2023-01-06 12:21:14 +00:00
|
|
|
package pairing
|
2022-06-10 15:32:15 +00:00
|
|
|
|
2022-06-10 23:03:16 +00:00
|
|
|
import (
|
|
|
|
"crypto/rand"
|
2022-06-24 14:06:13 +00:00
|
|
|
"encoding/json"
|
2023-02-01 12:28:32 +00:00
|
|
|
"errors"
|
2022-06-24 14:06:13 +00:00
|
|
|
"fmt"
|
|
|
|
"io/ioutil"
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
2022-06-10 23:03:16 +00:00
|
|
|
|
2022-06-24 14:06:13 +00:00
|
|
|
"github.com/golang/protobuf/proto"
|
2022-10-21 12:15:39 +00:00
|
|
|
"go.uber.org/zap"
|
2022-06-24 14:06:13 +00:00
|
|
|
|
2022-06-24 23:09:01 +00:00
|
|
|
"github.com/status-im/status-go/account/generator"
|
2023-02-17 13:02:42 +00:00
|
|
|
"github.com/status-im/status-go/api"
|
2022-06-24 14:06:13 +00:00
|
|
|
"github.com/status-im/status-go/eth-node/keystore"
|
|
|
|
"github.com/status-im/status-go/multiaccounts"
|
2023-02-17 13:02:42 +00:00
|
|
|
"github.com/status-im/status-go/params"
|
2022-06-10 23:03:16 +00:00
|
|
|
"github.com/status-im/status-go/protocol/common"
|
2022-06-24 14:06:13 +00:00
|
|
|
"github.com/status-im/status-go/protocol/protobuf"
|
2022-06-10 23:03:16 +00:00
|
|
|
)
|
|
|
|
|
2023-02-01 12:28:32 +00:00
|
|
|
var (
|
2023-02-17 13:02:42 +00:00
|
|
|
ErrKeyFileAlreadyExists = errors.New("key file already exists")
|
|
|
|
ErrKeyUIDEmptyAsSender = errors.New("keyUID must be provided as sender")
|
|
|
|
ErrNodeConfigNilAsReceiver = errors.New("node config must be provided as receiver")
|
|
|
|
ErrPayloadSourceConfigBothSet = errors.New("payloadSourceSenderConfig and payloadSourceReceiverConfig cannot be both set")
|
2023-02-01 12:28:32 +00:00
|
|
|
)
|
|
|
|
|
2022-07-04 22:36:15 +00:00
|
|
|
// PayloadManager is the interface for PayloadManagers and wraps the basic functions for fulfilling payload management
|
2022-07-01 15:37:53 +00:00
|
|
|
type PayloadManager interface {
|
2022-10-28 10:30:18 +00:00
|
|
|
// Mount Loads the payload into the PayloadManager's state
|
2022-07-01 15:37:53 +00:00
|
|
|
Mount() error
|
2022-10-28 10:30:18 +00:00
|
|
|
|
|
|
|
// Receive stores data from an inbound source into the PayloadManager's state
|
2022-07-01 15:37:53 +00:00
|
|
|
Receive(data []byte) error
|
2022-10-28 10:30:18 +00:00
|
|
|
|
|
|
|
// ToSend returns an outbound safe (encrypted) payload
|
2022-07-01 15:37:53 +00:00
|
|
|
ToSend() []byte
|
2022-10-28 10:30:18 +00:00
|
|
|
|
|
|
|
// Received returns a decrypted and parsed payload from an inbound source
|
2022-07-01 15:37:53 +00:00
|
|
|
Received() []byte
|
2022-10-28 10:30:18 +00:00
|
|
|
|
|
|
|
// ResetPayload resets all payloads the PayloadManager has in its state
|
2022-07-05 05:40:43 +00:00
|
|
|
ResetPayload()
|
2022-10-28 10:30:18 +00:00
|
|
|
|
|
|
|
// EncryptPlain encrypts the given plaintext using internal key(s)
|
2022-08-19 12:45:50 +00:00
|
|
|
EncryptPlain(plaintext []byte) ([]byte, error)
|
2022-10-28 10:30:18 +00:00
|
|
|
|
|
|
|
// LockPayload prevents future excess to outbound safe and received data
|
|
|
|
LockPayload()
|
2022-07-01 15:37:53 +00:00
|
|
|
}
|
|
|
|
|
2023-02-17 13:02:42 +00:00
|
|
|
type PayloadSourceSenderConfig struct {
|
|
|
|
KeyUID string `json:"keyUID"`
|
|
|
|
Password string `json:"password"`
|
|
|
|
}
|
|
|
|
|
|
|
|
type PayloadSourceReceiverConfig struct {
|
|
|
|
KDFIterations int `json:"kdfIterations"`
|
|
|
|
NodeConfig *params.NodeConfig
|
|
|
|
// this field already exists within params.NodeConfig, but it doesn't support json marshalling, so we need to duplicate it here
|
|
|
|
RootDataDir string
|
|
|
|
// corresponding to field current_network from table settings, so that we can override current network from sender
|
|
|
|
SettingCurrentNetwork string
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// PayloadSourceConfig represents location and access data of the pairing payload
|
2022-08-31 11:58:59 +00:00
|
|
|
// ONLY available from the application client
|
2023-01-06 12:21:14 +00:00
|
|
|
type PayloadSourceConfig struct {
