rxome-generator 0.1.0

package/lib/rxome-api-demo.js

@@ -0,0 +1,56 @@
+const CRYPT_PRIVATE_KEY = `
+-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+xYYEY0gdfxYJKwYBBAHaRw8BAQdAYqNejQxT4gE+w2nwBvP+pe19P152F6LV
+8sqM/Qhut2D+CQMIlk6wdgn1LOXgt14o00FVGL49l+pQB8umf27PPnWrJ9IS
+IElQjaCsRYA3ZD/rnDUZiBGVS9++PaegYL339QT2bDp8l6VVtvcxG77svZ2n
+a80Xcnh0ZXN0IDxpbmZvQHJ4b21lLm5ldD7CjAQQFgoAHQUCY0gdfwQLCQcI
+AxUICgQWAAIBAhkBAhsDAh4BACEJEGvtGF4xeK/wFiEEP1IE7WS9w5iQJRD8
+a+0YXjF4r/CW7AD7BlIn1BHx8kOdyrt6E0L1EKIUi88Q3jQghmvlQomsIzIB
+AKW3e7gYkQJufFTlTWmD5dYmP4v3DfAGvkmFljOvHfwGx4sEY0gdfxIKKwYB
+BAGXVQEFAQEHQNBoBiWwb9t6WCMulp6/opgVJ88iKOY9MpAoZ5dyEbJwAwEI
+B/4JAwhZhPonkWKqteBKH35kf07JpJVMX8LWmZCqdFqXw8tmsU81LtCxVRl8
+exJ0vJor/6LmBUnzMrVSG3S0PCVLw0hAfCH4nN9HxT5gEc1mFFfSwngEGBYI
+AAkFAmNIHX8CGwwAIQkQa+0YXjF4r/AWIQQ/UgTtZL3DmJAlEPxr7RheMXiv
+8FlgAP9S+Oc82N6iSA4gj9hOt6dz7E4YE/3XGf+7uVQb3xVYSQD6A4X+cisS
+fqCVd5bPCMqAQQHjHgGBQawPK/PXyk9JxQQ=
+=idJc
+-----END PGP PRIVATE KEY BLOCK-----
+`
+
+const CRYPT_PUBLIC_KEY = `
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+xjMEY0gdfxYJKwYBBAHaRw8BAQdAYqNejQxT4gE+w2nwBvP+pe19P152F6LV
+8sqM/Qhut2DNF3J4dGVzdCA8aW5mb0ByeG9tZS5uZXQ+wowEEBYKAB0FAmNI
+HX8ECwkHCAMVCAoEFgACAQIZAQIbAwIeAQAhCRBr7RheMXiv8BYhBD9SBO1k
+vcOYkCUQ/GvtGF4xeK/wluwA+wZSJ9QR8fJDncq7ehNC9RCiFIvPEN40IIZr
+5UKJrCMyAQClt3u4GJECbnxU5U1pg+XWJj+L9w3wBr5JhZYzrx38Bs44BGNI
+HX8SCisGAQQBl1UBBQEBB0DQaAYlsG/belgjLpaev6KYFSfPIijmPTKQKGeX
+chGycAMBCAfCeAQYFggACQUCY0gdfwIbDAAhCRBr7RheMXiv8BYhBD9SBO1k
+vcOYkCUQ/GvtGF4xeK/wWWAA/1L45zzY3qJIDiCP2E63p3PsThgT/dcZ/7u5
+VBvfFVhJAPoDhf5yKxJ+oJV3ls8IyoBBAeMeAYFBrA8r89fKT0nFBA==
+=odkw
+-----END PGP PUBLIC KEY BLOCK-----
+`
+
+const R_ID = 'rxome';
+const R_PRIVATE_KEY = 'NamaTB+xwDFxtkQyBBkjRr5GEaXNtCw/G4qydnhQk5Y=';
+const R_PUBLIC_KEY  = 'XvbhLWKbA1wfKsx3B7FKQuDQsZTZ/dMXWiD1MehBxZg=';
+
+const J_ID = 'rxomej'
+const J_PRIVATE_KEY = 'QhcoRruGBVP39XCh8BujCE+q42qCRy/tu2CQ4YmRBgg=';
+const J_PUBLIC_KEY = 'XL/i8jrJC55AdOV3zYHIIa095De5eYbDqWDPDW2r8tk=';
+
+const DEMO_CREDENTIALS = {
+  id: R_ID,
+  user: 'test@rxome.net',
+  key: R_PRIVATE_KEY
+}
+
+exports.CRYPT_PRIVATE_KEY = CRYPT_PRIVATE_KEY;
+exports.CRYPT_PUBLIC_KEY  = CRYPT_PUBLIC_KEY; 
+exports.DEMO_API_PRIVATE_KEY = R_PRIVATE_KEY;
+exports.DEMO_API_PUBLIC_KEY  = R_PUBLIC_KEY; 
+exports.DEMO_API_ID = R_ID;
+exports.DEMO_CREDENTIALS = DEMO_CREDENTIALS;

package/lib/rxome-api.js

@@ -0,0 +1,119 @@
+const Axios = require( 'axios' );
+const ED = require( 'noble-ed25519' );
+const Protobuf = require('protobufjs');
+//const BASE64 = require('@protobufjs/base64')
+
+const API = 'https://www.rxome.net';
+const TESTAPI = 'https://testapi.gene-talk.de';
+const APIENTRY = 'api/v1';
+const VSTR = 'API1.0'
+exports.API = API;
+exports.TESTAPI = TESTAPI;
+exports.APIENTRY = APIENTRY;
+exports.VSTR = VSTR;
+
+/************************************************************************************
+ * Helper functions
+ ************************************************************************************/
+
+// have issues:
+const base64ToBufferVintage = data => atob(data.toString());
+//const bufferToBase64 = data => Buffer.from(data).toString('base64');
+ 
