From acbfa5f41d08bd523e4665bfbbba051f4f3f2c5a Mon Sep 17 00:00:00 2001
From: ni-jessica <jessica_ni@brown.edu>
Date: Tue, 7 Nov 2023 19:35:56 -0500
Subject: [PATCH] build: add libsodium

---
 backend/conanfile.py       |  1 +
 backend/src/CMakeLists.txt |  3 ++-
 frontend/app/handlers.ts   | 48 ++++++++++++++++++++++++++++++--------
 frontend/package.json      |  2 ++
 frontend/yarn.lock         | 26 ++++++++++++++++++++-
 5 files changed, 68 insertions(+), 12 deletions(-)

diff --git a/backend/conanfile.py b/backend/conanfile.py
index 451d8fd..cd2fb46 100644
--- a/backend/conanfile.py
+++ b/backend/conanfile.py
@@ -9,6 +9,7 @@ def requirements(self):
         self.requires("crowcpp-crow/1.0+5")
         self.requires("sqlite3/3.42.0")
         self.requires("catch2/3.4.0")
+        self.requires("libsodium/1.0.18")
 
     def build_requirements(self):
         self.tool_requires("cmake/3.22.6")
diff --git a/backend/src/CMakeLists.txt b/backend/src/CMakeLists.txt
index e9439e0..58eeb9a 100644
--- a/backend/src/CMakeLists.txt
+++ b/backend/src/CMakeLists.txt
@@ -1,9 +1,10 @@
 find_package(Crow REQUIRED)
 find_package(SQLite3 REQUIRED)
+find_package(libsodium REQUIRED)
 
 add_library(src database.cpp password.cpp server.cpp)
 target_link_libraries(src Crow::Crow)
 
 add_executable(server main.cpp)
-target_link_libraries(server Crow::Crow SQLite::SQLite3 src)
+target_link_libraries(server Crow::Crow SQLite::SQLite3 libsodium::libsodium src)
 target_include_directories(server PRIVATE src)
\ No newline at end of file
diff --git a/frontend/app/handlers.ts b/frontend/app/handlers.ts
index 7ad740d..cc2a4df 100644
--- a/frontend/app/handlers.ts
+++ b/frontend/app/handlers.ts
@@ -1,19 +1,47 @@
+import {
+    crypto_pwhash_str,
+    crypto_pwhash_str_verify,
+    crypto_pwhash_OPSLIMIT_INTERACTIVE,
+    crypto_pwhash_MEMLIMIT_INTERACTIVE,
+} from "libsodium-wrappers-sumo";
+
 // Make API call to server to check if password was found in breached dataset
 export const checkSecurity = async (password: string) => {
     try {
-        const response = await fetch("http://localhost:18080/intersection", {
-            method: "POST",
-            mode: "cors",
-            headers: {
-                "Access-Control-Allow-Headers": "*", // cors setting
-                "Content-Type": "application/json"
-            },
-            body: password
-        })
+        // hash the password
+        const passwordHash = crypto_pwhash_str(
+            password,
+            crypto_pwhash_OPSLIMIT_INTERACTIVE,
+            crypto_pwhash_MEMLIMIT_INTERACTIVE
+        );
+        if (!crypto_pwhash_str_verify(passwordHash, password)) {
+            console.log("unable to hash password");
+            return { status: "error" };
+        }
+
+        // TODO: encrypt 
+
+        const response = await fetch(
+            "http://localhost:18080/intersection",
+            {
+                method: "POST",
+                mode: "cors",
+                headers: {
+                    "Access-Control-Allow-Headers": "*", // cors setting
+                    "Content-Type": "application/json",
+                },
+                body: password,
+            }
+        );
         const data = await response.json();
         return data;
     } catch (error) {
         console.error("Error fetching data:", error);
         return { status: "error" };
     }
-};
\ No newline at end of file
+};
+
+// Encrypt password using libsodium's ristretto.
+function encrypt(password: string) {
+    return;
+}
diff --git a/frontend/package.json b/frontend/package.json
index 32f6f9f..d733936 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -13,6 +13,7 @@
         "@emotion/styled": "^11.11.0",
         "@mui/icons-material": "^5.14.12",
         "@mui/material": "^5.14.12",
+        "libsodium-wrappers-sumo": "^0.7.13",
         "next": "^13.5.4",
         "node-fetch": "^2.6.7",
         "react": "^18",
@@ -20,6 +21,7 @@
         "react-password-checklist": "^1.5.0"
     },
     "devDependencies": {
+        "@types/libsodium-wrappers-sumo": "^0.7.8",
         "@types/node": "^20",
         "@types/node-fetch": "^2.6.7",
         "@types/react": "^18",
diff --git a/frontend/yarn.lock b/frontend/yarn.lock
index 03d98ad..1b04601 100644
--- a/frontend/yarn.lock
+++ b/frontend/yarn.lock
@@ -470,6 +470,18 @@
   resolved "https://registry.npmjs.org/@types/json5/-/json5-0.0.29.tgz"
   integrity sha512-dRLjCWHYg4oaA77cxO64oO+7JwCwnIzkZPdrrC71jQmQtlhM556pwKo5bUzqvZndkVbeFLIIi+9TC40JNF5hNQ==
 
