devteam/sharenet
3
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Fix encrypted dob issue
Some checks failed
Podman Rootless Demo / test-backend (push) Has been skipped
Details
Podman Rootless Demo / test-frontend (push) Has been skipped
Details
Podman Rootless Demo / build-backend (push) Has been skipped
Details
Podman Rootless Demo / build-frontend (push) Failing after 5m41s
Details
Podman Rootless Demo / deploy-prod (push) Has been skipped
Details
Podman Rootless Demo / test-backend (pull_request) Has been skipped
Details
Podman Rootless Demo / test-frontend (pull_request) Has been skipped
Details
Podman Rootless Demo / build-backend (pull_request) Has been skipped
Details
Podman Rootless Demo / build-frontend (pull_request) Failing after 5m14s
Details
Podman Rootless Demo / deploy-prod (pull_request) Has been skipped
Details

Browse source
This commit is contained in:
continuist 2025-11-01 12:29:02 -04:00
parent 05674b4caa
commit 32fc926de0
7 changed files with 95 additions and 49 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
frontend/wasm/Cargo.lock generated
View file

@ -415,6 +415,36 @@ version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381" checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
[[package]]
name = "passport"
version = "0.4.1"
dependencies = [
"async-trait",
"base64",
"bip39",
"chacha20poly1305",
"ciborium",
"ed25519-dalek",
"getrandom 0.2.16",
"gloo-storage",
"hex",
"hkdf",
"js-sys",
"rand",
"rand_core",
"serde",
"serde-wasm-bindgen",
"serde_cbor",
"serde_json",
"sha2",
"thiserror",
"uuid",
"wasm-bindgen",
"wasm-bindgen-futures",
"web-time",
"zeroize",
]
[[package]] [[package]]
name = "pkcs8" name = "pkcs8"
version = "0.10.2" version = "0.10.2"
@ -601,47 +631,15 @@ dependencies = [
"digest", "digest",
] ]
[[package]]
name = "sharenet-passport"
version = "0.4.0"
source = "sparse+https://git.sharenet.sh/api/packages/devteam/cargo/"
checksum = "bec9d785a802bbfcd6a84f72f2a53e50729847a68ed5f4e6ea1310177bfe4c43"
dependencies = [
"async-trait",
"base64",
"bip39",
"chacha20poly1305",
"ciborium",
"ed25519-dalek",
"getrandom 0.2.16",
"gloo-storage",
"hex",
"hkdf",
"js-sys",
"rand",
"rand_core",
"serde",
"serde-wasm-bindgen",
"serde_cbor",
"serde_json",
"sha2",
"thiserror",
"uuid",
"wasm-bindgen",
"wasm-bindgen-futures",
"web-time",
"zeroize",
]
[[package]] [[package]]
name = "sharenet-passport-wasm" name = "sharenet-passport-wasm"
version = "0.1.0" version = "0.1.0"
dependencies = [ dependencies = [
"getrandom 0.2.16", "getrandom 0.2.16",
"passport",
"serde", "serde",
"serde-wasm-bindgen", "serde-wasm-bindgen",
"serde_cbor", "serde_cbor",
"sharenet-passport",
"uuid", "uuid",
"wasm-bindgen", "wasm-bindgen",
] ]

2
frontend/wasm/Cargo.toml
View file

@ -11,7 +11,7 @@ wasm-bindgen = "0.2.105"
serde = { version = "1.0", features = ["derive"] } serde = { version = "1.0", features = ["derive"] }
serde-wasm-bindgen = "0.6" serde-wasm-bindgen = "0.6"
serde_cbor = "0.11" serde_cbor = "0.11"
sharenet-passport = { version = "0.4.0", registry = "sharenet-sh-forgejo", features = ["force-wasm"] } passport = { path = "../../passport", features = ["force-wasm"] }
# WASM-compatible random number generation # WASM-compatible random number generation
getrandom = { version = "0.2", features = ["js"] } getrandom = { version = "0.2", features = ["js"] }

2
frontend/wasm/src/lib.rs
View file

@ -1,4 +1,4 @@
use wasm_bindgen::prelude::*; use wasm_bindgen::prelude::*;
// Re-export all functions from the sharenet-passport crate // Re-export all functions from the sharenet-passport crate
pub use sharenet_passport::wasm::*; pub use passport::wasm::*;

2
passport/Cargo.lock generated
View file

@ -445,7 +445,7 @@ checksum = "c08d65885ee38876c4f86fa503fb49d7b507c2b62552df7c70b2fce627e06381"
[[package]] [[package]]
name = "passport" name = "passport"
version = "0.4.0" version = "0.4.1"
dependencies = [ dependencies = [
"async-trait", "async-trait",
"base64", "base64",

2
passport/Cargo.toml
View file

@ -1,6 +1,6 @@
[package] [package]
name = "passport" name = "passport"
version = "0.4.0" version = "0.4.1"
publish = ["sharenet-sh-forgejo"] # Set this to whichever Cargo registry you are publishing to publish = ["sharenet-sh-forgejo"] # Set this to whichever Cargo registry you are publishing to
edition = "2021" edition = "2021"
description = "Core library for Sharenet Passport creation and management" description = "Core library for Sharenet Passport creation and management"

36
passport/src/infrastructure/crypto/native.rs
View file

@ -123,15 +123,29 @@ impl FileEncryptor for XChaCha20FileEncryptor {
// Serialize and encrypt date of birth // Serialize and encrypt date of birth
let date_of_birth_bytes = serde_cbor::to_vec(&date_of_birth) let date_of_birth_bytes = serde_cbor::to_vec(&date_of_birth)
.map_err(|e| DomainError::CryptographicError(format!("Failed to serialize date of birth: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Failed to serialize date of birth: {}", e)))?;
// Ensure we have data to encrypt (even for None values)
let date_of_birth_payload = if date_of_birth_bytes.is_empty() {
// For None values, use a minimal placeholder to ensure encryption works
vec![0u8]
} else {
date_of_birth_bytes
};
let enc_date_of_birth = cipher let enc_date_of_birth = cipher
.encrypt(&nonce, &*date_of_birth_bytes) .encrypt(&nonce, &*date_of_birth_payload)
.map_err(|e| DomainError::CryptographicError(format!("Date of birth encryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Date of birth encryption failed: {}", e)))?;
// Serialize and encrypt default user profile ID // Serialize and encrypt default user profile ID
let default_user_profile_id_bytes = serde_cbor::to_vec(&default_user_profile_id) let default_user_profile_id_bytes = serde_cbor::to_vec(&default_user_profile_id)
.map_err(|e| DomainError::CryptographicError(format!("Failed to serialize default user profile ID: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Failed to serialize default user profile ID: {}", e)))?;
// Ensure we have data to encrypt (even for None values)
let default_user_profile_id_payload = if default_user_profile_id_bytes.is_empty() {
// For None values, use a minimal placeholder to ensure encryption works
vec![0u8]
} else {
default_user_profile_id_bytes
};
let enc_default_user_profile_id = cipher let enc_default_user_profile_id = cipher
.encrypt(&nonce, &*default_user_profile_id_bytes) .encrypt(&nonce, &*default_user_profile_id_payload)
.map_err(|e| DomainError::CryptographicError(format!("Default user profile ID encryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Default user profile ID encryption failed: {}", e)))?;
// Get current timestamp // Get current timestamp
@ -202,15 +216,25 @@ impl FileEncryptor for XChaCha20FileEncryptor {
let date_of_birth_bytes = cipher let date_of_birth_bytes = cipher
.decrypt(&nonce, &*file.enc_date_of_birth) .decrypt(&nonce, &*file.enc_date_of_birth)
.map_err(|e| DomainError::CryptographicError(format!("Date of birth decryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Date of birth decryption failed: {}", e)))?;
let date_of_birth: Option<DateOfBirth> = serde_cbor::from_slice(&date_of_birth_bytes) // Handle the case where we used a placeholder for None values
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize date of birth: {}", e)))?; let date_of_birth: Option<DateOfBirth> = if date_of_birth_bytes == vec![0u8] {
None
} else {
serde_cbor::from_slice(&date_of_birth_bytes)
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize date of birth: {}", e)))?
};
// Decrypt default user profile ID // Decrypt default user profile ID
let default_user_profile_id_bytes = cipher let default_user_profile_id_bytes = cipher
.decrypt(&nonce, &*file.enc_default_user_profile_id) .decrypt(&nonce, &*file.enc_default_user_profile_id)
.map_err(|e| DomainError::CryptographicError(format!("Default user profile ID decryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Default user profile ID decryption failed: {}", e)))?;
let default_user_profile_id: Option<String> = serde_cbor::from_slice(&default_user_profile_id_bytes) // Handle the case where we used a placeholder for None values
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize default user profile ID: {}", e)))?; let default_user_profile_id: Option<String> = if default_user_profile_id_bytes == vec![0u8] {
None
} else {
serde_cbor::from_slice(&default_user_profile_id_bytes)
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize default user profile ID: {}", e)))?
};
// Note: univ_id is stored in the PassportFile and will be used when creating the Passport // Note: univ_id is stored in the PassportFile and will be used when creating the Passport
Ok((seed, public_key, private_key, user_profiles, date_of_birth, default_user_profile_id)) Ok((seed, public_key, private_key, user_profiles, date_of_birth, default_user_profile_id))