+const unpack = (arr) => Uint8Array.from( arr.map( c => c.charCodeAt(0) ));
+ 
+let readSigKey = name => { console.log("Error: not supported") }
+
+const base64ToBuffer = enc => {
+  const len = Protobuf.util.base64.length(enc);
+  let buf = new Protobuf.util.Array( len );
+  Protobuf.util.base64.decode(enc, buf, 0);
+  return buf;
+}
+
+const bufferToBase64 = buf => {
+  return Protobuf.util.base64.encode(buf, 0, buf.length);
+}
+
+exports.base64ToBuffer = base64ToBuffer;
+exports.bufferToBase64 = bufferToBase64;
+exports.unpack = unpack;
+
+
+/************************************************************************************
+ * Functions for node.js only
+ ************************************************************************************/
+
+ try {
+  const FS = require( 'fs' );
+  
+  readSigKey = name => {
+    if (!FS.existsSync( name )) {
+      throw 'Key file not found!';
+    }
+    return FS.readFileSync( name ).slice(0,44);
+  }
+
+  exports.generateApiKeys = async (name = 'rxome', dir = '.') => {
+    const privateKey = ED.utils.randomPrivateKey();
+    const publicKey = await ED.getPublicKey(privateKey);
+    await Promise.all([
+      FS.writeFile( `${dir}/${name}.private.apikey`, bufferToBase64( privateKey ), { mode: 0o600 }, err => { if (err) throw err; } ),
+      FS.writeFile( `${dir}/${name}.public.apikey`, bufferToBase64( publicKey ), { mode: 0o600 }, err => { if (err) throw err; } )
+    ]);
+  }
+
+}
+catch (e) {
+ if (e instanceof Error && e.code !== "MODULE_NOT_FOUND") {
+   throw e;
+ }
+}
+
+/************************************************************************************/
+
+exports.signData = async( keyId, user, keyB64, created, debug = false ) => {
+  const message = `x-date: ${created}\nx-rxome-user: ${user}`
+  const messageUi8 = unpack( Array.from(message) );
+
+  const key = unpack( [...base64ToBufferVintage(keyB64)] );
+  debug && console.log('Base 64 key: ', keyB64);
+  debug && console.log('Binary key: ', key, " Key length: ", key.length);
+
+  const signature = await ED.sign( messageUi8, key);
+  const sigB64 = bufferToBase64( signature );
+  const auth=`Signature keyId=\"${keyId}\",algorithm=\"ed25519\",headers=\"x-date x-rxome-user\",signature=\"${sigB64}\",created=\"${created}\"`
+  debug && console.log('Auth string: ', auth);
+
+  return auth;
+}
+
+
+exports.fetchData = async ( url, credentials, pseudonym = '', debug = false ) => {
+  debug && console.log( 'Fetching from', url )
+
+  const created = Date.now();
+  const keyId = credentials.keyId || "rxome";
+  const user = credentials.user || `${keyId}@rxome.net`;
+  const keyB64 = credentials.key || readSigKey( process.cwd()+'/'+credentials.keyFile );
+
+  auth = await exports.signData( keyId, user, keyB64, created, debug );
+
+  return Axios({
+                url: url,
+                method: 'GET',
+                params: { 
+                  pslab: !!pseudonym.trim() 
+                },
+                headers: {		
+                  Authorization: auth,
+                  'x-date': created,
+                  'x-rxome-user': user
+                },
+                timeout: 5000
+          })
