tendermint/keys/keybase.go

package keys

import (
	"sort"
	"strings"

	"github.com/pkg/errors"
	crypto "github.com/tendermint/go-crypto"
	dbm "github.com/tendermint/tmlibs/db"

	"github.com/tendermint/go-crypto/nano"
)

// XXX Lets use go-crypto/bcrypt and ascii encoding directly in here without
// further wrappers around a store or DB.
// Copy functions from: https://github.com/tendermint/mintkey/blob/master/cmd/mintkey/common.go
//
// dbKeybase combines encyption and storage implementation to provide
// a full-featured key manager
type dbKeybase struct {
	db    dbm.DB
	codec Codec
}

func New(db dbm.DB, codec Codec) dbKeybase {
	return dbKeybase{
		db:    db,
		codec: codec,
	}
}

var _ Keybase = dbKeybase{}

// Create adds a new key to the storage engine, returning error if
// another key already stored under this name
//
// algo must be a supported go-crypto algorithm: ed25519, secp256k1
func (kb dbKeybase) Create(name, passphrase, algo string) (Info, string, error) {
	// 128-bits are the all the randomness we can make use of
	secret := crypto.CRandBytes(16)
	key, err := generate(algo, secret)
	if err != nil {
		return Info{}, "", err
	}

	err = kb.es.Put(name, passphrase, key)
	if err != nil {
		return Info{}, "", err
	}

	// we append the type byte to the serialized secret to help with recovery
	// ie [secret] = [secret] + [type]
	typ := key.Bytes()[0]
	secret = append(secret, typ)

	seed, err := kb.codec.BytesToWords(secret)
	phrase := strings.Join(seed, " ")
	return info(name, key), phrase, err
}

// Recover takes a seed phrase and tries to recover the private key.
//
// If the seed phrase is valid, it will create the private key and store
// it under name, protected by passphrase.
//
// Result similar to New(), except it doesn't return the seed again...
func (kb dbKeybase) Recover(name, passphrase, seedphrase string) (Info, error) {
	words := strings.Split(strings.TrimSpace(seedphrase), " ")
	secret, err := kb.codec.WordsToBytes(words)
	if err != nil {
		return Info{}, err
	}

	// secret is comprised of the actual secret with the type appended
	// ie [secret] = [secret] + [type]
	l := len(secret)
	secret, typ := secret[:l-1], secret[l-1]

	key, err := generateByType(typ, secret)
	if err != nil {
		return Info{}, err
	}

	// d00d, it worked!  create the bugger....
	err = kb.es.Put(name, passphrase, key)
	return info(name, key), err
}

// List loads the keys from the storage and enforces alphabetical order
func (kb dbKeybase) List() ([]Info, error) {
	res, err := kb.es.List()
	sort.Slice(res, func(a, b int) bool { return res[a].Name < res[b].Name })
	return res, err
}

// Get returns the public information about one key
func (kb dbKeybase) Get(name string) (Info, error) {
	_, info, err := kb.es.store.Get(name)
	return info, err
}

// Sign will modify the Signable in order to attach a valid signature with
// this public key
//
// If no key for this name, or the passphrase doesn't match, returns an error
func (kb dbKeybase) Sign(name, passphrase string, msg []byte) (sig crypto.Signature, pk crypto.PubKey, err error) {
	var key crypto.PrivKey
	key, _, err = kb.es.Get(name, passphrase)
	if err != nil {
		return
	}
	sig = key.Sign(msg)
	pk = key.PubKey()
	return
}

// Export decodes the private key with the current password, encodes
// it with a secure one-time password and generates a sequence that can be
// Imported by another dbKeybase
//
// This is designed to copy from one device to another, or provide backups
// during version updates.
func (kb dbKeybase) Export(name, oldpass, transferpass string) ([]byte, error) {
	key, _, err := kb.es.Get(name, oldpass)
	if err != nil {
		return nil, err
	}

	res, err := kb.es.coder.Encrypt(key, transferpass)
	return res, err
}

// Import accepts bytes generated by Export along with the same transferpass
// If they are valid, it stores the password under the given name with the
// new passphrase.
func (kb dbKeybase) Import(name, newpass, transferpass string, data []byte) error {
	key, err := kb.es.coder.Decrypt(data, transferpass)
	if err != nil {
		return err
	}

	return kb.es.Put(name, newpass, key)
}

// Delete removes key forever, but we must present the
// proper passphrase before deleting it (for security)
func (kb dbKeybase) Delete(name, passphrase string) error {
	// verify we have the proper password before deleting
	_, _, err := kb.es.Get(name, passphrase)
	if err != nil {
		return err
	}
	return kb.es.Delete(name)
}

