Add diffie-hellman keys exchange

common-api/Cargo.toml

@@ -4,14 +4,11 @@ version = "0.1.0"
 edition = "2021"
 authors = ["silvestr@relayz.io"]
 description = """
-This crate is used between many other crates to provide the same
+This crate is used between other crates to provide the same
 API for signing data and shared types. Please note that all data
 structures should be serializable with "serde" and "borsh"
 """
 
-[lib]
-crate-type = ["cdylib", "rlib"]
-
 [dependencies]
 base64 = "0.13"
 bs58 = "0.4"
@@ -19,5 +16,6 @@ borsh = "0.9"
 ed25519-dalek = "1"
 itertools = "0.10"
 serde = { version = "1", default-features = false, features = ["derive"] }
-serde_json = { version = "1", default-features = false }
+serde_json = "1"
 thiserror = "1"
+x25519-dalek = { version = "1", features = ["serde"] }

common-api/src/crypto/ed25519.rs

@@ -44,7 +44,7 @@ impl ED25519PublicKey {
     pub fn verify(&self, data: &[u8], signature: &ED25519Signature) -> Result<()> {
         self.0
             .verify(data, &signature.0)
-            .map_err(|_| Error::Verification(*signature))
+            .map_err(|_| Error::Verification(bs58::encode(data).into_string()))
     }
 
     #[inline]

common-api/src/crypto/key_exchange.rs

@@ -0,0 +1,129 @@
+//! ### Diffie–Hellman key exchange with ed25519 elliptic curves algorithm
+//! ---
+//! Used Dalek cryptography, and implemented [`Borsh`](https://borsh.io/) serialization for it
+
+use borsh::{BorshDeserialize, BorshSerialize};
+use std::{
+    fmt::Display,
+    io::{Error as IoError, ErrorKind},
+};
+use x25519_dalek::{PublicKey, StaticSecret};
+
+use super::{Error, Key, Result, X25519};
+
+const PUBLIC_LENGTH: usize = 32_usize;
+const SECRET_LENGTH: usize = 32_usize;
+
+pub struct Secret(StaticSecret);
+
+impl BorshSerialize for Secret {
+    fn serialize<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
+        writer.write_all(&self.0.to_bytes())
+    }
+}
+
+impl BorshDeserialize for Secret {
+    fn deserialize(buf: &mut &[u8]) -> std::io::Result<Self> {
+        let secret_key = Secret::try_from_bytes(std::mem::take(buf))
+            .map_err(|err| IoError::new(ErrorKind::InvalidData, err.to_string()))?;
+        Ok(secret_key)
+    }
+}
+
+#[derive(Copy, Clone, PartialEq, Eq)]
+pub struct Public(PublicKey);
+
+impl BorshSerialize for Public {
+    fn serialize<W: std::io::Write>(&self, writer: &mut W) -> std::io::Result<()> {
+        writer.write_all(self.0.as_bytes())
+    }
+}
+
+impl BorshDeserialize for Public {
+    fn deserialize(buf: &mut &[u8]) -> std::io::Result<Self> {
+        let public_key = Public::try_from_bytes(std::mem::take(buf))
+            .map_err(|err| IoError::new(ErrorKind::InvalidData, err.to_string()))?;
+        Ok(public_key)
+    }
+}
+
+impl Display for Public {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "{}", self.string())
+    }
+}
+
+impl Key<SECRET_LENGTH> for Secret {
+    const KEY_TYPE: &'static str = X25519;
+
+    #[inline]
+    fn to_bytes(&self) -> [u8; SECRET_LENGTH] {
+        self.0.to_bytes()
+    }
+
+    fn try_from_bytes(buf: &[u8]) -> Result<Self> {
+        if buf.len() != SECRET_LENGTH {
+            return Err(Error::from_bytes::<Public>(
+                buf,
+                format!(
+                    "input buffer size \"{}\" not equal to secret key size \"{SECRET_LENGTH}\"",
+                    buf.len()
+                ),
+            ));
+        }
+
+        let mut temp_buf = [0_u8; SECRET_LENGTH];
+        temp_buf.copy_from_slice(buf);
+
+        Ok(Self(StaticSecret::from(temp_buf)))
+    }
+}
+
+impl Key<PUBLIC_LENGTH> for Public {
+    const KEY_TYPE: &'static str = X25519;
+
+    #[inline]
+    fn to_bytes(&self) -> [u8; PUBLIC_LENGTH] {
+        self.0.to_bytes()
+    }
+
+    fn try_from_bytes(buf: &[u8]) -> Result<Self> {
+        if buf.len() != PUBLIC_LENGTH {
+            return Err(Error::from_bytes::<Public>(
+                buf,
+                format!(
+                    "input buffer size \"{}\" not equal to public key size \"{PUBLIC_LENGTH}\"",
+                    buf.len()
+                ),
+            ));
+        }
+
+        let mut temp_buf = [0_u8; PUBLIC_LENGTH];
+        temp_buf.copy_from_slice(buf);
+
+        Ok(Self(PublicKey::from(temp_buf)))
+    }
+}
+
+impl<'a> From<&'a Secret> for Public {
+    fn from(secret: &'a Secret) -> Public {
+        Self(PublicKey::from(&secret.0))
+    }
+}
+
+impl Secret {
+    /// Creates a secret part from other participant public part of keypair
+    ///
+    /// ## Arguments
+    /// - **other_public** - Another public part [`Public`] of the key exchange process
+    ///
+    /// ## Returns
+    /// Byte array with a shared secret key
+    ///
+    pub fn exchange(&self, other_public: &Public) -> [u8; SECRET_LENGTH] {
+        self.0.diffie_hellman(&other_public.0).to_bytes()
+    }
+}
+
+serde_impl!(Secret);
+serde_impl!(Public);