|
2023-02-17 13:02:42 +00:00
|
|
|
// required for sender and receiver, there are some different cases:
|
|
|
|
// 1. for sender, KeystorePath must end with keyUID
|
|
|
|
// 2. for receiver, KeystorePath must not end with keyUID (because keyUID is not known yet)
|
2022-08-31 11:58:59 +00:00
|
|
|
KeystorePath string `json:"keystorePath"`
|
2023-02-17 13:02:42 +00:00
|
|
|
*PayloadSourceSenderConfig
|
|
|
|
*PayloadSourceReceiverConfig
|
2023-02-15 15:50:30 +00:00
|
|
|
// Timeout the number of milliseconds after which the pairing server will automatically terminate
|
|
|
|
Timeout uint `json:"timeout"`
|
2022-08-31 11:58:59 +00:00
|
|
|
}
|
|
|
|
|
2023-02-17 13:02:42 +00:00
|
|
|
type payloadSourceUnmarshalCallback func(conf *PayloadSourceConfig) (*PayloadSourceConfig, error)
|
|
|
|
|
|
|
|
func NewPayloadSourceForClient(configJSON string, mode Mode) (*PayloadSourceConfig, error) {
|
|
|
|
return unmarshalPayloadSourceConfig(configJSON, func(conf *PayloadSourceConfig) (*PayloadSourceConfig, error) {
|
|
|
|
if mode == Sending && conf.NodeConfig == nil {
|
|
|
|
return nil, ErrNodeConfigNilAsReceiver
|
|
|
|
}
|
|
|
|
if mode == Receiving && conf.KeyUID == "" {
|
|
|
|
return nil, ErrKeyUIDEmptyAsSender
|
|
|
|
}
|
|
|
|
return updateRootDataDirToNodeConfig(conf)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewPayloadSourceForServer(configJSON string, mode Mode) (*PayloadSourceConfig, error) {
|
|
|
|
return unmarshalPayloadSourceConfig(configJSON, func(conf *PayloadSourceConfig) (*PayloadSourceConfig, error) {
|
|
|
|
if mode == Sending && conf.KeyUID == "" {
|
|
|
|
return nil, ErrKeyUIDEmptyAsSender
|
|
|
|
}
|
|
|
|
if mode == Receiving && conf.NodeConfig == nil {
|
|
|
|
return nil, ErrNodeConfigNilAsReceiver
|
|
|
|
}
|
|
|
|
return updateRootDataDirToNodeConfig(conf)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func updateRootDataDirToNodeConfig(conf *PayloadSourceConfig) (*PayloadSourceConfig, error) {
|
|
|
|
if conf.PayloadSourceReceiverConfig != nil && conf.PayloadSourceReceiverConfig.NodeConfig != nil {
|
|
|
|
conf.NodeConfig.RootDataDir = conf.RootDataDir
|
|
|
|
}
|
|
|
|
return conf, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func unmarshalPayloadSourceConfig(configJSON string, successCallback payloadSourceUnmarshalCallback) (*PayloadSourceConfig, error) {
|
|
|
|
var conf = PayloadSourceConfig{}
|
|
|
|
err := json.Unmarshal([]byte(configJSON), &conf)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return successCallback(&conf)
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// AccountPayloadManagerConfig represents the initialisation parameters required for a AccountPayloadManager
|
|
|
|
type AccountPayloadManagerConfig struct {
|
2022-08-31 11:58:59 +00:00
|
|
|
DB *multiaccounts.Database
|
2023-01-06 12:21:14 +00:00
|
|
|
*PayloadSourceConfig
|
2022-07-01 15:37:53 +00:00
|
|
|
}
|
|
|
|
|
2023-02-17 13:02:42 +00:00
|
|
|
func (a *AccountPayloadManagerConfig) GetNodeConfig() *params.NodeConfig {
|
|
|
|
if a.PayloadSourceConfig != nil && a.PayloadSourceConfig.PayloadSourceReceiverConfig != nil {
|
|
|
|
return a.NodeConfig
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AccountPayloadManagerConfig) GetSettingCurrentNetwork() string {
|
|
|
|
if a.PayloadSourceConfig != nil && a.PayloadSourceConfig.PayloadSourceReceiverConfig != nil {
|
|
|
|
return a.SettingCurrentNetwork
|
|
|
|
}
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AccountPayloadManagerConfig) GetPayloadSourceSenderConfig() *PayloadSourceSenderConfig {
|
|
|
|
if a.PayloadSourceConfig != nil && a.PayloadSourceConfig.PayloadSourceSenderConfig != nil {
|
|
|
|
return a.PayloadSourceSenderConfig
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AccountPayloadManagerConfig) GetPayloadSourceReceiverConfig() *PayloadSourceReceiverConfig {
|
|
|
|
if a.PayloadSourceConfig != nil && a.PayloadSourceConfig.PayloadSourceReceiverConfig != nil {
