From 1bac11f1d0c86f6a1fda4db0a4c7afd4f441bd1f Mon Sep 17 00:00:00 2001
From: onyinyang <onyinyang@torproject.org>
Date: Mon, 27 Feb 2023 16:46:01 -0500
Subject: [PATCH] Refactor Lox Credential, Add check blockage

---
 crates/lox-wasm/index.js   |  38 ++++++++----
 crates/lox-wasm/src/lib.rs | 116 +++++++++++++++++++++++++++++--------
 2 files changed, 117 insertions(+), 37 deletions(-)

diff --git a/crates/lox-wasm/index.js b/crates/lox-wasm/index.js
index e380140..73f9f4a 100644
--- a/crates/lox-wasm/index.js
+++ b/crates/lox-wasm/index.js
@@ -12,6 +12,8 @@ import init, {
   prepare_invite,
   redeem_invite,
   handle_redeem_invite,
+  check_blockage,
+  handle_check_blockage,
   set_panic_hook } from "./pkg/lox_wasm.js";
 let pubkeys = await simple_request("/pubkeys");
 console.log("Got pubkeys: " + pubkeys);
@@ -53,7 +55,7 @@ let trust_promo_cred = await init().then(() => {
 let requested_trust_migration = trust_migration(open_lox_cred, trust_promo_cred, pubkeys);
 
 // Trust Promotion from Trust Level 0 -> 1
-let level_one_cred = await init().then(() => {
+let lox_cred = await init().then(() => {
   set_panic_hook();
   let cred = requested_cred("/trustmig", requested_trust_migration).then((response)=> {
     console.log("Got new Level 1 Lox Credential: " + response);
@@ -64,10 +66,10 @@ let level_one_cred = await init().then(() => {
 
 let encrypted_table = await simple_request("/reachability");
 console.log("Got Encrypted Table: " + encrypted_table);
-let requested_level_two = level_up(level_one_cred, encrypted_table, pubkeys);
+let requested_level_two = level_up(lox_cred, encrypted_table, pubkeys);
 
 // Level Up to Trust Level 2
-let level_two_cred = await init().then(() => {
+lox_cred = await init().then(() => {
   set_panic_hook();
   let cred = requested_cred("/levelup", requested_level_two).then((response)=> {
     console.log("Got new Level 2 Lox Credential: " + response);
@@ -79,10 +81,10 @@ let level_two_cred = await init().then(() => {
 // Update reachability cred
   encrypted_table = await simple_request("/reachability");
   console.log("Got Encrypted Table: " + encrypted_table);
-  let requested_level_three = level_up(level_two_cred, encrypted_table, pubkeys);
+  let requested_level_three = level_up(lox_cred, encrypted_table, pubkeys);
 
 // Level Up to Trust Level 3
-  let level_three_cred = await init().then(() => {
+  lox_cred = await init().then(() => {
     set_panic_hook();
     let cred = requested_cred("/levelup", requested_level_three).then((response)=> {
       console.log("Got new Level 3 Lox Credential: " + response);
@@ -95,10 +97,10 @@ let level_two_cred = await init().then(() => {
 // Update reachability cred
 encrypted_table = await simple_request("/reachability");
 console.log("Got Encrypted Table: " + encrypted_table);
-let requested_level_four = level_up(level_three_cred, encrypted_table, pubkeys);
+let requested_level_four = level_up(lox_cred, encrypted_table, pubkeys);
 
 // Level Up to Trust Level 4
-let level_four_cred = await init().then(() => {
+lox_cred = await init().then(() => {
   set_panic_hook();
   let cred = requested_cred("/levelup", requested_level_four).then((response)=> {
     console.log("Got new Level 4 Lox Credential: " + response);
@@ -110,10 +112,10 @@ let level_four_cred = await init().then(() => {
 // Update reachability cred
 encrypted_table = await simple_request("/reachability");
 console.log("Got Encrypted Table: " + encrypted_table);
-let requested_issue_invitation = issue_invite(level_four_cred, encrypted_table, pubkeys);
+let requested_issue_invitation = issue_invite(lox_cred, encrypted_table, pubkeys);
 
