use anyhow::Error; use bitcoin::secp256k1::SecretKey; use rand::{self, thread_rng, Rng, RngCore}; use serde::{Deserialize, Serialize}; use serde_json::{json, Value}; use tsify::Tsify; use wasm_bindgen::prelude::*; use wasm_bindgen::JsValue; use web_sys::console; use crate::aesgcm::{Aes256GcmIv96Bit, KeyEncryption}; use crate::secretdata::SecretData; use bytes::Bytes; use hex; use sha2::{Digest, Sha256}; use std::fs::File; use crate::api::{generate_sp_wallet, generate_sp_wallet_return}; use sp_backend::silentpayments::sending::SilentPaymentAddress; use sp_backend::spclient::SpendKey; use sp_backend::spclient::{OutputList, SpClient}; use img_parts::jpeg::Jpeg; use img_parts::{ImageEXIF, ImageICC}; use scrypt::{ password_hash::{rand_core::OsRng, PasswordHash, PasswordHasher, PasswordVerifier, SaltString}, Scrypt, }; //extern crate shamir; //use shamir::SecretData; #[wasm_bindgen] #[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)] pub struct User { image_recover: ImageRecover, image_revoke: ImageRevoke, sharding: Sharding, pre_id: String, recovered_spend_key: Option, } #[wasm_bindgen] impl User { #[wasm_bindgen(constructor)] pub fn new(new_password: &str, image_to_recover: &[u8], image_to_revoke: &[u8]) -> Self { let password = new_password.to_string(); let random_seed1 = generate_random_key(32); let random_seed2 = generate_random_key(32); //wallet recover let wallet_rec: String = match generate_sp_wallet(None,50000, true) { Some(sp_wallet) => sp_wallet.sp_client_json, None => panic!("No wallet recover available"), }; let sp_client_rec: SpClient = serde_json::from_str(&wallet_rec).unwrap(); let priv_recover_scan_key_bytes = sp_client_rec.get_scan_key().secret_bytes(); let priv_recover_scan_key = from_b64_to_hex(&base64::encode(priv_recover_scan_key_bytes)); let priv_recover_spend_key_bytes = match sp_client_rec.get_spend_key(){ SpendKey::Secret(key)=> key.secret_bytes(), SpendKey::Public(_) => panic!("No recover spend key created on Signet"), }; let priv_recover_spend_key = from_b64_to_hex(&base64::encode(priv_recover_spend_key_bytes)); console::log_2(&"priv_recover_spend_key".into(),&JsValue::from_str(&priv_recover_spend_key)); //wallet revoke let wallet_rev: String = match generate_sp_wallet(None, 50000, true) { Some(sp_wallet) => sp_wallet.sp_client_json, None => panic!("No wallet revoke available"), }; let sp_client_rev: SpClient = serde_json::from_str(&wallet_rec).unwrap(); let priv_revoke_scan_key_bytes = sp_client_rev.get_scan_key().secret_bytes(); let priv_revoke_scan_key = from_b64_to_hex(&base64::encode(priv_revoke_scan_key_bytes)); let priv_revoke_spend_key_bytes = match sp_client_rev.get_spend_key(){ SpendKey::Secret(key)=> key.secret_bytes(), SpendKey::Public(_) => panic!("No revoke spend key created on Signet"), }; let priv_revoke_spend_key = from_b64_to_hex(&base64::encode(priv_revoke_spend_key_bytes)); //split recover spend key let (part1_key, part2_key) = priv_recover_spend_key.split_at(priv_recover_spend_key.len()/2); //part1 enc let pwd_hash_part1 = from_hex_to_b64(&sha_256(&format!("{}{}",password, &random_seed1))); //split recover spend key let (part1_key, part2_key) = priv_recover_spend_key.split_at(priv_recover_spend_key.len() / 2); //part1 enc let pwd_hash_part1 = from_hex_to_b64(&sha_256(&format!("{}{}", password, &random_seed1))); let key_enc_part1 = KeyEncryption::new(None, Some(pwd_hash_part1.clone()), None); let part1_key_enc = key_enc_part1.enc_string(part1_key.to_string()); //part2 enc let pwd_hash_part2 = from_hex_to_b64(&sha_256(&format!("{}{}", password, random_seed2))); let key_enc_part2 = KeyEncryption::new(None, Some(pwd_hash_part2.clone()), None); let part2_key_enc = key_enc_part2.enc_string(part2_key.to_string()); //image recover let image_recover = ImageRecover::new( image_to_recover, &random_seed1, &random_seed2, &part1_key_enc, ); //image revoke //let priv_revoke_spend_key = wallet.priv_revoke_spend_key.to_owned(); //let priv_revoke_scan_key = wallet.priv_revoke_scan_key.to_owned(); let image_revoke = ImageRevoke::new( image_to_revoke, &priv_revoke_spend_key, &priv_revoke_scan_key, ); //create shardings let sharding = Sharding::new(&part2_key_enc, 10u8); //nMembers = 10 for testing, need to recover nmember elsewhere //Pre ID let pre_id = sha_256(&format!