From b01230a93c2689a2c37bfbaa82623f92020efc99 Mon Sep 17 00:00:00 2001
From: josh <josh@elixxir.io>
Date: Tue, 28 Sep 2021 11:07:45 -0700
Subject: [PATCH] Refactor mnemonic for xxCrypto chacha implementation

---
 api/mnemonic.go          | 42 +++-------------------------------------
 api/mnemonic_test.go     | 35 ---------------------------------
 go.mod                   |  4 ++--
 go.sum                   |  4 ++++
 network/node/register.go |  6 ++++--
 5 files changed, 13 insertions(+), 78 deletions(-)

diff --git a/api/mnemonic.go b/api/mnemonic.go
index fd3ce7259..0ab1f2303 100644
--- a/api/mnemonic.go
+++ b/api/mnemonic.go
@@ -10,10 +10,10 @@ package api
 import (
 	"github.com/pkg/errors"
 	"gitlab.com/elixxir/crypto/fastRNG"
+	"gitlab.com/xx_network/crypto/chacha"
 	"gitlab.com/xx_network/crypto/csprng"
 	xxMnemonic "gitlab.com/xx_network/crypto/mnemonic"
 	"gitlab.com/xx_network/primitives/utils"
-	"golang.org/x/crypto/chacha20poly1305"
 	"path/filepath"
 	"strings"
 )
@@ -44,7 +44,7 @@ func StoreSecretWithMnemonic(secret []byte, path string) (string, error) {
 	}
 
 	// Encrypt secret with mnemonic as key
-	ciphertext, err := encryptWithMnemonic(secret, decodedMnemonic, rng)
+	ciphertext, err := chacha.Encrypt(secret, decodedMnemonic, rng)
 	if err != nil {
 		return "", errors.Errorf("Failed to encrypt secret with mnemonic: %v", err)
 	}
@@ -87,7 +87,7 @@ func LoadSecretWithMnemonic(mnemonic, path string) (secret []byte, err error) {
 	}
 
 	// Decrypt the stored secret
-	secret, err = decryptWithMnemonic(data, decodedMnemonic)
+	secret, err = chacha.Decrypt(decodedMnemonic, data)
 	if err != nil {
 		return nil, errors.Errorf("Failed to decrypt secret: %v", err)
 	}
@@ -95,39 +95,3 @@ func LoadSecretWithMnemonic(mnemonic, path string) (secret []byte, err error) {
 	return secret, nil
 }
 
-// encryptWithMnemonic is a helper function which encrypts the given secret
-// using the mnemonic as the key.
-func encryptWithMnemonic(data, decodedMnemonic []byte,
-	rng csprng.Source) (ciphertext []byte, error error) {
-	chaCipher, err := chacha20poly1305.NewX(decodedMnemonic[:])
-	if err != nil {
-		return nil, errors.Errorf("Failed to initalize encryption algorithm: %v", err)
-	}
-
-	// Generate the nonce
-	nonce := make([]byte, chaCipher.NonceSize())
-	nonce, err = csprng.Generate(chaCipher.NonceSize(), rng)
-	if err != nil {
-		return nil, errors.Errorf("Failed to generate nonce: %v", err)
-	}
-
-	ciphertext = chaCipher.Seal(nonce, nonce, data, nil)
-	return ciphertext, nil
-}
-
-// decryptWithMnemonic is a helper function which decrypts the secret
-// from storage, using the mnemonic as the key.
-func decryptWithMnemonic(data, decodedMnemonic []byte) ([]byte, error) {
-	chaCipher, err := chacha20poly1305.NewX(decodedMnemonic[:])
-	if err != nil {
-		return nil, errors.Errorf("Failed to initalize encryption algorithm: %v", err)
-	}
-
-	nonceLen := chaCipher.NonceSize()
-	nonce, ciphertext := data[:nonceLen], data[nonceLen:]
-	plaintext, err := chaCipher.Open(nil, nonce, ciphertext, nil)
-	if err != nil {
-		return nil, errors.Wrap(err, "Cannot decrypt with password!")
-	}
-	return plaintext, nil
-}
diff --git a/api/mnemonic_test.go b/api/mnemonic_test.go
index 66b2f13df..a56a73b1f 100644
--- a/api/mnemonic_test.go
+++ b/api/mnemonic_test.go
@@ -38,41 +38,6 @@ func TestStoreSecretWithMnemonic(t *testing.T) {
 
