lb_rs/model/
access_info.rs

1use crate::model::account::Account;
2use crate::model::crypto::{AESEncrypted, AESKey};
3use crate::model::{pubkey, symkey};
4use libsecp256k1::PublicKey;
5use serde::{Deserialize, Serialize};
6
7use super::errors::LbResult;
8
9pub type EncryptedUserAccessKey = AESEncrypted<AESKey>;
10pub type EncryptedFolderAccessKey = AESEncrypted<AESKey>;
11
12#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone, Copy, Hash, PartialOrd, Ord)]
13pub enum UserAccessMode {
14    Read,
15    Write,
16    Owner, // todo: remove
17}
18
19#[derive(Serialize, Deserialize, Debug, Clone)]
20pub struct UserAccessInfo {
21    pub mode: UserAccessMode,
22    pub encrypted_by: PublicKey,
23    pub encrypted_for: PublicKey,
24    pub access_key: EncryptedUserAccessKey,
25    pub deleted: bool,
26}
27
28impl PartialEq for UserAccessInfo {
29    fn eq(&self, other: &Self) -> bool {
30        self.mode == other.mode
31            && self.encrypted_for == other.encrypted_for
32            && self.encrypted_by == other.encrypted_by
33            && self.deleted == other.deleted
34    }
35}
36
37impl UserAccessInfo {
38    pub fn encrypt(
39        account: &Account, encrypted_by: &PublicKey, encrypted_for: &PublicKey, key: &AESKey,
40        mode: UserAccessMode,
41    ) -> LbResult<Self> {
42        let private_key = account.private_key;
43        let user_key = pubkey::get_aes_key(&private_key, encrypted_for)?;
44        let encrypted_file_key = symkey::encrypt(&user_key, key)?;
45        Ok(UserAccessInfo {
46            mode,
47            encrypted_by: *encrypted_by,
48            encrypted_for: *encrypted_for,
49            access_key: encrypted_file_key,
50            deleted: false,
51        })
52    }
53
54    pub fn decrypt(&self, account: &Account) -> LbResult<AESKey> {
55        let shared_secret = pubkey::get_aes_key(&account.private_key, &self.encrypted_by)?;
56        let encrypted = &self.access_key;
57        let decrypted = symkey::decrypt(&shared_secret, encrypted)?;
58        Ok(decrypted)
59    }
60}
61
62#[cfg(test)]
63mod unit_tests {
64    use crate::model::access_info::{UserAccessInfo, UserAccessMode};
65    use crate::model::account::Account;
66    use crate::model::symkey;
67
68    #[test]
69    fn encrypt_decrypt_1() {
70        let account = Account::new("test1".to_string(), "test2".to_string());
71        let key = symkey::generate_key();
72        let encrypted = UserAccessInfo::encrypt(
73            &account,
74            &account.public_key(),
75            &account.public_key(),
76            &key,
77            UserAccessMode::Write,
78        )
79        .unwrap();
80        let decrypted = encrypted.decrypt(&account).unwrap();
81        assert_eq!(key, decrypted);
82    }
83
84    #[test]
85    fn encrypt_decrypt_2() {
86        let account1 = Account::new("test1".to_string(), "test2".to_string());
87        let account2 = Account::new("test2".to_string(), "test2".to_string());
88        let key = symkey::generate_key();
89        let encrypted = UserAccessInfo::encrypt(
90            &account1,
91            &account1.public_key(),
92            &account2.public_key(),
93            &key,
94            UserAccessMode::Write,
95        )
96        .unwrap();
97        let decrypted = encrypted.decrypt(&account2).unwrap();
98        assert_eq!(key, decrypted);
99    }
100}
lb_rs/model/access_info.rs

lb_rs/model/
access_info.rs
