2020-08-18 11:52:04 -07:00
|
|
|
package airgapped
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"github.com/depools/dc4bc/dkg"
|
2020-09-11 06:05:28 -07:00
|
|
|
"github.com/syndtr/goleveldb/leveldb/util"
|
|
|
|
"strings"
|
2020-08-18 11:52:04 -07:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
blsKeyringPrefix = "bls_keyring"
|
|
|
|
)
|
|
|
|
|
|
|
|
func makeBLSKeyKeyringDBKey(key string) string {
|
|
|
|
return fmt.Sprintf("%s_%s", blsKeyringPrefix, key)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (am *AirgappedMachine) saveBLSKeyring(dkgID string, blsKeyring *dkg.BLSKeyring) error {
|
2020-09-18 06:57:51 -07:00
|
|
|
salt, err := am.db.Get([]byte(saltKey), nil)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to read salt from db: %w", err)
|
|
|
|
}
|
|
|
|
|
2020-08-18 11:52:04 -07:00
|
|
|
blsKeyringBz, err := blsKeyring.Bytes()
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to encode bls keyring: %w", err)
|
|
|
|
}
|
2020-09-18 06:57:51 -07:00
|
|
|
|
|
|
|
encryptedKeyring, err := encrypt(am.encryptionKey, salt, blsKeyringBz)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("failed to encrypt BLS keyring: %w", err)
|
|
|
|
}
|
|
|
|
if err := am.db.Put([]byte(makeBLSKeyKeyringDBKey(dkgID)), encryptedKeyring, nil); err != nil {
|
2020-08-18 11:52:04 -07:00
|
|
|
return fmt.Errorf("failed to save BLSKeyring into db: %w", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (am *AirgappedMachine) loadBLSKeyring(dkgID string) (*dkg.BLSKeyring, error) {
|
|
|
|
var (
|
|
|
|
blsKeyring *dkg.BLSKeyring
|
|
|
|
blsKeyringBz []byte
|
|
|
|
err error
|
|
|
|
)
|
|
|
|
|
2020-09-18 06:57:51 -07:00
|
|
|
salt, err := am.db.Get([]byte(saltKey), nil)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("failed to read salt from db: %w", err)
|
|
|
|
}
|
|
|
|
|
2020-08-18 11:52:04 -07:00
|
|
|
if blsKeyringBz, err = am.db.Get([]byte(makeBLSKeyKeyringDBKey(dkgID)), nil); err != nil {
|
|
|
|
return nil, fmt.Errorf("failed to get bls keyring with dkg id %s: %w", dkgID, err)
|
|
|
|
}
|
2020-09-18 06:57:51 -07:00
|
|
|
|
|
|
|
decryptedKeyring, err := decrypt(am.encryptionKey, salt, blsKeyringBz)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("failed to decrypt BLS keyring: %w", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if blsKeyring, err = dkg.LoadBLSKeyringFromBytes(decryptedKeyring); err != nil {
|
2020-08-18 11:52:04 -07:00
|
|
|
return nil, fmt.Errorf("failed to decode bls keyring")
|
|
|
|
}
|
|
|
|
return blsKeyring, nil
|
|
|
|
}
|
2020-09-11 06:05:28 -07:00
|
|
|
|
|
|
|
func (am *AirgappedMachine) GetBLSKeyrings() (map[string]*dkg.BLSKeyring, error) {
|
|
|
|
var (
|
|
|
|
blsKeyring *dkg.BLSKeyring
|
|
|
|
err error
|
|
|
|
)
|
|
|
|
|
2020-09-18 06:57:51 -07:00
|
|
|
salt, err := am.db.Get([]byte(saltKey), nil)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("failed to read salt from db: %w", err)
|
|
|
|
}
|
|
|
|
|
2020-09-11 06:05:28 -07:00
|
|
|
keyrings := make(map[string]*dkg.BLSKeyring)
|
|
|
|
iter := am.db.NewIterator(util.BytesPrefix([]byte(blsKeyringPrefix)), nil)
|
|
|
|
defer iter.Release()
|
|
|
|
|
|
|
|
for iter.Next() {
|
|
|
|
key := iter.Key()
|
|
|
|
value := iter.Value()
|
2020-09-18 06:57:51 -07:00
|
|
|
decryptedKeyring, err := decrypt(am.encryptionKey, salt, value)
|
|
|
|
if err != nil {
|
|
|
|
return nil, fmt.Errorf("failed to decrypt BLS keyring: %w", err)
|
|
|
|
}
|
|
|
|
if blsKeyring, err = dkg.LoadBLSKeyringFromBytes(decryptedKeyring); err != nil {
|
2020-09-11 06:05:28 -07:00
|
|
|
return nil, fmt.Errorf("failed to decode bls keyring: %w", err)
|
|
|
|
}
|
|
|
|
keyrings[strings.TrimLeft(string(key), blsKeyringPrefix)] = blsKeyring
|
|
|
|
}
|
|
|
|
return keyrings, iter.Error()
|
|
|
|
}
|