// Update changes the passphrase with which a already stored key is encoded.
//
// oldpass must be the current passphrase used for encoding, newpass will be
// the only valid passphrase from this time forward
func (kb dbKeybase) Update(name, oldpass, newpass string) error {
	key, _, err := kb.es.Get(name, oldpass)
	if err != nil {
		return err
	}

	// we must delete first, as Putting over an existing name returns an error
	kb.Delete(name, oldpass)

	return kb.es.Put(name, newpass, key)
}

func generate(algo string, secret []byte) (crypto.PrivKey, error) {
	switch algo {
	case crypto.NameEd25519:
		return crypto.GenPrivKeyEd25519FromSecret(secret).Wrap(), nil
	case crypto.NameSecp256k1:
		return crypto.GenPrivKeySecp256k1FromSecret(secret).Wrap(), nil
	case nano.NameLedgerEd25519:
		return nano.NewPrivKeyLedgerEd25519Ed25519()
	default:
		err := errors.Errorf("Cannot generate keys for algorithm: %s", algo)
		return crypto.PrivKey{}, err
	}
}

func generateByType(typ byte, secret []byte) (crypto.PrivKey, error) {
	switch typ {
	case crypto.TypeEd25519:
		return generate(crypto.NameEd25519, secret)
	case crypto.TypeSecp256k1:
		return generate(crypto.NameSecp256k1, secret)
	case nano.TypeLedgerEd25519:
		return generate(nano.NameLedgerEd25519, secret)
	default:
		err := errors.Errorf("Cannot generate keys for algorithm: %X", typ)
		return crypto.PrivKey{}, err
	}
}

func encrypt(key crypto.PrivKey, pass string) ([]byte, error) {
	if pass == "" {
		return key.Bytes(), nil
	}
	s := secret(pass)
	cipher := crypto.EncryptSymmetric(key.Bytes(), s)
	return cipher, nil
}

func decrypt(data []byte, pass string) (key crypto.PrivKey, err error) {
	private := data
	if pass != "" {
		s := secret(pass)
		private, err = crypto.DecryptSymmetric(data, s)
		if err != nil {
			return crypto.PrivKey{}, errors.Wrap(err, "Invalid Passphrase")
		}
	}
	key, err = crypto.PrivKeyFromBytes(private)
	return key, errors.Wrap(err, "Invalid Passphrase")
}
Fixed imports 2017-11-02 14:09:59 -05:00			`package keys`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`import (`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`"sort"`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`"strings"`

Handle generating keys 2017-11-02 16:31:29 -05:00			`"github.com/pkg/errors"`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`crypto "github.com/tendermint/go-crypto"`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`dbm "github.com/tendermint/tmlibs/db"`
Handle generating keys 2017-11-02 16:31:29 -05:00
			`"github.com/tendermint/go-crypto/nano"`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`// XXX Lets use go-crypto/bcrypt and ascii encoding directly in here without`
			`// further wrappers around a store or DB.`
			`// Copy functions from: https://github.com/tendermint/mintkey/blob/master/cmd/mintkey/common.go`
			`//`
			`// dbKeybase combines encyption and storage implementation to provide`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`// a full-featured key manager`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`type dbKeybase struct {`
			`db dbm.DB`
			`codec Codec`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`

Draft of suggested changes 2017-11-01 16:38:11 -05:00			`func New(db dbm.DB, codec Codec) dbKeybase {`
			`return dbKeybase{`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`db: db,`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`codec: codec,`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`
			`}`

