corrected shsare

Author: ehsan6sha

Cargo.lock

@@ -74,7 +74,7 @@ name = "encrypted_upload_test"
 path = "examples/encrypted_upload_test.rs"
 
 [workspace.package]
-version = "0.2.12"
+version = "0.2.13"
 edition = "2021"
 license = "MIT OR Apache-2.0"
 repository = "https://github.com/functionland/fula-api"

Cargo.toml

@@ -923,41 +923,45 @@ mod tests {
     #[tokio::test]
     async fn test_bucket_manager_persistence() {
         use tempfile::tempdir;
-        
+
         let temp_dir = tempdir().unwrap();
         let cid_path = temp_dir.path().join("registry.cid");
-        
+
         // Create a shared store that simulates IPFS persistence
         let store = Arc::new(MemoryBlockStore::new());
-        
+
+        // Use a consistent user_id for testing (this matches production flow)
+        let user_id = "user123";
+
         // Create manager with persistence and add buckets
         {
             let manager = BucketManager::with_persistence(Arc::clone(&store), &cid_path);
-            
-            let owner = Owner::new("user123");
-            manager.create_bucket("persist-bucket1".to_string(), owner.clone()).await.unwrap();
-            manager.create_bucket("persist-bucket2".to_string(), owner).await.unwrap();
-            
+
+            let owner = Owner::new(user_id);
+            // Use create_bucket_for_user to match production behavior (per-user bucket isolation)
+            manager.create_bucket_for_user(user_id, "persist-bucket1".to_string(), owner.clone()).await.unwrap();
+            manager.create_bucket_for_user(user_id, "persist-bucket2".to_string(), owner).await.unwrap();
+
             assert_eq!(manager.list_buckets().len(), 2);
-            
+
             // Verify CID file was created
             assert!(cid_path.exists(), "Registry CID file should exist");
         }
-        
+
         // Create a new manager and load the registry
         {
             let manager = BucketManager::with_persistence(Arc::clone(&store), &cid_path);
-            
+
             // Initially empty
             assert_eq!(manager.list_buckets().len(), 0);
-            
+
             // Load from persisted registry
             let loaded_count = manager.load_registry().await.unwrap();
             assert_eq!(loaded_count, 2, "Should load 2 buckets from registry");
-            
-            // Verify buckets are restored
-            assert!(manager.bucket_exists("persist-bucket1"));
-            assert!(manager.bucket_exists("persist-bucket2"));
+
+            // Verify buckets are restored (use user-scoped check to match how they were created)
+            assert!(manager.bucket_exists_for_user(user_id, "persist-bucket1"));
+            assert!(manager.bucket_exists_for_user(user_id, "persist-bucket2"));
             assert_eq!(manager.list_buckets().len(), 2);
         }
     }

