Merge pull request #3 from Cerebellum-Network/feature/simplify-library

Simplify library

README.md

@@ -22,69 +22,3 @@ dependencies {
 }
 ```
 
-## API
-
-### V1
-
-#### Sign the message
-
-```kotlin
-val privateKeyHex = "0xcafebabe"
-val msg = "to be signed"
-
-//with Ed25519 schema
-val ed25519Signer: Signer = Ed25519Signer(Hex.decode(privateKeyHex))
-val ed25519Signature = ed25519Signer.signToBytes(msg)
-
-//with Sr25519 schema
-val sr25519Signer: Signer = Sr25519Signer(Hex.decode(privateKeyHex))
-val sr25519Signature = sr25519Signer.signToBytes(msg)
-```
-
-#### Encrypt and decrypt raw message
-
-```kotlin
-val data = "raw data".toByteArray()
-val masterKeyHex = Hex.encode("super-secret-key".repeat(2).toByteArray())
-val encrypter = RawDataEncrypter(EncryptionConfig(masterKeyHex))
-val decrypter = RawDataDecrypter(DecryptionConfig(mapOf("" to masterKeyHex)))
-val encrypted = encrypter.encrypt(data)
-val decrypted = decrypted.decrypt(result) // "raw data"
-```
-
-#### Encrypt and decrypt JSON message
-
-```kotlin
-val masterKeyHex = Hex.encode("super-secret-key".repeat(2).toByteArray())
-val encrypter = JsonDataEncrypter(
-    EncryptionConfig(
-        masterKeyHex,
-        listOf("$.k1") // JSON Paths we want to encrypt, default is "$..*" which means all fields
-    )
-)
-val decrypter = JsonDataDecrypter(
-    DecryptionConfig(
-        mapOf("$.k1" to "0ae19ba1e42a63aefea507a19df00ffc962bc894b3fb720723d45e456f636977") // derived key for this path
-    )
-)
-val data = """
-            {
-                "k1": "v1",
-                "k2": "v2",
-                "k3": {
-                    "k4": true,
-                    "k5": ["v5", "v5"]
-                },
-                "k6": {
-                    "k7": {
-                        "k8": 123
-                    }
-                }
-            }
-        """.trimIndent().toByteArray()
-
-val encrypted = encrypter.encrypt(data)
-val decrypted = decrypted.decrypt(result) // "original json"
-```
-
-

build.gradle.kts

@@ -11,15 +11,13 @@ group = "com.github.cerebellum-network"
 repositories {
     mavenLocal()
     mavenCentral()
-    maven { url = uri("https://dl.bintray.com/emerald/polkaj") }
 }
 
 dependencies {
     implementation(kotlin("stdlib"))
 
-    implementation("com.rfksystems:blake2b:1.0.0")
-    implementation("com.google.crypto.tink:tink:1.5.0")
-    implementation("io.emeraldpay.polkaj:polkaj-schnorrkel:0.3.0")
+    api("com.goterl:lazysodium-java:5.0.1")
+    implementation("net.java.dev.jna:jna:5.8.0")
 
     implementation("com.github.jsurfer:jsurfer-jackson:1.6.0")
     implementation("com.jayway.jsonpath:json-path:2.5.0")

src/main/kotlin/network/cere/ddc/crypto/v1/common/BaseCryptoService.kt

@@ -0,0 +1,21 @@
+package network.cere.ddc.crypto.v1.common
+
+import com.goterl.lazysodium.LazySodium
+import com.goterl.lazysodium.interfaces.AEAD
+import com.goterl.lazysodium.interfaces.Box
+import com.goterl.lazysodium.utils.Key
+
+abstract class BaseCryptoService(protected val sodium: LazySodium) {
+    protected companion object {
+        const val JSON_ROOT_PATH = "$"
+    }
+
+    private val emptyNonce = ByteArray(Box.NONCEBYTES)
+    private val encryptionMethod = AEAD.Method.XCHACHA20_POLY1305_IETF
+
+    protected fun encrypt(message: String, key: Key) =
+        sodium.encrypt(message, null, emptyNonce, key, encryptionMethod)
+
+    protected fun decrypt(cipherHex: String, key: Key) =
+        sodium.decrypt(cipherHex, null, emptyNonce, key, encryptionMethod)
+}

src/main/kotlin/network/cere/ddc/crypto/v1/decrypt/Decrypter.kt

@@ -1,9 +1,46 @@
 package network.cere.ddc.crypto.v1.decrypt
 
-import network.cere.ddc.crypto.v1.TypeHint
+import com.fasterxml.jackson.databind.JsonNode
+import com.goterl.lazysodium.LazySodium
+import com.goterl.lazysodium.utils.Key
+import com.jayway.jsonpath.JsonPath
+import network.cere.ddc.crypto.v1.common.BaseCryptoService
+import org.jsfr.json.JacksonParser
+import org.jsfr.json.JsonPathListener
+import org.jsfr.json.JsonSurfer
+import org.jsfr.json.ParsingContext
+import org.jsfr.json.provider.JacksonProvider
 
-interface Decrypter {
-    val supportedDataType: TypeHint
-
-    fun decrypt(data: ByteArray): ByteArray
+class Decrypter(
+    sodium: LazySodium,
+    private val pathToDecryptToDecryptionKeyHex: Map<String, String>
+) : BaseCryptoService(sodium) {
+    fun decrypt(data: String): String {
+        val surfer = JsonSurfer(JacksonParser.INSTANCE, JacksonProvider.INSTANCE)
+        val toReplace = mutableMapOf<String, String>()
+        val builder = surfer.configBuilder()
+        pathToDecryptToDecryptionKeyHex.forEach {
+            builder.bind(it.key, object : JsonPathListener {
+                override fun onValue(value: Any, context: ParsingContext) {
+                    val node = value as JsonNode
+                    if (node.isValueNode) {
+                        val path = context.jsonPath
+                        toReplace[path] = decrypt(node.textValue(), Key.fromHexString(it.value))
+                    }
+                }
+            })
+        }
+        return runCatching {
+            builder.buildAndSurf(data)
+        }.fold(
+            {
+                val ctx = JsonPath.parse(data)
+                toReplace.forEach { (p, v) -> ctx.set(p, v) }
+                ctx.jsonString()
+            },
+            {
+                decrypt(data, Key.fromHexString(pathToDecryptToDecryptionKeyHex[JSON_ROOT_PATH]))
+            }
+        )
+    }
 }

src/main/kotlin/network/cere/ddc/crypto/v1/encrypt/Encrypter.kt

@@ -1,9 +1,57 @@
 package network.cere.ddc.crypto.v1.encrypt
 
-import network.cere.ddc.crypto.v1.TypeHint
+import com.fasterxml.jackson.databind.JsonNode
+import com.goterl.lazysodium.LazySodium
+import com.goterl.lazysodium.utils.Key
+import com.jayway.jsonpath.JsonPath
+import network.cere.ddc.crypto.v1.common.BaseCryptoService
+import org.jsfr.json.JacksonParser
+import org.jsfr.json.JsonPathListener
+import org.jsfr.json.JsonSurfer
+import org.jsfr.json.ParsingContext
+import org.jsfr.json.provider.JacksonProvider
 
-interface Encrypter {
-    val supportedDataType: TypeHint
+class Encrypter(
+    sodium: LazySodium,
+    private val encryptionConfig: EncryptionConfig
+) : BaseCryptoService(sodium) {
+    private val masterKey = Key.fromHexString(encryptionConfig.masterKeyHex)
 
-    fun encrypt(data: ByteArray): ByteArray
+    fun encrypt(data: String): Pair<String, Map<String, String>> {
+        val surfer = JsonSurfer(JacksonParser.INSTANCE, JacksonProvider.INSTANCE)
+        val toReplace = mutableMapOf<String, String>()
+        val builder = surfer.configBuilder()
+        val pathToKey = mutableMapOf<String, String>()
+        encryptionConfig.jsonPathsToEncrypt.forEach {
+            builder.bind(it, object : JsonPathListener {
+                override fun onValue(value: Any, context: ParsingContext) {
+                    val node = value as JsonNode
+                    if (node.isValueNode) {
+                        val path = context.jsonPath
+                        val dek = dek(path)
+                        val encrypted = encrypt(node.asText(), Key.fromHexString(dek))
+                        toReplace[path] = encrypted
+                        pathToKey[path] = dek
+                    }
+                }
+            })
+        }
+        return runCatching {
+            builder.buildAndSurf(data)
+        }.fold(
+            {
+                val ctx = JsonPath.parse(data)
+                toReplace.forEach { (p, v) -> ctx.set(p, v) }
+                ctx.jsonString() to pathToKey
+            },
+            {
+                val dek = dek(JSON_ROOT_PATH)
+                encrypt(data, Key.fromHexString(dek)) to mapOf(JSON_ROOT_PATH to dek)
+            }
+        )
+    }
+
+    private fun dek(path: String): String {
+        return sodium.cryptoGenericHash(path, masterKey)
+    }
 }