Missing packet infrastructure for re-encrypting.

- outline of the recipient packet construction - add packet_type and content packet properties - implement ephemeral key generation
oarepo · Oct 15, 2024 · aabbf43 · aabbf43
1 parent 2f38796
commit aabbf43
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 1 deletion.
diff --git a/oarepo_c4gh/crypt4gh/filter.py b/oarepo_c4gh/crypt4gh/filter.py
@@ -8,6 +8,7 @@
 from .aheader import ACrypt4GHHeader
 from typing import Generator
 from .data_block import DataBlock
+from ..key.software import SoftwareKey
 
 
 class Crypt4GHHeaderFilter(ACrypt4GHHeader):
@@ -45,7 +46,24 @@ def packets(self) -> list:
         edit lists and DEKs are added.
 
         """
-        return self._original.packets
+        ekey = None
+        ekey_col = None
+        temp_packets = self._original.packets.copy()
+        for public_key in self._recipients_to_add:
+            for packet in self._original.packets:
+                if packet.is_readable and packet.packet_type in (1, 2):
+                    if ekey is None:
+                        ekey = SoftwareKey.generate()
+                        ekey_col = KeyCollection(ekey)
+                    payload = io.BytesIO()
+                    payload.write(packet.length.to_bytes(4, "little"))
+                    enc_method = 0
+                    payload.write(enc_method.to_bytes(4, "little"))
+                    payload.write(ekey.public_key)
+                    # At offset 40 here.
+                    # Encrypt content: packet.content
+                    # TODO: write encrypted content (the same size as content + 16 bytes MAC)
+        return temp_packets
 
     @property
     def magic_bytes(self) -> bytes:

diff --git a/oarepo_c4gh/crypt4gh/header_packet.py b/oarepo_c4gh/crypt4gh/header_packet.py
@@ -146,3 +146,17 @@ def reader_key(self) -> bytes:
     def packet_data(self) -> bytes:
         """Returns the original packet data (for serialization)."""
         return self._packet_data
+
+    @property
+    def packet_type(self) -> int:
+        """Returns the numerical representation of packet type.
+
+        """
+        return self._packet_type
+
+    @property
+    def content(self) -> bytes:
+        """Returns the encrypted packet content.
+
+        """
+        return self._content
diff --git a/oarepo_c4gh/key/software.py b/oarepo_c4gh/key/software.py
@@ -15,6 +15,7 @@
     crypto_kx_client_session_keys,
 )
 from ..exceptions import Crypt4GHKeyException
+import secrets
 
 
 class SoftwareKey(Key):
@@ -140,3 +141,7 @@ def can_compute_symmetric_keys(self) -> bool:
 
         """
         return self._private_key is not None
+
+    @classmethod
+    def generate(self) -> None:
+        return SoftwareKey(secrets.token_bytes(32))
diff --git a/tests/test_software.py b/tests/test_software.py
@@ -91,6 +91,9 @@ def test_only_public(self):
         self.assertRaises(Crypt4GHKeyException, _only_public_write)
         self.assertRaises(Crypt4GHKeyException, _only_public_read)
 
+    def test_ephemeral_generate(self):
+        key = SoftwareKey.generate()
+
 
 if __name__ == "__main__":
     unittest.main()