+          .then(res => {
+            debug && console.log( "Result Data= ", res.data )
+            return res.data
+          })
+}

package/lib/rxome-api.test.js

@@ -0,0 +1,22 @@
+const RxAPI = require('./rxome-api');
+const FS = require('fs');
+const ED = require( 'noble-ed25519' );
+
+describe('API access', () => {
+  test.skip('generates valid API access keys', async () => {
+    await RxAPI.generateApiKeys( 'jesttest' );
+    expect( FS.existsSync('jesttest.private.apikey') ).toBe( true );
+    expect( FS.existsSync('jesttest.public.apikey') ).toBe( true );
+    expect( FS.statSync('jesttest.private.apikey').size - 44 ).toBeLessThan( 2 );
+    expect( FS.statSync('jesttest.public.apikey').size - 44 ).toBeLessThan( 2 );
+
+    const message='Answer to life the universe and everything';
+    const messageUi8 = RxAPI.unpack(Array.from(message));
+    const privKey = RxAPI.unpack([...RxAPI.base64ToBuffer( FS.readFileSync('jesttest.private.apikey'))])
+    const pubKey = RxAPI.unpack([...RxAPI.base64ToBuffer( FS.readFileSync('jesttest.public.apikey'))])
+    const signature = await ED.sign(messageUi8, privKey);
+    const isValid = await ED.verify(signature, messageUi8, pubKey);
+    expect( isValid ).toBeTruthy;
+  });
+
+});

package/lib/rxome-generator.js

@@ -0,0 +1,349 @@
+// https://openpgpjs.org/
+const PGP = require( 'openpgp' );
+
+// https://github.com/soldair/node-qrcode
+const QRCode = require( 'qrcode' );
+
+const jsonKeyConverter = require('json-key-converter');
+const Protobuf = require('protobufjs');
+const PhenoPacketDescriptor = require("./phenopackets.json");
+
+//const { constants } = require('buffer');
+
+const RxAPI= require('./rxome-api');
+
+const apiVer = '1.0';
+const RXAPI = RxAPI.API;
+const RXTESTAPI = RxAPI.TESTAPI;
+const APIENTRY = RxAPI.APIENTRY;
+
+const PASSPHRASE = 'n0thin6r3@11ym@773r5';
+
+// const ProtoBufRoot = await Protobuf.load('assets/scripts/modules/phenopackets/schema/v2/phenopackets.proto');
+const ProtoBufRoot = Protobuf.Root.fromJSON( PhenoPacketDescriptor );
+const PhenoPacket = ProtoBufRoot.lookupType('org.phenopackets.schema.v2.Phenopacket')
+
+const ENUM_SEX = ['UNKNOWN', 'FEMALE', 'MALE', 'OTHER']
+exports.ENUM_SEX = ENUM_SEX;
+
+const ENUM_PROG_STATE = ['UNKNOWN_PROGRESS', 'IN_PROGRESS', 'COMPLETED', 'SOLVED', 'UNSOLVED']
+exports.ENUM_PROG_STATE = ENUM_PROG_STATE;
+
+const ENUM_ACMG = 
+  ['NOT_PROVIDED', 'BENIGN', 'LIKELY_BENIGN', 'UNCERTAIN_SIGNIFICANCE', 'LIKELY_PATHOGENIC', 'PATHOGENIC'];
+
+exports.ENUM_ACMG = ENUM_ACMG;
+
+
+/************************************************************************************
+ * Functions for node.js only
+ ************************************************************************************/
+
+try {
+  const FS = require( 'fs/promises' );
+  const { version } = require('os');
+  
+  exports.generateRxomeKeyFiles = async (name = 'rxome', dir = '.') => {
+    const { privateKey, publicKey } = await exports.generateRxomeKeys( name );
+    await Promise.all([
+      FS.writeFile(`${dir}/${name}.private.key`, privateKey, { mode: 0o600 }, err => { console.log(err); }),