 // Issue an Invitation cred
-let issue_invite_cred = await init().then(() => {
+lox_cred = await init().then(() => {
   set_panic_hook();
   let cred = requested_cred("/issueinvite", requested_issue_invitation).then((response)=> {
     console.log("Got new Invite and Lox Credential: " + response);
@@ -122,19 +124,31 @@ let issue_invite_cred = await init().then(() => {
   return cred;
   });
 
-let prepare_invitation = prepare_invite(issue_invite_cred);
+let prepared_invitation = prepare_invite(lox_cred);
 // Trusted Invitation Request
-let requested_invitation = redeem_invite(prepare_invitation, pubkeys);
+let requested_invitation = redeem_invite(prepared_invitation, pubkeys);
 // Issue an Invitation cred
 let lox_cred_from_invite = await init().then(() => {
   set_panic_hook();
   let cred = requested_cred("/redeem", requested_invitation).then((response)=> {
-    console.log("Got new Invite and Lox Credential: " + response);
+    console.log("Got new Trusted Lox Credential Invite: " + response);
     return handle_redeem_invite(requested_invitation, response, pubkeys);
   });
   return cred;
   });
 
+  let requested_check_blockage = check_blockage(lox_cred, pubkeys);
+
+  // Check whether or not a bucket is blocked
+  let check_cred = await init().then(() => {
+    set_panic_hook();
+    let cred = requested_cred("/checkblockage", requested_check_blockage).then((response)=> {
+      console.log("Got check blockage Migration Credential: " + response);
+      return handle_check_blockage(requested_check_blockage, response);
+    });
+    return cred;
+    });
+
 
 function requested_cred(command, requested) {
   return new Promise((fulfill, reject) => {
diff --git a/crates/lox-wasm/src/lib.rs b/crates/lox-wasm/src/lib.rs
index e838538..a75b428 100644
--- a/crates/lox-wasm/src/lib.rs
+++ b/crates/lox-wasm/src/lib.rs
@@ -53,6 +53,13 @@ struct RedeemReqState {
     state: redeem_invite::State,
 }
 
+#[derive(Deserialize, Serialize)]
+struct CheckBlockageReqState {
+    request: check_blockage::Request,
+    state: check_blockage::State,
+}
+
+
 #[derive(Debug, Deserialize, Serialize)]
 struct PubKeys {
     lox_pub: IssuerPubKey,
@@ -70,15 +77,10 @@ pub struct EncBridgeTable {
 }
 
 #[derive(Debug, Deserialize, Serialize)]
-struct OpenCredential {
+struct LoxCredential {
     lox_credential: Lox,
-    bridgeline: BridgeLine,
-}
-
-#[derive(Debug, Deserialize, Serialize)]
-struct InviteCredential {
-    lox_credential: Lox,
-    invitation: Invitation,
+    bridgeline: Option<BridgeLine>,
+    invitation: Option<Invitation>,
 }
 
 fn today() -> u32 {
@@ -165,9 +167,10 @@ pub fn handle_new_lox_credential(
             return Err(JsValue::from(e.to_string()));
         }
     };
-    let lox_cred = OpenCredential {
+    let lox_cred = LoxCredential {
         lox_credential: lox_cred.0,
-        bridgeline: lox_cred.1,
+        bridgeline: Some(lox_cred.1),
+        invitation: None,
     };
     unsafe {
         log(&format!(
@@ -184,7 +187,7 @@ pub fn handle_new_lox_credential(
 
 #[wasm_bindgen]
 pub fn trust_promotion(open_lox_cred: String, lox_pub: String) -> Result<String, JsValue> {
-    let lox_cred: OpenCredential = serde_json::from_str(&open_lox_cred).unwrap();
+    let lox_cred: LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
     let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
     // To test creation of the credential we need to advance the day to 30
     // in production this should just use the today() function
@@ -241,7 +244,7 @@ pub fn handle_trust_promotion(
 
