Sākums Izpētīt Palīdzība
Pierakstīties
vvecna
/
lox_cli
1
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Atzars: main
Atzari Tagi
lox_cli
/
src
/
lib.rs

lib.rs 10 KB
Patstāvīgā saite Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283 
  1. use lox_library::{
    2. 

  2.     bridge_table::{from_scalar, BridgeLine, BridgeTable, EncryptedBucket, MAX_BRIDGES_PER_BUCKET},
    3. 

  3.     cred,
    4. 

  4.     proto::{
    5. 

  5.         level_up::{LEVEL_INTERVAL, MAX_BLOCKAGES},
    6. 

  6.         *,
    7. 

  7.     },
    8. 

  8.     scalar_u32, IssuerPubKey, OPENINV_LENGTH,
    9. 

  9. };
    10. 

  10. use lox_utils::{EncBridgeTable, Invite};
    11. 

  11. use serde_json::error::Error;
    12. 

  12. use std::collections::HashMap;
    13. 

  13. 

  14. pub mod networking;
    15. 

  15. use crate::networking::Networking;
    16. 

  16. 

  17. // Helper functions to get public keys from vector
    18. 

  18. pub fn get_lox_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
    19. 

  19.     &lox_auth_pubkeys[0]
    20. 

  20. }
    21. 

  21. 

  22. pub fn get_migration_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
    23. 

  23.     &lox_auth_pubkeys[1]
    24. 

  24. }
    25. 

  25. 

  26. pub fn get_migrationkey_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
    27. 

  27.     &lox_auth_pubkeys[2]
    28. 

  28. }
    29. 

  29. 

  30. pub fn get_reachability_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
    31. 

  31.     &lox_auth_pubkeys[3]
    32. 

  32. }
    33. 

  33. 

  34. pub fn get_invitation_pub(lox_auth_pubkeys: &Vec<IssuerPubKey>) -> &IssuerPubKey {
    35. 

  35.     &lox_auth_pubkeys[4]
    36. 

  36. }
    37. 

  37. 

  38. // Helper function to check if credential is eligible for
    39. 

  39. // promotion from level 0 to 1
    40. 

  40. pub async fn eligible_for_trust_promotion(
    41. 

  41.     net: &dyn Networking,
    42. 

  42.     cred: &lox_library::cred::Lox,
    43. 

  43. ) -> bool {
    44. 

  44.     let level_since: u32 = match scalar_u32(&cred.level_since) {
    45. 

  45.         Some(v) => v,
    46. 

  46.         None => return false,
    47. 

  47.     };
    48. 

  48.     let date = match get_today(net).await {
    49. 

  49.         Ok(v) => v,
    50. 

  50.         Err(e) => {
    51. 

  51.             eprintln!("Failed to get date, error: {}", e);
    52. 

  52.             return false;
    53. 

  53.         }
    54. 

  54.     };
    55. 

  55.     scalar_u32(&cred.trust_level).unwrap() == 0
    56. 

  56.         && level_since + trust_promotion::UNTRUSTED_INTERVAL <= date
    57. 

  57. }
    58. 

  58. 

  59. // Helper function to check if credential is eligible for
    60. 

  60. // level up from level 1+
    61. 

  61. pub async fn eligible_for_level_up(net: &dyn Networking, cred: &lox_library::cred::Lox) -> bool {
    62. 

  62.     let level_since: u32 = match scalar_u32(&cred.level_since) {
    63. 

  63.         Some(v) => v,
    64. 

  64.         None => return false,
    65. 

  65.     };
    66. 

  66.     let date = match get_today(net).await {
    67. 

  67.         Ok(v) => v,
    68. 

  68.         Err(e) => {
    69. 

  69.             eprintln!("Failed to get date, error: {}", e);
    70. 

  70.             return false;
    71. 

  71.         }
    72. 

  72.     };
    73. 

  73.     let trust_level = scalar_u32(&cred.trust_level).unwrap();
    74. 

  74.     let blockages = scalar_u32(&cred.blockages).unwrap();
    75. 

  75.     trust_level > 0
    76. 

  76.         && blockages <= MAX_BLOCKAGES[trust_level as usize]
    77. 

  77.         && level_since + LEVEL_INTERVAL[trust_level as usize] <= date
    78. 

  78. }
    79. 

  79. 