Draft of suggested changes 2017-11-01 16:38:11 -05:00			`var _ Keybase = dbKeybase{}`
linting: fixup some stuffs 2017-10-04 18:16:48 -04:00
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`// Create adds a new key to the storage engine, returning error if`
			`// another key already stored under this name`
Set key algorithm on key creation 2017-02-28 19:43:18 +01:00			`//`
Code cleanup from review comments 2017-06-21 18:57:32 +02:00			`// algo must be a supported go-crypto algorithm: ed25519, secp256k1`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`func (kb dbKeybase) Create(name, passphrase, algo string) (Info, string, error) {`
Generate/recover can return error, not panic on ledger 2017-10-23 16:35:26 +02:00			`// 128-bits are the all the randomness we can make use of`
			`secret := crypto.CRandBytes(16)`
Handle generating keys 2017-11-02 16:31:29 -05:00			`key, err := generate(algo, secret)`
Set key algorithm on key creation 2017-02-28 19:43:18 +01:00			`if err != nil {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`return Info{}, "", err`
Set key algorithm on key creation 2017-02-28 19:43:18 +01:00			`}`
Use 16 random bytes for seed and key, crc16 by default 2017-07-22 05:44:09 -04:00
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`err = kb.es.Put(name, passphrase, key)`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`if err != nil {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`return Info{}, "", err`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`}`
Use 16 random bytes for seed and key, crc16 by default 2017-07-22 05:44:09 -04:00
Code cleanup ala Emmanuel 2017-07-27 15:59:59 -04:00			`// we append the type byte to the serialized secret to help with recovery`
			`// ie [secret] = [secret] + [type]`
Recovery also works with secp256 keys 2017-07-22 05:53:46 -04:00			`typ := key.Bytes()[0]`
			`secret = append(secret, typ)`

Draft of suggested changes 2017-11-01 16:38:11 -05:00			`seed, err := kb.codec.BytesToWords(secret)`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`phrase := strings.Join(seed, " ")`
			`return info(name, key), phrase, err`
Updated Manager interface to return seed on create, fix server tests 2017-06-20 18:15:49 +02:00			`}`

Code cleanup from review comments 2017-06-21 18:57:32 +02:00			`// Recover takes a seed phrase and tries to recover the private key.`
			`//`
			`// If the seed phrase is valid, it will create the private key and store`
			`// it under name, protected by passphrase.`
			`//`
			`// Result similar to New(), except it doesn't return the seed again...`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) Recover(name, passphrase, seedphrase string) (Info, error) {`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`words := strings.Split(strings.TrimSpace(seedphrase), " ")`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`secret, err := kb.codec.WordsToBytes(words)`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`if err != nil {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`return Info{}, err`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`}`

Code cleanup ala Emmanuel 2017-07-27 15:59:59 -04:00			`// secret is comprised of the actual secret with the type appended`
			`// ie [secret] = [secret] + [type]`
Recovery also works with secp256 keys 2017-07-22 05:53:46 -04:00			`l := len(secret)`
			`secret, typ := secret[:l-1], secret[l-1]`

Handle generating keys 2017-11-02 16:31:29 -05:00			`key, err := generateByType(typ, secret)`
Recovery also works with secp256 keys 2017-07-22 05:53:46 -04:00			`if err != nil {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`return Info{}, err`
Recovery also works with secp256 keys 2017-07-22 05:53:46 -04:00			`}`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00
			`// d00d, it worked! create the bugger....`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`err = kb.es.Put(name, passphrase, key)`
Add codec to keys.Manager, recovery test passes 2017-06-20 18:35:16 +02:00			`return info(name, key), err`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`

			`// List loads the keys from the storage and enforces alphabetical order`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) List() ([]Info, error) {`
			`res, err := kb.es.List()`
			`sort.Slice(res, func(a, b int) bool { return res[a].Name < res[b].Name })`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`return res, err`
			`}`

			`// Get returns the public information about one key`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) Get(name string) (Info, error) {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`_, info, err := kb.es.store.Get(name)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`return info, err`
			`}`

			`// Sign will modify the Signable in order to attach a valid signature with`
			`// this public key`
			`//`
			`// If no key for this name, or the passphrase doesn't match, returns an error`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) Sign(name, passphrase string, msg []byte) (sig crypto.Signature, pk crypto.PubKey, err error) {`
			`var key crypto.PrivKey`
			`key, _, err = kb.es.Get(name, passphrase)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`if err != nil {`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`return`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`sig = key.Sign(msg)`
			`pk = key.PubKey()`
			`return`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`

			`// Export decodes the private key with the current password, encodes`
			`// it with a secure one-time password and generates a sequence that can be`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`// Imported by another dbKeybase`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`//`
			`// This is designed to copy from one device to another, or provide backups`
			`// during version updates.`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) Export(name, oldpass, transferpass string) ([]byte, error) {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`key, _, err := kb.es.Get(name, oldpass)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`if err != nil {`
Revert "Upgrade keys to use bcrypt with salts (#38)" This reverts commit 8e7f0e7701f92206679ad093d013b9b162427631. 2017-10-27 22:02:44 -04:00			`return nil, err`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`

