123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314 |
- use async_trait::async_trait;
- use curve25519_dalek::scalar::Scalar;
- use lox_library::bridge_table::from_scalar;
- use lox_library::bridge_table::BridgeLine;
- use lox_library::bridge_table::BridgeTable;
- use lox_library::bridge_table::EncryptedBucket;
- use lox_library::bridge_table::MAX_BRIDGES_PER_BUCKET;
- use lox_library::proto::*;
- use lox_library::scalar_u32;
- use lox_library::IssuerPubKey;
- use lox_library::OPENINV_LENGTH;
- use lox_utils::EncBridgeTable;
- use lox_utils::Invite;
- use serde::{Deserialize, Serialize};
- use serde_with::serde_as;
- use std::collections::HashMap;
- use std::time::Duration;
- // used for testing function
- use std::io::Write;
- // provides a generic way to make network requests
- #[async_trait]
- pub trait Networking {
- async fn request(&self, endpoint: String, body: Vec<u8>) -> Vec<u8>;
- }
- // Helper functions to get public keys from vector
- pub fn get_lox_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
- &lox_auth_pubkeys[0]
- }
- pub fn get_migration_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
- &lox_auth_pubkeys[1]
- }
- pub fn get_migrationkey_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
- &lox_auth_pubkeys[2]
- }
- pub fn get_reachability_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
- &lox_auth_pubkeys[3]
- }
- pub fn get_invitation_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
- &lox_auth_pubkeys[4]
- }
- // Helper function to get credential trust level as i8
- // (Note that this value should only be 0-4)
- pub fn get_cred_trust_level(cred: &lox_library::cred::Lox) -> i8 {
- let trust_levels: [Scalar; 5] = [
- Scalar::zero(),
- Scalar::one(),
- Scalar::from(2u64),
- Scalar::from(3u64),
- Scalar::from(4u8),
- ];
- for i in 0..trust_levels.len() {
- if cred.trust_level == trust_levels[i] {
- return i.try_into().unwrap();
- }
- }
- -1
- }
- // Helper function to check if credential is eligible for
- // promotion from level 0 to 1
- pub async fn eligible_for_trust_promotion(
- net: &dyn Networking,
- cred: &lox_library::cred::Lox,
- ) -> bool {
- let level_since: u32 = match scalar_u32(&cred.level_since) {
- Some(v) => v,
- None => return false,
- };
- get_cred_trust_level(cred) == 0
- && level_since + lox_library::proto::trust_promotion::UNTRUSTED_INTERVAL
- <= get_today(net).await
- }
- // Helper function to check if credential is eligible for
- // level up from level 1+
- pub async fn eligible_for_level_up(net: &dyn Networking, cred: &lox_library::cred::Lox) -> bool {
- let level_since: u32 = match scalar_u32(&cred.level_since) {
- Some(v) => v,
- None => return false,
- };
- let trust_level: usize = get_cred_trust_level(cred).try_into().unwrap();
- trust_level > 0
- && level_since + lox_library::proto::level_up::LEVEL_INTERVAL[trust_level]
- <= get_today(net).await
- }
- // Get current date from Lox Auth
- pub async fn get_today(net: &dyn Networking) -> u32 {
- let resp = net.request("/today".to_string(), [].to_vec()).await;
- let today: u32 = serde_json::from_slice(&resp).unwrap();
- today
- }
- // Download Lox Auth pubkeys
- pub async fn get_lox_auth_keys(net: &dyn Networking) -> Vec<IssuerPubKey> {
- let resp = net.request("/pubkeys".to_string(), [].to_vec()).await;
- let lox_auth_pubkeys: Vec<IssuerPubKey> = serde_json::from_slice(&resp).unwrap();
- lox_auth_pubkeys
- }
- // Get encrypted bridge table
- pub async fn get_reachability_credential(net: &dyn Networking) -> HashMap<u32, EncryptedBucket> {
- let resp = net.request("/reachability".to_string(), [].to_vec()).await;
- let reachability_cred: EncBridgeTable = serde_json::from_slice(&resp).unwrap();