  80. // Get current date from Lox Auth
    81. 

  81. pub async fn get_today(net: &dyn Networking) -> Result<u32, Error> {
    82. 

  82.     let resp = net.request("/today".to_string(), [].to_vec()).await;
    83. 

  83.     let today: u32 = serde_json::from_slice(&resp)?;
    84. 

  84.     Ok(today)
    85. 

  85. }
    86. 

  86. 

  87. // Download Lox Auth pubkeys
    88. 

  88. pub async fn get_lox_auth_keys(net: &dyn Networking) -> Result<Vec<IssuerPubKey>, Error> {
    89. 

  89.     let resp = net.request("/pubkeys".to_string(), [].to_vec()).await;
    90. 

  90.     let lox_auth_pubkeys: Vec<IssuerPubKey> = serde_json::from_slice(&resp)?;
    91. 

  91.     Ok(lox_auth_pubkeys)
    92. 

  92. }
    93. 

  93. 

  94. // Get encrypted bridge table
    95. 

  95. pub async fn get_reachability_credential(
    96. 

  96.     net: &dyn Networking,
    97. 

  97. ) -> Result<HashMap<u32, EncryptedBucket>, Error> {
    98. 

  98.     let resp = net.request("/reachability".to_string(), [].to_vec()).await;
    99. 

  99.     let reachability_cred: EncBridgeTable = serde_json::from_slice(&resp)?;
    100. 

  100.     Ok(reachability_cred.etable)
    101. 

  101. }
    102. 

  102. 

  103. // Get encrypted bridge table from BridgeDB and decrypt our entry
    104. 

  104. pub async fn get_bucket(
    105. 

  105.     net: &dyn Networking,
    106. 

  106.     lox_cred: &lox_library::cred::Lox,
    107. 

  107. ) -> Result<
    108. 

  108.     (
    109. 

  109.         [BridgeLine; MAX_BRIDGES_PER_BUCKET],
    110. 

  110.         Option<cred::BucketReachability>,
    111. 

  111.     ),
    112. 

  112.     Error,
    113. 

  113. > {
    114. 

  114.     let encbuckets = get_reachability_credential(net).await?;
    115. 

  115.     let (id, key) = from_scalar(lox_cred.bucket).unwrap();
    116. 

  116.     let encbucket = match encbuckets.get(&id) {
    117. 

  117.         Some(encbucket) => encbucket,
    118. 

  118.         None => panic!("Provided ID not found"),
    119. 

  119.     };
    120. 

  120.     Ok(BridgeTable::decrypt_bucket(id, &key, &encbucket).unwrap())
    121. 

  121. }
    122. 

  122. 

  123. // Get an open invitation
    124. 

  124. pub async fn get_open_invitation(net: &dyn Networking) -> Result<[u8; OPENINV_LENGTH], Error> {
    125. 

  125.     let resp = net.request("/invite".to_string(), [].to_vec()).await;
    126. 

  126.     let open_invite: [u8; OPENINV_LENGTH] = serde_json::from_slice::<Invite>(&resp)?.invite;
    127. 

  127.     Ok(open_invite)
    128. 

  128. }
    129. 

  129. 

  130. // Get a Lox Credential from an open invitation
    131. 

  131. pub async fn get_lox_credential(
    132. 

  132.     net: &dyn Networking,
    133. 

  133.     open_invite: &[u8; OPENINV_LENGTH],
    134. 

  134.     lox_pub: &IssuerPubKey,
    135. 

  135. ) -> Result<(lox_library::cred::Lox, BridgeLine), Error> {
    136. 

  136.     let (req, state) = open_invite::request(&open_invite);
    137. 

  137.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    138. 

  138.     let encoded_resp = net.request("/openreq".to_string(), encoded_req).await;
    139. 

  139.     let decoded_resp: open_invite::Response = serde_json::from_slice(&encoded_resp)?;
    140. 

  140.     let (cred, bridgeline) = open_invite::handle_response(state, decoded_resp, &lox_pub).unwrap();
    141. 

  141.     Ok((cred, bridgeline))
    142. 

  142. }
    143. 

  143. 

  144. // Get a migration credential to migrate to higher trust
    145. 

  145. pub async fn trust_promotion(
    146. 

  146.     net: &dyn Networking,
    147. 

  147.     lox_cred: &lox_library::cred::Lox,
    148. 