 }
 
-func TestEncryptDecryptMnemonic(t *testing.T) {
-	prng := NewPrng(32)
-
-	// Generate a test mnemonic
-	testMnemonic, err := xxMnemonic.GenerateMnemonic(prng, 32)
-	if err != nil {
-		t.Fatalf("GenerateMnemonic error: %v", err)
-	}
-
-	decodedMnemonic, err := xxMnemonic.DecodeMnemonic(testMnemonic)
-	if err != nil {
-		t.Fatalf("DecodeMnemonic error: %v", err)
-	}
-
-	secret := []byte("test123")
-
-	// Encrypt the secret
-	ciphertext, err := encryptWithMnemonic(secret, decodedMnemonic, prng)
-	if err != nil {
-		t.Fatalf("encryptWithMnemonic error: %v", err)
-	}
-
-	// Decrypt the secret
-	received, err := decryptWithMnemonic(ciphertext, decodedMnemonic)
-	if err != nil {
-		t.Fatalf("decryptWithMnemonic error: %v", err)
-	}
-
-	// Test if secret matches decrypted data
-	if !bytes.Equal(received, secret) {
-		t.Fatalf("Decrypted data does not match original plaintext."+
-			"\n\tExpected: %v\n\tReceived: %v", secret, received)
-	}
-}
-
 func TestLoadSecretWithMnemonic(t *testing.T) {
 	secret := []byte("test123")
 	storageDir := "ignore.1"
diff --git a/go.mod b/go.mod
index 240a6599d..f1c1cf6bb 100644
--- a/go.mod
+++ b/go.mod
@@ -17,12 +17,12 @@ require (
 	github.com/spf13/jwalterweatherman v1.1.0
 	github.com/spf13/viper v1.7.1
 	gitlab.com/elixxir/bloomfilter v0.0.0-20200930191214-10e9ac31b228
-	gitlab.com/elixxir/comms v0.0.4-0.20210924220856-4864c21fe316
+	gitlab.com/elixxir/comms v0.0.4-0.20210927221600-65a291f4e6a6
 	gitlab.com/elixxir/crypto v0.0.7-0.20210920180151-6c9b84bae372
 	gitlab.com/elixxir/ekv v0.1.5
 	gitlab.com/elixxir/primitives v0.0.3-0.20210920180121-b85bca5212f4
 	gitlab.com/xx_network/comms v0.0.4-0.20210921011654-3b73a40ed3d6
-	gitlab.com/xx_network/crypto v0.0.5-0.20210920180047-4dd4aed4a942
+	gitlab.com/xx_network/crypto v0.0.5-0.20210928175311-49981edf5e69
 	gitlab.com/xx_network/primitives v0.0.4-0.20210915220237-70cb4551d6f3
 	golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2
 	golang.org/x/net v0.0.0-20210525063256-abc453219eb5
diff --git a/go.sum b/go.sum
index 9f762119d..39a2dd563 100644
--- a/go.sum
+++ b/go.sum
@@ -259,6 +259,8 @@ gitlab.com/elixxir/comms v0.0.4-0.20210922201638-6f29a4b4f1e3 h1:xm9szmYscDwLUtb
 gitlab.com/elixxir/comms v0.0.4-0.20210922201638-6f29a4b4f1e3/go.mod h1:h41+FHc9zlQGveEao3aw8VSfzyOPecEhhUIadUsW1C8=
 gitlab.com/elixxir/comms v0.0.4-0.20210924220856-4864c21fe316 h1:PLGmuuaG5R1suI2GNHhaQw09vrM4p6KoJ6FsBZLNocc=
 gitlab.com/elixxir/comms v0.0.4-0.20210924220856-4864c21fe316/go.mod h1:h41+FHc9zlQGveEao3aw8VSfzyOPecEhhUIadUsW1C8=
+gitlab.com/elixxir/comms v0.0.4-0.20210927221600-65a291f4e6a6 h1:draTda/SDnop2oCRfyWvu6hqC8G4i7BrVzfwZ7tDZls=
