github.com/keybase/client/go@v0.0.0-20240309051027-028f7c731f8b/kbfs/kbfsmd/merkle_leaf.go

github.com/keybase/client/go@v0.0.0-20240309051027-028f7c731f8b/kbfs/kbfsmd/merkle_leaf.go (about)

     1  // Copyright 2018 Keybase Inc. All rights reserved.
     2  // Use of this source code is governed by a BSD
     3  // license that can be found in the LICENSE file.
     4  
     5  package kbfsmd
     6  
     7  import (
     8  	"github.com/keybase/client/go/kbfs/kbfscodec"
     9  	"github.com/keybase/client/go/kbfs/kbfscrypto"
    10  	merkle "github.com/keybase/go-merkle-tree"
    11  	"golang.org/x/crypto/nacl/box"
    12  )
    13  
    14  // MerkleLeaf is the value of a Merkle leaf node.
    15  type MerkleLeaf struct {
    16  	_struct   bool `codec:",toarray"` // nolint
    17  	Revision  Revision
    18  	Hash      MerkleHash // hash of the signed metadata object
    19  	Timestamp int64
    20  }
    21  
    22  var _ merkle.ValueConstructor = (*MerkleLeaf)(nil)
    23  
    24  // Construct implements the go-merkle-tree.ValueConstructor interface.
    25  func (l MerkleLeaf) Construct() interface{} {
    26  	// In the Merkle tree leaves are simply byte slices.
    27  	return &[]byte{}
    28  }
    29  
    30  // EncryptedMerkleLeaf is an encrypted Merkle leaf.
    31  type EncryptedMerkleLeaf struct {
    32  	_struct       bool `codec:",toarray"` // nolint
    33  	Version       kbfscrypto.EncryptionVer
    34  	EncryptedData []byte
    35  }
    36  
    37  // Construct implements the go-merkle-tree.ValueConstructor interface.
    38  func (el EncryptedMerkleLeaf) Construct() interface{} {
    39  	// In the Merkle tree leaves are simply byte slices.
    40  	return &[]byte{}
    41  }
    42  
    43  // Encrypt encrypts a Merkle leaf node with the given key pair.
    44  func (l MerkleLeaf) Encrypt(codec kbfscodec.Codec,
    45  	pubKey kbfscrypto.TLFPublicKey, nonce *[24]byte,
    46  	ePrivKey kbfscrypto.TLFEphemeralPrivateKey) (EncryptedMerkleLeaf, error) {
    47  	// encode the clear-text leaf
    48  	leafBytes, err := codec.Encode(l)
    49  	if err != nil {
    50  		return EncryptedMerkleLeaf{}, err
    51  	}
    52  	// encrypt the encoded leaf
    53  	pubKeyData := pubKey.Data()
    54  	privKeyData := ePrivKey.Data()
    55  	encryptedData := box.Seal(
    56  		nil, leafBytes, nonce, &pubKeyData, &privKeyData)
    57  	return EncryptedMerkleLeaf{
    58  		Version:       kbfscrypto.EncryptionSecretbox,
    59  		EncryptedData: encryptedData,
    60  	}, nil
    61  }
    62  
    63  // Decrypt decrypts a Merkle leaf node with the given key pair.
    64  func (el EncryptedMerkleLeaf) Decrypt(codec kbfscodec.Codec,
    65  	privKey kbfscrypto.TLFPrivateKey, nonce *[24]byte,
    66  	ePubKey kbfscrypto.TLFEphemeralPublicKey) (MerkleLeaf, error) {
    67  	eLeaf := kbfscrypto.MakeEncryptedMerkleLeaf(
    68  		el.Version, el.EncryptedData, nonce)
    69  	leafBytes, err := kbfscrypto.DecryptMerkleLeaf(privKey, ePubKey, eLeaf)
    70  	if err != nil {
    71  		return MerkleLeaf{}, err
    72  	}
    73  	// decode the leaf
    74  	var leaf MerkleLeaf
    75  	if err := codec.Decode(leafBytes, &leaf); err != nil {
    76  		return MerkleLeaf{}, err
    77  	}
    78  	return leaf, nil
    79  }