- reachability_cred.etable
- }
- // Get encrypted bridge table from BridgeDB and decrypt our entry
- pub async fn get_bucket(
- net: &dyn Networking,
- lox_cred: &lox_library::cred::Lox,
- ) -> [BridgeLine; MAX_BRIDGES_PER_BUCKET] {
- let encbuckets = get_reachability_credential(net).await;
- let (id, key) = from_scalar(lox_cred.bucket).unwrap();
- let encbucket = match encbuckets.get(&id) {
- Some(encbucket) => encbucket,
- None => panic!("Provided ID not found"),
- };
- BridgeTable::decrypt_bucket(id, &key, &encbucket).unwrap().0
- }
- // Get an open invitation
- pub async fn get_open_invitation(net: &dyn Networking) -> [u8; OPENINV_LENGTH] {
- let resp = net.request("/invite".to_string(), [].to_vec()).await;
- let open_invite: [u8; OPENINV_LENGTH] = serde_json::from_slice::<Invite>(&resp).unwrap().invite;
- open_invite
- }
- // Get a Lox Credential from an open invitation
- pub async fn get_lox_credential(
- net: &dyn Networking,
- open_invite: &[u8; OPENINV_LENGTH],
- lox_pub: &IssuerPubKey,
- ) -> (lox_library::cred::Lox, BridgeLine) {
- let (req, state) = open_invite::request(&open_invite);
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net.request("/openreq".to_string(), encoded_req).await;
- let decoded_resp: open_invite::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let (cred, bridgeline) = open_invite::handle_response(state, decoded_resp, &lox_pub).unwrap();
- (cred, bridgeline)
- }
- // Get a migration credential to migrate to higher trust
- pub async fn trust_promotion(
- net: &dyn Networking,
- lox_cred: &lox_library::cred::Lox,
- lox_pub: &IssuerPubKey,
- ) -> lox_library::cred::Migration {
- let (req, state) = trust_promotion::request(&lox_cred, &lox_pub, get_today(net).await).unwrap();
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net.request("/trustpromo".to_string(), encoded_req).await;
- let decoded_resp: trust_promotion::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let migration_cred = trust_promotion::handle_response(state, decoded_resp).unwrap();
- migration_cred
- }
- // Promote from untrusted (trust level 0) to trusted (trust level 1)
- pub async fn trust_migration(
- net: &dyn Networking,
- lox_cred: &lox_library::cred::Lox,
- migration_cred: &lox_library::cred::Migration,
- lox_pub: &IssuerPubKey,
- migration_pub: &IssuerPubKey,
- ) -> lox_library::cred::Lox {
- let (req, state) =
- migration::request(lox_cred, migration_cred, lox_pub, migration_pub).unwrap();
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net.request("/trustmig".to_string(), encoded_req).await;
- let decoded_resp: migration::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let cred = migration::handle_response(state, decoded_resp, lox_pub).unwrap();
- cred
- }
- // Increase trust from at least level 1 to higher levels
- pub async fn level_up(
- net: &dyn Networking,
- lox_cred: &lox_library::cred::Lox,
- encbuckets: &HashMap<u32, EncryptedBucket>,
- lox_pub: &IssuerPubKey,
- reachability_pub: &IssuerPubKey,
- ) -> lox_library::cred::Lox {
- // Read the bucket in the credential to get today's Bucket
- // Reachability credential
- let (id, key) = lox_library::bridge_table::from_scalar(lox_cred.bucket).unwrap();
- let bucket = lox_library::bridge_table::BridgeTable::decrypt_bucket(
- id,
- &key,
- &encbuckets.get(&id).unwrap(),
- )
- .unwrap();
- let reachcred = bucket.1.unwrap();
- // Use the Bucket Reachability credential to advance to the next
- // level
- let (req, state) = level_up::request(
- lox_cred,
- &reachcred,
- lox_pub,
- reachability_pub,
- get_today(net).await,
- )
- .unwrap();
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net.request("/levelup".to_string(), encoded_req).await;