  148.     lox_pub: &IssuerPubKey,
    149. 

  149. ) -> Result<lox_library::cred::Migration, Error> {
    150. 

  150.     let (req, state) =
    151. 

  151.         trust_promotion::request(&lox_cred, &lox_pub, get_today(net).await?).unwrap();
    152. 

  152.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    153. 

  153.     let encoded_resp = net.request("/trustpromo".to_string(), encoded_req).await;
    154. 

  154.     let decoded_resp: trust_promotion::Response = serde_json::from_slice(&encoded_resp)?;
    155. 

  155.     let migration_cred = trust_promotion::handle_response(state, decoded_resp).unwrap();
    156. 

  156.     Ok(migration_cred)
    157. 

  157. }
    158. 

  158. 

  159. // Promote from untrusted (trust level 0) to trusted (trust level 1)
    160. 

  160. pub async fn trust_migration(
    161. 

  161.     net: &dyn Networking,
    162. 

  162.     lox_cred: &lox_library::cred::Lox,
    163. 

  163.     migration_cred: &lox_library::cred::Migration,
    164. 

  164.     lox_pub: &IssuerPubKey,
    165. 

  165.     migration_pub: &IssuerPubKey,
    166. 

  166. ) -> Result<lox_library::cred::Lox, Error> {
    167. 

  167.     let (req, state) =
    168. 

  168.         migration::request(lox_cred, migration_cred, lox_pub, migration_pub).unwrap();
    169. 

  169.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    170. 

  170.     let encoded_resp = net.request("/trustmig".to_string(), encoded_req).await;
    171. 

  171.     let decoded_resp: migration::Response = serde_json::from_slice(&encoded_resp)?;
    172. 

  172.     let cred = migration::handle_response(state, decoded_resp, lox_pub).unwrap();
    173. 

  173.     Ok(cred)
    174. 

  174. }
    175. 

  175. 

  176. // Increase trust from at least level 1 to higher levels
    177. 

  177. pub async fn level_up(
    178. 

  178.     net: &dyn Networking,
    179. 

  179.     lox_cred: &lox_library::cred::Lox,
    180. 

  180.     reachcred: &cred::BucketReachability,
    181. 

  181.     lox_pub: &IssuerPubKey,
    182. 

  182.     reachability_pub: &IssuerPubKey,
    183. 

  183. ) -> Result<lox_library::cred::Lox, Error> {
    184. 

  184.     let (req, state) = level_up::request(
    185. 

  185.         lox_cred,
    186. 

  186.         &reachcred,
    187. 

  187.         lox_pub,
    188. 

  188.         reachability_pub,
    189. 

  189.         get_today(net).await?,
    190. 

  190.     )
    191. 

  191.     .unwrap();
    192. 

  192.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    193. 

  193.     let encoded_resp = net.request("/levelup".to_string(), encoded_req).await;
    194. 

  194.     let decoded_resp: level_up::Response = serde_json::from_slice(&encoded_resp)?;
    195. 

  195.     let cred = level_up::handle_response(state, decoded_resp, lox_pub).unwrap();
    196. 

  196.     Ok(cred)
    197. 

  197. }
    198. 

  198. 

  199. // Request an Invitation credential to give to a friend
    200. 

  200. pub async fn issue_invite(
    201. 

  201.     net: &dyn Networking,
    202. 

  202.     lox_cred: &lox_library::cred::Lox,
    203. 

  203.     encbuckets: &HashMap<u32, EncryptedBucket>,
    204. 

  204.     lox_pub: &IssuerPubKey,
    205. 

  205.     reachability_pub: &IssuerPubKey,
    206. 

  206.     invitation_pub: &IssuerPubKey,
    207. 

  207. ) -> Result<(lox_library::cred::Lox, lox_library::cred::Invitation), Error> {
    208. 

  208.     // Read the bucket in the credential to get today's Bucket
    209. 

  209.     // Reachability credential
    210. 

  210. 

  211.     let (id, key) = from_scalar(lox_cred.bucket).unwrap();
    212. 

  212.     let bucket = BridgeTable::decrypt_bucket(id, &key, &encbuckets.get(&id).unwrap()).unwrap();
    213. 

  213.     let reachcred = bucket.1.unwrap();
    214. 

  214. 

