3 files changed, 69 insertions, 10 deletions
diff --git a/scripts/encryptor.py b/scripts/encryptor.py
new file mode 100644
index 0000000..008ac51
--- /dev/null
+++ b/scripts/encryptor.py
@@ -0,0 +1,57 @@
+import os
+from cryptography.hazmat.primitives.ciphers.modes import CBC
+from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
+from cryptography.hazmat.primitives import padding
+import base64
+import binascii
+def bin2hex(binStr):
+    return binascii.hexlify(binStr)
+def hex2bin(hexStr):
+    return binascii.unhexlify(hexStr)
+iv = hex2bin("6e657665726d696e647468656e66756b")
+key = hex2bin("6e6565726d666e646e6565726d666e64")
+mode = CBC(iv)
+cipher = Cipher(algorithms.AES(key), mode)
+encryptor = cipher.encryptor()
+padder = padding.PKCS7(128).padder()
+payload_string = """{"public_key":"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJN9ALFoUHE8SigFhtql
+\\n+GPI6dIVHDCfAFXe6DU131yXoL14imBRBb5SevMou5WGiL7XBTdtlRaY8+dkNdFz\\nWEMhPoe++/GvV3u6Mq6UAJMjuiJj838NbJVl+83+NEP66htXpqidTIdr
+7syaRU1T\\n0PfgvVYdNkwiWkTVtwveRchGtUwp2iZePMSF1+vtKKDvzXgZuwrKBhwBFXz6ApSZ\\n+eGkWhK1pW6TRTSENlySwb/DEg5PckzOzApLTTQqi4uu+sHU
+D+McAtOP9pNILwst\\nG87LxNEO0roFqUaDIhRolgkF8jol2BUZmKChdy84XX+L6jpqDvPsxuTUpIghr0Jq\\nvQIDAQAB\\n-----END PUBLIC KEY-----","st
+udent_id":"e223795","passwd":"pmcTCKox99NFsqp"}"""
+byte_guys = str.encode(payload_string)
+padded_data = padder.update(byte_guys)
+ct = encryptor.update(padded_data) + encryptor.finalize()
+c = base64.b64encode(ct)
+import Crypto
+from Crypto.Cipher import PKCS1_OAEP
+from Crypto.PublicKey import RSA
+gradecoin_key = """-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGuqiCPGcguy+Y9TH7Bl
+7XlEsalyqb9bYlzpbV0dnqZ3lPkEPkuOhkN+GcuiV6iXtSwyh7nB+xTRXKJFRUBO
+/jbN8jfcxVwBu0JxjF3v1YRBxbOHhz2A295mbKD9xHQCKxkfYBNkUXxj8gd+GaDv
+QiSW5NdrX/lEkvqfGtdEX1m2+HdcG0+3YW24Xg0znhCwLr+sorLuJaDy9Xa0Uo+D
+PWGC5s001U/BxkCIWJ+eJQCb7Bv+9vXb8BGRK/ecMb/fb6h5O+8fgB64RCHMgcc2
+v+Q/dPt8kHX1OJdMuYUrUJGACppMQY3W6e1HdlRIBcZKL2LMZ2CrIB/2D5LiJhPT
+hQIDAQAB
+-----END PUBLIC KEY-----"""
+publickey = RSA.import_key(gradecoin_key)
+asy_cipher = PKCS1_OAEP.new(publickey, hashAlgo=Crypto.Hash.SHA256)
+ciphertext = asy_cipher.encrypt(key)
+key = base64.b64encode(ciphertext)
diff --git a/src/handlers.rs b/src/handlers.rs
index 376d079..2401c0d 100644
--- a/src/handlers.rs
+++ b/src/handlers.rs
@@ -139,8 +139,9 @@ pub async fn authenticate_user(
        }
    };
-    // TODO: request iv is coming with base64 encoding <16-04-21, yigit> //
+    let byte_iv = base64::decode(&request.iv).unwrap();
-    let cipher = match Aes128Cbc::new_var(&temp_key, &request.iv.as_bytes()) {
+    let cipher = match Aes128Cbc::new_var(&temp_key, &byte_iv) {
        Ok(c) => c,
        Err(err) => {
            debug!(
@@ -175,17 +176,19 @@ pub async fn authenticate_user(
        }
    };
+    println!(">>>{:?}<<<", auth_packet);