|
|
|
|
return a.PayloadSourceReceiverConfig
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AccountPayloadManagerConfig) GetKeystorePath() string {
|
|
|
|
if a.PayloadSourceConfig != nil {
|
|
|
|
return a.KeystorePath
|
|
|
|
}
|
|
|
|
return ""
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AccountPayloadManagerConfig) GetTimeout() uint {
|
|
|
|
if a.PayloadSourceConfig != nil {
|
|
|
|
return a.Timeout
|
|
|
|
}
|
|
|
|
return 0
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// AccountPayloadManager is responsible for the whole lifecycle of a AccountPayload
|
|
|
|
type AccountPayloadManager struct {
|
|
|
|
logger *zap.Logger
|
|
|
|
accountPayload *AccountPayload
|
2022-08-19 12:45:50 +00:00
|
|
|
*PayloadEncryptionManager
|
2023-01-06 12:21:14 +00:00
|
|
|
accountPayloadMarshaller *AccountPayloadMarshaller
|
|
|
|
payloadRepository PayloadRepository
|
2022-06-29 15:21:22 +00:00
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// NewAccountPayloadManager generates a new and initialised AccountPayloadManager
|
|
|
|
func NewAccountPayloadManager(aesKey []byte, config *AccountPayloadManagerConfig, logger *zap.Logger) (*AccountPayloadManager, error) {
|
|
|
|
l := logger.Named("AccountPayloadManager")
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug("fired", zap.Binary("aesKey", aesKey), zap.Any("config", config))
|
|
|
|
|
|
|
|
pem, err := NewPayloadEncryptionManager(aesKey, l)
|
2022-06-29 15:21:22 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// A new SHARED AccountPayload
|
|
|
|
p := new(AccountPayload)
|
2023-02-17 13:02:42 +00:00
|
|
|
accountPayloadRepository, err := NewAccountPayloadRepository(p, config)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2022-07-04 22:36:15 +00:00
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
return &AccountPayloadManager{
|
2022-10-21 12:15:39 +00:00
|
|
|
logger: l,
|
2023-01-06 12:21:14 +00:00
|
|
|
accountPayload: p,
|
2022-08-19 12:45:50 +00:00
|
|
|
PayloadEncryptionManager: pem,
|
2023-01-06 12:21:14 +00:00
|
|
|
accountPayloadMarshaller: NewPairingPayloadMarshaller(p, l),
|
2023-02-17 13:02:42 +00:00
|
|
|
payloadRepository: accountPayloadRepository,
|
2022-06-29 15:21:22 +00:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// Mount loads and prepares the payload to be stored in the AccountPayloadManager's state ready for later access
|
|
|
|
func (apm *AccountPayloadManager) Mount() error {
|
|
|
|
l := apm.logger.Named("Mount()")
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug("fired")
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
err := apm.payloadRepository.LoadFromSource()
|
2022-07-01 15:37:53 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug("after LoadFromSource")
|
2022-07-01 15:37:53 +00:00
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
pb, err := apm.accountPayloadMarshaller.MarshalToProtobuf()
|
2022-07-01 15:37:53 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug(
|
|
|
|
"after MarshalToProtobuf",
|
2023-01-06 12:21:14 +00:00
|
|
|
zap.Any("accountPayloadMarshaller.accountPayloadMarshaller.keys", apm.accountPayloadMarshaller.keys),
|
|
|
|
zap.Any("accountPayloadMarshaller.accountPayloadMarshaller.multiaccount", apm.accountPayloadMarshaller.multiaccount),
|
|
|
|
zap.String("accountPayloadMarshaller.accountPayloadMarshaller.password", apm.accountPayloadMarshaller.password),
|
2022-10-21 12:15:39 +00:00
|
|
|
zap.Binary("pb", pb),
|
|
|
|
)
|
2022-10-17 09:25:57 +00:00
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
return apm.Encrypt(pb)
|
2022-07-01 15:37:53 +00:00
|
|
|
}
|
|
|
|
|
2022-07-04 22:36:15 +00:00
|
|
|
// Receive takes a []byte representing raw data, parses and stores the data
|
2023-01-06 12:21:14 +00:00
|
|
|
func (apm *AccountPayloadManager) Receive(data []byte) error {
|
|
|
|
l := apm.logger.Named("Receive()")
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug("fired")
