shimun/brownpaper
1
0
Fork 0
Code Issues Pull Requests Releases Activity

encrypt using chacha
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source
This commit is contained in:
shimunn
2019-09-07 21:24:58 +02:00
parent 0ba80e7314
commit 141f048d13
5 changed files with 144 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
src/chacha_io.rs Normal file
View File

@@ -0,0 +1,45 @@
use c2_chacha::stream_cipher::{NewStreamCipher, SyncStreamCipher, SyncStreamCipherSeek};
use c2_chacha::{ChaCha12, ChaCha20};
use std::convert::TryInto;
use std::io::{Read, Result, Write};
pub struct ChaChaReader<'a>(ChaCha20, &'a mut Read);
impl<'a> ChaChaReader<'a> {
pub fn new(key: &[u8], nonce: &[u8], source: &'a mut Read) -> ChaChaReader<'a> {
ChaChaReader(ChaCha20::new_var(key, nonce).unwrap(), source)
}
}
impl<'a> Read for ChaChaReader<'a> {
fn read(&mut self, buf: &mut [u8]) -> Result<usize> {
let red = self.1.read(buf)?;
self.0.apply_keystream(buf);
Ok(red)
}
}
pub struct ChaChaWriter<'a>(ChaCha20, &'a mut Write);
impl<'a> ChaChaWriter<'a> {
pub fn new(key: &[u8], nonce: &[u8], sink: &'a mut Write) -> ChaChaWriter<'a> {
ChaChaWriter(ChaCha20::new_var(key, nonce).unwrap(), sink)
}
}
impl<'a> Write for ChaChaWriter<'a> {
fn write(&mut self, buf: &[u8]) -> Result<usize> {
let mut cipher_text = [0u8; 256];
let mut written = 0usize;
for chunk in buf.chunks(cipher_text.len()) {
cipher_text[0..chunk.len()].copy_from_slice(&chunk);
self.0.apply_keystream(&mut cipher_text[0..chunk.len()]);
written += self.1.write(&cipher_text[0..chunk.len()])?;
}
Ok(written)
}
fn flush(&mut self) -> Result<()> {
self.1.flush()
}
}

60
src/main.rs
View File

@@ -6,10 +6,12 @@ extern crate rand;
extern crate sequoia_openpgp as openpgp;
extern crate snap;
mod chacha_io;
mod pgp;
use crate::pgp::KnownKeys;
use byteorder::{BigEndian, ReadBytesExt, WriteBytesExt};
use chacha_io::{ChaChaReader, ChaChaWriter};
use chrono::*;
use core::cell::RefCell;
use iron::method::Method;
@@ -17,7 +19,9 @@ use iron::modifiers::Redirect;
use iron::prelude::*;
use iron::url::Url;
use rand::Rng;
use sha2::{Digest, Sha256};
use std::borrow::BorrowMut;
use std::convert::TryInto;
use std::fs;
use std::fs::File;
use std::io;
@@ -46,7 +50,7 @@ impl<'a> Snippet<'a> {
Snippet::new(
&rand::thread_rng()
.gen_ascii_chars()
.take(6)
.take(8)
.collect::<String>(),
storage,
)
@@ -59,13 +63,30 @@ impl<'a> Snippet<'a> {
}
}
pub fn file_id(&self) -> String {
SnippetStorage::file_id(&self.id)
}
pub fn passphrase(&self) -> ([u8; 8], [u8; 32]) {
let mut hasher = Sha256::new();
hasher.input(self.id.as_bytes());
let res = hasher.result();
let nonce: [u8; 8] = res[0..8].try_into().unwrap();
let mut hasher = Sha256::new();
hasher.input(self.id.as_bytes());
hasher.input(b"pass");
let pass: [u8; 32] = res[0..32].try_into().unwrap();
(nonce, pass)
}
pub fn path(&self) -> PathBuf {
self.storage.directory.join(&self.id)
self.storage.directory.join(&self.file_id())
}
pub fn metadata(&self) -> Result<SnippetMeta, io::Error> {
let mut file = File::open(self.path())?;
self.metadata_via_handle(&mut file)
let (nonce, key) = self.passphrase();
self.metadata_via_handle(&mut ChaChaReader::new(&key, &nonce, &mut file))
}
fn metadata_via_handle(&self, hdl: &mut impl Read) -> Result<SnippetMeta, io::Error> {
@@ -83,38 +104,42 @@ impl<'a> Snippet<'a> {
fn contents(&self) -> Result<String, io::Error> {
let mut file = File::open(self.path())?;
let meta = self.metadata_via_handle(&mut file)?;
let (nonce, key) = self.passphrase();
let mut reader = ChaChaReader::new(&key, &nonce, &mut file);
let meta = self.metadata_via_handle(&mut reader)?;
fn read_string(r: &mut impl Read) -> Result<String, io::Error> {
let mut text = String::new();
r.read_to_string(&mut text)?;
Ok(text)
}
dbg!((&meta.compression, &meta.created));
dbg!((&meta.compression, &meta.created, self.file_id()));
match meta.compression {
Some(ref comp) if comp == "snap" => {
let mut r = snap::Reader::new(&mut file);
let mut r = snap::Reader::new(&mut reader);
read_string(&mut r)
}
_ => read_string(&mut file),
_ => read_string(&mut reader),
}
}
fn write(self, content: &str) -> Result<Snippet<'a>, io::Error> {
let mut file = File::create(self.path())?;
file.write_i64::<BigEndian>(Utc::now().timestamp())?;
let (nonce, key) = self.passphrase();
let mut writer = ChaChaWriter::new(&key, &nonce, &mut file);
writer.write_i64::<BigEndian>(Utc::now().timestamp())?;
let comp = if content.len() > 2048 {
Some("snap")
} else {
None
};
file.write_u16::<BigEndian>(comp.map(|s| s.len() as u16).unwrap_or(0u16))?;
file.write(comp.map(|s| s.as_bytes()).unwrap_or(&[0u8; 0]))?;
writer.write_u16::<BigEndian>(comp.map(|s| s.len() as u16).unwrap_or(0u16))?;
writer.write(comp.map(|s| s.as_bytes()).unwrap_or(&[0u8; 0]))?;
match comp {
Some(ref comp) if comp == &"snap" => {
let mut w = snap::Writer::new(&mut file);
let mut w = snap::Writer::new(&mut writer);
w.write_all(content.as_bytes())?
}
_ => file.write_all(content.as_bytes())?,
_ => writer.write_all(content.as_bytes())?,
};
Ok(Snippet::new(&self.id, self.storage))
}
@@ -126,9 +151,13 @@ impl<'a> SnippetStorage<'a> {
directory: directory,
}
}
pub fn file_id(id: &str) -> String {
let mut hasher = Sha256::new();
hasher.input(id.as_bytes());
hex::encode(&hasher.result()[0..12])
}
fn has(&self, id: &str) -> bool {
self.directory.join(id).exists()
self.directory.join(Self::file_id(id)).exists()
}
fn open(&self, id: &str) -> Option<Snippet> {
@@ -174,7 +203,8 @@ fn handle(req: &mut Request) -> IronResult<Response> {
.map_err(|err| IronError::new(err, "Invalid utf8"))?
};
let b_text = KNOWN_KEYS
.lock().unwrap()//.map_err(|_| IronError::new(std::error::Error::from("Mutex Err"), "PGP Context unavailable"))?
.lock()
.unwrap() //.map_err(|_| IronError::new(std::error::Error::from("Mutex Err"), "PGP Context unavailable"))?
.verify(pgp_text.as_bytes())
.map_err(|err| IronError::new(err, "Untrusted signature"))?;
let text = String::from_utf8(b_text).unwrap();

30
src/pgp.rs
View File

@@ -1,18 +1,16 @@
use std::io;
use std::fs;
use std::fs::{File};
use std::path::Path;
use std::io::prelude::*;
use openpgp::parse::stream::*;
use openpgp::parse::Parse;
use openpgp::*;
use openpgp::parse::stream::*;
use std::fs;
use std::fs::File;
use std::io;
use std::io::prelude::*;
use std::path::Path;
pub struct KnownKeys {
keys: Vec<openpgp::TPK>
keys: Vec<openpgp::TPK>,
}
impl VerificationHelper for &KnownKeys {
fn get_public_keys(&mut self, _ids: &[KeyID]) -> Result<Vec<TPK>> {
Ok(self.keys.clone())
}
@@ -33,19 +31,21 @@ impl KnownKeys {
println!("Fingerprint: {}", tpk.fingerprint());
keys.push(tpk);
}
Ok(KnownKeys{
keys: keys
})
Ok(KnownKeys { keys: keys })
}
pub fn verify(&mut self, r: impl Read) -> io::Result<Vec<u8>> {
let mut content = Vec::with_capacity(2048);
let helper = &*self;
let mut v = Verifier::<&KnownKeys>::from_reader(r, helper, None).map_err(|e| dbg!(e)).unwrap();
let mut v = Verifier::<&KnownKeys>::from_reader(r, helper, None)
.map_err(|e| dbg!(e))
.unwrap();
if v.read_to_end(&mut content).is_err() {
return Err(io::Error::new(io::ErrorKind::InvalidData, "Signature Mismatch"));
return Err(io::Error::new(
io::ErrorKind::InvalidData,
"Signature Mismatch",
));
}
Ok(content)
}
}