ate_crypto/crypto/
public_encrypted_secure_data.rs

1use crate::spec::SerializationFormat;
2use crate::utils::vec_deserialize;
3use crate::utils::vec_serialize;
4use fxhash::FxHashMap;
5use serde::{Deserialize, Serialize};
6use std::result::Result;
7use std::{io::ErrorKind, marker::PhantomData};
8#[allow(unused_imports)]
9use tracing::{debug, error, info, instrument, span, trace, warn, Level};
10
11use super::*;
12
13#[derive(Serialize, Deserialize, Debug, Clone)]
14pub struct PublicEncryptedSecureData<T>
15where
16    T: serde::Serialize + serde::de::DeserializeOwned,
17{
18    format: SerializationFormat,
19    ek_hash: AteHash,
20    sd_iv: InitializationVector,
21    #[serde(serialize_with = "vec_serialize", deserialize_with = "vec_deserialize")]
22    sd_encrypted: Vec<u8>,
23    #[serde(skip)]
24    _marker: std::marker::PhantomData<T>,
25}
26
27impl<T> PublicEncryptedSecureData<T>
28where
29    T: serde::Serialize + serde::de::DeserializeOwned,
30{
31    pub fn new(
32        encrypt_key: &PublicEncryptKey,
33        data: T,
34    ) -> Result<PublicEncryptedSecureData<T>, std::io::Error> {
35        let format = SerializationFormat::Bincode;
36        let data = match format.serialize(&data) {
37            Ok(a) => a,
38            Err(err) => {
39                return Err(std::io::Error::new(ErrorKind::Other, err.to_string()));
40            }
41        };
42        let result = encrypt_key.encrypt(&data[..]);
43
44        Ok(PublicEncryptedSecureData {
45            format,
46            ek_hash: encrypt_key.hash(),
47            sd_iv: result.iv,
48            sd_encrypted: result.data,
49            _marker: PhantomData,
50        })
51    }
52
53    pub fn unwrap(&self, key: &PrivateEncryptKey) -> Result<T, std::io::Error> {
54        if key.hash() != self.ek_hash {
55            return Err(std::io::Error::new(
56                std::io::ErrorKind::Other,
57                format!("The decryption key is not valid for this cipher data ({} vs {}).", key.hash(), self.ek_hash).as_str(),
58            ));
59        }
60        let data = key.decrypt(&self.sd_iv, &self.sd_encrypted[..]).unwrap();
61        Ok(match self.format.deserialize_ref(&data[..]) {
62            Ok(a) => a,
63            Err(err) => {
64                return Err(std::io::Error::new(ErrorKind::Other, err.to_string()));
65            }
66        })
67    }
68
69    pub fn ek_hash(&self) -> AteHash {
70        self.ek_hash
71    }
72}
73
74impl<T> std::fmt::Display
75for PublicEncryptedSecureData<T>
76where
77    T: serde::Serialize + serde::de::DeserializeOwned
78{
79    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
80        write!(f, "secure_data(format={},ek_hash={},size={})", self.format, self.ek_hash, self.sd_encrypted.len())
81    }
82}
83
84#[derive(Serialize, Deserialize, Debug, Clone)]
85pub struct MultiEncryptedSecureData<T>
86where
87    T: serde::Serialize + serde::de::DeserializeOwned,
88{
89    format: SerializationFormat,
90    members: FxHashMap<String, PublicEncryptedSecureData<EncryptKey>>,
91    metadata: FxHashMap<String, String>,
92    sd_iv: InitializationVector,
93    sd_hash: AteHash,
94    #[serde(serialize_with = "vec_serialize", deserialize_with = "vec_deserialize")]
95    sd_encrypted: Vec<u8>,
96    #[serde(skip)]
97    _marker2: std::marker::PhantomData<T>,
98}
99
100impl<T> MultiEncryptedSecureData<T>
101where
102    T: serde::Serialize + serde::de::DeserializeOwned,
103{
104    pub fn new(
105        encrypt_key: &PublicEncryptKey,
106        meta: String,
107        data: T,
108    ) -> Result<MultiEncryptedSecureData<T>, std::io::Error> {
109        let shared_key = EncryptKey::generate(encrypt_key.size());
110        MultiEncryptedSecureData::new_ext(encrypt_key, shared_key, meta, data)
111    }
112
113    pub fn new_ext(
114        encrypt_key: &PublicEncryptKey,
115        shared_key: EncryptKey,
116        meta: String,
117        data: T,
