From adeb5e653755e76d6c156b61e5ec6349fb1a27aa Mon Sep 17 00:00:00 2001 From: Sosthene Date: Fri, 6 Dec 2024 15:24:54 +0100 Subject: [PATCH] Encrypt_fields check for existing keys and don't overwrite values --- src/pcd.rs | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/src/pcd.rs b/src/pcd.rs index 33a6415..e0a158e 100644 --- a/src/pcd.rs +++ b/src/pcd.rs @@ -156,15 +156,23 @@ pub trait Pcd<'a>: Serialize + Deserialize<'a> { for (field, value) in map { if fields_to_encrypt.contains(&field) { - let aes_key = Aes256Gcm::generate_key(&mut rng); - let nonce = Aes256Gcm::generate_nonce(&mut rng); - fields2keys.insert( - field.to_owned(), - Value::String(aes_key.to_lower_hex_string()), - ); + if let None = fields2keys.get(&field) { + let aes_key = Aes256Gcm::generate_key(&mut rng); + fields2keys.insert( + field.to_owned(), + Value::String(aes_key.to_lower_hex_string()), + ); + } - let encrypt_eng = Aes256Gcm::new(&aes_key); - let value_string = value.to_string(); + let nonce = Aes256Gcm::generate_nonce(&mut rng); + let aes_key_value = fields2keys.get(&field).expect("We should have a key"); + + let aes_key_str: String = serde_json::from_value(aes_key_value.clone())?; + + let aes_key = Vec::from_hex(&aes_key_str)?; + + let encrypt_eng = Aes256Gcm::new(aes_key.as_slice().into()); + let value_string = serde_json::to_string(&value)?; let payload = Payload { msg: value_string.as_bytes(), aad: AAD, @@ -179,7 +187,10 @@ pub trait Pcd<'a>: Serialize + Deserialize<'a> { fields2cipher.insert(field.to_owned(), Value::String(res.to_lower_hex_string())); } else { - fields2cipher.insert(field.to_owned(), value.clone()); + if let None = fields2cipher.get(&field) { + fields2cipher.insert(field.to_owned(), value.clone()); + } + // if we already have something in the encrypted map, we leave it as it is } }