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
err := apm.Decrypt(data)
|
2022-07-01 15:37:53 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug("after Decrypt")
|
2022-07-01 15:37:53 +00:00
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
err = apm.accountPayloadMarshaller.UnmarshalProtobuf(apm.Received())
|
2022-07-01 15:37:53 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug(
|
|
|
|
"after UnmarshalProtobuf",
|
2023-01-06 12:21:14 +00:00
|
|
|
zap.Any("accountPayloadMarshaller.accountPayloadMarshaller.keys", apm.accountPayloadMarshaller.keys),
|
|
|
|
zap.Any("accountPayloadMarshaller.accountPayloadMarshaller.multiaccount", apm.accountPayloadMarshaller.multiaccount),
|
|
|
|
zap.String("accountPayloadMarshaller.accountPayloadMarshaller.password", apm.accountPayloadMarshaller.password),
|
|
|
|
zap.Binary("accountPayloadMarshaller.Received()", apm.Received()),
|
2022-10-21 12:15:39 +00:00
|
|
|
)
|
2022-07-01 15:37:53 +00:00
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
return apm.payloadRepository.StoreToSource()
|
2022-07-01 15:37:53 +00:00
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// ResetPayload resets all payload state managed by the AccountPayloadManager
|
|
|
|
func (apm *AccountPayloadManager) ResetPayload() {
|
|
|
|
apm.accountPayload.ResetPayload()
|
|
|
|
apm.PayloadEncryptionManager.ResetPayload()
|
2022-07-05 05:40:43 +00:00
|
|
|
}
|
|
|
|
|
2022-07-01 15:37:53 +00:00
|
|
|
// EncryptionPayload represents the plain text and encrypted text of payload data
|
2022-06-29 15:21:22 +00:00
|
|
|
type EncryptionPayload struct {
|
2022-06-10 23:03:16 +00:00
|
|
|
plain []byte
|
|
|
|
encrypted []byte
|
2022-10-28 10:30:18 +00:00
|
|
|
locked bool
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ep *EncryptionPayload) lock() {
|
|
|
|
ep.locked = true
|
2022-06-10 23:03:16 +00:00
|
|
|
}
|
|
|
|
|
2022-07-01 15:37:53 +00:00
|
|
|
// PayloadEncryptionManager is responsible for encrypting and decrypting payload data
|
2022-06-29 15:21:22 +00:00
|
|
|
type PayloadEncryptionManager struct {
|
2022-10-21 12:15:39 +00:00
|
|
|
logger *zap.Logger
|
2022-06-10 23:03:16 +00:00
|
|
|
aesKey []byte
|
2022-06-29 15:21:22 +00:00
|
|
|
toSend *EncryptionPayload
|
|
|
|
received *EncryptionPayload
|
2022-06-10 15:32:15 +00:00
|
|
|
}
|
|
|
|
|
2022-10-21 12:15:39 +00:00
|
|
|
func NewPayloadEncryptionManager(aesKey []byte, logger *zap.Logger) (*PayloadEncryptionManager, error) {
|
|
|
|
return &PayloadEncryptionManager{logger.Named("PayloadEncryptionManager"), aesKey, new(EncryptionPayload), new(EncryptionPayload)}, nil
|
2022-06-10 15:32:15 +00:00
|
|
|
}
|
|
|
|
|
2022-10-28 10:30:18 +00:00
|
|
|
// EncryptPlain encrypts any given plain text using the internal AES key and returns the encrypted value
|
|
|
|
// This function is different to Encrypt as the internal EncryptionPayload.encrypted value is not set
|
2022-08-19 12:45:50 +00:00
|
|
|
func (pem *PayloadEncryptionManager) EncryptPlain(plaintext []byte) ([]byte, error) {
|
2022-10-21 12:15:39 +00:00
|
|
|
l := pem.logger.Named("EncryptPlain()")
|
|
|
|
l.Debug("fired")
|
|
|
|
|
2022-08-19 12:45:50 +00:00
|
|
|
return common.Encrypt(plaintext, pem.aesKey, rand.Reader)
|
|
|
|
}
|
|
|
|
|
2022-07-01 15:37:53 +00:00
|
|
|
func (pem *PayloadEncryptionManager) Encrypt(data []byte) error {
|
2022-10-21 12:15:39 +00:00
|
|
|
l := pem.logger.Named("Encrypt()")
|
|
|
|
l.Debug("fired")
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
ep, err := common.Encrypt(data, pem.aesKey, rand.Reader)
|
2022-06-10 23:03:16 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
pem.toSend.plain = data
|
|
|
|
pem.toSend.encrypted = ep
|
2022-10-21 12:15:39 +00:00
|
|
|
|
|
|
|
l.Debug(
|
|
|
|
"after common.Encrypt",
|
|
|
|
zap.Binary("data", data),
|
|
|
|
zap.Binary("pem.aesKey", pem.aesKey),
|
|
|
|
zap.Binary("ep", ep),
|
|
|
|
)
|
|
|
|
|