+      FS.writeFile(`${dir}/${name}.public.key`, publicKey, { mode: 0o600 }, function (err) { console.log(err); })
+    ]);
+  }
+ 
+  exports.writeQR = async ( filename, data, api = RXAPI, apiEntry = APIENTRY ) => {
+    const {qrData, pseudonym} = await exports.prepareQR( data, api, apiEntry );
+    //const base64Data = qr_code.replace(/^data:image\/png;base64,/, "");
+    //FS.writeFile(filename, base64Data, 'base64', (err) => {console.log(err)} );
+    QRCode.toFile( filename, qrData, { type: 'png'} )
+    return pseudonym
+  }
+}
+
+catch (e) {
+  if (e instanceof Error && e.code !== "MODULE_NOT_FOUND") {
+    throw e;
+  }
+}
+
+/************************************************************************************/
+
+
+exports.generateRxomeKeys = async (name = 'rxome') => {
+  return { privateKey, publicKey, revocationCertificate } = await PGP.generateKey({
+    type: 'ecc',
+    curve: 'curve25519',
+    //type: 'rsa',
+    //rsaBits: 2048,
+    userIDs: [{ name: name, email: 'info@rxome.net' }],
+    passphrase: PASSPHRASE,
+    format: 'armored'
+  });
+}
+
+
+exports.fetchKey = async ( credentials, pseudonym = '', api = RXAPI, debug = false, apiEntry = APIENTRY ) => {
+  const result = await RxAPI.fetchData( `${api}/${apiEntry}/getpseudonym`, credentials, pseudonym, debug )
+  if ( !result.pseudonym )
+    result.pseudonym = pseudonym;
+  return result;
+}
+/* 
+  yields: { key: PGP_key, version: ..., pseudonym: ... }
+*/
+ 
+ 
+exports.fetchDemoPrivateKey = async ( credentials, api=RXTESTAPI, debug = false, apiEntry = APIENTRY ) => 
+  await RxAPI.fetchData( `${api}/${apiEntry}/getprivatedemokey`, credentials, '', debug )
+
+/* 
+   yields: { private_key: PGP_key } 
+*/
+
+exports.fetchRxomeKey = async ( credentials, api = RXAPI, debug = false, apiEntry = APIENTRY ) => 
+  await RxAPI.fetchData( `${api}/${apiEntry}/getrxomekey`, credentials, '', debug )
+
+/* 
+   yields: { key: PGP_key, version: ... } 
+*/
+exports.convert_to_snake_case = data => jsonKeyConverter.convert( data, { camel: false } );
+
+exports.convertToCamelCase = data => jsonKeyConverter.convert( data, { camel: true } );
+
+exports.compressPhenoPacket = ( data ) => {
+  const compressedData = {
+    ...data,
+  };  
+  if ( data.phenotypicFeatures ) {
+    compressedData.compressedFeatures = {
+      includes: data.phenotypicFeatures.filter( feat => feat.excluded === undefined  || feat.excluded === false || feat.excluded === 'false' ).map( feat => feat.type.id ),
+      excludes: data.phenotypicFeatures.filter( feat => feat.excluded === true || feat.excluded === 'true' ).map( feat => feat.type.id )
+    }
+  }
+  delete compressedData.phenotypicFeatures;
+  return compressedData;
+}
+
+
+exports.sanitizeSex = ( str ) =>
+  isNaN(+(str.toString()))
+  ? Math.max(0, ENUM_SEX.indexOf(str.toUpperCase().replace('_SEX', '')))
+  : +str;
+
+
+exports.sanitizeProgState = ( str ) =>
+  isNaN(+(str.toString()))
+  ? Math.max(0, ENUM_PROG_STATE.indexOf(str.toUpperCase()))
+  : +str;
+
+
+exports.sanitizeACMG = ( str ) =>
+  isNaN(+(str.toString()))
+  ? Math.max(0, ENUM_ACMG.indexOf(str.toUpperCase()))
+  : +str
+
+
+exports.whiteListPhenoPacket = ( data ) => {
+  res = {};
+  data.id  && (res.id = data.id);
