iden3 / go-backup Goto Github PK

FF library used, goff, is for 64 bit architectures. There is a patch in https://github.com/iden3/go-iden3-crypto/tree/master/ff that works for 32 bit.

• Check if this patch modifies the templates so that we can just merge it with backup patch
• Else, apply 32 bit modifications to templates directly

• secret: Move it to go-iden3-crypto because it uses modular integer
  arithmetic of the SNARK friendly prime.
• ff: Merge into go-iden3-crypto: where we already have an ff.
• filecrypt: Move it to go-iden3-core.
• backuplib: Move it to go-iden3-core with changes so that it's easy to use
  with extra contents (like the Tickets from iden3-mobile, or wallet
  settings).

It is a go convention to use camel case instead of snake case: https://golang.org/doc/effective_go.html#mixed-caps
I see that there are many constants defined in filecrypt, I think those
constants can stay in uppercase with underscores. Another instance where I
think snake case can be accepted is in variables when writing algorithms that
come from mathematical notation.

Currently encryption outputs a file. We should change this to return a []byte, and then turn this into a file if necessary. Same for decryption.

filecrypt/filecrypt_utils.go checkError is a function used to panic if an error
is not nil. This function is used in functions that return errors, so instead
of panicking, the error should be returned. I understand it's very tiresome to
add the snippet:

if err != nil {
	return err
}

f, err := open(fname)
if err != nil {
    return fmt.Errorf("opening file: %w", err)
}

everywhere, but it's the way go works, and there's no way (yet) to avoid this.

By batch number I refer to a way to keep track of the group of shares that go together to recover Key

In go-iden3-core we use an interface for the storage. In production the
storage uses disk files, so doing a gob.Encode on the storage struct will not
keep the DB data. The storage needs to be iterated in order to serialize it and
deserialize it. I think it would fit better the backup api to work with []byte
as input and output for encryption/decryption instead of interface{}.
For big blobs, appart from []byte it would be good to consume the data to be
backed in a streaming way, either consuming an io.Reader or returning an
io.Writer to avoid having all the data in memory (and do streaming instead).
For smaller pieces of data we can also JSON and automate the encoding / decoding
with a special wrapper over Encrypt/Decrypt that could be called
EncryptJSON/DecryptJSON.

io.Reader

struct DB {}

func (db *DB) Read(n int) ([]byte, error) {

}

func main() {
    filecrypt.Encrypt(..., db)
}

io.Writer

struct DB {}

func (db *DB) Dump(w io.Writer) {
    for {
       k, v
       w.Write(k, v)
    }
}

struct FileCryptBlock {}

func (f *FileCryptBlock) Write([]byte) error {
   f.
}

func (f *FileCrypt) GetWriter() (io.Writer, error) {
   return FileCryptBlock
}

Filecrypt API simplification proposal. Right now the FileCrypt stores
content in a list that needs to be iterated completely to access a single
element. I would suggest the following changes

• Instead of storing data encoded by gob, store []byte with a public identifier
  ([]byte). For example: []byte("identityStorage"), serializedStorage.
• Store the identifier and the position of the filecrypt block of the encrypted
  data in an index at the beginning of the FileCrypt File.
• Add the following methods to the API:
  • ListBlocks() ([][]byte): Returns the list of block identifiers
  • Encrypt(identifier []byte, blob []byte, ...): Encrypt the binary
    and index it as identifier.
  • Decrypt(identifier []byte, ...) []byte: Decrypt the block
    corresponding to identifier.
    This way different blocks can be accessed without iterating and decrypting the
    entire FileCrypt.

In go the convention is to call constructor functions starting with New. I
think func (hdr *fchdr) FillHdr(...) should be rewritten as func NewHdr(...), and func (hdr *fchdr) fromBytes(...) as func NewHdrFromBytes(...).

The entire filecrypt file is not authenticated. This means that there's no
way to detect tampering of the Key Header, Encryption Header, and non-encrypted
filecrypt blocks.

Should go-backup library be integrated into https://github.com/iden3/go-iden3-crypto and https://github.com/iden3/go-iden3-core libraries, or it should be an independent library?

It seems reasonable that most of go-backup library could be integrated within crypto library as there are many features that could be reused such as Shamir's Secret Sharing, block encapsulation, encryption/decryption... Downsides are that crypto library is acvitvely being used and would impose some restrictions on the sort of changes we can do.

In any case, the decision on how to proceed needs to be taken soon.

User should be the one to serialize data before encrypting.