+gitlab.com/elixxir/comms v0.0.4-0.20210927221600-65a291f4e6a6/go.mod h1:h41+FHc9zlQGveEao3aw8VSfzyOPecEhhUIadUsW1C8=
 gitlab.com/elixxir/crypto v0.0.0-20200804182833-984246dea2c4/go.mod h1:ucm9SFKJo+K0N2GwRRpaNr+tKXMIOVWzmyUD0SbOu2c=
 gitlab.com/elixxir/crypto v0.0.3/go.mod h1:ZNgBOblhYToR4m8tj4cMvJ9UsJAUKq+p0gCp07WQmhA=
 gitlab.com/elixxir/crypto v0.0.7-0.20210920180151-6c9b84bae372 h1:W5Ax+cwqOOcsVegaMLvsFJ/Cs24a4Wyhp5UHFwvMQxo=
@@ -278,6 +280,8 @@ gitlab.com/xx_network/crypto v0.0.3/go.mod h1:DF2HYvvCw9wkBybXcXAgQMzX+MiGbFPjwt
 gitlab.com/xx_network/crypto v0.0.4/go.mod h1:+lcQEy+Th4eswFgQDwT0EXKp4AXrlubxalwQFH5O0Mk=
 gitlab.com/xx_network/crypto v0.0.5-0.20210920180047-4dd4aed4a942 h1:pOFwTWCdaFhwve2aWoqicqQIECuZ1mIUeLtVMUAauEg=
 gitlab.com/xx_network/crypto v0.0.5-0.20210920180047-4dd4aed4a942/go.mod h1:+UefYhLcS9UxtzspFHKLJvAf3urcP3xbKgdIEgCuTmU=
+gitlab.com/xx_network/crypto v0.0.5-0.20210928175311-49981edf5e69 h1:Gxq8eSOL36UXkZwjWNom74acVzEqQVCA22peukASGsU=
+gitlab.com/xx_network/crypto v0.0.5-0.20210928175311-49981edf5e69/go.mod h1:+UefYhLcS9UxtzspFHKLJvAf3urcP3xbKgdIEgCuTmU=
 gitlab.com/xx_network/primitives v0.0.0-20200803231956-9b192c57ea7c/go.mod h1:wtdCMr7DPePz9qwctNoAUzZtbOSHSedcK++3Df3psjA=
 gitlab.com/xx_network/primitives v0.0.0-20200804183002-f99f7a7284da/go.mod h1:OK9xevzWCaPO7b1wiluVJGk7R5ZsuC7pHY5hteZFQug=
 gitlab.com/xx_network/primitives v0.0.2/go.mod h1:cs0QlFpdMDI6lAo61lDRH2JZz+3aVkHy+QogOB6F/qc=
diff --git a/network/node/register.go b/network/node/register.go
index f72e4357d..e295c967e 100644
--- a/network/node/register.go
+++ b/network/node/register.go
@@ -30,6 +30,7 @@ import (
 	"gitlab.com/xx_network/crypto/csprng"
 	"gitlab.com/xx_network/crypto/signature/rsa"
 	"gitlab.com/xx_network/primitives/id"
+	"gitlab.com/xx_network/primitives/netTime"
 	"strconv"
 	"time"
 )
@@ -138,7 +139,7 @@ func registerWithNode(sender *gateway.Sender, comms RegisterNodeCommsInterface,
 		serverPubDH := store.GetGroup().NewIntFromBytes(dhPub)
 
 		// Confirm received nonce
-		// fixme: need?
+		// fixme: need? I think this can be removed. I which case remove from comms as well
 		jww.INFO.Printf("Register: Confirming received nonce from node %s", nodeID.String())
 		err = confirmNonce(sender, comms, uci.GetTransmissionID().Bytes(),
 			nonce, uci.GetTransmissionRSA(), gatewayID, stop)
@@ -170,7 +171,8 @@ func requestKey(sender *gateway.Sender, comms RegisterNodeCommsInterface, gwId *
 			RegistrarSignature: &messages.RSASignature{Signature: regSig},
 		},
 		ClientDHPubKey:   dhPub,
-		RequestTimestamp: registrationTimestampNano,
+		RegistrationTimestamp: registrationTimestampNano,
+		RequestTimestamp: netTime.Now().UnixNano(),
 	}
 
 	serializedMessage, err := proto.Marshal(keyRequest)
-- 
GitLab