Add postgres with encryption

This commit is contained in:
nolash 2020-08-05 18:14:25 +02:00
parent 12847350c2
commit 636b60f6f6
Signed by: lash
GPG Key ID: 93EC1C676274C889
4 changed files with 122 additions and 4 deletions

1
src/keystore/__init__.py Normal file
View File

@ -0,0 +1 @@
from keystore.postgres import ReferenceDatabase

43
src/keystore/postgres.py Normal file
View File

@ -0,0 +1,43 @@
import logging
import base64
from cryptography.fernet import Fernet
import psycopg2
from psycopg2 import sql
logging.basicConfig(level=logging.DEBUG)
logg = logging.getLogger(__file__)
class ReferenceDatabase:
def __init__(self, dbname, **kwargs):
logg.debug(kwargs)
self.conn = psycopg2.connect('dbname='+dbname)
self.cur = self.conn.cursor()
self.cryptengine = None
if kwargs.get('symmetric_key') != None:
be = kwargs.get('symmetric_key')
self.cryptengine = Fernet(base64.b64encode(be))
def get(self, address):
s = sql.SQL('SELECT key_ciphertext FROM ethereum WHERE wallet_address_hex = %s')
logg.debug(address)
self.cur.execute(s, [ address ] )
k = self.cur.fetchone()[0]
return self.decrypt(k)
def decrypt(self, c):
if self.cryptengine == None:
return c
logg.debug('decryption')
return self.cryptengine.decrypt(c.encode('utf-8'))
def __exit__(self):
self.conn
self.cur.close()
self.conn.close()

View File

@ -10,15 +10,19 @@ logg = logging.getLogger(__name__)
class Signer: class Signer:
def __init__(self, keyGetter): def __init__(self, keyGetter):
self.keyGetter = keyGetter self.keyGetter = keyGetter
def signTransaction(self, tx): def signTransaction(self, tx):
raise NotImplementedError raise NotImplementedError
class ReferenceSigner(Signer): class ReferenceSigner(Signer):
def __init__(self, keyGetter): def __init__(self, keyGetter):
super(ReferenceSigner, self).__init__(keyGetter) super(ReferenceSigner, self).__init__(keyGetter)
@ -34,6 +38,3 @@ class ReferenceSigner(Signer):
tx.r = z[:32] tx.r = z[:32]
tx.s = z[32:64] tx.s = z[32:64]
return z return z

73
test/test_database.py Normal file
View File

@ -0,0 +1,73 @@
#!/usr/bin/python
import unittest
import logging
import base64
import psycopg2
from psycopg2 import sql
from cryptography.fernet import Fernet
from keystore import ReferenceDatabase
logging.basicConfig(level=logging.DEBUG)
logg = logging.getLogger()
class TestDatabase(unittest.TestCase):
conn = None
cur = None
symkey = None
addr = None
db = None
pk = None
def setUp(self):
# arbitrary value
symk_hex = 'E92431CAEE69313A7BE9E443C4ABEED9BF8157E9A13553B4D5D6E7D51B5021D9'
self.symkey = bytes.fromhex(symk_hex)
f = Fernet(base64.b64encode(self.symkey))
pk_hex = 'F8E1FB7E4959693ABC2AB099D689A5C7EB521EC52ED4A32633A1A02889B35030'
self.pk = bytes.fromhex(pk_hex)
pk_ciphertext = f.encrypt(self.pk)
self.addr = '9FA61f0E52A5C51b43f0d32404625BC436bb7041'
kw = {
'symmetric_key': self.symkey,
}
self.db = ReferenceDatabase('signer_test', **kw)
self.db.cur.execute("""CREATE TABLE ethereum (
id SERIAL NOT NULL PRIMARY KEY,
key_ciphertext VARCHAR(256) NOT NULL,
wallet_address_hex CHAR(40) NOT NULL
);
""")
self.db.conn.commit()
self.db.cur.execute("CREATE UNIQUE INDEX ethereum_address_idx ON ethereum ( wallet_address_hex );")
self.db.cur.execute(
sql.SQL('INSERT INTO ethereum (key_ciphertext, wallet_address_hex) VALUES (%s, %s)'),
[
pk_ciphertext.decode('utf-8'),
self.addr,
],
)
self.db.conn.commit()
def tearDown(self):
self.db.conn = psycopg2.connect('dbname=signer_test')
self.db.cur = self.db.conn.cursor()
self.db.cur.execute('DROP INDEX ethereum_address_idx;')
self.db.cur.execute('DROP TABLE ethereum;')
self.db.conn.commit()
def test_get_key(self):
pk = self.db.get(self.addr)
self.assertEqual(self.pk, pk)
if __name__ == '__main__':
unittest.main()