diff --git a/accounts/src/key_management/mod.rs b/accounts/src/key_management/mod.rs index 0fab650..fcfcedd 100644 --- a/accounts/src/key_management/mod.rs +++ b/accounts/src/key_management/mod.rs @@ -65,24 +65,27 @@ impl AddressKeyHolder { let binding = key_point.to_bytes(); let key_raw = &binding.as_slice()[..32]; let key_raw_adjust: [u8; 32] = key_raw.try_into().unwrap(); - + let key: Key = key_raw_adjust.into(); - + let cipher = Aes256Gcm::new(&key); - + cipher.decrypt(&nonce, ciphertext.as_slice()).unwrap() } } #[cfg(test)] mod tests { - use constants_types::{NULLIFIER_SECRET_CONST, VIEVING_SECRET_CONST}; - use elliptic_curve::group::GroupEncoding; - use aes_gcm::{Aes256Gcm, aead::{Aead, KeyInit, OsRng}}; - use k256::{AffinePoint, ProjectivePoint, Scalar}; + use aes_gcm::{ + aead::{Aead, KeyInit, OsRng}, + Aes256Gcm, + }; use constants_types::{CipherText, Nonce}; - use elliptic_curve::group::prime::PrimeCurveAffine; + use constants_types::{NULLIFIER_SECRET_CONST, VIEVING_SECRET_CONST}; use elliptic_curve::ff::Field; + use elliptic_curve::group::prime::PrimeCurveAffine; + use elliptic_curve::group::GroupEncoding; + use k256::{AffinePoint, ProjectivePoint, Scalar}; use super::*; @@ -90,10 +93,14 @@ mod tests { fn test_new_os_random() { // Ensure that a new AddressKeyHolder instance can be created without errors. let address_key_holder = AddressKeyHolder::new_os_random(); - + // Check that key holder fields are initialized with expected types - assert!(!Into::::into(address_key_holder.nullifer_public_key.is_identity())); - assert!(!Into::::into(address_key_holder.viewing_public_key.is_identity())); + assert!(!Into::::into( + address_key_holder.nullifer_public_key.is_identity() + )); + assert!(!Into::::into( + address_key_holder.viewing_public_key.is_identity() + )); } #[test] @@ -105,7 +112,8 @@ mod tests { let ephemeral_public_key_sender = (ProjectivePoint::generator() * scalar).to_affine(); // Calculate shared secret - let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); + let shared_secret = + address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); // Ensure the shared secret is not an identity point (suggesting non-zero output) assert!(!Into::::into(shared_secret.is_identity())); @@ -117,8 +125,11 @@ mod tests { // Generate an ephemeral key and shared secret let scalar = Scalar::random(OsRng); - let ephemeral_public_key_sender = address_key_holder.produce_ephemeral_key_holder().generate_ephemeral_public_key(); - let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); + let ephemeral_public_key_sender = address_key_holder + .produce_ephemeral_key_holder() + .generate_ephemeral_public_key(); + let shared_secret = + address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); // Prepare the encryption key from shared secret let key_raw = shared_secret.to_bytes(); @@ -131,10 +142,16 @@ mod tests { // Encrypt sample data let nonce = Nonce::from_slice(b"unique nonce"); let plaintext = b"Sensitive data"; - let ciphertext = cipher.encrypt(nonce, plaintext.as_ref()).expect("encryption failure"); + let ciphertext = cipher + .encrypt(nonce, plaintext.as_ref()) + .expect("encryption failure"); // Attempt decryption - let decrypted_data: Vec = address_key_holder.decrypt_data(ephemeral_public_key_sender, CipherText::from(ciphertext), nonce.clone()); + let decrypted_data: Vec = address_key_holder.decrypt_data( + ephemeral_public_key_sender, + CipherText::from(ciphertext), + nonce.clone(), + ); // Verify decryption is successful and matches original plaintext assert_eq!(decrypted_data, plaintext); @@ -146,8 +163,12 @@ mod tests { let address_key_holder = AddressKeyHolder::new_os_random(); // Check that key holder fields are initialized with expected types and values - assert!(!Into::::into(address_key_holder.nullifer_public_key.is_identity())); - assert!(!Into::::into(address_key_holder.viewing_public_key.is_identity())); + assert!