Move the Encrypter from the config to the keystore

2025-08-09 04:22:45 +03:00 · 2022-08-31 18:42:23 +02:00
parent e1d50b818e
commit 8c25dc03ce
26 changed files with 157 additions and 137 deletions
--- a/crates/keystore/Cargo.toml
+++ b/crates/keystore/Cargo.toml
@@ -7,21 +7,26 @@ license = "Apache-2.0"

 [dependencies]
 anyhow = "1.0.62"
+aead = { version = "0.5.1", features = ["std"] }
+const-oid = { version = "0.9.0", features = ["std"] }
+cookie = { version = "0.16.0", features = ["key-expansion", "private"] }
 der = { version = "0.6.0", features = ["std"] }
+ecdsa = { version = "0.14.4", features = ["std"] }
 elliptic-curve = { version = "0.12.3", features = ["std", "pem", "sec1"] }
 k256 = { version = "0.11.1", features = ["std"] }
 p256 = { version = "0.11.1", features = ["std"] }
 p384 = { version = "0.11.1", features = ["std"] }
 pem-rfc7468 = { version = "0.6.0", features = ["std"] }
 pkcs1 = { version = "0.4.0", features = ["std"] }
-spki = { version = "0.6.0", features = ["std"] }
-ecdsa = { version = "0.14.4", features = ["std"] }
 pkcs8 = { version = "0.9.0", features = ["std", "pkcs5", "encryption"] }
-const-oid = { version = "0.9.0", features = ["std"] }
+rand = "0.8.5"
 rsa = { git = "https://github.com/RustCrypto/RSA.git", features = ["std", "pem"] }
 sec1 = { version = "0.3.0", features = ["std"] }
+spki = { version = "0.6.0", features = ["std"] }
 thiserror = "1.0.32"
-rand_core = "0.6.3"
+generic-array = "0.14.6"
+chacha20poly1305 = { version = "0.10.1", features = ["std"] }
+base64ct = "1.5.2"

 mas-iana = { path = "../iana" }
 mas-jose = { path = "../jose" }
--- a/crates/keystore/src/encrypter.rs
+++ b/crates/keystore/src/encrypter.rs
@@ -0,0 +1,104 @@
+// Copyright 2022 The Matrix.org Foundation C.I.C.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+use std::sync::Arc;
+
+use aead::Aead;
+use base64ct::{Base64, Encoding};
+use chacha20poly1305::{ChaCha20Poly1305, KeyInit};
+use cookie::Key;
+use generic_array::GenericArray;
+
+/// Helps encrypting and decrypting data
+#[derive(Clone)]
+pub struct Encrypter {
+    cookie_key: Arc<Key>,
+    aead: Arc<ChaCha20Poly1305>,
+}
+
+impl From<Encrypter> for Key {
+    fn from(e: Encrypter) -> Self {
+        e.cookie_key.as_ref().clone()
+    }
+}
+
+impl Encrypter {
+    /// Creates an [`Encrypter`] out of an encryption key
+    #[must_use]
+    pub fn new(key: &[u8; 32]) -> Self {
+        let cookie_key = Key::derive_from(&key[..]);
+        let cookie_key = Arc::new(cookie_key);
+        let key = GenericArray::from_slice(key);
+        let aead = ChaCha20Poly1305::new(key);
+        let aead = Arc::new(aead);
+        Self { cookie_key, aead }
+    }
+
+    /// Encrypt a payload
+    ///
+    /// # Errors
+    ///
+    /// Will return `Err` when the payload failed to encrypt
+    pub fn encrypt(&self, nonce: &[u8; 12], decrypted: &[u8]) -> anyhow::Result<Vec<u8>> {
+        let nonce = GenericArray::from_slice(&nonce[..]);
+        let encrypted = self.aead.encrypt(nonce, decrypted)?;
+        Ok(encrypted)
+    }
+
+    /// Decrypts a payload
+    ///
+    /// # Errors
+    ///
+    /// Will return `Err` when the payload failed to decrypt
+    pub fn decrypt(&self, nonce: &[u8; 12], encrypted: &[u8]) -> anyhow::Result<Vec<u8>> {
+        let nonce = GenericArray::from_slice(&nonce[..]);
+        let encrypted = self.aead.decrypt(nonce, encrypted)?;
+        Ok(encrypted)
+    }
+
+    /// Encrypt a payload to a self-contained base64-encoded string
+    ///
+    /// # Errors
+    ///
+    /// Will return `Err` when the payload failed to encrypt
+    pub fn encryt_to_string(&self, decrypted: &[u8]) -> anyhow::Result<String> {
+        let nonce = rand::random();
+        let encrypted = self.encrypt(&nonce, decrypted)?;
+        let encrypted = [&nonce[..], &encrypted].concat();
+        let encrypted = Base64::encode_string(&encrypted);
+        Ok(encrypted)
+    }
+
+    /// Decrypt a payload from a self-contained base64-encoded string
+    ///
+    /// # Errors
+    ///
+    /// Will return `Err` when the payload failed to decrypt
+    pub fn decrypt_string(&self, encrypted: &str) -> anyhow::Result<Vec<u8>> {
+        let encrypted = Base64::decode_vec(encrypted)?;
+
+        let nonce: &[u8; 12] = encrypted
+            .get(0..12)
+            .ok_or_else(|| anyhow::anyhow!("invalid payload serialization"))?
+            .try_into()?;
+
+        let payload = encrypted
+            .get(12..)
+            .ok_or_else(|| anyhow::anyhow!("invalid payload serialization"))?;
+
+        let decrypted_client_secret = self.decrypt(nonce, payload)?;
+
+        Ok(decrypted_client_secret)
+    }
+}
--- a/crates/keystore/src/lib.rs
+++ b/crates/keystore/src/lib.rs
@@ -37,11 +37,15 @@ use mas_jose::{
 use pem_rfc7468::PemLabel;
 use pkcs1::EncodeRsaPrivateKey;
 use pkcs8::{AssociatedOid, PrivateKeyInfo};
-use rand_core::{CryptoRng, RngCore};
+use rand::{CryptoRng, RngCore};
 use rsa::BigUint;
 use sec1::EncodeEcPrivateKey;
 use thiserror::Error;

+mod encrypter;
+
+pub use self::encrypter::Encrypter;
+
 /// Error type used when a key could not be loaded
 #[derive(Debug, Error)]
 pub enum LoadError {