crates/fula-core/src/bucket.rs

@@ -1014,4 +1014,162 @@ mod tests {
         assert_eq!(binding.content_hash, "hash");
         assert_eq!(binding.size, 512);
     }
+
+    /// Test that simulates the exact FxFiles → Web UI share flow:
+    /// 1. Generate random bytes (like Dart's X25519().newKeyPair().extractPrivateKeyBytes())
+    /// 2. Create public key from those bytes (Rust derives public key)
+    /// 3. Create share token with that public key
+    /// 4. Serialize to JSON, transmit, deserialize (simulating URL transmission)
+    /// 5. Accept share using SecretKey from same bytes
+    /// 6. Verify DEK matches
+    /// 7. Use DEK to decrypt test content
+    #[test]
+    fn test_fxfiles_to_webui_share_flow() {
+        use crate::symmetric::{Aead, Nonce};
+
+        // === STEP 1: FxFiles side - generate disposable keypair ===
+        // This simulates: final x25519 = X25519(); final keyPair = await x25519.newKeyPair();
+        let mut disposable_secret_bytes = [0u8; 32];
+        rand::RngCore::fill_bytes(&mut rand::rngs::OsRng, &mut disposable_secret_bytes);
+
+        // === STEP 2: Create SecretKey and derive PublicKey ===
+        // This simulates: final publicKeyBytes = Uint8List.fromList(publicKeyData.bytes);
+        let disposable_secret = SecretKey::from_bytes(&disposable_secret_bytes).unwrap();
+        let disposable_public = disposable_secret.public_key();
+
+        println!("Disposable secret key: {:?}", hex::encode(&disposable_secret_bytes));
+        println!("Derived public key: {:?}", hex::encode(disposable_public.as_bytes()));
+
+        // === STEP 3: Owner creates share token ===
+        // Original file was encrypted with this DEK
+        let owner_keypair = KekKeyPair::generate();
+        let original_dek = DekKey::generate();
+
+        // Encrypt some test content
+        let plaintext = b"This is a test JPEG file. Should start with FF D8 FF in real case.";
+        let nonce = Nonce::generate();
+        let aead = Aead::new_default(&original_dek);
+        let ciphertext = aead.encrypt(&nonce, plaintext).unwrap();
+
+        // Create share token with disposable public key
+        let token = ShareBuilder::new(&owner_keypair, &disposable_public, &original_dek)
+            .path_scope("/test/file.jpg")
+            .build()
+            .unwrap();
+
+        // === STEP 4: Serialize token for transmission ===
+        // This simulates: base64Encode(jsonEncode(token))
+        let token_json = serde_json::to_string(&token).unwrap();
+        println!("Share token JSON length: {}", token_json.len());
+
+        // === STEP 5: Web UI side - deserialize token ===
+        // This simulates: jsonDecode(base64Decode(payload.t))
+        let received_token: ShareToken = serde_json::from_str(&token_json).unwrap();
+
+        // === STEP 6: Web UI creates SecretKey from URL's sk bytes ===
+        // This simulates: createEncryptedClient({ secretKey: base64Decode(payload.sk) })
+        let web_secret = SecretKey::from_bytes(&disposable_secret_bytes).unwrap();
+        let web_derived_public = web_secret.public_key();
+
+        println!("Web derived public key: {:?}", hex::encode(web_derived_public.as_bytes()));
+
+        // CRITICAL CHECK: The derived public key must match!
+        assert_eq!(
+            disposable_public.as_bytes(),
+            web_derived_public.as_bytes(),
+            "Public key derived on web side must match the one used for token creation"
+        );
+
+        // === STEP 7: Accept the share ===
+        let recipient = ShareRecipient::from_secret_key(web_secret);
+        let accepted = recipient.accept_share(&received_token).unwrap();
+
+        println!("Original DEK first 4 bytes: {:02x}{:02x}{:02x}{:02x}",
+            original_dek.as_bytes()[0], original_dek.as_bytes()[1],
+            original_dek.as_bytes()[2], original_dek.as_bytes()[3]);
+        println!("Accepted DEK first 4 bytes: {:02x}{:02x}{:02x}{:02x}",
+            accepted.dek.as_bytes()[0], accepted.dek.as_bytes()[1],
+            accepted.dek.as_bytes()[2], accepted.dek.as_bytes()[3]);
+
+        // CRITICAL CHECK: DEK must match!
+        assert_eq!(
+            original_dek.as_bytes(),
+            accepted.dek.as_bytes(),
+            "Decrypted DEK must match the original DEK"
+        );
+
+        // === STEP 8: Decrypt the content ===
+        let recipient_aead = Aead::new_default(&accepted.dek);
+        let decrypted = recipient_aead.decrypt(&nonce, &ciphertext).unwrap();
+
+        assert_eq!(
+            plaintext.as_slice(),
+            decrypted.as_slice(),
+            "Decrypted content must match original plaintext"
+        );
+
+        println!("SUCCESS: Full share flow works correctly!");
+    }
+
+    /// Test share with SecretKey bytes that look like what Dart might produce
+    /// (testing various edge cases in key format)
+    #[test]
+    fn test_share_with_various_key_formats() {
+        // Test with bytes that have various patterns
+        let test_cases: Vec<[u8; 32]> = vec![
+            // All zeros (will be clamped)
+            [0u8; 32],
+            // All ones (will be clamped)
+            [0xFFu8; 32],
+            // Sequential bytes
+            {
+                let mut arr = [0u8; 32];
+                for (i, b) in arr.iter_mut().enumerate() {
+                    *b = i as u8;
+                }
+                arr
+            },
+            // Random bytes (typical case)
+            {
+                let mut arr = [0u8; 32];
+                rand::RngCore::fill_bytes(&mut rand::rngs::OsRng, &mut arr);
+                arr
+            },
+        ];
+
+        for (i, secret_bytes) in test_cases.iter().enumerate() {
+            println!("\n=== Test case {} ===", i);
+
+            let owner = KekKeyPair::generate();
+            let dek = DekKey::generate();
+
+            // Create disposable keypair from raw bytes
+            let disposable_secret = SecretKey::from_bytes(secret_bytes).unwrap();
+            let disposable_public = disposable_secret.public_key();
+
+            // Create share token
+            let token = ShareBuilder::new(&owner, &disposable_public, &dek)
+                .path_scope("/test")
+                .build()
+                .unwrap();
+
+            // Serialize and deserialize (round-trip)
+            let json = serde_json::to_string(&token).unwrap();
+            let restored_token: ShareToken = serde_json::from_str(&json).unwrap();
+
+            // Accept share using same secret bytes
+            let recipient_secret = SecretKey::from_bytes(secret_bytes).unwrap();
+            let recipient = ShareRecipient::from_secret_key(recipient_secret);
+            let accepted = recipient.accept_share(&restored_token).unwrap();
+
+            // DEK must match
+            assert_eq!(
+                dek.as_bytes(),
+                accepted.dek.as_bytes(),
+                "Test case {}: DEK mismatch", i
+            );
+
+            println!("Test case {}: PASSED", i);
+        }
+    }
 }

