Unverified Commit 59b0f9e5 authored by tec's avatar tec

Add token encryption

parent 81dffed2
...@@ -5,11 +5,13 @@ authors = ["tec <[email protected]>"] ...@@ -5,11 +5,13 @@ authors = ["tec <[email protected]>"]
edition = "2018" edition = "2018"
[dependencies] [dependencies]
serenity = "0.8.0" chrono = "^0.4.10"
rand = "^0.7.2"
lazy_static = "^1.4.0" lazy_static = "^1.4.0"
log = "^0.4.8" log = "^0.4.8"
simplelog = "^0.7.4" rand = "^0.7.2"
serde_yaml = "^0.8"
serde = "^1.0.104" serde = "^1.0.104"
chrono = "^0.4.10" serde_yaml = "^0.8"
serenity = "0.8.0"
simplelog = "^0.7.4"
openssl = "^0.10"
base64 = "^0.11"
use base64;
use chrono::{prelude::Utc, DateTime}; use chrono::{prelude::Utc, DateTime};
use openssl::symm::{decrypt, encrypt, Cipher};
use rand::Rng; use rand::Rng;
use serenity::model::user::User; use serenity::model::user::User;
use std::str; use std::str;
lazy_static! { lazy_static! {
static ref KEY: [u8; 32] = rand::thread_rng().gen::<[u8; 32]>(); static ref KEY: [u8; 32] = rand::thread_rng().gen::<[u8; 32]>();
static ref CIPHER: Cipher = Cipher::aes_256_cbc();
} }
fn encrypt(plaintext: &str) -> &str { fn text_encrypt(plaintext: &str) -> String {
return plaintext; let iv: &[u8; 16] = &[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
let encrypted_vec =
encrypt(*CIPHER, &*KEY, Some(iv), plaintext.as_bytes()).expect("encryption failed");
return base64::encode(encrypted_vec.as_slice());
} }
fn decrypt(ciphertext: &str) -> &str { fn text_decrypt(ciphertext: &str) -> String {
return ciphertext; let iv: &[u8; 16] = &[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
let decrypted_vec = decrypt(
*CIPHER,
&*KEY,
Some(iv),
&base64::decode(ciphertext).expect("Unable to decode"),
)
.expect("decryption failed");
return str::from_utf8(decrypted_vec.as_slice())
.expect("Invalid utf8 sequence")
.to_owned();
} }
pub fn generate_token<'a>(discord_user: &User, username: &str) -> String { pub fn generate_token<'a>(discord_user: &User, username: &str) -> String {
...@@ -24,7 +40,7 @@ pub fn generate_token<'a>(discord_user: &User, username: &str) -> String { ...@@ -24,7 +40,7 @@ pub fn generate_token<'a>(discord_user: &User, username: &str) -> String {
username username
); );
info!("Token generated for {}: {}", discord_user.name, &payload); info!("Token generated for {}: {}", discord_user.name, &payload);
encrypt(&payload).to_string() text_encrypt(&payload).to_string()
} }
#[derive(Debug)] #[derive(Debug)]
...@@ -38,8 +54,9 @@ impl std::fmt::Display for TokenError { ...@@ -38,8 +54,9 @@ impl std::fmt::Display for TokenError {
} }
} }
pub fn parse_token(discord_user: &User, token: &str) -> Result<String, TokenError> { pub fn parse_token(discord_user: &User, encrypted_token: &str) -> Result<String, TokenError> {
let token_components: Vec<_> = decrypt(token).splitn(3, ',').collect(); let token = text_decrypt(encrypted_token);
let token_components: Vec<_> = token.splitn(3, ',').collect();
info!( info!(
"Verification attempt from '{}'(uid: {}) for account '{}' with token from {}", "Verification attempt from '{}'(uid: {}) for account '{}' with token from {}",
discord_user.name, token_components[1], token_components[2], token_components[0] discord_user.name, token_components[1], token_components[2], token_components[0]
......
...@@ -63,7 +63,7 @@ impl Commands { ...@@ -63,7 +63,7 @@ impl Commands {
"Error sending message: {:?}", "Error sending message: {:?}",
// TODO convert to email // TODO convert to email
msg.channel_id msg.channel_id
.say(&ctx.http, generate_token(&msg.author, account_name)) .say(&ctx.http, format!("Hey {} here's that token you ordered: {}\nIf this wasn't you just ignore this.", account_name, generate_token(&msg.author, account_name)))
); );
e!("Error deleting register message: {:?}", msg.delete(ctx)); e!("Error deleting register message: {:?}", msg.delete(ctx));
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment