mirror of https://github.com/certusone/dc4bc.git
96 lines
2.6 KiB
Go
96 lines
2.6 KiB
Go
package airgapped
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
|
|
"github.com/depools/dc4bc/dkg"
|
|
"github.com/syndtr/goleveldb/leveldb/util"
|
|
)
|
|
|
|
const (
|
|
blsKeyringPrefix = "bls_keyring"
|
|
)
|
|
|
|
func makeBLSKeyKeyringDBKey(key string) string {
|
|
return fmt.Sprintf("%s_%s", blsKeyringPrefix, key)
|
|
}
|
|
|
|
func (am *Machine) saveBLSKeyring(dkgID string, blsKeyring *dkg.BLSKeyring) error {
|
|
salt, err := am.db.Get([]byte(saltDBKey), nil)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to read salt from db: %w", err)
|
|
}
|
|
|
|
blsKeyringBz, err := blsKeyring.Bytes()
|
|
if err != nil {
|
|
return fmt.Errorf("failed to encode bls keyring: %w", err)
|
|
}
|
|
|
|
encryptedKeyring, err := encrypt(am.encryptionKey, salt, blsKeyringBz)
|
|
if err != nil {
|
|
return fmt.Errorf("failed to encrypt BLS keyring: %w", err)
|
|
}
|
|
if err := am.db.Put([]byte(makeBLSKeyKeyringDBKey(dkgID)), encryptedKeyring, nil); err != nil {
|
|
return fmt.Errorf("failed to save BLSKeyring into db: %w", err)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func (am *Machine) loadBLSKeyring(dkgID string) (*dkg.BLSKeyring, error) {
|
|
var (
|
|
blsKeyring *dkg.BLSKeyring
|
|
blsKeyringBz []byte
|
|
err error
|
|
)
|
|
|
|
salt, err := am.db.Get([]byte(saltDBKey), nil)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to read salt from db: %w", err)
|
|
}
|
|
|
|
if blsKeyringBz, err = am.db.Get([]byte(makeBLSKeyKeyringDBKey(dkgID)), nil); err != nil {
|
|
return nil, fmt.Errorf("failed to get bls keyring with dkg id %s: %w", dkgID, err)
|
|
}
|
|
|
|
decryptedKeyring, err := decrypt(am.encryptionKey, salt, blsKeyringBz)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to decrypt BLS keyring: %w", err)
|
|
}
|
|
|
|
if blsKeyring, err = dkg.LoadBLSKeyringFromBytes(am.baseSuite, decryptedKeyring); err != nil {
|
|
return nil, fmt.Errorf("failed to decode bls keyring")
|
|
}
|
|
return blsKeyring, nil
|
|
}
|
|
|
|
func (am *Machine) GetBLSKeyrings() (map[string]*dkg.BLSKeyring, error) {
|
|
var (
|
|
blsKeyring *dkg.BLSKeyring
|
|
err error
|
|
)
|
|
|
|
salt, err := am.db.Get([]byte(saltDBKey), nil)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to read salt from db: %w", err)
|
|
}
|
|
|
|
keyrings := make(map[string]*dkg.BLSKeyring)
|
|
iter := am.db.NewIterator(util.BytesPrefix([]byte(blsKeyringPrefix)), nil)
|
|
defer iter.Release()
|
|
|
|
for iter.Next() {
|
|
key := iter.Key()
|
|
value := iter.Value()
|
|
decryptedKeyring, err := decrypt(am.encryptionKey, salt, value)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("failed to decrypt BLS keyring: %w", err)
|
|
}
|
|
if blsKeyring, err = dkg.LoadBLSKeyringFromBytes(am.baseSuite, decryptedKeyring); err != nil {
|
|
return nil, fmt.Errorf("failed to decode bls keyring: %w", err)
|
|
}
|
|
keyrings[strings.TrimLeft(string(key), blsKeyringPrefix)] = blsKeyring
|
|
}
|
|
return keyrings, iter.Error()
|
|
}
|