vecna
/
lox
mirror of https://gitlab.torproject.org/vecna/lox.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor Lox Credential, Add check blockage

This commit is contained in:
onyinyang 2023-02-27 16:46:01 -05:00
parent 8faf4fc273
commit 1bac11f1d0
No known key found for this signature in database
GPG Key ID: 156A6435430C2036
2 changed files with 117 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
crates/lox-wasm/index.js
View File

@ -12,6 +12,8 @@ import init, {
prepare_invite, prepare_invite,
redeem_invite, redeem_invite,
handle_redeem_invite, handle_redeem_invite,
check_blockage,
handle_check_blockage,
set_panic_hook } from "./pkg/lox_wasm.js"; set_panic_hook } from "./pkg/lox_wasm.js";
let pubkeys = await simple_request("/pubkeys"); let pubkeys = await simple_request("/pubkeys");
console.log("Got pubkeys: " + pubkeys); console.log("Got pubkeys: " + pubkeys);
@ -53,7 +55,7 @@ let trust_promo_cred = await init().then(() => {
let requested_trust_migration = trust_migration(open_lox_cred, trust_promo_cred, pubkeys); let requested_trust_migration = trust_migration(open_lox_cred, trust_promo_cred, pubkeys);
// Trust Promotion from Trust Level 0 -> 1 // Trust Promotion from Trust Level 0 -> 1
let level_one_cred = await init().then(() => { let lox_cred = await init().then(() => {
set_panic_hook(); set_panic_hook();
let cred = requested_cred("/trustmig", requested_trust_migration).then((response)=> { let cred = requested_cred("/trustmig", requested_trust_migration).then((response)=> {
console.log("Got new Level 1 Lox Credential: " + response); console.log("Got new Level 1 Lox Credential: " + response);
@ -64,10 +66,10 @@ let level_one_cred = await init().then(() => {
let encrypted_table = await simple_request("/reachability"); let encrypted_table = await simple_request("/reachability");
console.log("Got Encrypted Table: " + encrypted_table); console.log("Got Encrypted Table: " + encrypted_table);
let requested_level_two = level_up(level_one_cred, encrypted_table, pubkeys); let requested_level_two = level_up(lox_cred, encrypted_table, pubkeys);
// Level Up to Trust Level 2 // Level Up to Trust Level 2
let level_two_cred = await init().then(() => { lox_cred = await init().then(() => {
set_panic_hook(); set_panic_hook();
let cred = requested_cred("/levelup", requested_level_two).then((response)=> { let cred = requested_cred("/levelup", requested_level_two).then((response)=> {
console.log("Got new Level 2 Lox Credential: " + response); console.log("Got new Level 2 Lox Credential: " + response);
@ -79,10 +81,10 @@ let level_two_cred = await init().then(() => {
// Update reachability cred // Update reachability cred
encrypted_table = await simple_request("/reachability"); encrypted_table = await simple_request("/reachability");
console.log("Got Encrypted Table: " + encrypted_table); console.log("Got Encrypted Table: " + encrypted_table);
let requested_level_three = level_up(level_two_cred, encrypted_table, pubkeys); let requested_level_three = level_up(lox_cred, encrypted_table, pubkeys);
// Level Up to Trust Level 3 // Level Up to Trust Level 3
let level_three_cred = await init().then(() => { lox_cred = await init().then(() => {
set_panic_hook(); set_panic_hook();
let cred = requested_cred("/levelup", requested_level_three).then((response)=> { let cred = requested_cred("/levelup", requested_level_three).then((response)=> {
console.log("Got new Level 3 Lox Credential: " + response); console.log("Got new Level 3 Lox Credential: " + response);
@ -95,10 +97,10 @@ let level_two_cred = await init().then(() => {
// Update reachability cred // Update reachability cred
encrypted_table = await simple_request("/reachability"); encrypted_table = await simple_request("/reachability");
