From b1f2c5b803a7e85a3b0c8d999cf9a13d28c6c6c2 Mon Sep 17 00:00:00 2001
From: Greg Burri <greg.burri@gmail.com>
Date: Mon, 5 Aug 2019 20:21:42 +0200
Subject: [PATCH] Implementation of 'encrypt'.

---
 Cargo.lock                   |  1 +
 Cargo.toml                   |  3 ++-
 generate_crypted_message.ps1 |  2 +-
 src/crypto.rs                | 32 ++++++++++++++++++++++++++++----
 src/main.rs                  | 20 ++++++++++++++++----
 5 files changed, 48 insertions(+), 10 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 25b9796..bc54708 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1294,6 +1294,7 @@ dependencies = [
  "itertools 0.8.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "listenfd 0.3.3 (registry+https://github.com/rust-lang/crates.io-index)",
  "openssl 0.10.23 (registry+https://github.com/rust-lang/crates.io-index)",
+ "rand 0.7.0 (registry+https://github.com/rust-lang/crates.io-index)",
  "ron 0.5.1 (registry+https://github.com/rust-lang/crates.io-index)",
  "serde 1.0.94 (registry+https://github.com/rust-lang/crates.io-index)",
  "url 1.7.2 (registry+https://github.com/rust-lang/crates.io-index)",
diff --git a/Cargo.toml b/Cargo.toml
index aee6a09..fe9f894 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -16,4 +16,5 @@ listenfd = "0.3" # To watch file modifications and automatically launch a build
 ron = "0.5.1" # Rust object notation, to load configuration files.
 itertools = "0.8.0"
 url = "1.7.2"
-base64 = "0.10.1"
\ No newline at end of file
+base64 = "0.10.1"
+rand = "0.7"
\ No newline at end of file
diff --git a/generate_crypted_message.ps1 b/generate_crypted_message.ps1
index f50fc50..f30d36a 100644
--- a/generate_crypted_message.ps1
+++ b/generate_crypted_message.ps1
@@ -1 +1 @@
-cargo run --release -- --encrypt $args[0]
\ No newline at end of file
+cargo run -- --encrypt $args[0]
\ No newline at end of file
diff --git a/src/crypto.rs b/src/crypto.rs
index 6d791eb..cc8bf84 100644
--- a/src/crypto.rs
+++ b/src/crypto.rs
@@ -1,14 +1,38 @@
+use openssl::{symm, sha::sha256};
+use rand::prelude::*;
 
+/// Encrypt the given text with the given key. The key length must be 128 bits encoded in base64.
+/// Ouput format:
+/// Format "1" + base_64(<IV> + <hash(message)> + <aes(message)>)
+/// IV: 16 bytes randomized.
+/// Mode : CBC.
 pub fn encrypt(key: &str, plain_text: &str) -> String {
-    let key_as_bytes = base64::decode(key);
+    let key_as_bytes = base64::decode(key).expect("Unable to decode base64 encoded key");
+    assert!(key_as_bytes.len() == 16);
 
+    let text_as_bytes = plain_text.as_bytes();
 
+    let iv = rand::thread_rng().gen::<[u8; 16]>();
 
-    String::new()
+    let cipher_text =
+        symm::encrypt(symm::Cipher::aes_128_cbc(), &key_as_bytes, Some(&iv), text_as_bytes)
+            .expect("Unable to encrypt message");
+
+    let hash_text = sha256(&text_as_bytes);
+
+    let mut result: Vec<u8> = Vec::new();
+    result.extend(&iv);
+    result.extend(&hash_text);
+    result.extend(&cipher_text);
+
+    String::from("1") + &base64::encode(&result)
 }
 
-pub fn decrypt(key: &str, cypher_text: &str) -> Option<String> {
+pub fn decrypt(key: &str, cipher_text: &str) -> Option<String> {
+    if cipher_text.chars() != '1' {
+        return None;
+    }
 
-    println!("cypher: {}", cypher_text);
+    println!("cypher: {}", cipher_text);
     Some(String::new())
 }
diff --git a/src/main.rs b/src/main.rs
index c5a7dc1..b86ce57 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -62,11 +62,10 @@ fn get_exe_name() -> String {
 
 fn print_usage() {
     println!("Usage:");
-    println!(" {} [--help] [--encrypt <message>]", get_exe_name());
+    println!(" {} [--help] [--encrypt <plain-text>|--decrypt <cipher-text>]", get_exe_name());
 }
 
 fn read_key() -> String {
-    use url::percent_encoding::percent_decode;
     let mut key = String::new();
     File::open(consts::FILE_KEY)
         .expect(&format!("Failed to open key file: {}", consts::FILE_KEY))
@@ -74,7 +73,7 @@ fn read_key() -> String {
         .expect(&format!("Failed to read key file: {}", consts::FILE_KEY));
 
     String::from(
-        percent_decode(key.as_bytes())
+        url::percent_encoding::percent_decode(key.as_bytes())
             .decode_utf8()
             .expect(&format!("Failed to decode key file: {}", consts::FILE_KEY))
     )
@@ -91,8 +90,21 @@ fn main() -> std::io::Result<()> {
     } else if let Some((position_arg_encrypt, _)) = args.iter().find_position(|arg| arg == &"--encrypt") {
         match args.iter().nth(position_arg_encrypt + 1) {
             Some(mess_to_encrypt) => {
+
                 let encrypted_mess = crypto::encrypt(&key, mess_to_encrypt);
-                println!("Encrypted message: {}", encrypted_mess);
+                let encrypted_mess_encoded = url::percent_encoding::utf8_percent_encode(&encrypted_mess, url::percent_encoding::DEFAULT_ENCODE_SET).to_string();
+                println!("Encrypted message percent-encoded: {}", encrypted_mess_encoded);
+            }
+            None => print_usage()
+        }
+
+        return Ok(());
+    } else if let Some((position_arg_decrypt, _)) = args.iter().find_position(|arg| arg == &"--decrypt") {
+        match args.iter().nth(position_arg_decrypt + 1) {
+            Some(cipher_text) => {
+                let cipher_text_decoded = url::percent_encoding::percent_decode(cipher_text.as_bytes()).decode_utf8().expect("Unable to decode encoded cipher text");
+                let plain_text = crypto::decrypt(&key, &cipher_text_decoded).unwrap();
+                println!("Decrypted message: {}", plain_text);
             }
             None => print_usage()
         }
-- 
2.43.0