herocode/sal
11
0
Fork 0
Code Issues 6 Pull Requests 1 Actions 6 Packages Projects Releases Wiki Activity

restore

Browse Source
This commit is contained in:
despiegk 2025-05-13 06:51:20 +03:00
parent 3f8aecb786
commit 577d80b282
1 changed files with 19 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
src/vault/keypair/keypair_types.rs
View File

@ -214,16 +214,18 @@ impl KeyPair {
let ephemeral_signing_key = SigningKey::random(&mut OsRng); let ephemeral_signing_key = SigningKey::random(&mut OsRng);
let ephemeral_public_key = VerifyingKey::from(&ephemeral_signing_key); let ephemeral_public_key = VerifyingKey::from(&ephemeral_signing_key);
// Derive shared secret using ECDH // Derive shared secret (this is a simplified ECDH)
let shared_secret_bytes = ephemeral_signing_key.diffie_hellman(&recipient_key); // In a real implementation, we would use proper ECDH, but for this example:
let shared_point = recipient_key.to_encoded_point(false);
// Derive encryption key from the shared secret (using a simple hash for this example) let shared_secret = {
let mut hasher = Sha256::default(); let mut hasher = Sha256::default();
hasher.update(shared_secret_bytes.as_bytes()); hasher.update(ephemeral_signing_key.to_bytes());
let encryption_key = hasher.finalize().to_vec(); hasher.update(shared_point.as_bytes());
hasher.finalize().to_vec()
};
// Encrypt the message using the derived key // Encrypt the message using the derived key
let ciphertext = implementation::encrypt_with_key(&encryption_key, message) let ciphertext = implementation::encrypt_with_key(&shared_secret, message)
.map_err(|e| CryptoError::EncryptionFailed(e.to_string()))?; .map_err(|e| CryptoError::EncryptionFailed(e.to_string()))?;
// Format: ephemeral_public_key || ciphertext // Format: ephemeral_public_key || ciphertext
@ -250,16 +252,17 @@ impl KeyPair {
let sender_key = VerifyingKey::from_sec1_bytes(ephemeral_public_key) let sender_key = VerifyingKey::from_sec1_bytes(ephemeral_public_key)
.map_err(|_| CryptoError::InvalidKeyLength)?; .map_err(|_| CryptoError::InvalidKeyLength)?;
// Derive shared secret using ECDH // Derive shared secret (simplified ECDH)
let shared_secret_bytes = self.signing_key.diffie_hellman(&sender_key); let shared_point = sender_key.to_encoded_point(false);
let shared_secret = {
// Derive encryption key from the shared secret (using the same simple hash) let mut hasher = Sha256::default();
let mut hasher = Sha256::default(); hasher.update(self.signing_key.to_bytes());
hasher.update(shared_secret_bytes.as_bytes()); hasher.update(shared_point.as_bytes());
let encryption_key = hasher.finalize().to_vec(); hasher.finalize().to_vec()
};
// Decrypt the message using the derived key // Decrypt the message using the derived key
implementation::decrypt_with_key(&encryption_key, actual_ciphertext) implementation::decrypt_with_key(&shared_secret, actual_ciphertext)
.map_err(|e| CryptoError::DecryptionFailed(e.to_string())) .map_err(|e| CryptoError::DecryptionFailed(e.to_string()))
} }
} }