console.log("Got Encrypted Table: " + encrypted_table); console.log("Got Encrypted Table: " + encrypted_table);
let requested_level_four = level_up(level_three_cred, encrypted_table, pubkeys); let requested_level_four = level_up(lox_cred, encrypted_table, pubkeys);
// Level Up to Trust Level 4 // Level Up to Trust Level 4
let level_four_cred = await init().then(() => { lox_cred = await init().then(() => {
set_panic_hook(); set_panic_hook();
let cred = requested_cred("/levelup", requested_level_four).then((response)=> { let cred = requested_cred("/levelup", requested_level_four).then((response)=> {
console.log("Got new Level 4 Lox Credential: " + response); console.log("Got new Level 4 Lox Credential: " + response);
@ -110,10 +112,10 @@ let level_four_cred = await init().then(() => {
// Update reachability cred // Update reachability cred
encrypted_table = await simple_request("/reachability"); encrypted_table = await simple_request("/reachability");
console.log("Got Encrypted Table: " + encrypted_table); console.log("Got Encrypted Table: " + encrypted_table);
let requested_issue_invitation = issue_invite(level_four_cred, encrypted_table, pubkeys); let requested_issue_invitation = issue_invite(lox_cred, encrypted_table, pubkeys);
// Issue an Invitation cred // Issue an Invitation cred
let issue_invite_cred = await init().then(() => { lox_cred = await init().then(() => {
set_panic_hook(); set_panic_hook();
let cred = requested_cred("/issueinvite", requested_issue_invitation).then((response)=> { let cred = requested_cred("/issueinvite", requested_issue_invitation).then((response)=> {
console.log("Got new Invite and Lox Credential: " + response); console.log("Got new Invite and Lox Credential: " + response);
@ -122,19 +124,31 @@ let issue_invite_cred = await init().then(() => {
return cred; return cred;
}); });
let prepare_invitation = prepare_invite(issue_invite_cred); let prepared_invitation = prepare_invite(lox_cred);
// Trusted Invitation Request // Trusted Invitation Request
let requested_invitation = redeem_invite(prepare_invitation, pubkeys); let requested_invitation = redeem_invite(prepared_invitation, pubkeys);
// Issue an Invitation cred // Issue an Invitation cred
let lox_cred_from_invite = await init().then(() => { let lox_cred_from_invite = await init().then(() => {
set_panic_hook(); set_panic_hook();
let cred = requested_cred("/redeem", requested_invitation).then((response)=> { let cred = requested_cred("/redeem", requested_invitation).then((response)=> {
console.log("Got new Invite and Lox Credential: " + response); console.log("Got new Trusted Lox Credential Invite: " + response);
return handle_redeem_invite(requested_invitation, response, pubkeys); return handle_redeem_invite(requested_invitation, response, pubkeys);
}); });
return cred; return cred;
}); });
let requested_check_blockage = check_blockage(lox_cred, pubkeys);
// Check whether or not a bucket is blocked
let check_cred = await init().then(() => {
set_panic_hook();
let cred = requested_cred("/checkblockage", requested_check_blockage).then((response)=> {
console.log("Got check blockage Migration Credential: " + response);
return handle_check_blockage(requested_check_blockage, response);
});
return cred;
});
function requested_cred(command, requested) { function requested_cred(command, requested) {
return new Promise((fulfill, reject) => { return new Promise((fulfill, reject) => {

116
crates/lox-wasm/src/lib.rs
View File

@ -53,6 +53,13 @@ struct RedeemReqState {
state: redeem_invite::State, state: redeem_invite::State,
} }
#[derive(Deserialize, Serialize)]
struct CheckBlockageReqState {
request: check_blockage::Request,
state: check_blockage::State,
}