("{}{}", password, part2_key_enc)); //Create PRDList //@todo //Send messages PRDList //@todo //Receive List Items (PCD) console::log_1(&"authentication: ok".into()); User { image_recover, image_revoke, sharding, pre_id, recovered_spend_key: None, } } pub fn login(&self, password: &str, image_recover: &[u8]) -> Option { let exif_image_bytes = read_exif(image_recover).unwrap_or_else(|error| { panic!("Unable to read the image exif: {}", error); }); let exif_image_string = String::from_utf8(exif_image_bytes.to_vec()).unwrap(); let exif_image_json: Value = serde_json::from_str(&exif_image_string).unwrap(); let random_seed1 = exif_image_json["random_seed1"].as_str().unwrap_or("N/A"); let random_seed2 = exif_image_json["random_seed2"].as_str().unwrap_or("N/A"); let part1_key_enc = exif_image_json["part1_key_enc"].as_str().unwrap_or("N/A"); let part1_recovered = Self::recover_part1(password, random_seed1, part1_key_enc); let part1_trimmed = part1_recovered.trim_matches('"'); //@todo: get shardings from member managers!! let shardings = self.sharding.shares_vec.clone(); // temporary let part2_recovered = Self::recover_part2(&password, &random_seed2, shardings); let part2_trimmed = part2_recovered.trim_matches('"'); let recover_key_hex: String = format!("{}{}", part1_trimmed, part2_trimmed); Some(recover_key_hex) } fn recover_part1(password: &str, random_seed1: &str, part1_key_enc: &str) -> String { let pwd_hash_part1 = from_hex_to_b64(&sha_256(&format!("{}{}", password, random_seed1))); let key_dec_part1 = KeyEncryption::new(None, Some(pwd_hash_part1), None); let part1_key_recovered = key_dec_part1 .decode(part1_key_enc.to_string()) .unwrap_or_else(|_| "".to_string()); part1_key_recovered } fn recover_part2(password: &str, random_seed2: &str, shares_vec: Vec>) -> String { let quorum_sharding = (Sharding::QUORUM_SHARD * f32::from(shares_vec.len() as u8)).round() as u8; let part2_key_enc = SecretData::recover_secret(quorum_sharding, shares_vec).unwrap(); let pwd_hash_part2 = from_hex_to_b64(&sha_256(&format!("{}{}", password, random_seed2))); let key_dec_part2 = KeyEncryption::new(None, Some(pwd_hash_part2), None); let part2_key_recovered = key_dec_part2 .decode(part2_key_enc) .unwrap_or_else(|_| "".to_string()); part2_key_recovered } //not used pub fn pbkdf2(password: &str, data: &str) -> String { let data_salt = data.trim_end_matches('='); let salt = SaltString::from_b64(data_salt) .map(|s| s) .unwrap_or_else(|_| panic!("Failed to parse salt value from base64 string")); let mut password_hash = String::new(); if let Ok(pwd) = Scrypt.hash_password(password.as_bytes(), &salt) { password_hash.push_str(&pwd.to_string()); } sha_256(&password_hash) } pub fn get_image_recover(&self) -> Vec { return self.image_recover.image_recover_bytes.clone(); } pub fn get_exif_image(&self, image: &[u8]) -> Vec { return read_exif(image).expect("Error reading the exif"); } pub fn get_image_revoke(&self) -> Vec { return self.image_revoke.image_revoke_bytes.clone(); } // Test sharing JS side pub fn get_shares(&self) -> Vec { self.sharding.shares_format_str.clone() } //Test sharing Js side pub fn get_secret(&self, shardings: Vec) -> String { let mut shares_vec = Vec::new(); for s in shardings.iter() { let bytes_vec: Vec = s .trim_matches(|c| c == '[' || c == ']') .split(',') .filter_map(|s| s.trim().parse().ok()) .collect(); shares_vec.push(bytes_vec); } self.sharding.recover_secrete(shares_vec.clone()) } } #[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)] pub struct ImageRecover { image_recover_bytes: Vec, } impl ImageRecover { pub fn new( image_to_recover: &[u8], random_seed1: &str, random_seed2: &str, part1_key_enc: &str, ) -> Self { let data_exif_json = json!