    let auth_plaintext = match cipher.decrypt_vec(&auth_packet) {
        Ok(p) => p,
        Err(err) => {
-            debug!(
+            println!(
                "Base64 decoded auth request did not decrypt correctly {:?} {}",
                &auth_packet, err
            );
            let res_json = warp::reply::json(&GradeCoinResponse {
                res: ResponseType::Error,
-                message: "The Bas64 decoded auth request did not decrypt correctly".to_owned(),
+                message: "The Base64 decoded auth request did not decrypt correctly".to_owned(),
            });
            return Ok(warp::reply::with_status(res_json, StatusCode::BAD_REQUEST));
@@ -608,7 +611,8 @@ pub async fn authorized_propose_transaction(
    // this transaction was already checked for correctness at custom_filters, we can panic here if
    // it has been changed since
-    let hashed_transaction = Md5::digest((&serde_json::to_string(&new_transaction).unwrap()).as_ref());
+    let hashed_transaction =
+        Md5::digest((&serde_json::to_string(&new_transaction).unwrap()).as_ref());
    if token_payload.claims.tha != format!("{:x}", hashed_transaction) {
        println!(
            "the hash of the request {:x} did not match the hash given in jwt {:?}",
diff --git a/tests/route_tests.rs b/tests/route_tests.rs
index 0b7628c..537b3d8 100644
--- a/tests/route_tests.rs
+++ b/tests/route_tests.rs
@@ -266,8 +266,6 @@ FQIDAQAB
        let db = mocked_db();
        let filter = consensus_routes(db.clone());
        let res = warp::test::request()
            .method("POST")
            .json(&Block {
@@ -447,9 +445,9 @@ FQIDAQAB
        let res = warp::test::request()
            .method("POST")
            .json(&InitialAuthRequest {
-                c: "llqkPAX8oGxBLFHGMNzwrCAP2WmsGZlOcm3mCp7+ZnX9p7BPffRvGcYHpif4htwU5RyR3fLo/VWERXqddVQkxhfuum0dFn1cpPfYTokc2BHpi61i4SXCaCHlJDxCtCKnujfEzMnS5hAKMQSyrwq/DPBwOSQ/XQeeMB0YF+l+ZfVJ8e6sQ5FfSK9rSInv+TokA7az6vR7Ky5fGjQ0GxKkO+SKLd5eHuGKgQ19JUQrj3k19GJn1h1cmWW1PYqVKFDp/RfWFL9weG8VynRND6xGK5fQarjdG0uMAk8Cy8ItOCAeMnBhUv/P2a721u3tA7L496r4E3ZwdgsiHe4iYzFiAdvWDWsLRlxXS+6Q2vUYSLgcFVsv2jyQ28c/ay3F1hYAHaqN4HiDhKz6bFCiyow1Doya2V24VQm5eUGxXErjEnLY1FWE5sqRn6DUnES3FT8VJoMtnhCFtZhO4Jk0cjh15p9r+vK6uJv0PUCKOOYhghFi5bLL34OpmzoV7u7Fj6tSc/e9UujbCfYc3r9g0oUQ+QKxw6R5Fcqf21TbffxX/i1tKElIhkatfWCaZ+c0scLNL4Jg3KbNqbensOFqzErr12pXHFy7QKXH1usnCJyC+9D7NncxKZ9JuVFJL19Ayq90o/IYWhtVlkhZs/F5UPIhl3G7f8OQ1tUgfdCfiXZ5qgg=".to_owned(),
+                c: "xsF0qqyokuvOZJ4CgnW4mzfLHaTZS3vLqr7y8LFx6pdKo0XKXBJ4+Ojx8Uz6CYrQZLPy39O485BZNtYtLzcfF/03MePBNgSRM6ccVuh6hJ8UUAjv9nf93gZlnGceMP0bLKEaYRHTsgyW+s0y0ki7/CfYn3vveLDd4NVkkgFUAebcmMuAJJt0OAzSLgsQ/kww6hOOsIcIlBNlLIi0dopCUxE5h7aPqV4WyrxA/PSvE8hM8LcfYiATTa7PyinfkjCRu7hzItM/N3+h/zubI+6ht8lY4V/19WB24HnMZJdP1odAPuKbSDiyZoMvq+P7jHfWnbJxJJI7hEYlbB45MNMnFenVhzwEtIqHu6JEGhi7umDoh2zUDAXzofERkd3qNgPtV6L3hxmDX94Y8FIJ9ZdDj/EG06PXj9P3kg0Gt4t+hi+J8h+RtV+g+Pwza1kFCLA6sXoPxxhTuEGyYCYi+DYtWCOCFo2loyReg+juIQQRpSZsZmu4Ml5eEcVpD24lUWZ6yO/AL/TjA9eSU+PgSrQzNBggMWg4Pd6MubILBTI+crt/rSCKwcGBu2IDEiVTIWLCqlMW/PHL6LkLyLnnvOuP6yHKwpnlWboV9h+TSDfzs4aur1AoUnW+UuEQXvYYfVNkSPJ+dsOGHwi1LyAql3H36jX4dtESGZSINUjeiYxR8fwZdnge1Eo+sOGT3cQ+wCL9".to_owned(),