 #[wasm_bindgen]
 pub fn trust_migration(open_lox_cred: String, trust_promo_cred: String, lox_pub: String) -> Result<String, JsValue> {
-    let lox_cred: OpenCredential = serde_json::from_str(&open_lox_cred).unwrap();
+    let lox_cred: LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
     let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
     let mig_cred: Migration = serde_json::from_str(&trust_promo_cred).unwrap();
     let tm_result =
@@ -277,7 +280,11 @@ pub fn handle_trust_migration(
     let deserialized_response = serde_json::from_str(&trust_migration_response).unwrap();
     let level_one_cred =
         match migration::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) {
-            Ok(level_1_cred) => level_1_cred,
+            Ok(level_1_cred) => LoxCredential {
+                lox_credential: level_1_cred,
+                bridgeline: None,
+                invitation: None,
+            },
             Err(e) => {
                 log(&format!("Error: {:?}", e.to_string()));
                 return Err(JsValue::from(e.to_string()));
@@ -301,16 +308,16 @@ fn generate_reachability_cred(lox_cred: &Lox, encrypted_table: String) -> Bucket
 
 #[wasm_bindgen]
 pub fn level_up(level_one_cred: String, encrypted_table: String, lox_pub: String) -> Result<String, JsValue> {
-    let lox_cred: Lox = serde_json::from_str(&level_one_cred).unwrap();
+    let lox_cred: LoxCredential = serde_json::from_str(&level_one_cred).unwrap();
     let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
-    let reach_cred = generate_reachability_cred(&lox_cred, encrypted_table);
+    let reach_cred = generate_reachability_cred(&lox_cred.lox_credential, encrypted_table);
 
     // To test level up of the credential we need to advance the day to the correct interval
     // In this case, the maximum of 85 can be used to test all level ups
     // in production this should just use the today() function
     // decrypt trust level and use to calculate the correct date for now
         // The trust level has to be at least 1
-    let test_cumulative_days = match calc_test_days(&lox_cred) {
+    let test_cumulative_days = match calc_test_days(&lox_cred.lox_credential) {
         Ok(v) => v,
         Err(e) => {
             log(&format!("Error: {:?}", e.to_string()));
@@ -323,7 +330,7 @@ pub fn level_up(level_one_cred: String, encrypted_table: String, lox_pub: String
     ));
     let lu_result =
         //CHANGE add_today(31) to today() for production
-        match level_up::request(&lox_cred, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(test_cumulative_days)) {
+        match level_up::request(&lox_cred.lox_credential, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(test_cumulative_days)) {
             Ok(lu_result) => lu_result,
             Err(e) => {
                 log(&format!("Error: {:?}", e.to_string()));
@@ -356,7 +363,11 @@ pub fn handle_level_up(
     let deserialized_response = serde_json::from_str(&levelup_response).unwrap();
     let level_up_cred =
         match level_up::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) {
-            Ok(level_up_cred) => level_up_cred,
+            Ok(level_up_cred) => LoxCredential {
+                lox_credential: level_up_cred,
+                bridgeline: None,
+                invitation: None,
+            },
             Err(e) => {
                 log(&format!("Error: {:?}", e.to_string()));
                 return Err(JsValue::from(e.to_string()));
@@ -373,12 +384,12 @@ pub fn handle_level_up(
 
