From 3649eda7d2026d5913b8dedff182e36920194fa0 Mon Sep 17 00:00:00 2001
From: Collin <collin@lona-development.org>
Date: Fri, 15 Mar 2024 10:45:30 +0000
Subject: [PATCH] Add encryption

---
 JavaScript/Client.js                  | 10 ++++++-
 JavaScript/package.json               |  2 +-
 PHP/Client.php                        |  9 ++++++
 Python/lonadb_client/lonadb_client.py | 43 +++++++++++++++++++--------
 Python/setup.py                       |  5 +++-
 5 files changed, 53 insertions(+), 16 deletions(-)

diff --git a/JavaScript/Client.js b/JavaScript/Client.js
index 9e425ac..272c2d8 100644
--- a/JavaScript/Client.js
+++ b/JavaScript/Client.js
@@ -27,6 +27,15 @@ class LonaDB {
 
         let encryptionKey = crypto.createHash('sha256').update(processID).digest('base64');
 
+        switch(action){
+            case "create_user":
+                data.user.password = await this.encryptPassword(data.user.password, encryptionKey);
+                break;
+            case "check_password":
+                data.checkPass.pass = await this.encryptPassword(data.checkPass.pass, encryptionKey);
+                break;
+        }
+
         let encryptedPassword = await this.encryptPassword(this.password, encryptionKey);
 
         let request = JSON.stringify({
@@ -63,7 +72,6 @@ class LonaDB {
         });
     }
 
-
     encryptPassword(password, key) {
         const iv = crypto.randomBytes(16);
         const cipher = crypto.createCipheriv('aes-256-cbc', Buffer.from(key, 'base64'), iv);
diff --git a/JavaScript/package.json b/JavaScript/package.json
index ef8fd47..6f3f739 100644
--- a/JavaScript/package.json
+++ b/JavaScript/package.json
@@ -1,6 +1,6 @@
 {
   "name": "lonadb-client",
-  "version": "4.5.1",
+  "version": "4.5.2",
   "description": "A client for the LonaDB Prototype",
   "main": "Client.js",
   "scripts": {
diff --git a/PHP/Client.php b/PHP/Client.php
index 69bb2c3..46fae86 100644
--- a/PHP/Client.php
+++ b/PHP/Client.php
@@ -50,6 +50,15 @@ class LonaDB {
     }
 
     $processID = $this->makeid(5);
+
+    switch($action){
+      case "create_user":
+        $data['user']['password'] = $this->encryptPassword($data['user']['password'], $processID);
+        break;
+      case "check_password":
+        $data['checkPass']['pass'] = $this->encryptPassword($data['checkPass']['pass'], $processID);
+        break;
+    }
 		
 		$encryptedPassword = $this->encryptPassword($this->password, $processID);
 
diff --git a/Python/lonadb_client/lonadb_client.py b/Python/lonadb_client/lonadb_client.py
index 0ffdae2..c47a61e 100644
--- a/Python/lonadb_client/lonadb_client.py
+++ b/Python/lonadb_client/lonadb_client.py
@@ -1,5 +1,9 @@
 import json
 import socket
+import random
+import hashlib
+from Crypto.Cipher import AES
+from Crypto.Random import get_random_bytes
 
 class LonaDB:
     def __init__(self, host, port, name, password):
@@ -9,28 +13,41 @@ class LonaDB:
         self.password = password
 
     def make_id(self, length):
-        import random
-        import string
-        return ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(length))
+        characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890abcdefghijklmnopqrstuvwxyz'
+        return ''.join(random.choice(characters) for _ in range(length))
 
-    def send_request(self, action, data):
+    async def send_request(self, action, data):
         process_id = self.make_id(5)
+        encryption_key = hashlib.sha256(process_id.encode()).digest().hex()
+
+        if action == "create_user":
+            data["user"]["password"] = await self.encrypt_password(data["user"]["password"], encryption_key)
+        elif action == "check_password":
+            data["checkPass"]["pass"] = await self.encrypt_password(data["checkPass"]["pass"], encryption_key)
+
+        encrypted_password = await self.encrypt_password(self.password, encryption_key)
+
         request = json.dumps({
-            'action': action,
-            'login': {
-                'name': self.name,
-                'password': self.password
+            "action": action,
+            "login": {
+                "name": self.name,
+                "password": encrypted_password
             },
-            'process': process_id,
+            "process": process_id,
             **data
         })
 
-        with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
-            s.connect((self.host, self.port))
+        with socket.create_connection((self.host, self.port)) as s:
             s.sendall(request.encode())
-            response = s.recv(4096).decode()
+            response = s.recv(1024).decode()
             return json.loads(response)
 
+    async def encrypt_password(self, password, key):
+        iv = get_random_bytes(16)
+        cipher = AES.new(key.encode(), AES.MODE_CBC, iv)
+        encrypted = cipher.encrypt(password.encode())
+        return iv.hex() + ':' + encrypted.hex()
+
     def create_function(self, name, content):
         data = {
             'function': {
@@ -143,4 +160,4 @@ class LonaDB:
 
     def eval(self, func):
         data = {'function': func}
-        return self.send_request('eval', data)
\ No newline at end of file
+        return self.send_request('eval', data)
diff --git a/Python/setup.py b/Python/setup.py
index 9aba59a..7aac52f 100644
--- a/Python/setup.py
+++ b/Python/setup.py
@@ -6,7 +6,7 @@ long_description = (this_directory / "README.md").read_text()
 
 setup(
     name="lonadb-client",
-    version="2.1",
+    version="2.2",
     author="Collin Buchkamer",
     author_email="collin@lona-development.org",
     description="A client library for interacting with LonaDB server",
@@ -27,4 +27,7 @@ setup(
     ],
     keywords="lonadb client database",
     platforms="any",
+    install_requires=[
+        "pycryptodome>=3.10.1"
+    ]
 )