funga/crypto_dev_signer/keystore/postgres.py

# standard imports
import logging
import base64
import os

# third-party imports
from cryptography.fernet import Fernet
import psycopg2
from psycopg2 import sql
from eth_keys import KeyAPI
from eth_keys.backends import NativeECCBackend
import sha3

# local imports
from crypto_dev_signer.common import strip_hex_prefix
from .interface import Keystore

keyapi = KeyAPI(NativeECCBackend)

logging.basicConfig(level=logging.DEBUG)
logg = logging.getLogger(__file__)


def to_bytes(x):
    return x.encode('utf-8')


class ReferenceKeystore(Keystore):

        schema = [
    """CREATE TABLE ethereum (
        id SERIAL NOT NULL PRIMARY KEY,
        key_ciphertext VARCHAR(256) NOT NULL,
        wallet_address_hex CHAR(40) NOT NULL
        );
""",
    """CREATE UNIQUE INDEX ethereum_address_idx ON ethereum ( wallet_address_hex );
""",
    ]

        def __init__(self, dbname, **kwargs):
            self.conn = psycopg2.connect('dbname=' + dbname)
            self.cur = self.conn.cursor()
            self.symmetric_key = kwargs.get('symmetric_key')


        def get(self, address, password=None):
            safe_address = strip_hex_prefix(address)
            s = sql.SQL('SELECT key_ciphertext FROM ethereum WHERE wallet_address_hex = %s')
            self.cur.execute(s, [ safe_address ] )
            k = self.cur.fetchone()[0]
            return self._decrypt(k, password)


        def new(self, password=None):
            b = os.urandom(32)
            pk = keyapi.PrivateKey(b)

            pubk = keyapi.private_key_to_public_key(pk)
            address_hex = pubk.to_checksum_address()
            address_hex_clean = strip_hex_prefix(address_hex)

            logg.debug('address {}'.format(address_hex_clean))
            c = self._encrypt(pk.to_bytes(), password)
            s = sql.SQL('INSERT INTO ethereum (wallet_address_hex, key_ciphertext) VALUES (%s, %s)')
            self.cur.execute(s, [ address_hex_clean, c.decode('utf-8') ])
            self.conn.commit()
            return address_hex


        def _encrypt(self, private_key, password):
            f = self._generate_encryption_engine(password)
            return f.encrypt(private_key)


        def _generate_encryption_engine(self, password):
            h = sha3.keccak_256()
            h.update(self.symmetric_key)
            if password != None:
                password_bytes = to_bytes(password)
                h.update(password_bytes)
            g = h.digest()
            return Fernet(base64.b64encode(g))


        def _decrypt(self, c, password):
            f = self._generate_encryption_engine(password)
            return f.decrypt(c.encode('utf-8'))
             

        def __del__(self):
            logg.debug('closing database')
            self.conn.commit()
            self.cur.close()
            self.conn.close()
Add setup.py, rename server script 2020-08-08 10:45:37 +02:00			`# standard imports`
Add postgres with encryption 2020-08-05 18:14:25 +02:00			`import logging`
			`import base64`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`import os`
Add postgres with encryption 2020-08-05 18:14:25 +02:00
Add setup.py, rename server script 2020-08-08 10:45:37 +02:00			`# third-party imports`
Add postgres with encryption 2020-08-05 18:14:25 +02:00			`from cryptography.fernet import Fernet`
			`import psycopg2`
			`from psycopg2 import sql`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`from eth_keys import KeyAPI`
			`from eth_keys.backends import NativeECCBackend`
			`import sha3`

Add setup.py, rename server script 2020-08-08 10:45:37 +02:00			`# local imports`
Fix setup.py to include all modules 2020-08-08 11:33:15 +02:00			`from crypto_dev_signer.common import strip_hex_prefix`
			`from .interface import Keystore`
Add personal_newAccount handler for socket server 2020-08-05 21:30:08 +02:00
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`keyapi = KeyAPI(NativeECCBackend)`
Add postgres with encryption 2020-08-05 18:14:25 +02:00
			`logging.basicConfig(level=logging.DEBUG)`
			`logg = logging.getLogger(__file__)`


