_ref();
Ok(output_image.to_vec())
}
pub fn read_exif(image: &[u8])->Result<Vec<u8>, String>{
let image_bytes = Bytes::from(image.to_vec());
let jpeg = Jpeg::from_bytes(image_bytes).unwrap();
//exif out
let mut exif_image = Bytes::new();
if let Some(ref meta) = jpeg.exif(){
exif_image = meta.clone();
}else {
return Err("No exif data".to_string());
}
let exif_bytes =exif_image.as_ref();
Ok(exif_bytes.to_vec())
}
//change for return Result?
pub fn from_hex_to_b58(hex_string: &str)-> String{
let decoded_data = hex::decode(hex_string).expect("Failed to decode hex string");
let base58_string = bs58::encode(decoded_data).into_string();
base58_string
}
//change for return Result?
pub fn from_b58_to_hex(base58_string: &str)-> String{
let decoded_data = bs58::decode(base58_string.to_owned()).into_vec().unwrap();
let hex_string = decoded_data.iter().map(|b| format!("{:02x}", b)).collect::<String>();
hex_string
}
fn from_b64_to_hex(base64_string:&str)->String{
let decoded_data = base64::decode(base64_string).unwrap();
let hex_string = decoded_data.iter().map(|b| format!("{:02x}", b)).collect::<String>();
hex_string
}
fn from_hex_to_b64(hex_string:&str)->String{
let decoded_data = hex::decode(hex_string).expect("Failed to decode hex string");
let base64_string = base64::encode(decoded_data);
base64_string
}