From 4662b05d73a1ec44a63388010a0aa5ea0d6a0916 Mon Sep 17 00:00:00 2001
From: opentrade <info@opentradesolutions.com>
Date: Fri, 9 Apr 2021 18:02:10 +0800
Subject: [PATCH] dec not working yet

---
 Cargo.lock |  1 +
 Cargo.toml |  1 +
 src/lic.rs | 42 ++++++++++++++++++++++++++++++++++++------
 3 files changed, 38 insertions(+), 6 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 83271c5..2553df2 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -624,6 +624,7 @@ dependencies = [
  "lazy_static",
  "mac_address",
  "machine-uid",
+ "rand 0.8.3",
  "reqwest",
  "rocksdb",
  "rust-ini",
diff --git a/Cargo.toml b/Cargo.toml
index 60b39f3..b56b91c 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -24,6 +24,7 @@ machine-uid = "0.2"
 mac_address = "1.1"
 whoami = "0.9"
 base64 = "0.13"
+rand = "0.8"
 
 [build-dependencies]
 hbb_common = { path = "libs/hbb_common" }
diff --git a/src/lic.rs b/src/lic.rs
index 85a2cad..c579dab 100644
--- a/src/lic.rs
+++ b/src/lic.rs
@@ -1,4 +1,12 @@
-use hbb_common::{bail, log, sodiumoxide::crypto::sign, ResultType};
+use hbb_common::{
+    bail, log,
+    sodiumoxide::crypto::{
+        secretbox::{self, Key, Nonce},
+        sign,
+    },
+    ResultType,
+};
+use rand::Rng;
 use serde_derive::{Deserialize, Serialize};
 use std::io::prelude::*;
 use std::path::Path;
@@ -21,6 +29,8 @@ pub struct Post {
     email: String,
     #[serde(default)]
     status: String,
+    #[serde(default)]
+    nonce: usize,
 }
 
 const LICENSE_FILE: &'static str = ".license.txt";
@@ -66,18 +76,27 @@ fn write_lic(lic: &License) {
 }
 
 fn check_email(lic: License, email: String) -> ResultType<bool> {
+    log::info!("Checking email with the server ...");
+    let mut rng = rand::thread_rng();
+    let nonce: usize = rng.gen();
     use reqwest::blocking::Client;
-    let p: Post = Client::new()
+    let resp = Client::new()
         .post("http://rustdesk.com/api/check-email")
         .json(&Post {
             lic,
             email,
+            nonce,
             ..Default::default()
         })
-        .send()?
-        .json()?;
-    if !p.status.is_empty() {
-        bail!("{}", p.status);
+        .send()?;
+    if resp.status().is_success() {
+        let text = base64::decode(resp.text()?)?;
+        let p = dec_data(&text, nonce)?;
+        if !p.status.is_empty() {
+            bail!("{}", p.status);
+        }
+    } else {
+        bail!("Server error: {}", resp.status());
     }
     Ok(true)
 }
@@ -127,5 +146,16 @@ fn dec_lic(s: &str) -> ResultType<License> {
     }
 }
 
+fn dec_data(data: &[u8], n: usize) -> ResultType<Post> {
+    let key = b"\xa94\xb4\xb4\xda\xf82\x96\x8b\xb0\x9d\x04d\"\x94T\xa6\xdb\xf6\xd5i=Y.\xf5\xf5i\xa9\x14\x91\xa7\xa9";
+    let mut nonce = Nonce([0u8; secretbox::NONCEBYTES]);
+    nonce.0[..std::mem::size_of_val(&n)].copy_from_slice(&n.to_le_bytes());
+    let key = secretbox::Key(*key);
+    if let Ok(res) = secretbox::open(&data, &nonce, &key) {
+        return Ok(serde_json::from_slice::<Post>(&res)?);
+    }
+    bail!("Encryption error");
+}
+
 pub const EMAIL_ARG: &'static str =
     "-m, --email=[EMAIL] 'Sets your email address registered with RustDesk'";