feat(threads): fully encrypt thread blocks [skip ci]

This is a major thread refactor which improves thread privacy. Previously, only critical bits of info like private keys where encrypted _within_ blocks. With the exception of merge blocks, which contain very little meta data, all thread history is now fully encrypted. This also removes the Envelope wrapper from what is persisted as a "block". Envelope is used only for wire transport, as should have always been the case.
textileio · Oct 22, 2018 · 05a269c · 05a269c
1 parent 623cccb
commit 05a269c
Show file tree

Hide file tree

Showing 19 changed files with 1,116 additions and 1,912 deletions.
diff --git a/core/blocks.go b/core/blocks.go
@@ -2,7 +2,10 @@ package core
 
 import (
 	"errors"
+	"github.com/textileio/textile-go/crypto"
+	"github.com/textileio/textile-go/ipfs"
 	"github.com/textileio/textile-go/repo"
+	"strings"
 )
 
 // GetBlock searches for a local block associated with the given target
@@ -25,3 +28,29 @@ func (t *Textile) GetBlockByDataId(dataId string) (*repo.Block, error) {
 	}
 	return block, nil
 }
+
+// GetBlockData cats file data from ipfs and tries to decrypt it with the provided block
+func (t *Textile) GetBlockData(path string, block *repo.Block) ([]byte, error) {
+	ciphertext, err := ipfs.GetDataAtPath(t.ipfs, path)
+	if err != nil {
+		// size migrations
+		parts := strings.Split(path, "/")
+		if len(parts) > 1 && strings.Contains(err.Error(), "no link named") {
+			switch parts[1] {
+			case "small":
+				parts[1] = "thumb"
+			case "medium":
+				parts[1] = "photo"
+			default:
+				return nil, err
+			}
+			ciphertext, err = ipfs.GetDataAtPath(t.ipfs, strings.Join(parts, "/"))
+			if err != nil {
+				return nil, err
+			}
+		} else {
+			return nil, err
+		}
+	}
+	return crypto.DecryptAES(ciphertext, []byte(block.DataKey))
+}