+"@types/libsodium-wrappers-sumo@^0.7.8":
+  version "0.7.8"
+  resolved "https://registry.npmjs.org/@types/libsodium-wrappers-sumo/-/libsodium-wrappers-sumo-0.7.8.tgz"
+  integrity sha512-N2+df4MB/A+W0RAcTw7A5oxKgzD+Vh6Ye7lfjWIi5SdTzVLfHPzxUjhwPqHLO5Ev9fv/+VHl+sUaUuTg4fUPqw==
+  dependencies:
+    "@types/libsodium-wrappers" "*"
+
+"@types/libsodium-wrappers@*":
+  version "0.7.13"
+  resolved "https://registry.npmjs.org/@types/libsodium-wrappers/-/libsodium-wrappers-0.7.13.tgz"
+  integrity sha512-KeAKtlObirLJk/na6jHBFEdTDjDfFS6Vcr0eG2FjiHKn3Nw8axJFfIu0Y9TpwaauRldQBj/pZm/MHtK76r6OWg==
+
 "@types/node-fetch@^2.6.7":
   version "2.6.7"
   resolved "https://registry.npmjs.org/@types/node-fetch/-/node-fetch-2.6.7.tgz"
@@ -1995,6 +2007,18 @@ levn@^0.4.1:
     prelude-ls "^1.2.1"
     type-check "~0.4.0"
 
+libsodium-sumo@^0.7.13:
+  version "0.7.13"
+  resolved "https://registry.npmjs.org/libsodium-sumo/-/libsodium-sumo-0.7.13.tgz"
+  integrity sha512-zTGdLu4b9zSNLfovImpBCbdAA4xkpkZbMnSQjP8HShyOutnGjRHmSOKlsylh1okao6QhLiz7nG98EGn+04cZjQ==
+
+libsodium-wrappers-sumo@^0.7.13:
+  version "0.7.13"
+  resolved "https://registry.npmjs.org/libsodium-wrappers-sumo/-/libsodium-wrappers-sumo-0.7.13.tgz"
+  integrity sha512-lz4YdplzDRh6AhnLGF2Dj2IUj94xRN6Bh8T0HLNwzYGwPehQJX6c7iYVrFUPZ3QqxE0bqC+K0IIqqZJYWumwSQ==
+  dependencies:
+    libsodium-sumo "^0.7.13"
+
 lilconfig@^2.0.5, lilconfig@^2.1.0:
   version "2.1.0"
   resolved "https://registry.npmjs.org/lilconfig/-/lilconfig-2.1.0.tgz"
@@ -2409,7 +2433,7 @@ react-is@^18.2.0:
 
 react-password-checklist@^1.5.0:
   version "1.5.0"
-  resolved "https://registry.yarnpkg.com/react-password-checklist/-/react-password-checklist-1.5.0.tgz#b9955f90eeea1924c8e2b9f4d7ab2dc2b73ca28c"
+  resolved "https://registry.npmjs.org/react-password-checklist/-/react-password-checklist-1.5.0.tgz"
   integrity sha512-LjhF6fHZB3Ouv8ijcUvMPmpLoFZ0fjf5q55bXTYXdkj+zJai+u4B8QOaqVU5/VRE9o+rCeI/PvwnWoUir1CIaQ==
 
 react-transition-group@^4.4.5: