Initial stab at KeyManager.

10 years ago · 61cfa1517d
5 changed files with 112 additions and 13 deletions
--- a/exp/main.cpp
+++ b/exp/main.cpp
@ -33,6 +33,7 @@
 #endif
 #include <functional>
 #include <boost/filesystem.hpp>
+#include <boost/algorithm/string.hpp>
 #include <libdevcore/RangeMask.h>
 #include <libdevcore/Log.h>
 #include <libdevcore/Common.h>
@ -43,6 +44,7 @@
 #include <libdevcrypto/TrieDB.h>
 #include <libp2p/All.h>
 #include <libethcore/ProofOfWork.h>
+#include <libdevcrypto/FileSystem.h>
 #include <libethereum/All.h>
 #include <libethereum/Farm.h>
 #include <libethereum/AccountDiff.h>
@ -58,8 +60,94 @@ using namespace dev::eth;
 using namespace dev::p2p;
 using namespace dev::shh;
 namespace js = json_spirit;
+namespace fs = boost::filesystem;

-#if 0
+#if 1
+
+inline h128 fromUUID(std::string const& _uuid) { return h128(boost::replace_all_copy(_uuid, "-", "")); }
+
+class KeyManager: public Worker
+{
+public:
+	KeyManager() { readKeys(); }
+	~KeyManager() {}
+
+	Secret secret(h128 const& _uuid, std::string const& _pass)
+	{
+		auto it = m_keys.find(_uuid);
+		if (it == m_keys.end())
+			return Secret();
+		return Secret(decrypt(it->second, _pass));
+	}
+
+private:
+	void readKeys(std::string const& _keysPath = getDataDir("web3") + "/keys")
+	{
+		fs::path p(_keysPath);
+		js::mValue v;
+		for (fs::directory_iterator it(p); it != fs::directory_iterator(); ++it)
+			if (is_regular_file(it->path()))
+			{
+				cdebug << "Reading" << it->path();
+				js::read_string(contentsString(it->path().string()), v);
+				js::mObject o = v.get_obj();
+				int version = o.count("Version") ? stoi(o["Version"].get_str()) : o.count("version") ? o["version"].get_int() : 0;
+				if (version == 2)
+					m_keys[fromUUID(o["id"].get_str())] = o["crypto"];
+				else
+					cwarn << "Cannot read key version" << version;
+			}
+	}
+
+	static bytes decrypt(js::mValue const& _v, std::string const& _pass)
+	{
+		js::mObject o = _v.get_obj();
+		bytes pKey;
+		if (o["kdf"].get_str() == "pbkdf2")
+		{
+			auto params = o["kdfparams"].get_obj();
+			unsigned iterations = params["c"].get_int();
+			bytes salt = fromHex(params["salt"].get_str());
+			pKey = pbkdf2(_pass, salt, iterations).asBytes();
+		}
+		else
+		{
+			cwarn << "Unknown KDF" << o["kdf"].get_str() << "not supported.";
+			return bytes();
+		}
+
+		// TODO check MAC
+		h256 mac(o["mac"].get_str());
+		(void)mac;
+
+		bytes cipherText = fromHex(o["ciphertext"].get_str());
+		bytes ret;
+		if (o["cipher"].get_str() == "aes-128-cbc")
+		{
+			auto params = o["cipherparams"].get_obj();
+			h128 key(sha3(h128(pKey, h128::AlignRight)), h128::AlignRight);
+			h128 iv(params["iv"].get_str());
+			decryptSymNoAuth(key, iv, &cipherText, ret);
+		}
+		else
+		{
+			cwarn << "Unknown cipher" << o["cipher"].get_str() << "not supported.";
+			return bytes();
+		}
+
+		return ret;
+	}
+
+	std::map<h128, js::mValue> m_keys;
+};
+
+int main()
+{
+	KeyManager keyman;
+	cdebug << "Secret key for 0498f19a-59db-4d54-ac95-33901b4f1870 is " << keyman.secret(fromUUID("0498f19a-59db-4d54-ac95-33901b4f1870"), "foo");
+}
+
+#elif 0
 int main()
 {
 	DownloadMan man;
--- a/libdevcrypto/Common.cpp
+++ b/libdevcrypto/Common.cpp
@ -112,13 +112,13 @@ bool dev::decryptSym(Secret const& _k, bytesConstRef _cipher, bytes& o_plain)
 	return decrypt(_k, _cipher, o_plain);
 }

-h128 dev::encryptSymNoAuth(Secret const& _k, bytesConstRef _plain, bytes& o_cipher)
+h128 dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher)
 {
 	h128 iv(Nonce::get());
 	return encryptSymNoAuth(_k, _plain, o_cipher, iv);
 }

-h128 dev::encryptSymNoAuth(Secret const& _k, bytesConstRef _plain, bytes& o_cipher, h128 const& _iv)
+h128 dev::encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher, h128 const& _iv)
 {
 	o_cipher.resize(_plain.size());

@ -139,7 +139,7 @@ h128 dev::encryptSymNoAuth(Secret const& _k, bytesConstRef _plain, bytes& o_ciph
 	}
 }