2022-06-10 23:03:16 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-07-01 15:37:53 +00:00
|
|
|
func (pem *PayloadEncryptionManager) Decrypt(data []byte) error {
|
2022-10-21 12:15:39 +00:00
|
|
|
l := pem.logger.Named("Decrypt()")
|
|
|
|
l.Debug("fired")
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
pd, err := common.Decrypt(data, pem.aesKey)
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug(
|
|
|
|
"after common.Decrypt(data, pem.aesKey)",
|
|
|
|
zap.Binary("data", data),
|
|
|
|
zap.Binary("pem.aesKey", pem.aesKey),
|
|
|
|
zap.Binary("pd", pd),
|
|
|
|
zap.Error(err),
|
|
|
|
)
|
2022-06-10 23:03:16 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
pem.received.encrypted = data
|
|
|
|
pem.received.plain = pd
|
2022-06-10 23:03:16 +00:00
|
|
|
return nil
|
2022-06-10 15:32:15 +00:00
|
|
|
}
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
func (pem *PayloadEncryptionManager) ToSend() []byte {
|
2022-10-28 10:30:18 +00:00
|
|
|
if pem.toSend.locked {
|
|
|
|
return nil
|
|
|
|
}
|
2022-06-29 15:21:22 +00:00
|
|
|
return pem.toSend.encrypted
|
2022-06-10 15:32:15 +00:00
|
|
|
}
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
func (pem *PayloadEncryptionManager) Received() []byte {
|
2022-10-28 10:30:18 +00:00
|
|
|
if pem.toSend.locked {
|
|
|
|
return nil
|
|
|
|
}
|
2022-06-29 15:21:22 +00:00
|
|
|
return pem.received.plain
|
2022-06-10 23:03:16 +00:00
|
|
|
}
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
func (pem *PayloadEncryptionManager) ResetPayload() {
|
|
|
|
pem.toSend = new(EncryptionPayload)
|
|
|
|
pem.received = new(EncryptionPayload)
|
2022-06-10 15:32:15 +00:00
|
|
|
}
|
2022-06-24 14:06:13 +00:00
|
|
|
|
2022-10-28 10:30:18 +00:00
|
|
|
func (pem *PayloadEncryptionManager) LockPayload() {
|
|
|
|
l := pem.logger.Named("LockPayload")
|
|
|
|
l.Debug("fired")
|
|
|
|
|
|
|
|
pem.toSend.lock()
|
|
|
|
pem.received.lock()
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// AccountPayload represents the payload structure a Server handles
|
|
|
|
type AccountPayload struct {
|
2022-06-24 14:06:13 +00:00
|
|
|
keys map[string][]byte
|
|
|
|
multiaccount *multiaccounts.Account
|
|
|
|
password string
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (ap *AccountPayload) ResetPayload() {
|
|
|
|
*ap = AccountPayload{}
|
2022-07-05 05:40:43 +00:00
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// AccountPayloadMarshaller is responsible for marshalling and unmarshalling Server payload data
|
|
|
|
type AccountPayloadMarshaller struct {
|
2022-10-21 12:15:39 +00:00
|
|
|
logger *zap.Logger
|
2023-01-06 12:21:14 +00:00
|
|
|
*AccountPayload
|
2022-06-29 15:21:22 +00:00
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func NewPairingPayloadMarshaller(ap *AccountPayload, logger *zap.Logger) *AccountPayloadMarshaller {
|
|
|
|
return &AccountPayloadMarshaller{logger: logger, AccountPayload: ap}
|
2022-07-01 15:37:53 +00:00
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (ppm *AccountPayloadMarshaller) MarshalToProtobuf() ([]byte, error) {
|
2022-06-29 15:21:22 +00:00
|
|
|
return proto.Marshal(&protobuf.LocalPairingPayload{
|
|
|
|
Keys: ppm.accountKeysToProtobuf(),
|
2022-08-19 14:07:57 +00:00
|
|
|
Multiaccount: ppm.multiaccount.ToProtobuf(),
|
2022-06-29 15:21:22 +00:00
|
|
|
Password: ppm.password,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (ppm *AccountPayloadMarshaller) accountKeysToProtobuf() []*protobuf.LocalPairingPayload_Key {
|
2022-06-29 15:21:22 +00:00
|
|
|
var keys []*protobuf.LocalPairingPayload_Key
|
|
|
|
for name, data := range ppm.keys {
|
|
|
|
keys = append(keys, &protobuf.LocalPairingPayload_Key{Name: name, Data: data})
|
|
|
|
}
|
|
|
|
return keys
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (ppm *AccountPayloadMarshaller) UnmarshalProtobuf(data []byte) error {
|
2022-10-21 12:15:39 +00:00
|
|
|
l := ppm.logger.Named("UnmarshalProtobuf()")
|
|
|
|
l.Debug("fired")
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