#[derive(Debug, Deserialize, Serialize)] #[derive(Debug, Deserialize, Serialize)]
struct PubKeys { struct PubKeys {
lox_pub: IssuerPubKey, lox_pub: IssuerPubKey,
@ -70,15 +77,10 @@ pub struct EncBridgeTable {
} }
#[derive(Debug, Deserialize, Serialize)] #[derive(Debug, Deserialize, Serialize)]
struct OpenCredential { struct LoxCredential {
lox_credential: Lox, lox_credential: Lox,
bridgeline: BridgeLine, bridgeline: Option<BridgeLine>,
} invitation: Option<Invitation>,
#[derive(Debug, Deserialize, Serialize)]
struct InviteCredential {
lox_credential: Lox,
invitation: Invitation,
} }
fn today() -> u32 { fn today() -> u32 {
@ -165,9 +167,10 @@ pub fn handle_new_lox_credential(
return Err(JsValue::from(e.to_string())); return Err(JsValue::from(e.to_string()));
} }
}; };
let lox_cred = OpenCredential { let lox_cred = LoxCredential {
lox_credential: lox_cred.0, lox_credential: lox_cred.0,
bridgeline: lox_cred.1, bridgeline: Some(lox_cred.1),
invitation: None,
}; };
unsafe { unsafe {
log(&format!( log(&format!(
@ -184,7 +187,7 @@ pub fn handle_new_lox_credential(
#[wasm_bindgen] #[wasm_bindgen]
pub fn trust_promotion(open_lox_cred: String, lox_pub: String) -> Result<String, JsValue> { pub fn trust_promotion(open_lox_cred: String, lox_pub: String) -> Result<String, JsValue> {
let lox_cred: OpenCredential = serde_json::from_str(&open_lox_cred).unwrap(); let lox_cred: LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap(); let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
// To test creation of the credential we need to advance the day to 30 // To test creation of the credential we need to advance the day to 30
// in production this should just use the today() function // in production this should just use the today() function
@ -241,7 +244,7 @@ pub fn handle_trust_promotion(
#[wasm_bindgen] #[wasm_bindgen]
pub fn trust_migration(open_lox_cred: String, trust_promo_cred: String, lox_pub: String) -> Result<String, JsValue> { pub fn trust_migration(open_lox_cred: String, trust_promo_cred: String, lox_pub: String) -> Result<String, JsValue> {
let lox_cred: OpenCredential = serde_json::from_str(&open_lox_cred).unwrap(); let lox_cred: LoxCredential = serde_json::from_str(&open_lox_cred).unwrap();
let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap(); let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
let mig_cred: Migration = serde_json::from_str(&trust_promo_cred).unwrap(); let mig_cred: Migration = serde_json::from_str(&trust_promo_cred).unwrap();
let tm_result = let tm_result =
@ -277,7 +280,11 @@ pub fn handle_trust_migration(
let deserialized_response = serde_json::from_str(&trust_migration_response).unwrap(); let deserialized_response = serde_json::from_str(&trust_migration_response).unwrap();
let level_one_cred = let level_one_cred =
match migration::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) { match migration::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) {
Ok(level_1_cred) => level_1_cred, Ok(level_1_cred) => LoxCredential {
lox_credential: level_1_cred,
bridgeline: None,
invitation: None,
},
Err(e) => { Err(e) => {
log(&format!("Error: {:?}", e.to_string())); log(&format!("Error: {:?}", e.to_string()));
return Err(JsValue::from(e.to_string())); return Err(JsValue::from(e.to_string()));
@ -301,16 +308,16 @@ fn generate_reachability_cred(lox_cred: &Lox, encrypted_table: String) -> Bucket
#[wasm_bindgen] #[wasm_bindgen]
pub fn level_up(level_one_cred: String, encrypted_table: String, lox_pub: String) -> Result<String, JsValue> { pub fn level_up(level_one_cred: String, encrypted_table: String, lox_pub: String) -> Result<String, JsValue> {
let lox_cred: Lox = serde_json::from_str(&level_one_cred).unwrap(); let lox_cred: LoxCredential = serde_json::from_str(&level_one_cred).unwrap();