Draft of suggested changes 2017-11-01 16:38:11 -05:00			`res, err := kb.es.coder.Encrypt(key, transferpass)`
Revert "Upgrade keys to use bcrypt with salts (#38)" This reverts commit 8e7f0e7701f92206679ad093d013b9b162427631. 2017-10-27 22:02:44 -04:00			`return res, err`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`

			`// Import accepts bytes generated by Export along with the same transferpass`
Revert "Upgrade keys to use bcrypt with salts (#38)" This reverts commit 8e7f0e7701f92206679ad093d013b9b162427631. 2017-10-27 22:02:44 -04:00			`// If they are valid, it stores the password under the given name with the`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`// new passphrase.`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) Import(name, newpass, transferpass string, data []byte) error {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`key, err := kb.es.coder.Decrypt(data, transferpass)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`if err != nil {`
			`return err`
			`}`

Draft of suggested changes 2017-11-01 16:38:11 -05:00			`return kb.es.Put(name, newpass, key)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`

			`// Delete removes key forever, but we must present the`
			`// proper passphrase before deleting it (for security)`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) Delete(name, passphrase string) error {`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`// verify we have the proper password before deleting`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`_, _, err := kb.es.Get(name, passphrase)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`if err != nil {`
			`return err`
			`}`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`return kb.es.Delete(name)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`

			`// Update changes the passphrase with which a already stored key is encoded.`
			`//`
			`// oldpass must be the current passphrase used for encoding, newpass will be`
			`// the only valid passphrase from this time forward`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00			`func (kb dbKeybase) Update(name, oldpass, newpass string) error {`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`key, _, err := kb.es.Get(name, oldpass)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`if err != nil {`
			`return err`
			`}`

			`// we must delete first, as Putting over an existing name returns an error`
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`kb.Delete(name, oldpass)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00
Draft of suggested changes 2017-11-01 16:38:11 -05:00			`return kb.es.Put(name, newpass, key)`
Import keystore logic from light-client 2017-02-28 18:07:59 +01:00			`}`
Handle generating keys 2017-11-02 16:31:29 -05:00
			`func generate(algo string, secret []byte) (crypto.PrivKey, error) {`
			`switch algo {`
			`case crypto.NameEd25519:`
			`return crypto.GenPrivKeyEd25519FromSecret(secret).Wrap(), nil`
			`case crypto.NameSecp256k1:`
			`return crypto.GenPrivKeySecp256k1FromSecret(secret).Wrap(), nil`
			`case nano.NameLedgerEd25519:`
			`return nano.NewPrivKeyLedgerEd25519Ed25519()`
			`default:`
			`err := errors.Errorf("Cannot generate keys for algorithm: %s", algo)`
			`return crypto.PrivKey{}, err`
			`}`
			`}`

			`func generateByType(typ byte, secret []byte) (crypto.PrivKey, error) {`
			`switch typ {`
			`case crypto.TypeEd25519:`
			`return generate(crypto.NameEd25519, secret)`
			`case crypto.TypeSecp256k1:`
			`return generate(crypto.NameSecp256k1, secret)`
			`case nano.TypeLedgerEd25519:`
			`return generate(nano.NameLedgerEd25519, secret)`
			`default:`
			`err := errors.Errorf("Cannot generate keys for algorithm: %X", typ)`
			`return crypto.PrivKey{}, err`
			`}`
			`}`
Fix errors except for es missing 2017-11-02 16:46:10 -05:00
			`func encrypt(key crypto.PrivKey, pass string) ([]byte, error) {`
			`if pass == "" {`
			`return key.Bytes(), nil`
			`}`
			`s := secret(pass)`
			`cipher := crypto.EncryptSymmetric(key.Bytes(), s)`
			`return cipher, nil`
			`}`

			`func decrypt(data []byte, pass string) (key crypto.PrivKey, err error) {`
			`private := data`
			`if pass != "" {`
			`s := secret(pass)`
			`private, err = crypto.DecryptSymmetric(data, s)`
			`if err != nil {`
			`return crypto.PrivKey{}, errors.Wrap(err, "Invalid Passphrase")`
			`}`
			`}`
			`key, err = crypto.PrivKeyFromBytes(private)`
			`return key, errors.Wrap(err, "Invalid Passphrase")`
			`}`