-                iv: "RbZzPxu1IL+f+PZ/SJzi/Q==".to_owned(),
+                iv: "bmV2ZXJtaW5kdGhlbmZ1aw==".to_owned(),
-                key: "baz".to_owned(),
+                key: "s4cn9BSmuForX6PxJAa55Es4t2puXuDtdII1lxEArqVlP+uYd5jDKofFtn9PCAoY7jyTgBIhQW7Ah5MGCcufWTaKHAjFVfSZ+qGwbGbBcklbNGH/F7cJ0Pe7kOCddUpIvLG6WH6+mnvyPs8PwDyagsx1Jc2PSSOYLAwkECvPbjiUjQiBixguTRNsU2eKaqzLimPE0w2ztvdA+IgCv94UPhjQfQrnMGK+Ppn3oK7IfKQJ7v2DLVNuz4d/BpwuqD+lYYAu4B4qn3daNR32a/mqAAlPg/RbPlH69N44Qh/NYux90FOY0XKxUskEwsAUw8dHFzzdKPcGx4C0s5e4KSLGkw==".to_owned(),
            })
            .path("/register")
            .reply(&filter)

diff --git a/scripts/encryptor.py b/scripts/encryptor.py new file mode 100644 index 0000000..008ac51 --- /dev/null +++ b/scripts/encryptor.py
@@ -0,0 +1,57 @@
		1	import os
		2	from cryptography.hazmat.primitives.ciphers.modes import CBC
		3	from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
		4	from cryptography.hazmat.primitives import padding
		5	import base64
		6	import binascii
		7
		8	def bin2hex(binStr):
		9	return binascii.hexlify(binStr)
		10
		11	def hex2bin(hexStr):
		12	return binascii.unhexlify(hexStr)
		13
		14	iv = hex2bin("6e657665726d696e647468656e66756b")
		15	key = hex2bin("6e6565726d666e646e6565726d666e64")
		16
		17	mode = CBC(iv)
		18
		19	cipher = Cipher(algorithms.AES(key), mode)
		20
		21	encryptor = cipher.encryptor()
		22
		23	padder = padding.PKCS7(128).padder()
		24
		25	payload_string = """{"public_key":"-----BEGIN PUBLIC KEY-----\\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJN9ALFoUHE8SigFhtql
		26	\\n+GPI6dIVHDCfAFXe6DU131yXoL14imBRBb5SevMou5WGiL7XBTdtlRaY8+dkNdFz\\nWEMhPoe++/GvV3u6Mq6UAJMjuiJj838NbJVl+83+NEP66htXpqidTIdr
		27	7syaRU1T\\n0PfgvVYdNkwiWkTVtwveRchGtUwp2iZePMSF1+vtKKDvzXgZuwrKBhwBFXz6ApSZ\\n+eGkWhK1pW6TRTSENlySwb/DEg5PckzOzApLTTQqi4uu+sHU
		28	D+McAtOP9pNILwst\\nG87LxNEO0roFqUaDIhRolgkF8jol2BUZmKChdy84XX+L6jpqDvPsxuTUpIghr0Jq\\nvQIDAQAB\\n-----END PUBLIC KEY-----","st
		29	udent_id":"e223795","passwd":"pmcTCKox99NFsqp"}"""
		30
		31	byte_guys = str.encode(payload_string)
		32	padded_data = padder.update(byte_guys)
		33
		34	ct = encryptor.update(padded_data) + encryptor.finalize()
		35
		36	c = base64.b64encode(ct)
		37
		38	import Crypto
		39	from Crypto.Cipher import PKCS1_OAEP
		40	from Crypto.PublicKey import RSA
		41
		42	gradecoin_key = """-----BEGIN PUBLIC KEY-----
		43	MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGuqiCPGcguy+Y9TH7Bl
		44	7XlEsalyqb9bYlzpbV0dnqZ3lPkEPkuOhkN+GcuiV6iXtSwyh7nB+xTRXKJFRUBO
		45	/jbN8jfcxVwBu0JxjF3v1YRBxbOHhz2A295mbKD9xHQCKxkfYBNkUXxj8gd+GaDv