(!Into::::into( + address_key_holder.nullifer_public_key.is_identity() + )); + assert!(!Into::::into( + address_key_holder.viewing_public_key.is_identity() + )); assert!(address_key_holder.address.as_slice().len() > 0); // Assume TreeHashType has non-zero length for a valid address } @@ -173,7 +194,8 @@ mod tests { // Generate ephemeral public key and shared secret let scalar = Scalar::random(OsRng); let ephemeral_public_key_sender = (ProjectivePoint::generator() * scalar).to_affine(); - let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); + let shared_secret = + address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); // Prepare the encryption key from shared secret let key_raw = shared_secret.to_bytes(); @@ -186,14 +208,16 @@ mod tests { // Encrypt sample data with a specific nonce let nonce = Nonce::from_slice(b"unique nonce"); let plaintext = b"Sensitive data"; - let ciphertext = cipher.encrypt(nonce, plaintext.as_ref()).expect("encryption failure"); + let ciphertext = cipher + .encrypt(nonce, plaintext.as_ref()) + .expect("encryption failure"); // Attempt decryption with an incorrect nonce let incorrect_nonce = Nonce::from_slice(b"wrong nonce"); let decrypted_data = address_key_holder.decrypt_data( - ephemeral_public_key_sender, - CipherText::from(ciphertext.clone()), - incorrect_nonce.clone(), + ephemeral_public_key_sender, + CipherText::from(ciphertext.clone()), + incorrect_nonce.clone(), ); // The decryption should fail or produce incorrect output due to nonce mismatch @@ -208,7 +232,8 @@ mod tests { // Generate ephemeral public key and shared secret let scalar = Scalar::random(OsRng); let ephemeral_public_key_sender = (ProjectivePoint::generator() * scalar).to_affine(); - let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); + let shared_secret = + address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); // Prepare the encryption key from shared secret let key_raw = shared_secret.to_bytes(); @@ -221,7 +246,9 @@ mod tests { // Encrypt sample data let nonce = Nonce::from_slice(b"unique nonce"); let plaintext = b"Sensitive data"; - let ciphertext = cipher.encrypt(nonce, plaintext.as_ref()).expect("encryption failure"); + let ciphertext = cipher + .encrypt(nonce, plaintext.as_ref()) + .expect("encryption failure"); // Tamper with the ciphertext to simulate corruption let mut corrupted_ciphertext = ciphertext.clone(); @@ -229,9 +256,9 @@ mod tests { // Attempt decryption let result = address_key_holder.decrypt_data( - ephemeral_public_key_sender, - CipherText::from(corrupted_ciphertext), - nonce.clone(), + ephemeral_public_key_sender, + CipherText::from(corrupted_ciphertext), + nonce.clone(), ); // The decryption should fail or produce incorrect output due to tampered ciphertext @@ -250,7 +277,8 @@ mod tests { let plaintext = b"Round-trip test data"; let nonce = Nonce::from_slice(b"unique nonce"); - let shared_secret = address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); + let shared_secret = + address_key_holder.calculate_shared_secret_receiver(ephemeral_public_key_sender); // Prepare the encryption key from shared secret let key_raw = shared_secret.to_bytes(); let key_raw_adjust_pre = &key_raw.as_slice()[..32]; @@ -258,13 +286,15 @@ mod tests { let key: Key = key_raw_adjust.into(); let cipher = Aes256Gcm::new(&key); - let ciphertext = cipher.encrypt(nonce, plaintext.as_ref()).expect("encryption failure"); + let ciphertext = cipher + .encrypt(nonce, plaintext.as_ref()) + .expect("encryption failure"); // Decrypt the data using the `AddressKeyHolder` instance let decrypted_data = address_key_holder.decrypt_data( - ephemeral_public_key_sender, - CipherText::from(ciphertext), - nonce.clone(), + ephemeral_public_key_sender, + CipherText::from(ciphertext), + nonce.clone(), ); // Verify the decrypted data matches the original plaintext