+  data.comment  && (res.comment = data.comment);
+  data.subject  && (res.subject = data.subject);
+  data.phenotypicFeatures  && (res.phenotypicFeatures = data.phenotypicFeatures);
+  data.compressedFeatures  && (res.compressedFeatures = data.compressedFeatures);
+  data.interpretations  && (res.interpretations = data.interpretations);
+  data.diagnosis  && (res.diagnosis = data.diagnosis);
+  data.metaData && (res.metaData = data.metaData);
+  data.credentials && (res.credentials = data.credentials);
+  return res;
+}
+
+
+exports.sanitizePhenoPacket = ( data, key = '' ) => {
+  if ( data instanceof Object ) {
+    if (Array.isArray( data )) {
+      return data.map( x => exports.sanitizePhenoPacket(x));
+    } else {
+      let obj={};
+      for ( let k in data ) { 
+        obj[k] = exports.sanitizePhenoPacket( data[k], k );
+      }
+      return obj;
+    }
+  } else {
+    switch( key ){
+      case 'sex':
+        return exports.sanitizeSex( data );
+      case 'progressStatus':
+        return exports.sanitizeProgState( data );
+      case 'acmgPathogenicityClassification':
+        return exports.sanitizeACMG( data );
+      default: 
+        return data;
+    }
+  }
+}
+
+
+exports.verifyPhenoPacket = (data) => (
+  PhenoPacket.verify( data )
+)
+
+
+exports.encodePhenoPacket = (data) => (
+  PhenoPacket.encode( data ).finish()
+)
+
+
+exports.decodePhenoPacket = (data) => (
+  PhenoPacket.decode( data )
+)
+
+
+exports.encode_serial = async (publicKeyStr, message) => {
+  const publicKey = await PGP.readKey({ armoredKey: publicKeyStr });
+  const encrypted = await PGP.encrypt({
+    message: await PGP.createMessage({ text: message }),
+    encryptionKeys: publicKey,
+    //format: 'binary',
+    //signingKeys: privateKey
+  });
+  return encrypted;
+}
+
+
+exports.encode = async (publicKeyStr, message, binary = false) => {
+  return await Promise.all([
+    PGP.readKey({ armoredKey: publicKeyStr }),
+    PGP.createMessage( (binary 
+                        ? { binary: message, format: 'binary' }
+                        : { text: message }) )
+  ]).then( async ([publicKey, message]) => {
+    const encrypted = await PGP.encrypt({
+      message: message,
+      encryptionKeys: publicKey,
+      format: (binary ? 'binary' : 'armored'),
+      //        signingKeys: privateKey
+    });
+    return encrypted;
+  }
+  )
+}
+
+
+exports.decode_serial = async (privateKeyStr, encrypted) => {
+  const privateKey = await PGP.readPrivateKey( { armoredKey: privateKeyStr } );
+  const privateKeyDecr = await PGP.decryptKey({
+    privateKey: privateKey,
+    passphrase: PASSPHRASE
+  });
+  const message = await PGP.readMessage({
+    armoredMessage: encrypted
+  });
+  const { data: decrypted, signatures } = await PGP.decrypt({
+    message,
+    decryptionKeys: privateKeyDecr
+  });
+  return decrypted;
+}
+
+
+exports.decode = async (privateKeyStr, encrypted, binary = false) => {
+  return await Promise.all([
+    PGP.readPrivateKey({ armoredKey: privateKeyStr })
+    .then( (privateKey) => {
+      return PGP.decryptKey({
+        privateKey: privateKey,
+        passphrase: PASSPHRASE 