pb := new(protobuf.LocalPairingPayload)
|
|
|
|
err := proto.Unmarshal(data, pb)
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug(
|
|
|
|
"after protobuf.LocalPairingPayload",
|
|
|
|
zap.Any("pb", pb),
|
|
|
|
zap.Any("pb.Multiaccount", pb.Multiaccount),
|
|
|
|
zap.Any("pb.Keys", pb.Keys),
|
|
|
|
)
|
2022-06-24 14:06:13 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
ppm.accountKeysFromProtobuf(pb.Keys)
|
|
|
|
ppm.multiaccountFromProtobuf(pb.Multiaccount)
|
|
|
|
ppm.password = pb.Password
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (ppm *AccountPayloadMarshaller) accountKeysFromProtobuf(pbKeys []*protobuf.LocalPairingPayload_Key) {
|
2022-10-21 12:15:39 +00:00
|
|
|
l := ppm.logger.Named("accountKeysFromProtobuf()")
|
|
|
|
l.Debug("fired")
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
if ppm.keys == nil {
|
|
|
|
ppm.keys = make(map[string][]byte)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, key := range pbKeys {
|
|
|
|
ppm.keys[key.Name] = key.Data
|
|
|
|
}
|
2022-10-21 12:15:39 +00:00
|
|
|
l.Debug(
|
|
|
|
"after for _, key := range pbKeys",
|
|
|
|
zap.Any("pbKeys", pbKeys),
|
2023-01-06 12:21:14 +00:00
|
|
|
zap.Any("accountPayloadMarshaller.keys", ppm.keys),
|
2022-10-21 12:15:39 +00:00
|
|
|
)
|
2022-06-29 15:21:22 +00:00
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (ppm *AccountPayloadMarshaller) multiaccountFromProtobuf(pbMultiAccount *protobuf.MultiAccount) {
|
2022-08-19 14:07:57 +00:00
|
|
|
ppm.multiaccount = new(multiaccounts.Account)
|
|
|
|
ppm.multiaccount.FromProtobuf(pbMultiAccount)
|
2022-06-29 15:21:22 +00:00
|
|
|
}
|
|
|
|
|
2022-07-01 15:37:53 +00:00
|
|
|
type PayloadRepository interface {
|
|
|
|
LoadFromSource() error
|
|
|
|
StoreToSource() error
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
// AccountPayloadRepository is responsible for loading, parsing, validating and storing Server payload data
|
|
|
|
type AccountPayloadRepository struct {
|
|
|
|
*AccountPayload
|
2022-06-29 15:21:22 +00:00
|
|
|
|
|
|
|
multiaccountsDB *multiaccounts.Database
|
2022-07-01 15:37:53 +00:00
|
|
|
|
|
|
|
keystorePath, keyUID string
|
2023-02-17 13:02:42 +00:00
|
|
|
|
|
|
|
kdfIterations int
|
2022-06-29 15:21:22 +00:00
|
|
|
}
|
|
|
|
|
2023-02-17 13:02:42 +00:00
|
|
|
func NewAccountPayloadRepository(p *AccountPayload, config *AccountPayloadManagerConfig) (*AccountPayloadRepository, error) {
|
2023-01-06 12:21:14 +00:00
|
|
|
ppr := &AccountPayloadRepository{
|
|
|
|
AccountPayload: p,
|
2022-06-29 15:21:22 +00:00
|
|
|
}
|
2022-07-01 15:37:53 +00:00
|
|
|
|
|
|
|
if config == nil {
|
2023-02-17 13:02:42 +00:00
|
|
|
return ppr, nil
|
2022-07-01 15:37:53 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
ppr.multiaccountsDB = config.DB
|
2023-02-17 13:02:42 +00:00
|
|
|
|
|
|
|
if config.GetPayloadSourceSenderConfig() != nil && config.GetPayloadSourceReceiverConfig() != nil {
|
|
|
|
return nil, ErrPayloadSourceConfigBothSet
|
|
|
|
}
|
|
|
|
if config.GetPayloadSourceSenderConfig() != nil {
|
|
|
|
ppr.keyUID = config.KeyUID
|
|
|
|
ppr.password = config.Password
|
|
|
|
} else if config.GetPayloadSourceReceiverConfig() != nil {
|
|
|
|
ppr.kdfIterations = config.KDFIterations
|
|
|
|
}
|
|
|
|
ppr.keystorePath = config.GetKeystorePath()
|
|
|
|
return ppr, nil
|
2022-06-29 15:21:22 +00:00
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (apr *AccountPayloadRepository) LoadFromSource() error {
|
|
|
|
err := apr.loadKeys(apr.keystorePath)
|
2022-06-24 14:06:13 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-06-29 15:21:22 +00:00
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
err = apr.validateKeys(apr.password)
|
2022-06-29 15:21:22 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
apr.multiaccount, err = apr.multiaccountsDB.GetAccount(apr.keyUID)
|
2022-06-29 15:21:22 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-06-24 14:06:13 +00:00
