Skip to content

Commit

Permalink
v2, domain model redesign (#52)
Browse files Browse the repository at this point in the history
v2, data-model redesign: complete redesign of the workflow and
refactoring and redesign of the domain model of meta secret:
- get rid of MetaDb(ReadDb): no need to having one more representation
in memory
- separate device info from vault info (UserSignature not exists
anymore, and device contains key manager)
- server can use device data rather than creating a fake user
credentials account, which is more adequate way of doing things
- no need to have an in mem representation of the database - the db
structure changed in a way that data can't be queried directly from the
database.
  • Loading branch information
cypherkitty authored Dec 21, 2023
1 parent 19554cd commit 1500120
Show file tree
Hide file tree
Showing 128 changed files with 3,990 additions and 6,183 deletions.
38 changes: 36 additions & 2 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,45 @@ resolver = "2"
members = [
"core",
"meta-server-emulator",
"meta-test",
"core-swift-lib",
"wasm"
]

exclude = [
"meta-server-serverless"
]
]

[workspace.dependencies]
# Error handling
thiserror = "1.0.49"
anyhow = "1.0.75"

# Logging and tracing
tracing = "0.1"
tracing-subscriber = { version = "0.3" }

# Json
serde = { version = "1.0.188", features = ["derive"] }
serde_json = "1.0.107"
serde_derive = "1.0.188"

# Async utils
async-std = { version = "1.12.0" }
async-trait = "0.1"
flume = "0.11"
async-mutex = "1.4"

# Cryptography
ed25519-dalek = "1.0.1"
crypto_box = { version = "0.8.2", features = ["std"] }
rand = "0.8.5"
getrandom = { version = "0.2.8", features = ["js"] }
sha2 = { version = "0.10.6", features = ["oid"] }
base64 = "0.20.0"
hex = "0.4"
#https://github.com/dsprenkels/sss-rs
shamirsecretsharing = "0.1"

# Sql
diesel = { version = "2.0.0" }
diesel_migrations = { version = "2.0.0" }
20 changes: 12 additions & 8 deletions core-swift-lib/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,15 @@ name = "meta_secret_core_swift"

[dependencies]
meta-secret-core = { path = "../core"}
serde_json = "1.0.87"
serde = { version = "1.0", features = ["derive"] }
ed25519-dalek = "1.0"
crypto_box = "0.8.1"
base64 = "0.20.0-alpha.1"
sha2 = "0.10.6"
hex = "0.4"
anyhow = "1.0.66"

anyhow.workspace = true

serde.workspace = true
serde_json.workspace = true
serde_derive.workspace = true

ed25519-dalek.workspace = true
crypto_box.workspace = true
base64.workspace = true
sha2.workspace = true
hex.workspace = true
42 changes: 23 additions & 19 deletions core-swift-lib/src/swift_to_rust.rs
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
use anyhow::Context;
use meta_secret_core::crypto::keys::KeyManager;
use meta_secret_core::crypto::keys::{KeyManager, SecretBox};
use meta_secret_core::errors::CoreError;
use meta_secret_core::models::{Base64EncodedText, SecretDistributionDocData, SerializedKeyManager};
use meta_secret_core::recover_from_shares;
use meta_secret_core::secret::data_block::common::SharedSecretConfig;
use meta_secret_core::secret::shared_secret::UserShareDto;
Expand All @@ -11,6 +10,8 @@ use std::ffi::CString;
use std::os::raw::c_char;
use std::slice;
use std::str;
use meta_secret_core::crypto::encoding::base64::Base64Text;
use meta_secret_core::node::common::model::secret::SecretDistributionData;

type SizeT = usize;

Expand Down Expand Up @@ -73,13 +74,13 @@ fn to_c_str(str: String) -> *mut c_char {
}

mod internal {
use meta_secret_core::node::common::model::crypto::{AeadCipherText, AeadPlainText, EncryptedMessage};
use meta_secret_core::node::common::model::secret::MetaPasswordId;
use super::*;
use meta_secret_core::models::{AeadCipherText, AeadPlainText, MetaPasswordId};
use meta_secret_core::secret;

pub fn generate_security_box(vault_name_bytes: *const u8, len: SizeT) -> CoreResult<String> {
let device_name = data_to_string(vault_name_bytes, len)?;
let security_box = KeyManager::generate_security_box(device_name);
let security_box = KeyManager::generate_secret_box();
let user = serde_json::to_string_pretty(&security_box)?;
Ok(user)
}
Expand Down Expand Up @@ -132,10 +133,11 @@ mod internal {

println!("restore_task {:?}", restore_task.doc);
// Decrypt shares
let EncryptedMessage::CipherShare { share, ..} = restore_task.doc.secret_message;
let share_json: AeadPlainText = key_manager
.transport_key_pair
.decrypt(&restore_task.doc.secret_message.encrypted_text)?;
let share_json = UserShareDto::try_from(share_json.msg.as_ref())?;
.decrypt(&share)?;
let share_json = UserShareDto::try_from(&share_json.msg)?;

