From 830b6d2b5f1b6cb349e199b3df24d7d3d1539ed7 Mon Sep 17 00:00:00 2001 From: Matias Alejo Garcia Date: Mon, 28 Apr 2014 15:02:24 -0300 Subject: [PATCH 1/2] removes encryption and signing. Relays on webrtc DTS. Keep authentication --- js/models/core/PrivateKey.js | 11 +--- js/models/core/PublicKeyRing.js | 8 +-- js/models/core/Wallet.js | 1 - js/models/core/WalletFactory.js | 1 - js/models/network/WebRTC.js | 90 ++------------------------------- 5 files changed, 10 insertions(+), 101 deletions(-) diff --git a/js/models/core/PrivateKey.js b/js/models/core/PrivateKey.js index 6fdc21a44..f7212e1e3 100644 --- a/js/models/core/PrivateKey.js +++ b/js/models/core/PrivateKey.js @@ -20,22 +20,13 @@ function PrivateKey(opts) { PrivateKey.prototype.getId = function() { if (!this.id) { - var path = PublicKeyRing.SIGNING_BRANCH; + var path = PublicKeyRing.ID_BRANCH; var bip32 = this.bip.derive(path); this.id= bip32.eckey.public.toString('hex'); } return this.id; }; -PrivateKey.prototype.getSigningKey = function() { - if (!this.sid) { - var path = PublicKeyRing.SIGNING_BRANCH; - var bip32 = this.bip.derive(path); - this.sid= bip32.eckey.private.toString('hex'); - } - return this.sid; -}; - PrivateKey.fromObj = function(obj) { return new PrivateKey(obj); }; diff --git a/js/models/core/PublicKeyRing.js b/js/models/core/PublicKeyRing.js index ee21a9e65..fc73e784c 100644 --- a/js/models/core/PublicKeyRing.js +++ b/js/models/core/PublicKeyRing.js @@ -8,7 +8,7 @@ var BIP32 = bitcore.BIP32; var Address = bitcore.Address; var Script = bitcore.Script; var coinUtil = bitcore.util; -var Transaction = bitcore.Transaction; +var Transaction = bitcore.Transaction var util = bitcore.util; var Storage = imports.Storage || require('../storage/Base.js'); @@ -48,7 +48,7 @@ PublicKeyRing.Branch = function (index, isChange) { return 'm/0/'+(isChange?1:0)+'/'+index; }; -PublicKeyRing.SIGNING_BRANCH = 'm/100/0/0'; +PublicKeyRing.ID_BRANCH = 'm/100/0/0'; PublicKeyRing.fromObj = function (data) { if (data instanceof PublicKeyRing) { @@ -84,7 +84,7 @@ PublicKeyRing.prototype.getCopayerId = function(i) { this.copayerIds = this.copayerIds || []; if (!this.copayerIds[i]) { - var path = PublicKeyRing.SIGNING_BRANCH; + var path = PublicKeyRing.ID_BRANCH; var bip32 = this.copayersBIP32[i].derive(path); this.copayerIds[i]= bip32.eckey.public.toString('hex'); } @@ -158,7 +158,7 @@ PublicKeyRing.prototype.getPubKeys = function (index, isChange) { } this.publicKeysCache[path] = pubKeys.map(function(pk){return pk.toString('hex');}); } else { - pubKeys = pubKeys.map(function(s){return new Buffer(s,'hex')}); + pubKeys = pubKeys.map(function(s){return new Buffer(s,'hex')}); } return pubKeys; diff --git a/js/models/core/Wallet.js b/js/models/core/Wallet.js index ba30c175f..17a8256e5 100644 --- a/js/models/core/Wallet.js +++ b/js/models/core/Wallet.js @@ -161,7 +161,6 @@ Wallet.prototype.netStart = function() { var myId = self.getMyCopayerId(); var startOpts = { copayerId: myId, - signingKeyHex: self.privateKey.getSigningKey(), maxPeers: self.totalCopayers, }; diff --git a/js/models/core/WalletFactory.js b/js/models/core/WalletFactory.js index 7a2972cbe..66ac4a1b3 100644 --- a/js/models/core/WalletFactory.js +++ b/js/models/core/WalletFactory.js @@ -151,7 +151,6 @@ WalletFactory.prototype.joinCreateSession = function(copayerId, cb) { this.log('\t### PrivateKey Initialized'); var opts = { copayerId: privateKey.getId(), - signingKeyHex: privateKey.getSigningKey(), }; self.network.cleanUp(); self.network.start(opts, function() { diff --git a/js/models/network/WebRTC.js b/js/models/network/WebRTC.js index 556763ed3..cff75bb48 100644 --- a/js/models/network/WebRTC.js +++ b/js/models/network/WebRTC.js @@ -156,11 +156,7 @@ Network.prototype._onData = function(data, isInbound, peerId) { var sig, payload; try { - var dataObj = JSON.parse(data); - sig = dataObj.sig; - payload= JSON.parse(this._decPayload(dataObj.encPayloadStr)); -console.log('[WebRTC.js.161:payload:]',payload); //TODO - + payload= JSON.parse(data); } catch (e) { console.log('### ERROR IN DATA: "%s" ', data, isInbound, e); this._deletePeer(peerId); @@ -172,22 +168,15 @@ console.log('[WebRTC.js.161:payload:]',payload); //TODO if(payload.type === 'hello' && !this.authenticatedPeers[peerId]) { var payloadStr = JSON.stringify(payload); - var thisSig = this._signHMAC(payloadStr, this.copayerId); - if (thisSig !== sig) { - console.log('#### Peer sent WRONG hello signature. Closing connection.'); - this._deletePeer(peerId); - return; - } if (this.allowedCopayerIds && !this.allowedCopayerIds[payload.copayerId]) { console.log('#### Peer is not on the allowedCopayerIds. Closing connection', this.allowedCopayerIds, payload.copayerId); this._deletePeer(peerId); return; } - - console.log('#### Peer sent signed hello. Setting it up.'); //TODO - this._addCopayer(payload.copayerId, isInbound); + console.log('#### Peer sent hello. Setting it up.'); //TODO this._setPeerAuthenticated(peerId); + this._addCopayer(payload.copayerId, isInbound); this._notifyNetworkChange( isInbound ? payload.copayerId : null); this.emit('open'); return; @@ -201,15 +190,6 @@ console.log('[WebRTC.js.161:payload:]',payload); //TODO } var copayerIdBuf = new Buffer(this.copayerForPeer[peerId],'hex'); - -console.log('[WebRTC.js.204] sig:', sig); //TODO - if (!bitcore.Message.verifyWithPubKey( copayerIdBuf, JSON.stringify(payload), - new Buffer(sig,'hex'))) { - console.log('[WebRTC.js.152] SIGNATURE VERIFICATION FAILED!!'); //TODO - this._deletePeer(peerId); - return; - } - var self=this; switch(payload.type) { case 'copayers': @@ -248,7 +228,7 @@ Network.prototype._setupConnectionHandlers = function(dataConn, isInbound) { console.log('### DATA CONNECTION READY: %s (inbound: %s) AUTHENTICATING...', dataConn.peer, isInbound); - // The connecting peer send hello (with signature) + // The connecting peer send hello if(!isInbound) self._sendHello(self.copayerForPeer[dataConn.peer]); } @@ -340,16 +320,6 @@ Network.prototype.setCopayerId = function(copayerId) { }; -Network.prototype.setSigningKey = function(keyHex) { - if (this.started || this.signingKey) { - throw new Error ('network already started or key assigned: can not change key') - } - var k = new Key(); - k.private = new Buffer(keyHex,'hex'); - k.regenerateSync(); - this.signingKey = k; -}; - Network.prototype.peerFromCopayer = function(hex) { var SIN = bitcore.SIN; return new SIN(new Buffer(hex,'hex')).toString(); @@ -364,8 +334,6 @@ Network.prototype.start = function(opts, openCallback) { if (!this.copayerId) this.setCopayerId(opts.copayerId); - if (!this.signingKey) - this.setSigningKey(opts.signingKeyHex); console.log('CREATING PEER INSTANCE:', this.peerId); //TODO this.peer = new Peer(this.peerId, this.opts); @@ -379,26 +347,6 @@ Network.prototype.start = function(opts, openCallback) { }; -Network.prototype._signHMAC = function(payloadStr, copayerId) { - -console.log('[WebRTC.js.382] SIG HMAC', payloadStr, copayerId); //TODO - return util.sha512hmac( - new Buffer(payloadStr), - new Buffer(copayerId,'hex') - ).toString('hex'); -}; - -Network.prototype._signECDSA = function(payloadStr) { - var ret=''; - if (!this.signingKey) - throw new Error ('no key to sign messages :('); - - return bitcore.Message.sign( - payloadStr, - this.signingKey - ).toString('hex'); -}; - Network.prototype.getOnlinePeerIDs = function() { return this.connectedPeers; }; @@ -408,32 +356,12 @@ Network.prototype.getPeer = function() { }; -Network.prototype._encPayload = function(payloadStr, copayerId) { - if (!copayerId || !payloadStr) - throw new Error('incomplete parameters to _encPayload'+':'+ payloadStr +':'+copayerId); - - //console.log('[WebRTC.js.413] ENC:',payloadStr, copayerId); //TODO - // TODO replace with asymmetric encryption (copayerId is the pub key) - return CryptoJS.AES.encrypt(payloadStr, copayerId).toString(); -}; - -Network.prototype._decPayload = function(payloadStr) { - // TODO replace with asymmetric encryption (decrypt using this.signingKey); - //console.log('[WebRTC.js.413] DEC:',payloadStr, this.copayerId); //TODO - return CryptoJS.AES.decrypt(payloadStr, this.copayerId).toString(CryptoJS.enc.Utf8); -}; - Network.prototype._sendToOne = function(copayerId, payloadStr, sig, cb) { var peerId = this.peerFromCopayer(copayerId); if (peerId !== this.peerId) { var dataConn = this.connections[peerId]; - var encPayloadStr = this._encPayload(payloadStr, copayerId); if (dataConn) { - var str = JSON.stringify({ - sig: sig, - encPayloadStr: encPayloadStr, - }); - dataConn.send(str); + dataConn.send(payloadStr); } else { console.log('[WebRTC.js.255] WARN: NO CONNECTION TO:', peerId); //TODO @@ -451,14 +379,6 @@ Network.prototype.send = function(copayerIds, payload, cb) { var sig; var payloadStr = JSON.stringify(payload); - if (payload.type === 'hello') { - var hisId = copayerIds; - sig=this._signHMAC(payloadStr ,hisId); - } - else { - sig=this._signECDSA(payloadStr); - } - if (Array.isArray(copayerIds)) { var l = copayerIds.length; var i = 0; From 8138eaed7b3a0e96295935e5ec8a971dedf38cbb Mon Sep 17 00:00:00 2001 From: Matias Alejo Garcia Date: Mon, 28 Apr 2014 15:15:09 -0300 Subject: [PATCH 2/2] change locking order --- js/models/core/Wallet.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/js/models/core/Wallet.js b/js/models/core/Wallet.js index 17a8256e5..8174e8f59 100644 --- a/js/models/core/Wallet.js +++ b/js/models/core/Wallet.js @@ -53,12 +53,12 @@ Wallet.prototype._handlePublicKeyRing = function(senderId, data, isInbound) { var hasChanged = pkr.merge(inPKR, true); if (hasChanged) { - this.log('### BROADCASTING PKR'); - recipients = null; - this.sendPublicKeyRing(recipients); if (this.publicKeyRing.isComplete()) { this._lockIncomming(); } + this.log('### BROADCASTING PKR'); + recipients = null; + this.sendPublicKeyRing(recipients); } this.emit('publicKeyRingUpdated', this.publicKeyRing); this.store();