rialo-cdk 0.4.2

Rialo CDK - A comprehensive toolkit for building with the Rialo blockchain
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185

// Copyright (c) Subzero Labs, Inc.
// SPDX-License-Identifier: Apache-2.0

//! Secret encryption utilities for TEE-based rex systems.
//!
//! This module provides client-side encryption functions for encrypting secrets
//! (such as API keys) that will be decrypted inside TEEs during rex execution.
//! The encryption includes the creator's public key in the Additional Authenticated Data (AAD)
//! to bind the encrypted secret to its creator.

use rialo_tee_secret_sharing::{encrypt_user_payload, USER_SECRET_AAD};
use rialo_types::PublicKey;

use crate::{
    error::{Result, RialoError},
    rpc::types::Pubkey,
};

/// Maximum allowed secret length (64 KB)
pub const MAX_SECRET_LENGTH: usize = 64 * 1024;

/// Encrypts a secret using the TEE's public key and returns the raw encrypted bytes.
///
/// The encryption uses HPKE (Hybrid Public Key Encryption) with the creator's public key
/// included in the Additional Authenticated Data (AAD). This binds the encrypted secret
/// to the creator, ensuring that the TEE can verify the creator's identity during decryption.
///
/// # Arguments
///
/// * `secret` - The plaintext secret string to encrypt (max 64 KB)
/// * `creator_pubkey` - The public key of the secret creator (used in AAD for authentication)
/// * `secret_sharing_pubkey` - The secret sharing public key (used for encryption)
///
/// # Returns
///
/// * `Result<Vec<u8>>` - Encrypted payload in HPKE format as raw bytes
///
/// # Errors
///
/// Returns an error if:
/// - The secret is empty or exceeds MAX_SECRET_LENGTH
/// - Encryption fails
///
/// # Example
///
/// ```
/// use rialo_cdk::secret_encryption::encrypt_secret;
/// use rialo_types::PublicKey;
///
/// let secret = "Bearer sk-1234567890abcdef".to_string();
/// let creator_pub = "9h1HyLCW5dZnBVap8C5egQ9Z6pHyjsh5MNy83iPqqRuq".parse().unwrap();
///
/// // Decode hex string to bytes and convert to PublicKey
/// let sk_pub_bytes = hex::decode("a1b2c3d4e5f67890a1b2c3d4e5f67890a1b2c3d4e5f67890a1b2c3d4e5f67890")
///     .expect("valid hex string");
/// let sk_pub = PublicKey::from_bytes(
///     sk_pub_bytes.try_into().expect("32 bytes")
/// );
///
/// let encrypted_bytes = encrypt_secret(secret, &creator_pub, &sk_pub)?;
/// # Ok::<(), rialo_cdk::error::RialoError>(())
/// ```
pub fn encrypt_secret(
    secret: String,
    creator_pubkey: &Pubkey,
    secret_sharing_pubkey: &PublicKey,
) -> Result<Vec<u8>> {
    // Validate secret
    if secret.is_empty() {
        return Err(RialoError::InvalidInput(
            "Secret cannot be empty".to_string(),
        ));
    }

    let secret_bytes = secret.as_bytes();
    if secret_bytes.len() > MAX_SECRET_LENGTH {
        return Err(RialoError::InvalidInput(format!(
            "Secret exceeds maximum length of {} bytes (got {} bytes)",
            MAX_SECRET_LENGTH,
            secret_bytes.len()
        )));
    }

    // Decode the hex public key
    let aad = [USER_SECRET_AAD, &creator_pubkey.to_bytes()].concat();

    // Encrypt the secret using HPKE
    let ciphertext = encrypt_user_payload(secret_sharing_pubkey, secret_bytes, aad.as_ref())
        .map_err(|e| RialoError::Encryption(format!("Encryption failed: {}", e)))?;

    Ok(ciphertext)
}

#[cfg(test)]
mod tests {
    use rialo_tee_secret_sharing::{decrypt_user_message, initialize_secret_key, SecretSharingKey};
    use zeroize::Zeroizing;

    use super::*;

    fn create_test_key() -> SecretSharingKey {
        let key_bytes = Zeroizing::new([42u8; 32]);
        SecretSharingKey::from_private_key_bytes(key_bytes)
    }

    #[test]
    fn test_encrypt_secret_basic() {
        let sk = create_test_key();
        let creator_pubkey = Pubkey::from([1u8; 32]);
        let _ = initialize_secret_key(sk.clone());

        let secret = "Bearer test-token-12345".to_string();
        let result = encrypt_secret(secret.clone(), &creator_pubkey, sk.public_key());

        assert!(result.is_ok());
        let ciphertext = result.unwrap();

        // Verify decryption with creator public key in AAD
        let decrypted = decrypt_user_message(
            &ciphertext,
            &PublicKey::from_bytes(creator_pubkey.to_bytes()),
        )
        .unwrap();
        assert_eq!(decrypted.as_bytes(), secret.as_bytes());
    }

    #[test]
    fn test_encrypt_secret_empty() {
        let sk = create_test_key();
        let creator_pubkey = Pubkey::from([3u8; 32]);

        let result = encrypt_secret(String::new(), &creator_pubkey, sk.public_key());

        assert!(result.is_err());
        assert!(result.unwrap_err().to_string().contains("empty"));
    }

    #[test]
    fn test_encrypt_secret_oversized() {
        let sk = create_test_key();
        let creator_pubkey = Pubkey::from([4u8; 32]);

        let oversized_secret = "x".repeat(MAX_SECRET_LENGTH + 1);
        let result = encrypt_secret(oversized_secret, &creator_pubkey, sk.public_key());

        assert!(result.is_err());
        assert!(result.unwrap_err().to_string().contains("maximum length"));
    }

    #[test]
    fn test_encrypt_secret_with_different_creator() {
        let sk = create_test_key();
        let creator_pubkey1 = Pubkey::from([10u8; 32]);
        let creator_pubkey2 = Pubkey::from([20u8; 32]);
        let _ = initialize_secret_key(sk.clone());

        let secret = "test-secret-with-creator".to_string();

        // Encrypt with creator_pubkey1
        let ciphertext1 =
            encrypt_secret(secret.clone(), &creator_pubkey1, sk.public_key()).unwrap();

        // Encrypt with creator_pubkey2
        let ciphertext2 =
            encrypt_secret(secret.clone(), &creator_pubkey2, sk.public_key()).unwrap();

        // Different creator pubkeys should produce different ciphertexts (due to different AAD)
        assert_ne!(ciphertext1, ciphertext2);

        // Both should decrypt correctly with their respective AADs
        let decrypted1 = decrypt_user_message(
            &ciphertext1,
            &PublicKey::from_bytes(creator_pubkey1.to_bytes()),
        )
        .unwrap();
        assert_eq!(decrypted1.as_bytes(), secret.as_bytes());

        let decrypted2 = decrypt_user_message(
            &ciphertext2,
            &PublicKey::from_bytes(creator_pubkey2.to_bytes()),
        )
        .unwrap();
        assert_eq!(decrypted2.as_bytes(), secret.as_bytes());
    }
}