+      })
+    }),
+    PGP.readMessage( (binary 
+                      ? {binaryMessage: encrypted}
+                      : {armoredMessage: encrypted} )
+    )
+  ]).then( async ([ privateKeyDecr, message]) => {
+    const { data: decrypted, signatures } = await PGP.decrypt({
+      message,
+      //verificationKeys: publicKey, // optional
+      decryptionKeys: privateKeyDecr,
+      format: (binary ? 'binary' : 'utf8')
+    });
+    // check signature validity (signed messages only)
+    //      try {
+    //        await signatures[0].verified; // throws on invalid signature
+    //        console.log('Signature is valid');
+    //      } catch (e) {
+    //        throw new Error('Signature could not be verified: ' + e.message);
+    //      }
+    return decrypted;
+  })
+}
+
+
+exports.prepareQR = async ( data, api = RXAPI, apiEntry = APIENTRY ) => {
+  const { metaData, credentials, ...medical } = data;
+
+  const whiteListMedical  = exports.whiteListPhenoPacket( medical );
+  const sanitizedMedical  = exports.sanitizePhenoPacket( whiteListMedical );
+  const compressedMedical = exports.compressPhenoPacket( sanitizedMedical );
+  const protobufMedical   = exports.encodePhenoPacket( compressedMedical );
+  const base64Medical     = RxAPI.bufferToBase64(protobufMedical);
+
+  const key = await this.fetchKey( credentials, metaData.pseudonym || '', api, false, apiEntry );
+
+  // check:
+  const buff = RxAPI.base64ToBuffer( base64Medical );
+  const pheno = exports.decodePhenoPacket( buff );
+  //const medicalDeciphered = JSON.parse( JSON.stringify( pheno ));
+  //console.log( JSON.stringify(medicalDeciphered,' ', 2 ))
+
+  const cipher = await exports.encode( key.key, base64Medical );
+  //console.log( 'Cipher:', JSON.stringify(cipher) );
+
+  //delete metaData.pseudonym;
+  const newMetaData = Object.fromEntries( 
+    Object.entries( metaData ).filter( ([key, val]) => key !== 'pseudonym')
+  )
+
+  const qrData = {
+    ...newMetaData,
+    keyver: key.version,
+    apiver: apiVer,
+    pseudonym: key.pseudonym,
+    payload: cipher.toString()
+  }
+  // console.log( qrData );
+  // console.log( "QR-Data " , JSON.stringify( qrData ).length );
+
+  return {
+    qrData: JSON.stringify( qrData ),
+    pseudonym: key.pseudonym
+  }
+}
+
+
+exports.makeQR = async ( data, api = RXAPI, apiEntry = APIENTRY ) => {
+  const {qrData, pseudonym} = await exports.prepareQR( data, api, apiEntry );
+  return {
+    qr_code: await QRCode.toDataURL( qrData ),
+    pseudonym: pseudonym,
+    qr_data: qrData
+  }
+}
+
+exports.versionStr = () => {
+  return 'RxOME QR Generator 1.0.0, 2022 Tom Kamphans, GeneTalk GmbH'
+}
+
+
+// convert .proto to .json:
+// cd assets/scripts/modules/phenopackets/schema/v2
+// ../../../../../../node_modules/protobufjs-cli/bin/pbjs -t json phenopackets.proto > phenopackets.json
+
+//decode:
+  // /////
+  // const clearBufferBin = await Coder.decode(PRIVATE_KEY, '', cipherBin, true );
+  // const clearBin = Buffer.from (clearBufferBin, 'Binary');
+  // const phenoPrimeBin = Coder.decodePhenoPacket(clearBin);
+  // const phenoBin = JSON.parse(JSON.stringify(phenoPrimeBin));
+  // //// 
+