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (apr *AccountPayloadRepository) loadKeys(keyStorePath string) error {
|
|
|
|
apr.keys = make(map[string][]byte)
|
2022-06-24 14:06:13 +00:00
|
|
|
|
|
|
|
fileWalker := func(path string, fileInfo os.FileInfo, err error) error {
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if fileInfo.IsDir() || filepath.Dir(path) != keyStorePath {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
rawKeyFile, err := ioutil.ReadFile(path)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("invalid account key file: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
accountKey := new(keystore.EncryptedKeyJSONV3)
|
|
|
|
if err := json.Unmarshal(rawKeyFile, &accountKey); err != nil {
|
|
|
|
return fmt.Errorf("failed to read key file: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(accountKey.Address) != 40 {
|
|
|
|
return fmt.Errorf("account key address has invalid length '%s'", accountKey.Address)
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
apr.keys[fileInfo.Name()] = rawKeyFile
|
2022-06-24 14:06:13 +00:00
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
err := filepath.Walk(keyStorePath, fileWalker)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("cannot traverse key store folder: %v", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (apr *AccountPayloadRepository) StoreToSource() error {
|
|
|
|
err := apr.validateKeys(apr.password)
|
2022-06-24 23:09:01 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
err = apr.storeKeys(apr.keystorePath)
|
2022-06-24 23:09:01 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
err = apr.storeMultiAccount()
|
2022-06-24 23:09:01 +00:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-06-29 15:21:22 +00:00
|
|
|
// TODO install PublicKey into settings, probably do this outside of StoreToSource
|
2022-06-24 23:09:01 +00:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (apr *AccountPayloadRepository) validateKeys(password string) error {
|
|
|
|
for _, key := range apr.keys {
|
2022-06-24 23:09:01 +00:00
|
|
|
k, err := keystore.DecryptKey(key, password)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = generator.ValidateKeystoreExtendedKey(k)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (apr *AccountPayloadRepository) storeKeys(keyStorePath string) error {
|
2022-10-04 15:30:11 +00:00
|
|
|
if keyStorePath == "" {
|
|
|
|
return fmt.Errorf("keyStorePath can not be empty")
|
|
|
|
}
|
|
|
|
|
|
|
|
_, lastDir := filepath.Split(keyStorePath)
|
|
|
|
|
|
|
|
// If lastDir == "keystore" we presume we need to create the rest of the keystore path
|
|
|
|
// else we presume the provided keystore is valid
|
|
|
|
if lastDir == "keystore" {
|
2023-01-06 12:21:14 +00:00
|
|
|
if apr.multiaccount == nil || apr.multiaccount.KeyUID == "" {
|
2022-10-04 15:30:11 +00:00
|
|
|
return fmt.Errorf("no known Key UID")
|
|
|
|
}
|
2023-01-06 12:21:14 +00:00
|
|
|
keyStorePath = filepath.Join(keyStorePath, apr.multiaccount.KeyUID)
|
2023-02-01 12:28:32 +00:00
|
|
|
_, err := os.Stat(keyStorePath)
|
|
|
|
if os.IsNotExist(err) {
|
|
|
|
err := os.MkdirAll(keyStorePath, 0777)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
} else if err != nil {
|
2022-10-04 15:30:11 +00:00
|
|
|
return err
|
2023-02-01 12:28:32 +00:00
|
|
|
} else {
|
|
|
|
return ErrKeyFileAlreadyExists
|
2022-10-04 15:30:11 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
for name, data := range apr.keys {
|
2022-06-24 23:09:01 +00:00
|
|
|
accountKey := new(keystore.EncryptedKeyJSONV3)
|
|
|
|
if err := json.Unmarshal(data, &accountKey); err != nil {
|
|
|
|
return fmt.Errorf("failed to read key file: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(accountKey.Address) != 40 {
|
|
|
|
return fmt.Errorf("account key address has invalid length '%s'", accountKey.Address)
|
|
|
|
}
|
|
|
|
|
|
|
|
err := ioutil.WriteFile(filepath.Join(keyStorePath, name), data, 0600)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-01-06 12:21:14 +00:00