118    ) -> Result<MultiEncryptedSecureData<T>, std::io::Error> {
119        let format = SerializationFormat::Bincode;
120
121        let index = encrypt_key.hash().to_hex_string();
122        let mut members = FxHashMap::default();
123        members.insert(
124            index.clone(),
125            PublicEncryptedSecureData::new(encrypt_key, shared_key)?,
126        );
127        let mut metadata = FxHashMap::default();
128        metadata.insert(index, meta);
129
130        let data = match format.serialize(&data) {
131            Ok(a) => a,
132            Err(err) => {
133                return Err(std::io::Error::new(ErrorKind::Other, err.to_string()));
134            }
135        };
136        let result = shared_key.encrypt(&data[..]);
137        let hash = AteHash::from_bytes_twice(&result.iv.bytes[..], &data[..]);
138
139        Ok(MultiEncryptedSecureData {
140            format,
141            members,
142            metadata,
143            sd_iv: result.iv,
144            sd_hash: hash,
145            sd_encrypted: result.data,
146            _marker2: PhantomData,
147        })
148    }
149
150    pub fn unwrap(&self, key: &PrivateEncryptKey) -> Result<Option<T>, std::io::Error> {
151        Ok(match self.members.get(&key.hash().to_hex_string()) {
152            Some(a) => {
153                let shared_key = a.unwrap(key)?;
154                let data = shared_key.decrypt(&self.sd_iv, &self.sd_encrypted[..]);
155                Some(match self.format.deserialize_ref::<T>(&data[..]) {
156                    Ok(a) => a,
157                    Err(err) => {
158                        return Err(std::io::Error::new(ErrorKind::Other, err.to_string()));
159                    }
160                })
161            }
162            None => None,
163        })
164    }
165
166    pub fn unwrap_shared(&self, shared_key: &EncryptKey) -> Result<Option<T>, std::io::Error> {
167        let data = shared_key.decrypt(&self.sd_iv, &self.sd_encrypted[..]);
168        let hash = AteHash::from_bytes_twice(&self.sd_iv.bytes[..], &data[..]);
169        if hash != self.sd_hash {
170            return Ok(None);
171        }
172
173        Ok(match self.format.deserialize::<T>(data) {
174            Ok(a) => Some(a),
175            Err(err) => {
176                return Err(std::io::Error::new(ErrorKind::Other, err.to_string()));
177            }
178        })
179    }
180
181    pub fn add(
182        &mut self,
183        encrypt_key: &PublicEncryptKey,
184        meta: String,
185        referrer: &PrivateEncryptKey,
186    ) -> Result<bool, std::io::Error> {
187        match self.members.get(&referrer.hash().to_hex_string()) {
188            Some(a) => {
189                let shared_key = a.unwrap(referrer)?;
190                let index = encrypt_key.hash().to_hex_string();
191                self.members.insert(
192                    index.clone(),
193                    PublicEncryptedSecureData::new(encrypt_key, shared_key)?,
194                );
195                self.metadata.insert(index, meta);
196                Ok(true)
197            }
198            None => Ok(false),
199        }
200    }
201
202    pub fn remove(&mut self, what: &AteHash) -> bool {
203        let index = what.to_hex_string();
204        let ret = self.members.remove(&index).is_some();
205        self.metadata.remove(&index);
206        ret
207    }
208
209    pub fn exists(&self, what: &AteHash) -> bool {
210        let what = what.to_hex_string();
211        self.members.contains_key(&what)
212    }
213
214    pub fn meta<'a>(&'a self, what: &AteHash) -> Option<&'a String> {
215        let index = what.to_hex_string();
216        self.metadata.get(&index)
217    }
218
219    pub fn meta_list<'a>(&'a self) -> impl Iterator<Item = &'a String> {
220        self.metadata.values()
221    }
222}
ate_crypto/crypto/public_encrypted_secure_data.rs

ate_crypto/crypto/
public_encrypted_secure_data.rs
