fetching encrypted model try-1

krrish-sehgal · Nov 17, 2024 · cba6adb · cba6adb
1 parent 89cafbe
commit cba6adb
Show file tree

Hide file tree

Showing 7 changed files with 113 additions and 9 deletions.
diff --git a/mern-backend/controllers/modelController.js b/mern-backend/controllers/modelController.js
@@ -1,6 +1,29 @@
-const AWS = require("aws-sdk");
-const fs = require("fs");
-const s3 = new AWS.S3();
-const kms = new AWS.KMS();
+const { fetchEncryptedFilesFromS3 } = require("../utils/s3utils");
+// const { decryptDataKey } = require("../utils/kmsUtils");
+// const { decryptFile } = require("../utils/decryptUtils");
 
-exports.getEncryptedModel = (req, res, next) => {};
+/**
+ * Fetch and decrypt all models from S3.
+ */
+exports.getAllEncryptedModels = async (req, res, next) => {
+  try {
+    const modelKey = "antispoofing.onnx"; // The model name you want to fetch
+    fetchEncryptedFilesFromS3(modelKey)
+      .then(({ modelFile, dataKey }) => {
+        console.log("Encrypted model file:", modelFile);
+        console.log("Encrypted data key:", dataKey);
+      })
+      .catch((error) => {
+        console.error("Failed to fetch encrypted model and data key:", error);
+      });
+    res.json({ message: "success" });
+
+    // Step 3: Return all decrypted models as JSON
+    // res.status(200).json({
+    //   models: decryptedModels,
+    // });
+  } catch (error) {
+    console.error("Error fetching and decrypting models:", error);
+    res.status(500).json({ error: "Failed to fetch and decrypt models." });
+  }
+};
diff --git a/mern-backend/routes/api.js b/mern-backend/routes/api.js
@@ -1,8 +1,8 @@
-const express = require('express');
-const { getEncryptedModel } = require('../controllers/modelController');
+const express = require("express");
+const { getAllEncryptedModels } = require("../controllers/modelController.js");
 
 const router = express.Router();
 
-router.get('/get-encrypted-model', getEncryptedModel);
+router.get("/get-encrypted-model", getAllEncryptedModels);
 
-module.exports = router;
+module.exports = router;
diff --git a/mern-backend/utils/decryptUtils.js b/mern-backend/utils/decryptUtils.js
@@ -0,0 +1,25 @@
+const crypto = require("crypto");
+
+/**
+ * Decrypt an encrypted file using AES-256-CBC.
+ * @param {Buffer} encryptedData - Encrypted file content
+ * @param {Buffer} decryptedKey - Decrypted data key
+ * @returns {Buffer} - Returns the decrypted file content
+ */
+const decryptFile = (encryptedData, decryptedKey) => {
+  const algorithm = "aes-256-cbc"; // Ensure this matches your encryption logic
+  const iv = Buffer.alloc(16, 0); // Fixed IV (adjust if you used a different IV setup)
+
+  // Create a decipher instance
+  const decipher = crypto.createDecipheriv(algorithm, decryptedKey, iv);
+
+  // Perform decryption
+  let decrypted = decipher.update(encryptedData);
+  decrypted = Buffer.concat([decrypted, decipher.final()]);
+
+  return decrypted; // Return the decrypted file content
+};
+
+module.exports = {
+  decryptFile,
+};
diff --git a/mern-backend/utils/kmsUtils.js b/mern-backend/utils/kmsUtils.js
@@ -0,0 +1,21 @@
+const AWS = require("aws-sdk");
+const kms = new AWS.KMS();
+
+/**
+ * Decrypt an encrypted data key using AWS KMS.
+ * @param {Buffer} encryptedKey - Encrypted data key as a Buffer
+ * @returns {Promise<Buffer>} - Returns the decrypted plaintext key
+ */
+const decryptDataKey = async (encryptedKey) => {
+  const result = await kms
+    .decrypt({
+      CiphertextBlob: encryptedKey,
+    })
+    .promise();
+
+  return result.Plaintext; // Return the decrypted data key
+};
+
+module.exports = {
+  decryptDataKey,
+};
diff --git a/mern-backend/utils/s3utils.js b/mern-backend/utils/s3utils.js
@@ -0,0 +1,35 @@
+const AWS = require("aws-sdk");
+const s3 = new AWS.S3();
+
+async function fetchEncryptedFilesFromS3(modelKey) {
+  const bucketName = process.env.S3_BUCKET_NAME; // Ensure this is set in your environment
+
+  try {
+    // Fetch the encrypted model file from S3
+    const modelFileParams = {
+      Bucket: bucketName,
+      Key: `${modelKey}.enc`, // Assuming the model file is saved with '.enc' extension
+    };
+
+    const modelFile = await s3.getObject(modelFileParams).promise();
+
+    // Fetch the encrypted data key from S3
+    const dataKeyParams = {
+      Bucket: bucketName,
+      Key: `${modelKey}.dataKey.enc`, // Assuming the data key is saved with '.dataKey.enc' extension
+    };
+
+    const dataKey = await s3.getObject(dataKeyParams).promise();
+
+    // Return both files as buffers
+    return {
+      modelFile: modelFile.Body, // The content of the encrypted model
+      dataKey: dataKey.Body, // The content of the encrypted data key
+    };
+  } catch (error) {
+    console.error("Error fetching files from S3:", error);
+    throw error; // Rethrow the error for the caller to handle
+  }
+}
+
+module.exports = { fetchEncryptedFilesFromS3 };
diff --git a/models/antispoofing.onnx → models/antispofing.onnx b/models/antispoofing.onnx → models/antispofing.onnx
diff --git a/models/antispooofing.onnx b/models/antispooofing.onnx