 #[wasm_bindgen]
 pub fn issue_invite(trusted_cred: String, encrypted_table: String, lox_pub: String) -> Result<String, JsValue> {
-    let lox_cred: Lox = serde_json::from_str(&trusted_cred).unwrap();
+    let lox_cred: LoxCredential = serde_json::from_str(&trusted_cred).unwrap();
     let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
-    let reach_cred = generate_reachability_cred(&lox_cred, encrypted_table);
+    let reach_cred = generate_reachability_cred(&lox_cred.lox_credential, encrypted_table);
 
     let issue_result =
-        match issue_invite::request(&lox_cred, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(371)) {
+        match issue_invite::request(&lox_cred.lox_credential, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(371)) {
             Ok(issue_result) => issue_result,
             Err(e) => {
                 log(&format!("Error: {:?}", e.to_string()));
@@ -417,9 +428,10 @@ pub fn handle_issue_invite(
                 return Err(JsValue::from(e.to_string()));
             }
         };
-        let invitation_cred = InviteCredential {
+        let invitation_cred = LoxCredential {
             lox_credential: issue_invite_cred.0,
-            invitation: issue_invite_cred.1,
+            bridgeline: None,
+            invitation: Some(issue_invite_cred.1),
         };
 
     unsafe {
@@ -434,7 +446,7 @@ pub fn handle_issue_invite(
 // Separate Trusted Invite from credential prior to passing it to friend
 #[wasm_bindgen]
 pub fn prepare_invite(invitation_cred: String) -> String {
-    let cred: InviteCredential = serde_json::from_str(&invitation_cred).unwrap();
+    let cred: LoxCredential = serde_json::from_str(&invitation_cred).unwrap();
     log(&format!(
         "Prepared Invitation: {}",
         serde_json::to_string(&cred.invitation).unwrap()
@@ -480,7 +492,11 @@ pub fn handle_redeem_invite(
     let deserialized_response = serde_json::from_str(&redeem_invite_response).unwrap();
     let redeem_invite_cred =
         match redeem_invite::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) {
-            Ok(issue_invite_cred) => issue_invite_cred,
+            Ok(issue_invite_cred) => LoxCredential {
+                lox_credential: issue_invite_cred,
+                bridgeline: None,
+                invitation: None,
+            },
             Err(e) => {
                 log(&format!("Error: {:?}", e.to_string()));
                 return Err(JsValue::from(e.to_string()));
@@ -496,6 +512,56 @@ pub fn handle_redeem_invite(
 }
 
 
+#[wasm_bindgen]
+pub fn check_blockage(lox_cred: String, lox_pub: String) -> Result<String, JsValue> {
+    let lox: LoxCredential = serde_json::from_str(&lox_cred).unwrap();
+    let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
+    let cb_result =
+        match check_blockage::request(&lox.lox_credential, &pubkeys.lox_pub) {
+            Ok(cb_result) => cb_result,
+            Err(e) => {
+                log(&format!("Error: {:?}", e.to_string()));
+                return Err(JsValue::from(e.to_string()));
+            }
+        };
+    let req_state = CheckBlockageReqState {
+        request: cb_result.0,
+        state: cb_result.1,
+    };
+    unsafe {
+        log(&format!(
+            "Formatted Trust Promotion request: {}",
+            serde_json::to_string(&req_state).unwrap()
+        ));
+    }
+    Ok(serde_json::to_string(&req_state).unwrap())
+}
+
+#[wasm_bindgen]
+pub fn handle_check_blockage(
+    check_blockage_request: String,
+    check_blockage_response: String,
+) -> Result<String, JsValue> {
+    let req_state: CheckBlockageReqState = serde_json::from_str(&check_blockage_request).unwrap();
+    let deserialized_state = req_state.state;
+    let deserialized_response = serde_json::from_str(&check_blockage_response).unwrap();
+    let migration_cred =
+        match check_blockage::handle_response(deserialized_state, deserialized_response) {
+            Ok(migration_cred) => migration_cred,
+            Err(e) => {
+                log(&format!("Error: {:?}", e.to_string()));
+                return Err(JsValue::from(e.to_string()));
+            }
+        };
+    unsafe {
+        log(&format!(
+            "Got new Migration Credential: {}",
+            serde_json::to_string(&migration_cred).unwrap()
+        ));
+    }
+    Ok(serde_json::to_string(&migration_cred).unwrap())
+}
+
 // This should also check the pubkey
 fn validate(invite: &[u8]) -> Result<[u8; OPENINV_LENGTH], TryFromSliceError> {
     invite.try_into()