crates/fula-crypto/src/sharing.rs

@@ -163,6 +163,48 @@ pub async fn get_public_key(client: &EncryptedClientHandle) -> Vec<u8> {
     guard.encryption_config().public_key().as_bytes().to_vec()
 }
 
+/// Derive X25519 public key from private key bytes
+///
+/// **IMPORTANT**: Use this function instead of Dart's X25519 public key derivation
+/// to ensure compatibility between Flutter and Web/WASM clients.
+///
+/// This ensures that both FxFiles and Web UI derive the exact same public key
+/// from the same private key bytes, avoiding cryptographic mismatches.
+///
+/// # Arguments
+/// * `secret_key_bytes` - 32-byte X25519 private key (raw bytes, not clamped)
+///
+/// # Returns
+/// * `Ok(Vec<u8>)` - 32-byte X25519 public key
+/// * `Err` - If secret_key_bytes is not exactly 32 bytes
+///
+/// # Example
+/// ```dart
+/// // In Flutter/Dart, generate random 32 bytes:
+/// final secretKeyBytes = Uint8List(32);
+/// Random.secure().nextBytes(secretKeyBytes);
+///
+/// // Derive public key using Rust (ensures cross-platform compatibility):
+/// final publicKeyBytes = await derivePublicKeyFromSecret(secretKeyBytes);
+///
+/// // Now use publicKeyBytes for createShareToken
+/// // and secretKeyBytes in the share URL
+/// ```
+pub fn derive_public_key_from_secret(secret_key_bytes: Vec<u8>) -> anyhow::Result<Vec<u8>> {
+    if secret_key_bytes.len() != 32 {
+        anyhow::bail!("Secret key must be exactly 32 bytes, got {}", secret_key_bytes.len());
+    }
+
+    let mut arr = [0u8; 32];
+    arr.copy_from_slice(&secret_key_bytes);
+
+    let secret = fula_crypto::SecretKey::from_bytes(&arr)
+        .map_err(|e| anyhow::anyhow!("Invalid secret key: {}", e))?;
+    let public = secret.public_key();
+
+    Ok(public.as_bytes().to_vec())
+}
+
 /// Check if client uses FlatNamespace mode
 pub async fn is_flat_namespace(client: &EncryptedClientHandle) -> bool {
     let guard = client.inner.read().await;

crates/fula-flutter/src/api/encrypted.rs

@@ -467,6 +467,34 @@ pub fn derive_key(context: &str, input: &[u8]) -> Vec<u8> {
     fula_crypto::hashing::derive_key(context, input).as_bytes().to_vec()
 }
 
+/// Derive X25519 public key from private key bytes
+///
+/// **IMPORTANT**: Use this function to ensure compatibility between
+/// Flutter/Native and Web/WASM clients when sharing files.
+///
+/// This ensures both sender and receiver derive the exact same public key
+/// from the same private key bytes, avoiding cryptographic mismatches.
+///
+/// @param secretKeyBytes - 32-byte X25519 private key (Uint8Array)
+/// @returns 32-byte X25519 public key (Uint8Array)
+#[wasm_bindgen(js_name = derivePublicKeyFromSecret)]
+pub fn derive_public_key_from_secret(secret_key_bytes: &[u8]) -> Result<Vec<u8>, JsError> {
+    if secret_key_bytes.len() != 32 {
+        return Err(JsError::new(&format!(
+            "Secret key must be exactly 32 bytes, got {}", secret_key_bytes.len()
+        )));
+    }
+
+    let mut arr = [0u8; 32];
+    arr.copy_from_slice(secret_key_bytes);
+
+    let secret = fula_crypto::SecretKey::from_bytes(&arr)
+        .map_err(|e| JsError::new(&format!("Invalid secret key: {}", e)))?;
+    let public = secret.public_key();
+
+    Ok(public.as_bytes().to_vec())
+}
+
 // ============================================================================
 // Sharing
 // ============================================================================