Scille · vxgmichel · Nov 25, 2024 · Nov 28, 2024 · Nov 28, 2024 · Nov 29, 2024
@@ -63,7 +63,7 @@ jobs:
       TESTBED_SERVER: http://localhost:6777
     services:
       parsec-testbed-server:
-        image: ghcr.io/scille/parsec-cloud/parsec-testbed-server:3.2.1-a.0.dev.20053.312b36d
+        image: ghcr.io/scille/parsec-cloud/parsec-testbed-server:3.2.1-a.0.dev.20056.d8d9e29
         ports:
           - 6777:6777
     steps:

@@ -36,7 +36,7 @@ jobs:
     # https://github.com/Scille/parsec-cloud/pkgs/container/parsec-cloud%2Fparsec-testbed-server
     services:
       parsec-testbed-server:
-        image: ghcr.io/scille/parsec-cloud/parsec-testbed-server:3.2.1-a.0.dev.20053.312b36d
+        image: ghcr.io/scille/parsec-cloud/parsec-testbed-server:3.2.1-a.0.dev.20056.d8d9e29
         ports:
           - 6777:6777
     steps:

@@ -70,6 +70,9 @@ pub async fn main(args: Args) -> anyhow::Result<()> {
             let ctx = step4_device(ctx).await?;
             save_device(ctx, save_mode).await
         }
+        UserOrDeviceClaimInitialCtx::ShamirRecovery(_) => {
+            panic!("Shamir recovery invitation is not supported")
+        }
     }
 }
 

@@ -623,6 +623,13 @@ impl CertificateOps {
         shamir_recovery_list::list_shamir_recoveries_for_others(self).await
     }
 
+    pub async fn get_shamir_recovery_share_data(
+        &self,
+        user_id: UserID,
+    ) -> Result<ShamirRecoveryShareData, CertifListShamirRecoveryError> {
+        shamir_recovery_list::get_shamir_recovery_share_data(self, user_id).await
+    }
+
     pub async fn setup_shamir_recovery(
         &self,
         per_recipient_shares: HashMap<UserID, NonZeroU8>,

@@ -331,3 +331,40 @@ pub async fn list_shamir_recoveries_for_others(
         })
         .await?
 }
+
+pub async fn get_shamir_recovery_share_data(
+    ops: &CertificateOps,
+    user_id: UserID,
+) -> Result<ShamirRecoveryShareData, CertifListShamirRecoveryError> {
+    ops.store
+        .for_read(|store| async move {
+            // TODO: check that the shamir is actually recoverable
+            let certificate = store
+                .get_last_shamir_recovery_share_certificate_for_recipient(
+                    UpTo::Current,
+                    user_id,
+                    ops.device.user_id,
+                )
+                .await?;
+            let certificate = match certificate {
+                Some(certificate) => Ok(certificate),
+                None => Err(CertifListShamirRecoveryError::Internal(anyhow::anyhow!(
+                    "No share data found for user {}",
+                    user_id
+                ))),
+            }?;
+            let author_verify_key = store
+                .get_device_verify_key(UpTo::Current, certificate.author)
+                .await
+                .map_err(|e| CertifListShamirRecoveryError::Internal(e.into()))?;
+            ShamirRecoveryShareData::decrypt_verify_and_load_for(
+                &certificate.ciphered_share,
+                &ops.device.private_key,
+                &author_verify_key,
+                certificate.author,
+                certificate.timestamp,
+            )
+            .map_err(|e| CertifListShamirRecoveryError::Internal(e.into()))
+        })
+        .await?
+}
@@ -53,7 +53,8 @@ use libparsec_platform_async::lock::Mutex as AsyncMutex;
 
 use libparsec_types::prelude::*;
 pub use recovery_device::{
-    import_recovery_device, ClientExportRecoveryDeviceError, ImportRecoveryDeviceError,
+    import_recovery_device, register_new_device, ClientExportRecoveryDeviceError,
+    ImportRecoveryDeviceError,
 };
 
 // Re-exposed for public API
@@ -72,7 +73,8 @@ pub use crate::invite::{
     InvitationEmailSentStatus, InviteListItem, ListInvitationsError as ClientListInvitationsError,
     NewDeviceInvitationError as ClientNewDeviceInvitationError,
     NewShamirRecoveryInvitationError as ClientNewShamirRecoveryInvitationError,
-    NewUserInvitationError as ClientNewUserInvitationError, UserGreetInitialCtx,
+    NewUserInvitationError as ClientNewUserInvitationError, ShamirRecoveryGreetInitialCtx,
+    UserGreetInitialCtx,
 };
 pub use crate::workspace::WorkspaceOps;
 pub use shamir_recovery_delete::ClientDeleteShamirRecoveryError;
@@ -548,6 +550,22 @@ impl Client {
         )
     }
 
+    pub async fn start_shamir_recovery_invitation_greet(
+        &self,
+        token: InvitationToken,
+        claimer: UserID,
+    ) -> Result<ShamirRecoveryGreetInitialCtx, ClientListShamirRecoveryError> {
+        let share_data =
+            shamir_recovery_list::get_shamir_recovery_share_data(self, claimer).await?;
+        Ok(ShamirRecoveryGreetInitialCtx::new(
+            self.device.clone(),
+            self.cmds.clone(),
+            self.event_bus.clone(),
+            token,
+            share_data,
+        ))
+    }
+
     pub async fn get_self_shamir_recovery(
         &self,
     ) -> Result<SelfShamirRecoveryInfo, ClientListShamirRecoveryError> {
@@ -591,4 +609,4 @@ impl Client {
 #[cfg(test)]
 #[path = "../../tests/unit/client/mod.rs"]
 #[allow(clippy::unwrap_used)]
-mod tests;
+pub mod tests;
@@ -175,7 +175,7 @@ impl From<SaveDeviceError> for ImportRecoveryDeviceError {
     }
 }
 
-async fn register_new_device(
+pub async fn register_new_device(
     cmds: &AuthenticatedCmds,
     new_device: &LocalDevice,
     new_device_purpose: DevicePurpose,
@@ -242,7 +242,7 @@ pub(crate) fn generate_new_device_certificates(
 }
 
 #[derive(Debug, thiserror::Error)]
-enum RegisterNewDeviceError {
+pub enum RegisterNewDeviceError {
     #[error("Component has stopped")]
     Stopped,
     #[error("Cannot reach the server")]

@@ -4,6 +4,7 @@ pub use crate::certif::{
     CertifListShamirRecoveryError as ClientListShamirRecoveryError, OtherShamirRecoveryInfo,
     SelfShamirRecoveryInfo,
 };
+use libparsec_types::prelude::*;
 
 use super::Client;
 
@@ -21,3 +22,13 @@ pub async fn list_shamir_recoveries_for_others(
         .list_shamir_recoveries_for_others()
         .await
 }
+
+pub async fn get_shamir_recovery_share_data(
+    client: &Client,
+    user_id: UserID,
+) -> Result<ShamirRecoveryShareData, ClientListShamirRecoveryError> {
+    client
+        .certificates_ops
+        .get_shamir_recovery_share_data(user_id)
+        .await
+}