103 lines
2.5 KiB
Go
103 lines
2.5 KiB
Go
|
// Copyright (C) 2018 Storj Labs, Inc.
|
||
|
|
// See LICENSE for copying information.
|
||
|
|
|
||
|
|
package client
|
||
|
|
|
||
|
|
import (
|
||
|
|
"crypto/aes"
|
||
|
|
"crypto/cipher"
|
||
|
|
"crypto/hmac"
|
||
|
|
"crypto/sha256"
|
||
|
|
"crypto/sha512"
|
||
|
|
"encoding/base64"
|
||
|
|
"encoding/hex"
|
||
|
|
|
||
|
|
bip39 "github.com/tyler-smith/go-bip39"
|
||
|
|
)
|
||
|
|
|
||
|
|
const (
|
||
|
|
bucketNameMagic = "398734aab3c4c30c9f22590e83a95f7e43556a45fc2b3060e0c39fde31f50272"
|
||
|
|
gcmDigestSize = 16
|
||
|
|
ivSize = 32
|
||
|
|
)
|
||
|
|
|
||
|
|
var bucketMetaMagic = []byte{
|
||
|
|
66, 150, 71, 16, 50, 114, 88, 160, 163, 35, 154, 65, 162, 213, 226, 215,
|
||
|
|
70, 138, 57, 61, 52, 19, 210, 170, 38, 164, 162, 200, 86, 201, 2, 81}
|
||
|
|
|
||
|
|
func sha256Sum(str string) string {
|
||
|
|
checksum := sha256.Sum256([]byte(str))
|
||
|
|
return hex.EncodeToString(checksum[:])
|
||
|
|
}
|
||
|
|
|
||
|
|
func mnemonicToSeed(mnemonic string) (string, error) {
|
||
|
|
seed, err := bip39.NewSeedWithErrorChecking(mnemonic, "")
|
||
|
|
if err != nil {
|
||
|
|
return "", err
|
||
|
|
}
|
||
|
|
return hex.EncodeToString(seed), nil
|
||
|
|
}
|
||
|
|
|
||
|
|
func getDeterministicKey(key, id string) (string, error) {
|
||
|
|
input, err := hex.DecodeString(key + id)
|
||
|
|
if err != nil {
|
||
|
|
return "", err
|
||
|
|
}
|
||
|
|
checksum := sha512.Sum512(input)
|
||
|
|
str := hex.EncodeToString(checksum[:])
|
||
|
|
return str[0 : len(str)/2], nil
|
||
|
|
}
|
||
|
|
|
||
|
|
func generateBucketKey(mnemonic, bucketID string) (string, error) {
|
||
|
|
seed, err := mnemonicToSeed(mnemonic)
|
||
|
|
if err != nil {
|
||
|
|
return "", err
|
||
|
|
}
|
||
|
|
return getDeterministicKey(seed, bucketNameMagic)
|
||
|
|
}
|
||
|
|
|
||
|
|
func decryptMeta(encryptedName string, key []byte) ([]byte, error) {
|
||
|
|
nameBase64, err := base64.StdEncoding.DecodeString(encryptedName)
|
||
|
|
if err != nil {
|
||
|
|
return []byte{}, err
|
||
|
|
}
|
||
|
|
if len(nameBase64) <= gcmDigestSize+ivSize {
|
||
|
|
return []byte{}, CryptoError.New("Invalid encrypted name")
|
||
|
|
}
|
||
|
|
block, err := aes.NewCipher(key)
|
||
|
|
if err != nil {
|
||
|
|
return []byte{}, err
|
||
|
|
}
|
||
|
|
aesgcm, err := cipher.NewGCMWithNonceSize(block, ivSize)
|
||
|
|
if err != nil {
|
||
|
|
return []byte{}, err
|
||
|
|
}
|
||
|
|
digest := nameBase64[:gcmDigestSize]
|
||
|
|
iv := nameBase64[gcmDigestSize : gcmDigestSize+ivSize]
|
||
|
|
cipherText := nameBase64[gcmDigestSize+ivSize:]
|
||
|
|
return aesgcm.Open(nil, iv, append(cipherText, digest...), nil)
|
||
|
|
}
|
||
|
|
|
||
|
|
func decryptBucketName(name, mnemonic string) (string, error) {
|
||
|
|
bucketKey, err := generateBucketKey(mnemonic, bucketNameMagic)
|
||
|
|
if err != nil {
|
||
|
|
return "", err
|
||
|
|
}
|
||
|
|
bucketKeyHex, err := hex.DecodeString(bucketKey)
|
||
|
|
if err != nil {
|
||
|
|
return "", err
|
||
|
|
}
|
||
|
|
sig := hmac.New(sha512.New, bucketKeyHex)
|
||
|
|
_, err = sig.Write(bucketMetaMagic)
|
||
|
|
if err != nil {
|
||
|
|
return "", err
|
||
|
|
}
|
||
|
|
hmacSHA512 := sig.Sum(nil)
|
||
|
|
key := hmacSHA512[0 : len(hmacSHA512)/2]
|
||
|
|
decryptedName, err := decryptMeta(name, key)
|
||
|
|
if err != nil {
|
||
|
|
return "", err
|
||
|
|
}
|
||
|
|
return string(decryptedName), nil
|
||
|
|
}
|