let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap(); let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
let reach_cred = generate_reachability_cred(&lox_cred, encrypted_table); let reach_cred = generate_reachability_cred(&lox_cred.lox_credential, encrypted_table);
// To test level up of the credential we need to advance the day to the correct interval // To test level up of the credential we need to advance the day to the correct interval
// In this case, the maximum of 85 can be used to test all level ups // In this case, the maximum of 85 can be used to test all level ups
// in production this should just use the today() function // in production this should just use the today() function
// decrypt trust level and use to calculate the correct date for now // decrypt trust level and use to calculate the correct date for now
// The trust level has to be at least 1 // The trust level has to be at least 1
let test_cumulative_days = match calc_test_days(&lox_cred) { let test_cumulative_days = match calc_test_days(&lox_cred.lox_credential) {
Ok(v) => v, Ok(v) => v,
Err(e) => { Err(e) => {
log(&format!("Error: {:?}", e.to_string())); log(&format!("Error: {:?}", e.to_string()));
@ -323,7 +330,7 @@ pub fn level_up(level_one_cred: String, encrypted_table: String, lox_pub: String
)); ));
let lu_result = let lu_result =
//CHANGE add_today(31) to today() for production //CHANGE add_today(31) to today() for production
match level_up::request(&lox_cred, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(test_cumulative_days)) { match level_up::request(&lox_cred.lox_credential, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(test_cumulative_days)) {
Ok(lu_result) => lu_result, Ok(lu_result) => lu_result,
Err(e) => { Err(e) => {
log(&format!("Error: {:?}", e.to_string())); log(&format!("Error: {:?}", e.to_string()));
@ -356,7 +363,11 @@ pub fn handle_level_up(
let deserialized_response = serde_json::from_str(&levelup_response).unwrap(); let deserialized_response = serde_json::from_str(&levelup_response).unwrap();
let level_up_cred = let level_up_cred =
match level_up::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) { match level_up::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) {
Ok(level_up_cred) => level_up_cred, Ok(level_up_cred) => LoxCredential {
lox_credential: level_up_cred,
bridgeline: None,
invitation: None,
},
Err(e) => { Err(e) => {
log(&format!("Error: {:?}", e.to_string())); log(&format!("Error: {:?}", e.to_string()));
return Err(JsValue::from(e.to_string())); return Err(JsValue::from(e.to_string()));
@ -373,12 +384,12 @@ pub fn handle_level_up(
#[wasm_bindgen] #[wasm_bindgen]
pub fn issue_invite(trusted_cred: String, encrypted_table: String, lox_pub: String) -> Result<String, JsValue> { pub fn issue_invite(trusted_cred: String, encrypted_table: String, lox_pub: String) -> Result<String, JsValue> {
let lox_cred: Lox = serde_json::from_str(&trusted_cred).unwrap(); let lox_cred: LoxCredential = serde_json::from_str(&trusted_cred).unwrap();
let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap(); let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
let reach_cred = generate_reachability_cred(&lox_cred, encrypted_table); let reach_cred = generate_reachability_cred(&lox_cred.lox_credential, encrypted_table);
let issue_result = let issue_result =
match issue_invite::request(&lox_cred, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(371)) { match issue_invite::request(&lox_cred.lox_credential, &reach_cred, &pubkeys.lox_pub, &pubkeys.reachability_pub, test_today(371)) {
Ok(issue_result) => issue_result, Ok(issue_result) => issue_result,
Err(e) => { Err(e) => {
