Merge pull request #587 from breez/ok300-bump-ecies

Bump ecies dependency
breez · Nov 6, 2023 · a12e372 · a12e372
2 parents 35af4b1 + 2dd76dc
commit a12e372
Show file tree

Hide file tree

Showing 6 changed files with 64 additions and 170 deletions.
diff --git a/libs/Cargo.lock b/libs/Cargo.lock
diff --git a/libs/sdk-core/Cargo.toml b/libs/sdk-core/Cargo.toml
@@ -22,7 +22,7 @@ gl-client = { git = "https://github.com/Blockstream/greenlight.git", features =
 zbase32 = "0.1.2"
 base64 = "0.13.0"
 chrono = "0.4"
-ecies = { version = "0.2", default-features = false, features = ["pure"] }
+ecies = { version = "0.2.6", default-features = false, features = ["pure"] }
 env_logger = "0.10"
 futures = "0.3.28"
 ripemd = "0.1"

diff --git a/libs/sdk-core/src/backup.rs b/libs/sdk-core/src/backup.rs
@@ -6,7 +6,7 @@ use crate::{
 };
 
 use anyhow::{anyhow, Result};
-use ecies::utils::{aes_decrypt, aes_encrypt};
+use ecies::symmetric::{sym_decrypt, sym_encrypt};
 use miniz_oxide::{deflate::compress_to_vec, inflate::decompress_to_vec_with_limit};
 use std::{
     fs::{self, File},
@@ -390,11 +390,11 @@ impl BackupWorker {
         match state {
             Some(state) => {
                 let mut decrypted =
-                    aes_decrypt(self.encryption_key.as_slice(), state.data.as_slice());
+                    sym_decrypt(self.encryption_key.as_slice(), state.data.as_slice());
                 if decrypted.is_none() {
                     warn!("Failed to decrypt backup with new key, trying legacy key");
                     decrypted =
-                        aes_decrypt(self.legacy_encryption_key.as_slice(), state.data.as_slice());
+                        sym_decrypt(self.legacy_encryption_key.as_slice(), state.data.as_slice());
                 }
                 let decrypted_data = decrypted.ok_or(anyhow!("Failed to decrypt backup"))?;
                 match decompress_to_vec_with_limit(&decrypted_data, 4000000) {
@@ -419,7 +419,7 @@ impl BackupWorker {
             compressed_data.len()
         );
         let encrypted_data =
-            aes_encrypt(self.encryption_key.as_slice(), compressed_data.as_slice())
+            sym_encrypt(self.encryption_key.as_slice(), compressed_data.as_slice())
                 .ok_or(anyhow!("Failed to encrypt backup"))?;
         let version = self.inner.push(version, encrypted_data.clone()).await?;
         Ok((version, encrypted_data))

diff --git a/libs/sdk-core/src/crypt.rs b/libs/sdk-core/src/crypt.rs
@@ -1,16 +1,16 @@
-use anyhow::Result;
+use anyhow::{anyhow, Result};
 
 pub fn encrypt(key: Vec<u8>, msg: Vec<u8>) -> Result<Vec<u8>> {
     match ecies::encrypt(key.as_slice(), msg.as_slice()) {
         Ok(res) => Ok(res),
-        Err(err) => Err(err.into()),
+        Err(err) => Err(anyhow!(err.to_string())),
     }
 }
 
 #[allow(dead_code)]
 pub fn decrypt(key: Vec<u8>, msg: Vec<u8>) -> Result<Vec<u8>> {
     match ecies::decrypt(key.as_slice(), msg.as_slice()) {
         Ok(res) => Ok(res),
-        Err(err) => Err(err.into()),
+        Err(err) => Err(anyhow!(err.to_string())),
     }
 }
diff --git a/libs/sdk-core/src/greenlight/node_api.rs b/libs/sdk-core/src/greenlight/node_api.rs
@@ -13,7 +13,7 @@ use bitcoin::secp256k1::PublicKey;
 use bitcoin::secp256k1::Secp256k1;
 use bitcoin::util::bip32::{ChildNumber, ExtendedPrivKey};
 use bitcoin::{Address, OutPoint, Script, Sequence, Transaction, TxIn, TxOut, Txid, Witness};
-use ecies::utils::{aes_decrypt, aes_encrypt};
+use ecies::symmetric::{sym_decrypt, sym_encrypt};
 use gl_client::node::ClnClient;
 use gl_client::pb::cln::listinvoices_invoices::ListinvoicesInvoicesStatus;
 use gl_client::pb::cln::listpays_pays::ListpaysPaysStatus;
@@ -99,11 +99,11 @@ impl Greenlight {
         let parsed_credentials: Result<GreenlightCredentials> = match credentials {
             // In case we found existing credentials, try to decrypt them and connect to the node
             Some(creds) => {
-                let mut decrypted_credentials = aes_decrypt(encryption_key_slice, creds.as_slice());
+                let mut decrypted_credentials = sym_decrypt(encryption_key_slice, creds.as_slice());
                 if decrypted_credentials.is_none() {
                     info!("Failed to decrypt credentials, trying legacy key");
                     decrypted_credentials =
-                        aes_decrypt(legacy_encryption_key_slice, creds.as_slice());
+                        sym_decrypt(legacy_encryption_key_slice, creds.as_slice());
                 }
                 match decrypted_credentials {
                     Some(creds) => {
@@ -145,7 +145,7 @@ impl Greenlight {
         let res = match parsed_credentials {
             Ok(creds) => {
                 let json_creds = serde_json::to_string(&creds)?.as_bytes().to_vec();
-                let encryptd_creds = aes_encrypt(encryption_key_slice, json_creds.as_slice());
+                let encryptd_creds = sym_encrypt(encryption_key_slice, json_creds.as_slice());
                 match encryptd_creds {
                     Some(c) => {
                         persister.set_gl_credentials(c)?;