		46	QiSW5NdrX/lEkvqfGtdEX1m2+HdcG0+3YW24Xg0znhCwLr+sorLuJaDy9Xa0Uo+D
		47	PWGC5s001U/BxkCIWJ+eJQCb7Bv+9vXb8BGRK/ecMb/fb6h5O+8fgB64RCHMgcc2
		48	v+Q/dPt8kHX1OJdMuYUrUJGACppMQY3W6e1HdlRIBcZKL2LMZ2CrIB/2D5LiJhPT
		49	hQIDAQAB
		50	-----END PUBLIC KEY-----"""
		51
		52	publickey = RSA.import_key(gradecoin_key)
		53
		54	asy_cipher = PKCS1_OAEP.new(publickey, hashAlgo=Crypto.Hash.SHA256)
		55	ciphertext = asy_cipher.encrypt(key)
		56
		57	key = base64.b64encode(ciphertext)


diff --git a/src/handlers.rs b/src/handlers.rs index 376d079..2401c0d 100644 --- a/src/handlers.rs +++ b/src/handlers.rs
@@ -139,8 +139,9 @@ pub async fn authenticate_user(
139	}	139	}
140	};	140	};
141		141
142	// TODO: request iv is coming with base64 encoding <16-04-21, yigit> //	142	let byte_iv = base64::decode(&request.iv).unwrap();
143	let cipher = match Aes128Cbc::new_var(&temp_key, &request.iv.as_bytes()) {	143
		144	let cipher = match Aes128Cbc::new_var(&temp_key, &byte_iv) {
144	Ok(c) => c,	145	Ok(c) => c,
145	Err(err) => {	146	Err(err) => {
146	debug!(	147	debug!(
@@ -175,17 +176,19 @@ pub async fn authenticate_user(
175	}	176	}
176	};	177	};
177		178
		179	println!(">>>{:?}<<<", auth_packet);
		180
178	let auth_plaintext = match cipher.decrypt_vec(&auth_packet) {	181	let auth_plaintext = match cipher.decrypt_vec(&auth_packet) {
179	Ok(p) => p,	182	Ok(p) => p,
180	Err(err) => {	183	Err(err) => {
181	debug!(	184	println!(
182	"Base64 decoded auth request did not decrypt correctly {:?} {}",	185	"Base64 decoded auth request did not decrypt correctly {:?} {}",
183	&auth_packet, err	186	&auth_packet, err
184	);	187	);
185		188
186	let res_json = warp::reply::json(&GradeCoinResponse {	189	let res_json = warp::reply::json(&GradeCoinResponse {
187	res: ResponseType::Error,	190	res: ResponseType::Error,
188	message: "The Bas64 decoded auth request did not decrypt correctly".to_owned(),	191	message: "The Base64 decoded auth request did not decrypt correctly".to_owned(),
189	});	192	});
190		193
191	return Ok(warp::reply::with_status(res_json, StatusCode::BAD_REQUEST));	194	return Ok(warp::reply::with_status(res_json, StatusCode::BAD_REQUEST));
@@ -608,7 +611,8 @@ pub async fn authorized_propose_transaction(
608	// this transaction was already checked for correctness at custom_filters, we can panic here if	611	// this transaction was already checked for correctness at custom_filters, we can panic here if
609	// it has been changed since	612	// it has been changed since
610		613
611	let hashed_transaction = Md5::digest((&serde_json::to_string(&new_transaction).unwrap()).as_ref());	614	let hashed_transaction =
		615	Md5::digest((&serde_json::to_string(&new_transaction).unwrap()).as_ref());
612	if token_payload.claims.tha != format!("{:x}", hashed_transaction) {	616	if token_payload.claims.tha != format!("{:x}", hashed_transaction) {
613	println!(	617	println!(
614	"the hash of the request {:x} did not match the hash given in jwt {:?}",	618	"the hash of the request {:x} did not match the hash given in jwt {:?}",


diff --git a/tests/route_tests.rs b/tests/route_tests.rs index 0b7628c..537b3d8 100644 --- a/tests/route_tests.rs +++ b/tests/route_tests.rs
@@ -266,8 +266,6 @@ FQIDAQAB
266	let db = mocked_db();	266	let db = mocked_db();
267	let filter = consensus_routes(db.clone());	267	let filter = consensus_routes(db.clone());
268		268
269
270
271	let res = warp::test::request()	269	let res = warp::test::request()
272	.method("POST")	270	.method("POST")
273	.json(&Block {	271	.json(&Block {
@@ -447,9 +445,9 @@ FQIDAQAB
447	let res = warp::test::request()	445	let res = warp::test::request()
448	.method("POST")	446	.method("POST")
449	.json(&InitialAuthRequest {	447	.json(&InitialAuthRequest {
450	c: "llqkPAX8oGxBLFHGMNzwrCAP2WmsGZlOcm3mCp7+ZnX9p7BPffRvGcYHpif4htwU5RyR3fLo/VWERXqddVQkxhfuum0dFn1cpPfYTokc2BHpi61i4SXCaCHlJDxCtCKnujfEzMnS5hAKMQSyrwq/DPBwOSQ/XQeeMB0YF+l+ZfVJ8e6sQ5FfSK9rSInv+TokA7az6vR7Ky5fGjQ0GxKkO+SKLd5eHuGKgQ19JUQrj3k19GJn1h1cmWW1PYqVKFDp/RfWFL9weG8VynRND6xGK5fQarjdG0uMAk8Cy8ItOCAeMnBhUv/P2a721u3tA7L496r4E3ZwdgsiHe4iYzFiAdvWDWsLRlxXS+6Q2vUYSLgcFVsv2jyQ28c/ay3F1hYAHaqN4HiDhKz6bFCiyow1Doya2V24VQm5eUGxXErjEnLY1FWE5sqRn6DUnES3FT8VJoMtnhCFtZhO4Jk0cjh15p9r+vK6uJv0PUCKOOYhghFi5bLL34OpmzoV7u7Fj6tSc/e9UujbCfYc3r9g0oUQ+QKxw6R5Fcqf21TbffxX/i1tKElIhkatfWCaZ+c0scLNL4Jg3KbNqbensOFqzErr12pXHFy7QKXH1usnCJyC+9D7NncxKZ9JuVFJL19Ayq90o/IYWhtVlkhZs/F5UPIhl3G7f8OQ1tUgfdCfiXZ5qgg=".to_owned(),	448	c: "xsF0qqyokuvOZJ4CgnW4mzfLHaTZS3vLqr7y8LFx6pdKo0XKXBJ4+Ojx8Uz6CYrQZLPy39O485BZNtYtLzcfF/03MePBNgSRM6ccVuh6hJ8UUAjv9nf93gZlnGceMP0bLKEaYRHTsgyW+s0y0ki7/CfYn3vveLDd4NVkkgFUAebcmMuAJJt0OAzSLgsQ/kww6hOOsIcIlBNlLIi0dopCUxE5h7aPqV4WyrxA/PSvE8hM8LcfYiATTa7PyinfkjCRu7hzItM/N3+h/zubI+6ht8lY4V/19WB24HnMZJdP1odAPuKbSDiyZoMvq+P7jHfWnbJxJJI7hEYlbB45MNMnFenVhzwEtIqHu6JEGhi7umDoh2zUDAXzofERkd3qNgPtV6L3hxmDX94Y8FIJ9ZdDj/EG06PXj9P3kg0Gt4t+hi+J8h+RtV+g+Pwza1kFCLA6sXoPxxhTuEGyYCYi+DYtWCOCFo2loyReg+juIQQRpSZsZmu4Ml5eEcVpD24lUWZ6yO/AL/TjA9eSU+PgSrQzNBggMWg4Pd6MubILBTI+crt/rSCKwcGBu2IDEiVTIWLCqlMW/PHL6LkLyLnnvOuP6yHKwpnlWboV9h+TSDfzs4aur1AoUnW+UuEQXvYYfVNkSPJ+dsOGHwi1LyAql3H36jX4dtESGZSINUjeiYxR8fwZdnge1Eo+sOGT3cQ+wCL9".to_owned(),
451	iv: "RbZzPxu1IL+f+PZ/SJzi/Q==".to_owned(),	449	iv: "bmV2ZXJtaW5kdGhlbmZ1aw==".to_owned(),
452	key: "baz".to_owned(),	450	key: "s4cn9BSmuForX6PxJAa55Es4t2puXuDtdII1lxEArqVlP+uYd5jDKofFtn9PCAoY7jyTgBIhQW7Ah5MGCcufWTaKHAjFVfSZ+qGwbGbBcklbNGH/F7cJ0Pe7kOCddUpIvLG6WH6+mnvyPs8PwDyagsx1Jc2PSSOYLAwkECvPbjiUjQiBixguTRNsU2eKaqzLimPE0w2ztvdA+IgCv94UPhjQfQrnMGK+Ppn3oK7IfKQJ7v2DLVNuz4d/BpwuqD+lYYAu4B4qn3daNR32a/mqAAlPg/RbPlH69N44Qh/NYux90FOY0XKxUskEwsAUw8dHFzzdKPcGx4C0s5e4KSLGkw==".to_owned(),
453	})	451	})
454	.path("/register")	452	.path("/register")
455	.reply(&filter)	453	.reply(&filter)