feat: implement encrypted chunked storage and convergent encryption

Signed-off-by: skidoodle <contact@albert.lol>

Author: skidoodle

internal/app/server_test.go

@@ -2,6 +2,7 @@ package app
 
 import (
 	"bytes"
+	"encoding/base64"
 	"fmt"
 	"io"
 	"log/slog"
@@ -12,6 +13,8 @@ import (
 	"path/filepath"
 	"strings"
 	"testing"
+
+	"github.com/skidoodle/safebin/internal/crypto"
 )
 
 func setupTestApp(t *testing.T) (*App, string) {
@@ -176,6 +179,102 @@ func TestIntegration_ChunkedUpload(t *testing.T) {
 	}
 }
 
+func TestIntegration_ChunkedUpload_VerifyEncryption(t *testing.T) {
+	app, storageDir := setupTestApp(t)
+	server := httptest.NewServer(app.Routes())
+	defer server.Close()
+
+	uploadID := "securechunk123"
+	plaintext := []byte("This is a secret message that should be encrypted")
+
+	uploadChunk(t, server.URL, uploadID, 0, plaintext)
+
+	chunkPath := filepath.Join(storageDir, TempDirName, uploadID, "0")
+	encryptedData, err := os.ReadFile(chunkPath)
+	if err != nil {
+		t.Fatalf("Failed to read chunk file: %v", err)
+	}
+
+	if bytes.Contains(encryptedData, plaintext) {
+		t.Fatal("Chunk file contains plaintext data!")
+	}
+
+	if len(encryptedData) <= crypto.KeySize {
+		t.Fatalf("Chunk file too small: %d bytes", len(encryptedData))
+	}
+
+	key := encryptedData[:crypto.KeySize]
+	ciphertext := encryptedData[crypto.KeySize:]
+
+	streamer, err := crypto.NewGCMStreamer(key)
+	if err != nil {
+		t.Fatalf("Failed to create streamer: %v", err)
+	}
+
+	r := bytes.NewReader(ciphertext)
+	d := crypto.NewDecryptor(r, streamer.AEAD, int64(len(ciphertext)))
+
+	decrypted, err := io.ReadAll(d)
+	if err != nil {
+		t.Fatalf("Failed to decrypt chunk: %v", err)
+	}
+
+	if !bytes.Equal(decrypted, plaintext) {
+		t.Errorf("Decrypted data mismatch.\nWant: %s\nGot:  %s", plaintext, decrypted)
+	}
+}
+
+func TestIntegration_Upload_VerifyEncryption(t *testing.T) {
+	app, storageDir := setupTestApp(t)
+	server := httptest.NewServer(app.Routes())
+	defer server.Close()
+
+	plaintext := []byte("Sensitive Data For Full Upload")
+
+	body := &bytes.Buffer{}
+	writer := multipart.NewWriter(body)
+	part, _ := writer.CreateFormFile("file", "secret.txt")
+	part.Write(plaintext)
+	writer.Close()
+
+	req, _ := http.NewRequest("POST", server.URL+"/", body)
+	req.Header.Set("Content-Type", writer.FormDataContentType())
+	resp, err := http.DefaultClient.Do(req)
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer resp.Body.Close()
+
+	respBytes, _ := io.ReadAll(resp.Body)
+	slug := filepath.Base(strings.TrimSpace(string(respBytes)))
+
+	if len(slug) < SlugLength {
+		t.Fatalf("Invalid slug: %s", slug)
+	}
+	keyBase64 := slug[:SlugLength]
+	key, _ := base64.RawURLEncoding.DecodeString(keyBase64)
+	ext := filepath.Ext("secret.txt")
+	id := crypto.GetID(key, ext)
+
+	finalPath := filepath.Join(storageDir, id)
+	finalData, err := os.ReadFile(finalPath)
+	if err != nil {
+		t.Fatalf("Failed to read final file: %v", err)
+	}
+
+	if bytes.Contains(finalData, plaintext) {
+		t.Fatal("Final file contains plaintext!")
+	}
+
+	streamer, _ := crypto.NewGCMStreamer(key)
+	d := crypto.NewDecryptor(bytes.NewReader(finalData), streamer.AEAD, int64(len(finalData)))
+	decrypted, _ := io.ReadAll(d)
+
+	if !bytes.Equal(decrypted, plaintext) {
+		t.Error("Final file decryption failed")
+	}
+}
+
 func uploadChunk(t *testing.T, baseURL, uid string, idx int, data []byte) {
 	body := &bytes.Buffer{}
 	writer := multipart.NewWriter(body)

internal/app/storage.go

@@ -2,6 +2,7 @@ package app
 
 import (
 	"context"
+	"crypto/rand"
 	"encoding/json"
 	"fmt"
 	"io"
@@ -48,15 +49,30 @@ func (app *App) saveChunk(uid string, idx int, src io.Reader) error {
 		}
 	}()
 
-	if _, err := io.Copy(dest, src); err != nil {
-		return fmt.Errorf("copy chunk: %w", err)
+	key := make([]byte, crypto.KeySize)
+	if _, err := rand.Read(key); err != nil {
+		return fmt.Errorf("generate chunk key: %w", err)
+	}
+
+	if _, err := dest.Write(key); err != nil {
+		return fmt.Errorf("write chunk key: %w", err)
+	}
+
+	streamer, err := crypto.NewGCMStreamer(key)
+	if err != nil {
+		return fmt.Errorf("create streamer: %w", err)
+	}
+
+	if err := streamer.EncryptStream(dest, src); err != nil {
+		return fmt.Errorf("encrypt chunk: %w", err)
 	}
 
 	return nil
 }
 
-func (app *App) openChunkFiles(uid string, total int) ([]*os.File, error) {
+func (app *App) getChunkDecryptors(uid string, total int) ([]io.ReadSeeker, func(), error) {
 	files := make([]*os.File, 0, total)
+	decryptors := make([]io.ReadSeeker, 0, total)
 
 	closeAll := func() {
 		for _, f := range files {
@@ -69,12 +85,41 @@ func (app *App) openChunkFiles(uid string, total int) ([]*os.File, error) {
 		f, err := os.Open(partPath)
 		if err != nil {
 			closeAll()
-			return nil, fmt.Errorf("open chunk %d: %w", i, err)
+			return nil, nil, fmt.Errorf("open chunk %d: %w", i, err)
 		}
 		files = append(files, f)
+
+		key := make([]byte, crypto.KeySize)
+		if _, err := io.ReadFull(f, key); err != nil {
+			closeAll()
+			return nil, nil, fmt.Errorf("read chunk key %d: %w", i, err)
+		}
+
+		info, err := f.Stat()
+		if err != nil {
+			closeAll()
+			return nil, nil, fmt.Errorf("stat chunk %d: %w", i, err)
+		}
+
+		bodySize := info.Size() - int64(crypto.KeySize)
+		if bodySize < 0 {
+			closeAll()
+			return nil, nil, fmt.Errorf("invalid chunk size %d", i)
+		}
+
+		bodyReader := io.NewSectionReader(f, int64(crypto.KeySize), bodySize)
+
+		streamer, err := crypto.NewGCMStreamer(key)
+		if err != nil {
+			closeAll()
+			return nil, nil, fmt.Errorf("create streamer %d: %w", i, err)
+		}
+
+		decryptor := crypto.NewDecryptor(bodyReader, streamer.AEAD, bodySize)
+		decryptors = append(decryptors, decryptor)
 	}
 
-	return files, nil
+	return decryptors, closeAll, nil
 }
 
 func (app *App) encryptAndSave(src io.Reader, key []byte, finalPath string) error {

internal/app/storage_test.go

@@ -1,12 +1,16 @@
 package app
 
 import (
+	"bytes"
+	"crypto/rand"
 	"encoding/json"
+	"io"
 	"os"
 	"path/filepath"
 	"testing"
 	"time"
 
+	"github.com/skidoodle/safebin/internal/crypto"
 	"go.etcd.io/bbolt"
 )
 
@@ -131,3 +135,84 @@ func TestCleanup_ExpiredStorage(t *testing.T) {
 		t.Fatalf("DB View failed: %v", err)
 	}
 }
+
+func TestSaveChunk_EncryptsData(t *testing.T) {
+	tmpDir := t.TempDir()
+	app := &App{
+		Conf:   Config{StorageDir: tmpDir},
+		Logger: discardLogger(),
+	}
+
+	uid := "test-encrypt-chunk"
+	plaintext := make([]byte, 1024)
+	if _, err := rand.Read(plaintext); err != nil {
+		t.Fatal(err)
+	}
+
+	if err := app.saveChunk(uid, 0, bytes.NewReader(plaintext)); err != nil {
+		t.Fatalf("saveChunk failed: %v", err)
+	}
+
+	path := filepath.Join(tmpDir, TempDirName, uid, "0")
+	fileData, err := os.ReadFile(path)
+	if err != nil {
+		t.Fatalf("ReadFile failed: %v", err)
+	}
+
+	if bytes.Equal(fileData, plaintext) {
+		t.Fatal("Chunk stored as plaintext!")
+	}
+	if bytes.Contains(fileData, plaintext) {
+		t.Fatal("Chunk contains plaintext!")
+	}
+
+	expectedSize := crypto.KeySize + len(plaintext) + 16
+	if len(fileData) != expectedSize {
+		t.Errorf("Unexpected file size. Want %d, got %d", expectedSize, len(fileData))
+	}
+}
+
+func TestGetChunkDecryptors_RestoresData(t *testing.T) {
+	tmpDir := t.TempDir()
+	app := &App{
+		Conf:   Config{StorageDir: tmpDir},
+		Logger: discardLogger(),
+	}
+
+	uid := "test-restore"
+	data1 := []byte("chunk one data")
+	data2 := []byte("chunk two data")
+
+	if err := app.saveChunk(uid, 0, bytes.NewReader(data1)); err != nil {
+		t.Fatal(err)
+	}
+	if err := app.saveChunk(uid, 1, bytes.NewReader(data2)); err != nil {
+		t.Fatal(err)
+	}
+
+	decryptors, closeFn, err := app.getChunkDecryptors(uid, 2)
+	if err != nil {
+		t.Fatalf("getChunkDecryptors failed: %v", err)
+	}
+	defer closeFn()
+
+	if len(decryptors) != 2 {
+		t.Fatalf("Expected 2 decryptors, got %d", len(decryptors))
+	}
+
+	buf1, err := io.ReadAll(decryptors[0])
+	if err != nil {
+		t.Fatalf("Failed to read decryptor 1: %v", err)
+	}
+	if !bytes.Equal(buf1, data1) {
+		t.Errorf("Chunk 1 mismatch. Want %s, got %s", data1, buf1)
+	}
+
+	buf2, err := io.ReadAll(decryptors[1])
+	if err != nil {
+		t.Fatalf("Failed to read decryptor 2: %v", err)
+	}
+	if !bytes.Equal(buf2, data2) {
+		t.Errorf("Chunk 2 mismatch. Want %s, got %s", data2, buf2)
+	}
+}