36
passport/src/infrastructure/crypto/wasm.rs
View file

@ -125,15 +125,29 @@ impl FileEncryptor for XChaCha20FileEncryptor {
// Serialize and encrypt date of birth // Serialize and encrypt date of birth
let date_of_birth_bytes = serde_cbor::to_vec(&date_of_birth) let date_of_birth_bytes = serde_cbor::to_vec(&date_of_birth)
.map_err(|e| DomainError::CryptographicError(format!("Failed to serialize date of birth: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Failed to serialize date of birth: {}", e)))?;
// Ensure we have data to encrypt (even for None values)
let date_of_birth_payload = if date_of_birth_bytes.is_empty() {
// For None values, use a minimal placeholder to ensure encryption works
vec![0u8]
} else {
date_of_birth_bytes
};
let enc_date_of_birth = cipher let enc_date_of_birth = cipher
.encrypt(&nonce, &*date_of_birth_bytes) .encrypt(&nonce, &*date_of_birth_payload)
.map_err(|e| DomainError::CryptographicError(format!("Date of birth encryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Date of birth encryption failed: {}", e)))?;
// Serialize and encrypt default user profile ID // Serialize and encrypt default user profile ID
let default_user_profile_id_bytes = serde_cbor::to_vec(&default_user_profile_id) let default_user_profile_id_bytes = serde_cbor::to_vec(&default_user_profile_id)
.map_err(|e| DomainError::CryptographicError(format!("Failed to serialize default user profile ID: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Failed to serialize default user profile ID: {}", e)))?;
// Ensure we have data to encrypt (even for None values)
let default_user_profile_id_payload = if default_user_profile_id_bytes.is_empty() {
// For None values, use a minimal placeholder to ensure encryption works
vec![0u8]
} else {
default_user_profile_id_bytes
};
let enc_default_user_profile_id = cipher let enc_default_user_profile_id = cipher
.encrypt(&nonce, &*default_user_profile_id_bytes) .encrypt(&nonce, &*default_user_profile_id_payload)
.map_err(|e| DomainError::CryptographicError(format!("Default user profile ID encryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Default user profile ID encryption failed: {}", e)))?;
// Get current timestamp using WASM-compatible time // Get current timestamp using WASM-compatible time
@ -201,15 +215,25 @@ impl FileEncryptor for XChaCha20FileEncryptor {
let date_of_birth_bytes = cipher let date_of_birth_bytes = cipher
.decrypt(&nonce, &*file.enc_date_of_birth) .decrypt(&nonce, &*file.enc_date_of_birth)
.map_err(|e| DomainError::CryptographicError(format!("Date of birth decryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Date of birth decryption failed: {}", e)))?;
let date_of_birth: Option<DateOfBirth> = serde_cbor::from_slice(&date_of_birth_bytes) // Handle the case where we used a placeholder for None values
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize date of birth: {}", e)))?; let date_of_birth: Option<DateOfBirth> = if date_of_birth_bytes == vec![0u8] {
None
} else {
serde_cbor::from_slice(&date_of_birth_bytes)
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize date of birth: {}", e)))?
};
// Decrypt default user profile ID // Decrypt default user profile ID
let default_user_profile_id_bytes = cipher let default_user_profile_id_bytes = cipher
.decrypt(&nonce, &*file.enc_default_user_profile_id) .decrypt(&nonce, &*file.enc_default_user_profile_id)
.map_err(|e| DomainError::CryptographicError(format!("Default user profile ID decryption failed: {}", e)))?; .map_err(|e| DomainError::CryptographicError(format!("Default user profile ID decryption failed: {}", e)))?;
let default_user_profile_id: Option<String> = serde_cbor::from_slice(&default_user_profile_id_bytes) // Handle the case where we used a placeholder for None values
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize default user profile ID: {}", e)))?; let default_user_profile_id: Option<String> = if default_user_profile_id_bytes == vec![0u8] {
None
} else {
serde_cbor::from_slice(&default_user_profile_id_bytes)
.map_err(|e| DomainError::CryptographicError(format!("Failed to deserialize default user profile ID: {}", e)))?
};
// Note: univ_id is stored in the PassportFile and will be used when creating the Passport // Note: univ_id is stored in the PassportFile and will be used when creating the Passport
Ok((seed, public_key, private_key, user_profiles, date_of_birth, default_user_profile_id)) Ok((seed, public_key, private_key, user_profiles, date_of_birth, default_user_profile_id))