common-api/src/crypto/mod.rs

@@ -1,39 +1,128 @@
+#[macro_use]
+mod serde_impl {
+    macro_rules! serde_impl {
+        ($key_type: ty) => {
+            impl serde::Serialize for $key_type {
+                fn serialize<S>(
+                    &self,
+                    serializer: S,
+                ) -> std::result::Result<
+                    <S as serde::Serializer>::Ok,
+                    <S as serde::Serializer>::Error,
+                >
+                where
+                    S: serde::Serializer,
+                {
+                    serializer.serialize_str(&Key::string(self))
+                }
+            }
+
+            impl<'de> serde::Deserialize<'de> for $key_type {
+                fn deserialize<D>(
+                    deserializer: D,
+                ) -> std::result::Result<Self, <D as serde::Deserializer<'de>>::Error>
+                where
+                    D: serde::Deserializer<'de>,
+                {
+                    let s = <String as serde::Deserialize>::deserialize(deserializer)?;
+                    <$key_type>::from_string(&s).map_err(|err| {
+                        serde::de::Error::custom(format!("Deserialization failed: `{}`", err))
+                    })
+                }
+            }
+        };
+    }
+}
+
 pub mod ed25519;
+pub mod key_exchange;
+pub mod prelude {
+    pub use super::{
+        ed25519::{ED25519PublicKey, ED25519SecretKey, ED25519Signature, Keypair},
+        key_exchange::{Public, Secret},
+        Error, Key,
+    };
+}
+
+use itertools::Itertools;
+
+type Result<T> = std::result::Result<T, Error>;
+
+pub(crate) const ED25519: &str = "ed25519";
+pub(crate) const X25519: &str = "x25519";
+
+/// ## Key
+/// **KEY_LENGTH** - It's a key size for ed25519 or x25519
+/// **KEY_TYPE** - Key type, for internal usage to reduce a boilerplate code.
+/// It's a prefix for a key string serialization. Possible values are ["ed25519", "x25519"]
+pub trait Key<const KEY_LENGTH: usize>: Sized {
+    const KEY_TYPE: &'static str;
+
+    fn from_string(key: &str) -> Result<Self> {
+        let (key_type, bs58_encoded) = split_encoded_str(key)?;
+
+        if key_type != Self::KEY_TYPE {
+            return Err(Error::WrongKeyType {
+                key_type: key_type.to_owned(),
+                expected_key_type: Self::KEY_TYPE,
+            });
+        }
+
+        let bytes = bs58::decode(bs58_encoded)
+            .into_vec()
+            .map_err(|err| Error::from_string::<Self>(bs58_encoded.to_owned(), err.to_string()))?;
+        Self::try_from_bytes(&bytes)
+    }
+
+    fn string(&self) -> String {
+        format!(
+            "{}:{}",
+            Self::KEY_TYPE,
+            bs58::encode(self.to_bytes()).into_string()
+        )
+    }
 
-use ed25519::ED25519Signature;
+    fn try_from_bytes(buf: &[u8]) -> Result<Self>;
+    fn to_bytes(&self) -> [u8; KEY_LENGTH];
+}
 
 #[derive(thiserror::Error, Debug)]
 pub enum Error {
-    #[error(
-        "Couldn't convert key from bytes `{key_string}` into `{key_name}`, because of: {cause}"
-    )]
+    #[error("Couldn't convert key from bytes \"{data}\" into \"{key_name}\", because of: {cause}")]
     ConvertFromBytes {
         key_name: &'static str,
-        key_string: String,
+        data: String,
         cause: String,
     },
     #[error(
-        "Couldn't convert key from string `{key_string}` into `{key_name}`, because of: {cause}"
+        "Couldn't convert key from string \"{data}\" into \"{key_name}\", because of: {cause}"
     )]
     ConvertFromString {
         key_name: &'static str,
-        key_string: String,
+        data: String,
         cause: String,
     },
-    #[error("The key format `{0}` seems different from ed25519 format")]
+    #[error("The key format \"{0}\" seems different from ed25519 or x25519 format")]
     UnknownKeyType(String),
-    #[error("Signature `{0}` verification failed")]
-    Verification(ED25519Signature),
+    #[error(
+        "The expected key type \"{expected_key_type}\" is different from actual \"{key_type}\""
+    )]
+    WrongKeyType {
+        key_type: String,
+        expected_key_type: &'static str,
+    },
+    #[error("Signature \"{0}\" verification failed")]
+    Verification(String),
 }
 
 impl Error {
-    pub(crate) fn from_string<T>(key_string: String, cause: String) -> Self {
+    pub(crate) fn from_string<T>(data: String, cause: String) -> Self {
         Self::ConvertFromString {
             key_name: std::any::type_name::<T>()
                 .rsplit("::")
                 .next()
                 .unwrap_or_default(),
-            key_string,
+            data,
             cause,
         }
     }
@@ -44,8 +133,18 @@ impl Error {
                 .rsplit("::")
                 .next()
                 .unwrap_or_default(),
-            key_string: bs58::encode(data).into_string(),
+            data: bs58::encode(data).into_string(),
             cause,
         }
     }
 }
+
+/// Split encoded [`str`] to key prefix and bs58 encoded string
+fn split_encoded_str(encoded: &str) -> Result<(&str, &str)> {
+    match encoded.split(':').next_tuple() {
+        Some((key_type @ ED25519, bs58_encoded) | (key_type @ X25519, bs58_encoded)) => {
+            Ok((key_type, bs58_encoded))
+        }
+        _ => Err(Error::UnknownKeyType(encoded.to_owned())),
+    }
+}

common-api/src/lib.rs

@@ -1,4 +1 @@
 pub mod crypto;
-
-#[cfg(test)]
-mod tests {}