log(&format!("Error: {:?}", e.to_string())); log(&format!("Error: {:?}", e.to_string()));
@ -417,9 +428,10 @@ pub fn handle_issue_invite(
return Err(JsValue::from(e.to_string())); return Err(JsValue::from(e.to_string()));
} }
}; };
let invitation_cred = InviteCredential { let invitation_cred = LoxCredential {
lox_credential: issue_invite_cred.0, lox_credential: issue_invite_cred.0,
invitation: issue_invite_cred.1, bridgeline: None,
invitation: Some(issue_invite_cred.1),
}; };
unsafe { unsafe {
@ -434,7 +446,7 @@ pub fn handle_issue_invite(
// Separate Trusted Invite from credential prior to passing it to friend // Separate Trusted Invite from credential prior to passing it to friend
#[wasm_bindgen] #[wasm_bindgen]
pub fn prepare_invite(invitation_cred: String) -> String { pub fn prepare_invite(invitation_cred: String) -> String {
let cred: InviteCredential = serde_json::from_str(&invitation_cred).unwrap(); let cred: LoxCredential = serde_json::from_str(&invitation_cred).unwrap();
log(&format!( log(&format!(
"Prepared Invitation: {}", "Prepared Invitation: {}",
serde_json::to_string(&cred.invitation).unwrap() serde_json::to_string(&cred.invitation).unwrap()
@ -480,7 +492,11 @@ pub fn handle_redeem_invite(
let deserialized_response = serde_json::from_str(&redeem_invite_response).unwrap(); let deserialized_response = serde_json::from_str(&redeem_invite_response).unwrap();
let redeem_invite_cred = let redeem_invite_cred =
match redeem_invite::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) { match redeem_invite::handle_response(deserialized_state, deserialized_response, &pubkeys.lox_pub) {
Ok(issue_invite_cred) => issue_invite_cred, Ok(issue_invite_cred) => LoxCredential {
lox_credential: issue_invite_cred,
bridgeline: None,
invitation: None,
},
Err(e) => { Err(e) => {
log(&format!("Error: {:?}", e.to_string())); log(&format!("Error: {:?}", e.to_string()));
return Err(JsValue::from(e.to_string())); return Err(JsValue::from(e.to_string()));
@ -496,6 +512,56 @@ pub fn handle_redeem_invite(
} }
#[wasm_bindgen]
pub fn check_blockage(lox_cred: String, lox_pub: String) -> Result<String, JsValue> {
let lox: LoxCredential = serde_json::from_str(&lox_cred).unwrap();
let pubkeys: PubKeys = serde_json::from_str(&lox_pub).unwrap();
let cb_result =
match check_blockage::request(&lox.lox_credential, &pubkeys.lox_pub) {
Ok(cb_result) => cb_result,
Err(e) => {
log(&format!("Error: {:?}", e.to_string()));
return Err(JsValue::from(e.to_string()));
}
};
let req_state = CheckBlockageReqState {
request: cb_result.0,
state: cb_result.1,
};
unsafe {
log(&format!(
"Formatted Trust Promotion request: {}",
serde_json::to_string(&req_state).unwrap()
));
}
Ok(serde_json::to_string(&req_state).unwrap())
}
#[wasm_bindgen]
pub fn handle_check_blockage(
check_blockage_request: String,
check_blockage_response: String,
) -> Result<String, JsValue> {
let req_state: CheckBlockageReqState = serde_json::from_str(&check_blockage_request).unwrap();
let deserialized_state = req_state.state;
let deserialized_response = serde_json::from_str(&check_blockage_response).unwrap();
let migration_cred =
match check_blockage::handle_response(deserialized_state, deserialized_response) {
Ok(migration_cred) => migration_cred,
Err(e) => {
log(&format!("Error: {:?}", e.to_string()));
return Err(JsValue::from(e.to_string()));
}
};
unsafe {
log(&format!(
"Got new Migration Credential: {}",
serde_json::to_string(&migration_cred).unwrap()
));
}
Ok(serde_json::to_string(&migration_cred).unwrap())
}
// This should also check the pubkey // This should also check the pubkey
fn validate(invite: &[u8]) -> Result<[u8; OPENINV_LENGTH], TryFromSliceError> { fn validate(invite: &[u8]) -> Result<[u8; OPENINV_LENGTH], TryFromSliceError> {
invite.try_into() invite.try_into()