Multisig: add encryption/decryption primitives to ParticipantIdentity…

… and ParticipantSecret
iron-fish · Feb 28, 2024 · f8ae8bb · f8ae8bb
1 parent 732cbe5
commit f8ae8bb
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 2 deletions.
diff --git a/ironfish-rust-nodejs/index.d.ts b/ironfish-rust-nodejs/index.d.ts
@@ -101,10 +101,12 @@ export class ParticipantSecret {
   serialize(): Buffer
   static random(): ParticipantSecret
   toIdentity(): ParticipantIdentity
+  decryptData(jsBytes: Buffer): Buffer
 }
 export class ParticipantIdentity {
   constructor(jsBytes: Buffer)
   serialize(): Buffer
+  encryptData(jsBytes: Buffer): Buffer
 }
 export type NativePublicKeyPackage = PublicKeyPackage
 export class PublicKeyPackage {

diff --git a/ironfish-rust-nodejs/src/frost.rs b/ironfish-rust-nodejs/src/frost.rs
@@ -14,8 +14,8 @@ use ironfish::{
     SaplingKey,
 };
 use ironfish_frost::{
-    keys::PublicKeyPackage, nonces::deterministic_signing_nonces, signature_share::SignatureShare,
-    signing_commitment::SigningCommitment,
+    keys::PublicKeyPackage, multienc, nonces::deterministic_signing_nonces,
+    signature_share::SignatureShare, signing_commitment::SigningCommitment,
 };
 use napi::{bindgen_prelude::*, JsBuffer};
 use napi_derive::napi;
@@ -152,6 +152,16 @@ impl ParticipantSecret {
         let identity = self.secret.to_identity();
         ParticipantIdentity { identity }
     }
+
+    #[napi]
+    pub fn decrypt_data(&self, js_bytes: JsBuffer) -> Result<Buffer> {
+        let bytes = js_bytes.into_value()?;
+        let encrypted_blob =
+            multienc::MultiRecipientBlob::deserialize_from(bytes.as_ref()).map_err(to_napi_err)?;
+        multienc::decrypt(&self.secret, &encrypted_blob)
+            .map(Buffer::from)
+            .map_err(to_napi_err)
+    }
 }
 
 #[napi]
@@ -173,6 +183,16 @@ impl ParticipantIdentity {
     pub fn serialize(&self) -> Buffer {
         Buffer::from(self.identity.serialize().as_slice())
     }
+
+    #[napi]
+    pub fn encrypt_data(&self, js_bytes: JsBuffer) -> Result<Buffer> {
+        let bytes = js_bytes.into_value()?;
+        let encrypted_blob = multienc::encrypt(&bytes, [&self.identity], thread_rng());
+        encrypted_blob
+            .serialize()
+            .map(Buffer::from)
+            .map_err(to_napi_err)
+    }
 }
 
 #[napi]