Add storable_builder helper

G8XSU · G8XSU · commit 513f7d3835af · 2023-11-01T18:08:41.000-07:00
diff --git a/src/lib.rs b/src/lib.rs
@@ -19,5 +19,8 @@ pub mod error;
 /// Contains request/response types generated from the API definition of VSS.
 pub mod types;
 
+/// Contains helper utils for encryption, requests-retries etc.
+pub mod util;
+
 // Encryption-Decryption related crate-only helpers.
 pub(crate) mod crypto;
diff --git a/src/util/mod.rs b/src/util/mod.rs
@@ -0,0 +1 @@
+pub mod storable_builder;
diff --git a/src/util/storable_builder.rs b/src/util/storable_builder.rs
@@ -0,0 +1,71 @@
+use crate::crypto::chacha20poly1305::ChaCha20Poly1305;
+use crate::types::{EncryptionMetadata, PlaintextBlob, Storable};
+use ::prost::Message;
+use rand::rngs::ThreadRng;
+use rand::RngCore;
+use std::borrow::Borrow;
+use std::io;
+use std::io::{Error, ErrorKind};
+
+pub struct StorableBuilder {
+	data_encryption_key: [u8; 32],
+}
+
+const CHACHA20_CIPHER_NAME: &'static str = "ChaCha20Poly1305";
+
+impl StorableBuilder {
+	pub fn build(&self, input: Vec<u8>, version: i64) -> Storable {
+		let mut rng = ThreadRng::default();
+		let mut nonce = [0u8; 12];
+		rng.fill_bytes(&mut nonce[4..]);
+
+		let mut data_blob = PlaintextBlob { value: input, version }.encode_to_vec();
+
+		let mut cipher = ChaCha20Poly1305::new(&self.data_encryption_key, &nonce, &vec![]);
+		let mut tag = [0u8; 16];
+		cipher.encrypt_inplace(&mut data_blob, &mut tag);
+		Storable {
+			data: data_blob,
+			encryption_metadata: Option::from(EncryptionMetadata {
+				nonce: nonce.to_vec(),
+				tag: tag.to_vec(),
+				cipher_format: CHACHA20_CIPHER_NAME.to_string(),
+			}),
+		}
+	}
+
+	pub fn deconstruct(&self, mut storable: Storable) -> io::Result<(Vec<u8>, i64)> {
+		let encryption_metadata = storable.encryption_metadata.unwrap();
+		let mut cipher = ChaCha20Poly1305::new(&self.data_encryption_key, &encryption_metadata.nonce, &vec![]);
+		let input_output = storable.data.as_mut();
+
+		if cipher.decrypt_inplace(input_output, encryption_metadata.tag.borrow()) {
+			let data_blob = PlaintextBlob::decode(&*input_output).map_err(|e| Error::new(ErrorKind::InvalidData, e))?;
+			Ok((data_blob.value, data_blob.version))
+		} else {
+			Err(Error::new(ErrorKind::InvalidData, "Invalid Tag"))
+		}
+	}
+}
+
+#[cfg(test)]
+mod tests {
+	use super::*;
+	use rand::thread_rng;
+
+	#[test]
+	fn encrypt_decrypt() {
+		let mut rng = thread_rng();
+		let mut data_key = [0u8; 32];
+		rng.fill_bytes(&mut data_key);
+
+		let storable_builder = StorableBuilder { data_encryption_key: data_key };
+		let expected_data = b"secret".to_vec();
+		let expected_version = 8;
+		let storable = storable_builder.build(expected_data.clone(), expected_version);
+
+		let (actual_data, actual_version) = storable_builder.deconstruct(storable).unwrap();
+		assert_eq!(actual_data, expected_data);
+		assert_eq!(actual_version, expected_version);
+	}
+}
