1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
use crate::{
NameString,
crypto::{Keystore, PrivateKey, PublicKey, SharedSecret},
};
use bytes::Bytes;
use tinyvec::ArrayVec;
#[derive(PartialEq, Clone, Debug)]
pub struct Identity {
pub private_key: PrivateKey,
pub hash_prefix: u32,
pub secrets: ArrayVec<[(u32, SharedSecret); 10]>,
}
impl Default for Identity {
fn default() -> Self {
let private_key = PrivateKey::default();
let hash_prefix = private_key.hash_prefix();
Self {
private_key,
hash_prefix,
secrets: Default::default(),
}
}
}
#[derive(PartialEq, Clone, Debug)]
pub struct StaticKeystore {
pub identities: ArrayVec<[Identity; 10]>,
pub groups: ArrayVec<[SharedSecret; 10]>,
}
impl Keystore for StaticKeystore {
fn decrypt_and_id_p2p(
&self,
_source: u8,
_dest: u8,
mac: u16,
data: &Bytes,
) -> Option<(Bytes, u32, u32)> {
// Just brute-force all the secrets until one matches...
for identity in self.identities.iter() {
for (peer_prefix, secret) in identity.secrets.iter() {
let result = secret.mac_then_decrypt(mac, data);
if let Some(result) = result {
return Some((result, identity.hash_prefix, *peer_prefix));
}
}
}
None
}
fn decrypt_and_id_group(
&self,
_group_hash_prefix: u8,
mac: u16,
data: &Bytes,
) -> Option<(Bytes, Option<NameString>)> {
for group in self.groups.iter() {
let result = group.mac_then_decrypt(mac, data);
if let Some(result) = result {
return Some((result, None));
}
}
None
}
fn decrypt_anon(
&self,
_dest: u8,
pub_key: &PublicKey,
mac: u16,
data: &Bytes,
) -> Option<(Bytes, u32)> {
// For each identity, create a shared secret against the provided public key and check it.
for identity in self.identities.iter() {
let secret = identity.private_key.create_secret(pub_key);
let result = secret.mac_then_decrypt(mac, data);
if let Some(result) = result {
return Some((result, identity.hash_prefix));
}
}
None
}
}
#[derive(PartialEq, Debug, Clone)]
pub struct StaticKeystoreInput {
pub identities: ArrayVec<[PrivateKey; 10]>,
pub contacts: ArrayVec<[PublicKey; 10]>,
pub groups: ArrayVec<[SharedSecret; 10]>,
}
impl StaticKeystoreInput {
pub fn compile(self) -> StaticKeystore {
let mut retval = StaticKeystore {
identities: ArrayVec::new(),
groups: ArrayVec::new(),
};
for identity_in in self.identities {
let mut identity = Identity::default();
identity.private_key = identity_in;
identity.hash_prefix = PublicKey::from(&identity.private_key).hash_prefix();
for contact_in in self.contacts.iter() {
identity.secrets.push((
contact_in.hash_prefix(),
identity.private_key.create_secret(&contact_in),
));
}
retval.identities.push(identity);
}
for group in self.groups.iter() {
retval.groups.push(group.clone());
}
retval
}
}
#[cfg(test)]
mod tests {
#[test]
fn test_compile() {}
}
|
