forked from drand/tlock
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathtlock_age.go
107 lines (87 loc) · 2.91 KB
/
tlock_age.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
package tlock
import (
"errors"
"filippo.io/age"
"fmt"
"github.com/drand/drand/chain"
"strconv"
"time"
)
var ErrWrongChainhash = errors.New("invalid chainhash")
// tleRecipient implements the age Recipient interface. This is used to encrypt
// data with the age Encrypt API.
type tleRecipient struct {
network Network
roundNumber uint64
}
// Wrap is called by the age Encrypt API and is provided the DEK generated by
// age that is used for encrypting/decrypting data. Inside of Wrap we encrypt
// the DEK using time lock encryption.
func (t *tleRecipient) Wrap(fileKey []byte) ([]*age.Stanza, error) {
ciphertext, err := TimeLock(t.network.Scheme(), t.network.PublicKey(), t.roundNumber, fileKey)
if err != nil {
return nil, fmt.Errorf("encrypt dek: %w", err)
}
body, err := CiphertextToBytes(t.network.Scheme(), ciphertext)
if err != nil {
return nil, fmt.Errorf("bytes: %w", err)
}
stanza := age.Stanza{
Type: "tlock",
Args: []string{strconv.FormatUint(t.roundNumber, 10), t.network.ChainHash()},
Body: body,
}
return []*age.Stanza{&stanza}, nil
}
// =============================================================================
// tleIdentity implements the age Identity interface. This is used to decrypt
// data with the age Decrypt API.
type tleIdentity struct {
network Network
}
// Unwrap is called by the age Decrypt API and is provided the DEK that was time
// lock encrypted by the Wrap function via the Stanza. Inside of Unwrap we decrypt
// the DEK and provide back to age.
func (t *tleIdentity) Unwrap(stanzas []*age.Stanza) ([]byte, error) {
if len(stanzas) < 1 {
return nil, errors.New("check stanzas length: should be at least one")
}
for _, stanza := range stanzas {
if stanza.Type != "tlock" {
continue
}
if len(stanza.Args) != 2 {
continue
}
roundNumber, err := strconv.ParseUint(stanza.Args[0], 10, 64)
if err != nil {
return nil, fmt.Errorf("parse block round: %w", err)
}
if t.network.ChainHash() != stanza.Args[1] {
return nil, fmt.Errorf("%w: current network uses %s != %s the ciphertext requires.\n"+
"Note that is might have been encrypted using our testnet instead", ErrWrongChainhash, t.network.ChainHash(), stanza.Args[1])
}
ciphertext, err := BytesToCiphertext(t.network.Scheme(), stanza.Body)
if err != nil {
return nil, fmt.Errorf("parse cipher dek: %w", err)
}
signature, err := t.network.Signature(roundNumber)
if err != nil {
return nil, fmt.Errorf(
"%w: expected round %d > %d current round",
ErrTooEarly,
roundNumber,
t.network.Current(time.Now()))
}
beacon := chain.Beacon{
Round: roundNumber,
Signature: signature,
}
fileKey, err := TimeUnlock(t.network.Scheme(), t.network.PublicKey(), beacon, ciphertext)
if err != nil {
return nil, fmt.Errorf("decrypt dek: %w", err)
}
return fileKey, nil
}
return nil, fmt.Errorf("check stanza type: wrong type: %w", age.ErrIncorrectIdentity)
}