|
|
|
func (apr *AccountPayloadRepository) storeMultiAccount() error {
|
2023-02-17 13:02:42 +00:00
|
|
|
apr.multiaccount.KDFIterations = apr.kdfIterations
|
2023-01-06 12:21:14 +00:00
|
|
|
return apr.multiaccountsDB.SaveAccount(*apr.multiaccount)
|
|
|
|
}
|
|
|
|
|
|
|
|
type RawMessagePayloadManager struct {
|
|
|
|
logger *zap.Logger
|
|
|
|
// reference from AccountPayloadManager#accountPayload
|
|
|
|
accountPayload *AccountPayload
|
|
|
|
*PayloadEncryptionManager
|
|
|
|
payloadRepository *RawMessageRepository
|
|
|
|
}
|
|
|
|
|
2023-02-17 13:02:42 +00:00
|
|
|
func NewRawMessagePayloadManager(logger *zap.Logger, accountPayload *AccountPayload, aesKey []byte, backend *api.GethStatusBackend, nodeConfig *params.NodeConfig, settingCurrentNetwork string) (*RawMessagePayloadManager, error) {
|
2023-01-06 12:21:14 +00:00
|
|
|
l := logger.Named("RawMessagePayloadManager")
|
|
|
|
pem, err := NewPayloadEncryptionManager(aesKey, l)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return &RawMessagePayloadManager{
|
|
|
|
logger: l,
|
|
|
|
accountPayload: accountPayload,
|
|
|
|
PayloadEncryptionManager: pem,
|
2023-02-17 13:02:42 +00:00
|
|
|
payloadRepository: NewRawMessageRepository(backend, accountPayload, nodeConfig, settingCurrentNetwork),
|
2023-01-06 12:21:14 +00:00
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *RawMessagePayloadManager) Mount() error {
|
|
|
|
err := r.payloadRepository.LoadFromSource()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return r.Encrypt(r.payloadRepository.payload)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *RawMessagePayloadManager) Receive(data []byte) error {
|
|
|
|
err := r.Decrypt(data)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
r.payloadRepository.payload = r.Received()
|
|
|
|
return r.payloadRepository.StoreToSource()
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *RawMessagePayloadManager) ResetPayload() {
|
|
|
|
r.payloadRepository.payload = make([]byte, 0)
|
|
|
|
r.PayloadEncryptionManager.ResetPayload()
|
|
|
|
}
|
|
|
|
|
|
|
|
type RawMessageRepository struct {
|
|
|
|
payload []byte
|
|
|
|
syncRawMessageHandler *SyncRawMessageHandler
|
|
|
|
accountPayload *AccountPayload
|
2023-02-17 13:02:42 +00:00
|
|
|
nodeConfig *params.NodeConfig
|
|
|
|
settingCurrentNetwork string
|
2023-01-06 12:21:14 +00:00
|
|
|
}
|
|
|
|
|
2023-02-17 13:02:42 +00:00
|
|
|
func NewRawMessageRepository(backend *api.GethStatusBackend, accountPayload *AccountPayload, config *params.NodeConfig, settingCurrentNetwork string) *RawMessageRepository {
|
2023-01-06 12:21:14 +00:00
|
|
|
return &RawMessageRepository{
|
|
|
|
syncRawMessageHandler: NewSyncRawMessageHandler(backend),
|
|
|
|
payload: make([]byte, 0),
|
|
|
|
accountPayload: accountPayload,
|
2023-02-17 13:02:42 +00:00
|
|
|
nodeConfig: config,
|
|
|
|
settingCurrentNetwork: settingCurrentNetwork,
|
2023-01-06 12:21:14 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *RawMessageRepository) LoadFromSource() error {
|
|
|
|
account := r.accountPayload.multiaccount
|
|
|
|
if account == nil || account.KeyUID == "" {
|
|
|
|
return fmt.Errorf("no known KeyUID when loading raw messages")
|
|
|
|
}
|
|
|
|
payload, err := r.syncRawMessageHandler.PrepareRawMessage(account.KeyUID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
r.payload = payload
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *RawMessageRepository) StoreToSource() error {
|
|
|
|
accountPayload := r.accountPayload
|
|
|
|
if accountPayload == nil || accountPayload.multiaccount == nil {
|
|
|
|
return fmt.Errorf("no known multiaccount when storing raw messages")
|
|
|
|
}
|
2023-02-17 13:02:42 +00:00
|
|
|
return r.syncRawMessageHandler.HandleRawMessage(accountPayload.multiaccount, accountPayload.password, r.nodeConfig, r.settingCurrentNetwork, r.payload)
|
2022-06-24 14:06:13 +00:00
|
|
|
}
|