({ "random_seed1": random_seed1, "random_seed2": random_seed2, "part1_key_enc": part1_key_enc }); let data = serde_json::to_string(&data_exif_json).unwrap(); let image_recover = write_exif(image_to_recover, &data); ImageRecover { image_recover_bytes: image_recover.expect("Image recover not generated!"), } } } #[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)] pub struct ImageRevoke { image_revoke_bytes: Vec, } impl ImageRevoke { pub fn new( image_to_revoke: &[u8], priv_revoke_spend_key: &str, priv_revoke_scan_key: &str, ) -> Self { let data_exif_json = json!({ "priv_revoke_spend_key":priv_revoke_spend_key, "priv_revoke_scan_key":priv_revoke_scan_key }); let data = serde_json::to_string(&data_exif_json).unwrap(); let image_revoke = write_exif(image_to_revoke, &data); ImageRevoke { image_revoke_bytes: image_revoke.expect("Image revoke not generated!"), } } } #[derive(Debug, Serialize, Deserialize, Default, Clone, PartialEq, Eq, Hash, PartialOrd, Ord)] pub struct Sharding { shares_vec: Vec>, shares_format_str: Vec, } impl Sharding { const QUORUM_SHARD: f32 = 0.80_f32; pub fn new(part2_key_enc: &str, number_members: u8) -> Self { let secret_data = SecretData::with_secret(part2_key_enc, number_members); let mut shares_format_str: Vec = Vec::new(); let shares_vec = (1..=number_members) .map(|i| match secret_data.get_share(i) { Ok(share) => { let string = format!( "[{}]", share .clone() .iter() .map(|b| format!("{}", b)) .collect::>() .join(",") ); shares_format_str.push(string.clone()); share } Err(_) => panic!("Not able to recover the shares!"), }) .collect::>(); Sharding { shares_vec, shares_format_str, } } pub fn recover_secrete(&self, shares: Vec>) -> String { let quorum_sharding = (Self::QUORUM_SHARD * f32::from(shares.len() as u8)).round() as u8; SecretData::recover_secret(quorum_sharding, shares).unwrap() } } //associated functions pub fn generate_random_key(length: usize) -> String { let mut rng = rand::thread_rng(); let random_bytes: Vec = (0..length).map(|_| rng.gen_range(0x00..=0xFF)).collect(); base64::encode(random_bytes) } pub fn sha_256(data: &str) -> String { let mut hasher = Sha256::new(); hasher.update(data); let result = hasher.finalize(); hex::encode(result) } pub fn write_exif(image_to_recover: &[u8], data: &str) -> Result, String> { let image_to_recover_bytes = Bytes::from(image_to_recover.to_vec()); let mut jpeg = Jpeg::from_bytes(image_to_recover_bytes).unwrap(); let data_bytes = Bytes::from(data.as_bytes().to_vec()); jpeg.set_exif(Some(data_bytes)); let output_image_bytes = jpeg.encoder().bytes(); let output_image = output_image_bytes.as_ref(); Ok(output_image.to_vec()) } pub fn read_exif(image: &[u8]) -> Result, String> { let image_bytes = Bytes::from(image.to_vec()); let jpeg = Jpeg::from_bytes(image_bytes).unwrap(); //exif out let mut exif_image = Bytes::new(); if let Some(ref meta) = jpeg.exif() { exif_image = meta.clone(); } else { return Err("No exif data".to_string()); } let exif_bytes = exif_image.as_ref(); Ok(exif_bytes.to_vec()) } //change for return Result? pub fn from_hex_to_b58(hex_string: &str) -> String { let decoded_data = hex::decode(hex_string).expect("Failed to decode hex string"); let base58_string = bs58::encode(decoded_data).into_string(); base58_string } //change for return Result? pub fn from_b58_to_hex(base58_string: &str) -> String { let decoded_data = bs58::decode(base58_string.to_owned()).into_vec().unwrap(); let hex_string = decoded_data .iter() .map(|b| format!("{:02x}", b)) .collect::(); hex_string } fn from_b64_to_hex(base64_string: &str) -> String { let decoded_data = base64::decode(base64_string).unwrap(); let hex_string = decoded_data .iter() .map(|b| format!("{:02x}", b)) .collect::(); hex_string } fn from_hex_to_b64(hex_string: &str) -> String { let decoded_data = hex::decode(hex_string).expect("Failed to decode hex string"); let base64_string = base64::encode(decoded_data); base64_string }