Merge pull request #8 from atsign-foundation/interoperability

Updated SDK to be interoparable with other Atsign SDKs
atsign-foundation · Sep 4, 2023 · 1fd51cb · 1fd51cb
2 parents 2adb5d0 + 06ecd95
commit 1fd51cb
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -53,7 +53,7 @@ All of our software is open with intent. We welcome contributions - we want pull
 
 ## Steps to Beta
 - [ ] Notifications using the `monitor` verb
-- [ ] Interoperability with other SDKs
+- [x] Interoperability with other SDKs
 
 ## Future goals
 - [ ] `no_std` implementation

diff --git a/src/at_chops/at_chops.rs b/src/at_chops/at_chops.rs
@@ -1,3 +1,5 @@
+use log::{info, warn};
+
 use super::utils::{
     base64_decode, base64_encode, construct_aes_key, construct_rsa_private_key,
     construct_rsa_public_key, create_new_aes_key, decrypt_data_with_aes_key,
@@ -49,7 +51,6 @@ pub fn create_new_shared_symmetric_key() -> String {
 pub fn decrypt_symmetric_key(encrypted_symmetric_key: &str, decrypted_private_key: &str) -> String {
     let decoded_private_key = base64_decode(&decrypted_private_key);
     let rsa_private_key = construct_rsa_private_key(&decoded_private_key);
-    // NOTE: Probs need to do the same as decrypt_symmetric_key_2
     let decoded_symmetric_key = base64_decode(&encrypted_symmetric_key);
     let decrypted_symmetric_key =
         decrypt_symm_key_with_private_key(&rsa_private_key, &decoded_symmetric_key);
@@ -60,11 +61,7 @@ pub fn decrypt_symmetric_key(encrypted_symmetric_key: &str, decrypted_private_ke
 pub fn encrypt_data_with_public_key(encoded_public_key: &str, data: &str) -> String {
     let decoded_public_key = base64_decode(&encoded_public_key);
     let rsa_public_key = construct_rsa_public_key(&decoded_public_key);
-
-    // NOTE: Not sure if I need to decode the data or pass it in as bytes.
-
-    let encrypted_data = encrypt_with_public_key(&rsa_public_key, &base64_decode(&data));
-    // let encrypted_data = encrypt_with_public_key(&rsa_public_key, &data.as_bytes());
+    let encrypted_data = encrypt_with_public_key(&rsa_public_key, &data.as_bytes());
     encrypted_data
 }
 
@@ -82,11 +79,9 @@ pub fn decrypt_data_with_shared_symmetric_key(encoded_symmetric_key: &str, data:
     let decoded_symmetric_key = base64_decode(&encoded_symmetric_key);
     let iv: [u8; 16] = [0x00; 16];
     let mut cypher = construct_aes_key(&decoded_symmetric_key, &iv);
-    // let mut encrypted_data = decrypt_data_with_aes_key(&mut cypher, &data.as_bytes());
-    let encrypted_data = decrypt_data_with_aes_key(&mut cypher, &base64_decode(&data));
-
-    // base64_encode(&encrypted_data)
-    String::from_utf8(encrypted_data).expect("Unable to convert to UTF-8")
+    let decoded_data = base64_decode(&data);
+    let decrypted_data = decrypt_data_with_aes_key(&mut cypher, &decoded_data);
+    String::from_utf8(decrypted_data).expect("Unable to convert to UTF-8")
 }
 
 #[cfg(test)]

diff --git a/src/at_chops/utils.rs b/src/at_chops/utils.rs
@@ -1,6 +1,9 @@
+use std::iter::repeat;
+
 use crypto::{aes::KeySize, symmetriccipher::SynchronousStreamCipher};
 
 use base64::{engine::general_purpose, Engine as _};
+use log::info;
 use rsa::{
     pkcs1v15::SigningKey,
     pkcs8::{DecodePrivateKey, DecodePublicKey},
@@ -82,16 +85,28 @@ pub fn decrypt_symm_key_with_private_key(private_key: &RsaPrivateKey, symm_key:
     let decrypted_symmetric_key = private_key
         .decrypt(Pkcs1v15Encrypt, symm_key)
         .expect("Failed to decrypt symmetric key");
-    base64_encode(&decrypted_symmetric_key)
+    String::from_utf8(decrypted_symmetric_key).expect("Failed to convert decrypted key to string")
 }
 
 /// Encrypt some data using an AES key.
 pub fn encrypt_data_with_aes_key(
     aes_key: &mut Box<dyn SynchronousStreamCipher>,
     data: &[u8],
 ) -> Vec<u8> {
-    let mut output: Vec<u8> = vec![0; data.len()];
-    aes_key.process(&data, &mut output);
+    let data_len = data.len();
+    let mut padding_len = 16 - (data_len % 16);
+    if padding_len == 0 {
+        // There is always at least 1 byte of padding - https://www.ibm.com/docs/en/zos/2.4.0?topic=rules-pkcs-padding-method
+        padding_len = 16;
+    }
+    // Construct padding
+    let padding: Vec<u8> = vec![padding_len as u8; padding_len];
+    // Collect data into a mut vec so the padding can be appended
+    let mut new_data = data.to_vec();
+    new_data.extend(padding);
+    // Process
+    let mut output: Vec<u8> = vec![0; new_data.len()];
+    aes_key.process(&new_data, &mut output);
     output
 }
 
@@ -102,6 +117,9 @@ pub fn decrypt_data_with_aes_key(
 ) -> Vec<u8> {
     let mut output: Vec<u8> = vec![0; data.len()];
     aes_key.process(&data, &mut output);
+    // Remove padding due to PkCS#7 padding used by other SDKs
+    let last = output.last().unwrap();
+    output.truncate(output.len() - usize::from(*last));
     output
 }