Add password to test 2020-08-05 19:51:22 +02:00			`def to_bytes(x):`
			`return x.encode('utf-8')`

Add postgres with encryption 2020-08-05 18:14:25 +02:00
Add readme, changelog... 2020-08-06 11:07:18 +02:00			`class ReferenceKeystore(Keystore):`

			`schema = [`
			`"""CREATE TABLE ethereum (`
			`id SERIAL NOT NULL PRIMARY KEY,`
			`key_ciphertext VARCHAR(256) NOT NULL,`
			`wallet_address_hex CHAR(40) NOT NULL`
			`);`
			`""",`
			`"""CREATE UNIQUE INDEX ethereum_address_idx ON ethereum ( wallet_address_hex );`
			`""",`
			`]`

Add postgres with encryption 2020-08-05 18:14:25 +02:00			`def __init__(self, dbname, **kwargs):`
Add personal_newAccount handler for socket server 2020-08-05 21:30:08 +02:00			`self.conn = psycopg2.connect('dbname=' + dbname)`
Add postgres with encryption 2020-08-05 18:14:25 +02:00			`self.cur = self.conn.cursor()`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`self.symmetric_key = kwargs.get('symmetric_key')`
Add postgres with encryption 2020-08-05 18:14:25 +02:00

Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`def get(self, address, password=None):`
Add readme, changelog... 2020-08-06 11:07:18 +02:00			`safe_address = strip_hex_prefix(address)`
Add postgres with encryption 2020-08-05 18:14:25 +02:00			`s = sql.SQL('SELECT key_ciphertext FROM ethereum WHERE wallet_address_hex = %s')`
Add readme, changelog... 2020-08-06 11:07:18 +02:00			`self.cur.execute(s, [ safe_address ] )`
Add postgres with encryption 2020-08-05 18:14:25 +02:00			`k = self.cur.fetchone()[0]`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`return self._decrypt(k, password)`


Add personal_newAccount handler for socket server 2020-08-05 21:30:08 +02:00			`def new(self, password=None):`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`b = os.urandom(32)`
			`pk = keyapi.PrivateKey(b)`
Add personal_newAccount handler for socket server 2020-08-05 21:30:08 +02:00
			`pubk = keyapi.private_key_to_public_key(pk)`
			`address_hex = pubk.to_checksum_address()`
			`address_hex_clean = strip_hex_prefix(address_hex)`

			`logg.debug('address {}'.format(address_hex_clean))`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`c = self._encrypt(pk.to_bytes(), password)`
			`s = sql.SQL('INSERT INTO ethereum (wallet_address_hex, key_ciphertext) VALUES (%s, %s)')`
Add personal_newAccount handler for socket server 2020-08-05 21:30:08 +02:00			`self.cur.execute(s, [ address_hex_clean, c.decode('utf-8') ])`
			`self.conn.commit()`
			`return address_hex`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00

			`def _encrypt(self, private_key, password):`
			`f = self._generate_encryption_engine(password)`
			`return f.encrypt(private_key)`


			`def _generate_encryption_engine(self, password):`
			`h = sha3.keccak_256()`
			`h.update(self.symmetric_key)`
			`if password != None:`
Add password to test 2020-08-05 19:51:22 +02:00			`password_bytes = to_bytes(password)`
			`h.update(password_bytes)`
Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`g = h.digest()`
			`return Fernet(base64.b64encode(g))`
Add postgres with encryption 2020-08-05 18:14:25 +02:00

Add encrypt and password to symmetric key hash in postgres package 2020-08-05 19:47:38 +02:00			`def _decrypt(self, c, password):`
			`f = self._generate_encryption_engine(password)`
			`return f.decrypt(c.encode('utf-8'))`
Add postgres with encryption 2020-08-05 18:14:25 +02:00

Add personal_newAccount handler for socket server 2020-08-05 21:30:08 +02:00			`def __del__(self):`
			`logg.debug('closing database')`
			`self.conn.commit()`
Add postgres with encryption 2020-08-05 18:14:25 +02:00			`self.cur.close()`
			`self.conn.close()`