- let decoded_resp: level_up::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let cred = level_up::handle_response(state, decoded_resp, lox_pub).unwrap();
- cred
- }
- // Request an Invitation credential to give to a friend
- pub async fn issue_invite(
- net: &dyn Networking,
- lox_cred: &lox_library::cred::Lox,
- encbuckets: &HashMap<u32, EncryptedBucket>,
- lox_pub: &IssuerPubKey,
- reachability_pub: &IssuerPubKey,
- invitation_pub: &IssuerPubKey,
- ) -> (lox_library::cred::Lox, lox_library::cred::Invitation) {
- // Read the bucket in the credential to get today's Bucket
- // Reachability credential
- let (id, key) = lox_library::bridge_table::from_scalar(lox_cred.bucket).unwrap();
- let bucket = lox_library::bridge_table::BridgeTable::decrypt_bucket(
- id,
- &key,
- &encbuckets.get(&id).unwrap(),
- )
- .unwrap();
- let reachcred = bucket.1.unwrap();
- let (req, state) = issue_invite::request(
- lox_cred,
- &reachcred,
- lox_pub,
- reachability_pub,
- get_today(net).await,
- )
- .unwrap();
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net.request("/issueinvite".to_string(), encoded_req).await;
- let decoded_resp: issue_invite::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let (cred, invite) =
- issue_invite::handle_response(state, decoded_resp, lox_pub, invitation_pub).unwrap();
- (cred, invite)
- }
- // Redeem an Invitation credential to start at trust level 1
- pub async fn redeem_invite(
- net: &dyn Networking,
- invite: &lox_library::cred::Invitation,
- lox_pub: &IssuerPubKey,
- invitation_pub: &IssuerPubKey,
- ) -> lox_library::cred::Lox {
- let (req, state) =
- redeem_invite::request(invite, invitation_pub, get_today(net).await).unwrap();
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net.request("/redeem".to_string(), encoded_req).await;
- let decoded_resp: redeem_invite::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let cred = redeem_invite::handle_response(state, decoded_resp, lox_pub).unwrap();
- cred
- }
- // Check for a migration credential to move to a new bucket
- pub async fn check_blockage(
- net: &dyn Networking,
- lox_cred: &lox_library::cred::Lox,
- lox_pub: &IssuerPubKey,
- ) -> lox_library::cred::Migration {
- let (req, state) = check_blockage::request(lox_cred, lox_pub).unwrap();
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net.request("/checkblockage".to_string(), encoded_req).await;
- let decoded_resp: check_blockage::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let migcred = check_blockage::handle_response(state, decoded_resp).unwrap();
- migcred
- }
- // Migrate to a new bucket (must be level >= 3)
- pub async fn blockage_migration(
- net: &dyn Networking,
- lox_cred: &lox_library::cred::Lox,
- migcred: &lox_library::cred::Migration,
- lox_pub: &IssuerPubKey,
- migration_pub: &IssuerPubKey,
- ) -> lox_library::cred::Lox {
- let (req, state) =
- blockage_migration::request(lox_cred, migcred, lox_pub, migration_pub).unwrap();
- let encoded_req: Vec<u8> = serde_json::to_vec(&req).unwrap();
- let encoded_resp = net
- .request("/blockagemigration".to_string(), encoded_req)
- .await;
- let decoded_resp: blockage_migration::Response = serde_json::from_slice(&encoded_resp).unwrap();
- let cred = blockage_migration::handle_response(state, decoded_resp, lox_pub).unwrap();
- cred
- }
- // Advance days on server (ONLY FOR TESTING)
- pub async fn advance_days(net: &dyn Networking, days: u16) -> u32 {
- let resp = net
- .request(
- "/advancedays".to_string(),
- serde_json::to_vec(&days).unwrap(),
- )
- .await;
- let today: u32 = serde_json::from_slice(&resp).unwrap();
- today
- }
|