  215.     let (req, state) = issue_invite::request(
    216. 

  216.         lox_cred,
    217. 

  217.         &reachcred,
    218. 

  218.         lox_pub,
    219. 

  219.         reachability_pub,
    220. 

  220.         get_today(net).await?,
    221. 

  221.     )
    222. 

  222.     .unwrap();
    223. 

  223.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    224. 

  224.     let encoded_resp = net.request("/issueinvite".to_string(), encoded_req).await;
    225. 

  225.     let decoded_resp: issue_invite::Response = serde_json::from_slice(&encoded_resp)?;
    226. 

  226.     let (cred, invite) =
    227. 

  227.         issue_invite::handle_response(state, decoded_resp, lox_pub, invitation_pub).unwrap();
    228. 

  228.     Ok((cred, invite))
    229. 

  229. }
    230. 

  230. 

  231. // Redeem an Invitation credential to start at trust level 1
    232. 

  232. pub async fn redeem_invite(
    233. 

  233.     net: &dyn Networking,
    234. 

  234.     invite: &lox_library::cred::Invitation,
    235. 

  235.     lox_pub: &IssuerPubKey,
    236. 

  236.     invitation_pub: &IssuerPubKey,
    237. 

  237. ) -> Result<(lox_library::cred::Lox, [BridgeLine; MAX_BRIDGES_PER_BUCKET]), Error> {
    238. 

  238.     let (req, state) =
    239. 

  239.         redeem_invite::request(invite, invitation_pub, get_today(net).await?).unwrap();
    240. 

  240.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    241. 

  241.     let encoded_resp = net.request("/redeem".to_string(), encoded_req).await;
    242. 

  242.     let decoded_resp: redeem_invite::Response = serde_json::from_slice(&encoded_resp)?;
    243. 

  243.     let cred = redeem_invite::handle_response(state, decoded_resp, lox_pub).unwrap();
    244. 

  244. 

  245.     let bucket = get_bucket(net, &cred).await?.0;
    246. 

  246.     Ok((cred, bucket))
    247. 

  247. }
    248. 

  248. 

  249. // Check for a migration credential to move to a new bucket
    250. 

  250. pub async fn check_blockage(
    251. 

  251.     net: &dyn Networking,
    252. 

  252.     lox_cred: &lox_library::cred::Lox,
    253. 

  253.     lox_pub: &IssuerPubKey,
    254. 

  254. ) -> Result<lox_library::cred::Migration, Error> {
    255. 

  255.     let (req, state) = check_blockage::request(lox_cred, lox_pub).unwrap();
    256. 

  256.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    257. 

  257.     let encoded_resp = net.request("/checkblockage".to_string(), encoded_req).await;
    258. 

  258.     let decoded_resp: check_blockage::Response = serde_json::from_slice(&encoded_resp)?;
    259. 

  259.     let migcred = check_blockage::handle_response(state, decoded_resp).unwrap();
    260. 

  260.     Ok(migcred)
    261. 

  261. }
    262. 

  262. 

  263. // Migrate to a new bucket (must be level >= 3)
    264. 

  264. pub async fn blockage_migration(
    265. 

  265.     net: &dyn Networking,
    266. 

  266.     lox_cred: &lox_library::cred::Lox,
    267. 

  267.     migcred: &lox_library::cred::Migration,
    268. 

  268.     lox_pub: &IssuerPubKey,
    269. 

  269.     migration_pub: &IssuerPubKey,
    270. 

  270. ) -> Result<lox_library::cred::Lox, Error> {
    271. 

  271.     let (req, state) =
    272. 

  272.         blockage_migration::request(lox_cred, migcred, lox_pub, migration_pub).unwrap();
    273. 

  273.     let encoded_req: Vec<u8> = serde_json::to_vec(&req)?;
    274. 

  274.     let encoded_resp = net
    275. 

  275.         .request("/blockagemigration".to_string(), encoded_req)
    276. 

  276.         .await;
    277. 

  277.     let decoded_resp: blockage_migration::Response = serde_json::from_slice(&encoded_resp)?;
    278. 

  278.     let cred = blockage_migration::handle_response(state, decoded_resp, lox_pub).unwrap();
    279. 

  279.     Ok(cred)
    280. 

  280. }
    281. 

  281. 

  282. #[cfg(test)]
    283. 

  283. mod tests;
    284.