implement api

2024-08-21 08:20:51 -05:00
parent 603936b50c
commit 6a56b2300a
18 changed files with 505 additions and 124 deletions
--- a/core/api/user_cipher_keys.go
+++ b/core/api/user_cipher_keys.go
@@ -0,0 +1,188 @@
+package api
+
+import (
+	"crypto/sha256"
+	"errors"
+	"fmt"
+	"go-nkode/models"
+	"go-nkode/util"
+	"golang.org/x/crypto/bcrypt"
+)
+
+type UserCipherKeys struct {
+	AlphaKey    []uint64
+	SetKey      []uint64
+	PassKey     []uint64
+	MaskKey     []uint64
+	Salt        []byte
+	MaxNKodeLen int
+}
+
+func NewUserCipherKeys(keypadSize models.KeypadSize, setVals []uint64, maxNKodeLen int) (*UserCipherKeys, error) {
+	if len(setVals) != keypadSize.AttrsPerKey {
+		return nil, errors.New(fmt.Sprintf("setVals len != attrsPerKey, %d, %d", len(setVals), keypadSize.AttrsPerKey))
+	}
+
+	setKey, err := util.GenerateRandomNonRepeatingUint64(keypadSize.AttrsPerKey)
+	if err != nil {
+		return nil, err
+	}
+	setKey, err = util.XorLists(setKey, setVals)
+	if err != nil {
+		return nil, err
+	}
+
+	alphakey, _ := util.GenerateRandomNonRepeatingUint64(keypadSize.TotalAttrs())
+	passKey, _ := util.GenerateRandomNonRepeatingUint64(maxNKodeLen)
+	maskKey, _ := util.GenerateRandomNonRepeatingUint64(maxNKodeLen)
+	salt, _ := util.RandomBytes(10)
+	userCipherKeys := UserCipherKeys{
+		AlphaKey:    alphakey,
+		PassKey:     passKey,
+		MaskKey:     maskKey,
+		SetKey:      setKey,
+		Salt:        salt,
+		MaxNKodeLen: maxNKodeLen,
+	}
+	return &userCipherKeys, nil
+}
+
+func (u *UserCipherKeys) PadUserMask(userMask []uint64, setVals []uint64) ([]uint64, error) {
+	if len(userMask) > u.MaxNKodeLen {
+		return nil, errors.New("user mask length exceeds max nkode length")
+	}
+	paddedUserMask := make([]uint64, len(userMask))
+	copy(paddedUserMask, userMask)
+	for i := len(userMask); i < u.MaxNKodeLen; i++ {
+		paddedUserMask = append(paddedUserMask, setVals[i%len(setVals)])
+	}
+	return paddedUserMask, nil
+}
+
+func (u *UserCipherKeys) ValidPassword(hashedPassword string, passcodeAttrIdx []int, customerAttrs CustomerAttributes) error {
+	hashBytes := []byte(hashedPassword)
+	passcodeCipher := u.encipherCode(passcodeAttrIdx, customerAttrs)
+	passwordDigest, err := u.saltAndDigest(passcodeCipher)
+	if err != nil {
+		return err
+	}
+	err = bcrypt.CompareHashAndPassword(hashBytes, passwordDigest)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (u *UserCipherKeys) EncipherSaltHashCode(passcodeAttrIdx []int, customerAttrs CustomerAttributes) (string, error) {
+	passcodeCipher := u.encipherCode(passcodeAttrIdx, customerAttrs)
+
+	passcodeDigest, err := u.saltAndDigest(passcodeCipher)
+	if err != nil {
+		return "", err
+	}
+	passcodeBytes, err := u.hashPasscode(passcodeDigest)
+	if err != nil {
+		return "", err
+	}
+	return string(passcodeBytes), nil
+}
+
+func (u *UserCipherKeys) encipherCode(passcodeAttrIdx []int, customerAttrs CustomerAttributes) []uint64 {
+	passcodeLen := len(passcodeAttrIdx)
+
+	passcodeCipher := make([]uint64, u.MaxNKodeLen)
+
+	for idx := 0; idx < passcodeLen; idx++ {
+		attrIdx := passcodeAttrIdx[idx]
+		alpha := u.AlphaKey[attrIdx]
+		attrVal := customerAttrs.AttrVals[idx]
+		pass := u.PassKey[idx]
+		passcodeCipher[idx] = alpha ^ pass ^ attrVal
+	}
+	return passcodeCipher
+}
+
+func (u *UserCipherKeys) saltAndDigest(passcode []uint64) ([]byte, error) {
+	passcodeBytes := util.Uint64ArrToByteArr(passcode)
+	passcodeBytes = append(passcodeBytes, u.Salt...)
+	h := sha256.New()
+	passcodeSha, err := h.Write(passcodeBytes)
+	if err != nil {
+		return nil, err
+	}
+	passcodeDigest := uint64(passcodeSha)
+	return util.Uint64ArrToByteArr([]uint64{passcodeDigest}), nil
+}
+
+func (u *UserCipherKeys) hashPasscode(passcodeDigest []byte) ([]byte, error) {
+
+	hashedPassword, err := bcrypt.GenerateFromPassword(passcodeDigest, bcrypt.DefaultCost)
+	if err != nil {
+		return nil, err
+	}
+	return hashedPassword, nil
+}
+func (u *UserCipherKeys) EncipherMask(passcodeSet []uint64, customerAttrs CustomerAttributes) (string, error) {
+	paddedPasscodeSets, err := u.PadUserMask(passcodeSet, customerAttrs.SetVals)
+	if err != nil {
+		return "", err
+	}
+
+	cipheredMask := make([]uint64, len(paddedPasscodeSets))
+	for idx := range paddedPasscodeSets {
+		setIdx, err := customerAttrs.IndexOfSet(paddedPasscodeSets[idx])
+		if err != nil {
+			return "", err
+		}
+		setKeyVal := u.SetKey[setIdx]
+		maskKeyVal := u.MaskKey[idx]
+		setVal := paddedPasscodeSets[idx]
+		cipheredMask[idx] = setKeyVal ^ maskKeyVal ^ setVal
+	}
+	mask := util.EncodeBase64Str(cipheredMask)
+	return mask, nil
+}
+
+func (u *UserCipherKeys) DecipherMask(mask string, setVals []uint64, passcodeLen int) ([]uint64, error) {
+	decodedMask, err := util.DecodeBase64Str(mask)
+	if err != nil {
+		return nil, err
+	}
+	decipheredMask, err := util.XorLists(decodedMask, u.MaskKey)
+	if err != nil {
+		return nil, err
+	}
+	setKeyRandComponent, err := util.XorLists(setVals, u.SetKey)
+	if err != nil {
+		return nil, err
+	}
+
+	passcodeSet := make([]uint64, passcodeLen)
+	for idx, setCipher := range decipheredMask[:passcodeLen] {
+		setIdx := util.IndexOf(setKeyRandComponent, setCipher)
+		passcodeSet[idx] = setVals[setIdx]
+	}
+	return passcodeSet, nil
+}
+
+func (u *UserCipherKeys) EncipherNKode(passcodeAttrIdx []int, customerAttrs CustomerAttributes) (*models.EncipheredNKode, error) {
+	code, err := u.EncipherSaltHashCode(passcodeAttrIdx, customerAttrs)
+	if err != nil {
+		return nil, err
+	}
+	passcodeSet := make([]uint64, len(passcodeAttrIdx))
+
+	for idx := range passcodeSet {
+		passcodeAttr := customerAttrs.AttrVals[passcodeAttrIdx[idx]]
+		passcodeSet[idx], err = customerAttrs.GetAttrSetVal(passcodeAttr)
+		if err != nil {
+			return nil, err
+		}
+	}
+	mask, err := u.EncipherMask(passcodeSet, customerAttrs)
+	encipheredCode := models.EncipheredNKode{
+		Code: code,
+		Mask: mask,
+	}
+	return &encipheredCode, nil
+}