-bool dev::decryptSymNoAuth(Secret const& _k, h128 const& _iv, bytesConstRef _cipher, bytes& o_plaintext)
+bool dev::decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher, bytes& o_plaintext)
 {
 	o_plaintext.resize(_cipher.size());
 	
@ -175,6 +175,14 @@ bool dev::verify(Public const& _p, Signature const& _s, h256 const& _hash)
 	return s_secp256k1.verify(_p, _s, _hash.ref(), true);
 }

+h256 dev::pbkdf2(string const& _pass, bytes const& _salt, unsigned _iterations)
+{
+	h256 ret;
+	PKCS5_PBKDF2_HMAC<SHA256> pbkdf;
+	pbkdf.DeriveKey(ret.data(), ret.size, 0, (byte*)_pass.data(), _pass.size(), _salt.data(), _salt.size(), _iterations);
+	return ret;
+}
+
 KeyPair KeyPair::create()
 {
 	static boost::thread_specific_ptr<mt19937_64> s_eng;
--- a/libdevcrypto/Common.h
+++ b/libdevcrypto/Common.h
@ -103,13 +103,13 @@ void encryptECIES(Public const& _k, bytesConstRef _plain, bytes& o_cipher);
 bool decryptECIES(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext);
 	
 /// Encrypts payload with random IV/ctr using AES128-CTR.
-h128 encryptSymNoAuth(Secret const& _k, bytesConstRef _plain, bytes& o_cipher);
+h128 encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher);

 /// Encrypts payload with specified IV/ctr using AES128-CTR.
-h128 encryptSymNoAuth(Secret const& _k, bytesConstRef _plain, bytes& o_cipher, h128 const& _iv);
+h128 encryptSymNoAuth(h128 const& _k, bytesConstRef _plain, bytes& o_cipher, h128 const& _iv);
 	
-/// Decrypts payload with specified IV/ctr.
-bool decryptSymNoAuth(Secret const& _k, h128 const& _iv, bytesConstRef _cipher, bytes& o_plaintext);
+/// Decrypts payload with specified IV/ctr using AES128-CTR.
+bool decryptSymNoAuth(h128 const& _k, h128 const& _iv, bytesConstRef _cipher, bytes& o_plaintext);

 /// Recovers Public key from signed message hash.
 Public recover(Signature const& _sig, h256 const& _hash);
@ -120,6 +120,9 @@ Signature sign(Secret const& _k, h256 const& _hash);
 /// Verify signature.
 bool verify(Public const& _k, Signature const& _s, h256 const& _hash);

+/// Derive key via PBKDF2.
+h256 pbkdf2(std::string const& _pass, bytes const& _salt, unsigned _iterations);
+
 /// Simple class that represents a "key pair".
 /// All of the data of the class can be regenerated from the secret key (m_secret) alone.
 /// Actually stores a tuplet of secret, public and address (the right 160-bits of the public).
@ -164,7 +167,7 @@ struct InvalidState: public dev::Exception {};

 /// Key derivation
 h256 kdf(Secret const& _priv, h256 const& _hash);
-	
+
 /**
 * @brief Generator for nonce material
 */
--- a/libdevcrypto/CryptoPP.cpp
+++ b/libdevcrypto/CryptoPP.cpp
@ -79,7 +79,7 @@ void Secp256k1::encryptECIES(Public const& _k, bytes& io_cipher)
 	ctx.Final(mKey.data());
 	
 	bytes cipherText;
-	encryptSymNoAuth(*(Secret*)eKey.data(), bytesConstRef(&io_cipher), cipherText, h128());
+	encryptSymNoAuth(h128(eKey), bytesConstRef(&io_cipher), cipherText, h128());
 	if (cipherText.empty())
 		return;

@ -139,7 +139,7 @@ bool Secp256k1::decryptECIES(Secret const& _k, bytes& io_text)
 		if (mac[i] != msgMac[i])
 			return false;
 	
-	decryptSymNoAuth(*(Secret*)eKey.data(), iv, cipherNoIV, plain);
+	decryptSymNoAuth(h128(eKey), iv, cipherNoIV, plain);
 	io_text.resize(plain.size());
 	io_text.swap(plain);
 	
--- a/test/libdevcrypto/crypto.cpp
+++ b/test/libdevcrypto/crypto.cpp
@ -588,7 +588,7 @@ BOOST_AUTO_TEST_CASE(handshakeNew)

 BOOST_AUTO_TEST_CASE(ecies_aes128_ctr_unaligned)
 {
-	Secret encryptK(sha3("..."));
+	h128 encryptK(sha3("..."), h128::AlignLeft);
 	h256 egressMac(sha3("+++"));
 	// TESTING: send encrypt magic sequence
 	bytes magic {0x22,0x40,0x08,0x91};
@ -610,7 +610,7 @@ BOOST_AUTO_TEST_CASE(ecies_aes128_ctr_unaligned)

 BOOST_AUTO_TEST_CASE(ecies_aes128_ctr)
 {
-	Secret k(sha3("0xAAAA"));
+	h128 k(sha3("0xAAAA"), h128::AlignLeft);
 	string m = "AAAAAAAAAAAAAAAA";
 	bytesConstRef msg((byte*)m.data(), m.size());