// Decrypted Share to JSon
let result_json = serde_json::to_string_pretty(&share_json)?;
Expand All @@ -147,16 +149,18 @@ mod internal {
let restore_task = RestoreTask::try_from(&data_string)?;

let key_manager = KeyManager::try_from(&restore_task.key_manager)?;
let EncryptedMessage::CipherShare { share: second_share, ..} = restore_task.doc_two.secret_message;
let share_from_device_2_json: AeadPlainText = key_manager
.transport_key_pair
.decrypt(&restore_task.doc_two.secret_message.encrypted_text)?;
let share_from_device_2_json = UserShareDto::try_from(share_from_device_2_json.msg.as_ref())?;
.decrypt(&second_share)?;
let share_from_device_2_json = UserShareDto::try_from(&share_from_device_2_json.msg)?;

let EncryptedMessage::CipherShare { share: first_share, ..} = restore_task.doc_one.secret_message;
let share_from_device_1_json: AeadPlainText = key_manager
.transport_key_pair
.decrypt(&restore_task.doc_one.secret_message.encrypted_text)?;
.decrypt(&first_share)?;

let share_from_device_1_json = UserShareDto::try_from(share_from_device_1_json.msg.as_ref())?;
let share_from_device_1_json = UserShareDto::try_from(&share_from_device_1_json.msg)?;

// Restored Password to JSon
let password = recover_from_shares(vec![share_from_device_2_json, share_from_device_1_json])?;
Expand Down Expand Up @@ -186,8 +190,8 @@ fn data_to_string(bytes: *const u8, len: SizeT) -> CoreResult<String> {
#[derive(Debug, PartialEq, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")]
pub struct JsonMappedData {
sender_key_manager: SerializedKeyManager,
receiver_pub_key: Base64EncodedText,
sender_key_manager: SecretBox,
receiver_pub_key: Base64Text,
secret: String,
}

Expand All @@ -203,16 +207,16 @@ impl TryFrom<&String> for JsonMappedData {
#[derive(Debug, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")]
struct RestoreTask {
key_manager: SerializedKeyManager,
doc_one: SecretDistributionDocData,
doc_two: SecretDistributionDocData,
key_manager: SecretBox,
doc_one: SecretDistributionData,
doc_two: SecretDistributionData,
}

#[derive(Debug, Serialize, Deserialize)]
#[serde(rename_all = "camelCase")]
struct DecryptTask {
key_manager: SerializedKeyManager,
doc: SecretDistributionDocData,
key_manager: SecretBox,
doc: SecretDistributionData,
}

impl TryFrom<&String> for RestoreTask {
Expand All @@ -238,10 +242,10 @@ impl TryFrom<&String> for DecryptTask {
pub mod test {
use meta_secret_core::crypto::key_pair::KeyPair;
use meta_secret_core::crypto::keys::KeyManager;
use meta_secret_core::models::AeadCipherText;
use meta_secret_core::secret::data_block::common::SharedSecretConfig;
use meta_secret_core::secret::shared_secret::UserShareDto;
use meta_secret_core::{secret, CoreResult};
use meta_secret_core::node::common::model::crypto::AeadCipherText;

#[test]
fn split_and_encrypt() -> CoreResult<()> {
Expand Down
64 changes: 30 additions & 34 deletions core/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -3,55 +3,52 @@ name = "meta-secret-core"
version = "2.0.0"
edition = "2021"
license = "Apache-2.0"
description = "Meta Secret core module"
description = "Meta Secret Core Module"
homepage = "https://github.com/meta-secret/meta-secret-core"
documentation = "https://github.com/meta-secret/meta-secret-core/blob/main/core/README.md"
repository = "https://github.com/meta-secret/meta-secret-core"
readme = "README.md"

[features]
test_utils = []

[lib]
crate-type = ["cdylib", "lib", "staticlib"]
name = "meta_secret_core"

[dependencies]
chrono = "0.4.31"

thiserror = "1.0.40"
anyhow = "1.0.66"

tracing = {version = "0.1.37" }
tracing-subscriber = {version = "0.3.17", features = ["json", "env-filter"]}

async-mutex = "1.4.0"

async-trait = "0.1"
flume = "0.11.0"

reqwest = { version = "0.11.13", features = ["json"] }
async-std = { version = "1.12.0", features = ["unstable"] }

ed25519-dalek = "1.0.1"
crypto_box = { version = "0.8.2", features = ["std"] }
rand = "0.8.5"
getrandom = { version = "0.2.8", features = ["js"] }
sha2 = { version = "0.10.6", features = ["oid"] }
base64 = "0.20.0"

hex = "0.4"

thiserror.workspace = true
anyhow.workspace = true

async-trait.workspace = true
flume.workspace = true
async-mutex.workspace = true
async-std = { workspace = true, features = ["unstable"] }

serde.workspace = true
serde_json.workspace = true
serde_derive.workspace = true

tracing.workspace = true
tracing-subscriber = { workspace = true, features = ["json", "env-filter"] }
tracing-attributes = "0.1.27"

ed25519-dalek.workspace = true
crypto_box.workspace = true
rand.workspace = true
getrandom.workspace = true
sha2.workspace = true
base64.workspace = true
hex.workspace = true
#https://github.com/dsprenkels/sss-rs
shamirsecretsharing = "0.1"
shamirsecretsharing.workspace = true

serde = { version = "1.0", features = ["derive"] }
serde_json = "1.0"
serde_bytes = "0.11"
serde-big-array = "0.4"
serde_derive = "^1.0"

qrcode-generator = "4.1.6"
rqrr = "0.5"
image = "0.24"
log = "0.4.20"

[dependencies.uuid]
version = "1.3.0"
Expand All @@ -61,7 +58,6 @@ features = [
"macro-diagnostics", # Enable better diagnostics for compile-time UUIDs
]


[dev-dependencies]
tokio = { version = "1.20.1", features = ["macros"] }
pretty_assertions = "1"
tokio = { version = "1.20.1", features = ["full"] }
pretty_assertions = "1"
Loading

0 comments on commit 1500120

Please sign in to comment.