openethereum/secret-store/src/lib.rs

176 lines
6.4 KiB
Rust
Raw Normal View History

// Copyright 2015-2019 Parity Technologies (UK) Ltd.
// This file is part of Parity Ethereum.
// Parity Ethereum is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
// Parity Ethereum is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with Parity Ethereum. If not, see <http://www.gnu.org/licenses/>.
extern crate byteorder;
extern crate common_types;
extern crate ethabi;
extern crate ethcore;
extern crate ethcore_call_contract as call_contract;
2018-04-10 12:13:49 +02:00
extern crate ethcore_sync as sync;
extern crate ethereum_types;
extern crate ethkey;
extern crate hyper;
extern crate keccak_hash as hash;
extern crate kvdb;
extern crate parity_bytes as bytes;
extern crate parity_crypto as crypto;
extern crate parity_runtime;
extern crate parking_lot;
extern crate rustc_hex;
extern crate serde;
extern crate serde_json;
SecretStore: administrative sessions prototypes (#6605) * generate random channel encryption key on restart * session-level nonces * fixed warning after rebase * session_nonce -> nonce * full_generation_math_session_with_refreshing_shares && full_generation_math_session_with_adding_new_node * add serveral secret shares at once * SecretStore: initial ShareAdd session prototype * SecretStore: ServersSetChange jobs * SecretStore: servers set change session continued * SecretStore: servers set change session continued * SecretStore: servers set change session continued * SecretStore: known_sessions iterator * SecretStore: implemented SessionsQueue * SecretStore: UnknownSessionsJobTransport * SecretStore: node_added_using_servers_set_change almost done * SecretStore: continue adding tests * SecretStore: node_added_using_servers_set_change + node_added_using_share_add * SecretStore: node_added_using_server_set_change_from_this_node * SecretStore: node_moved_using_share_move * SecretStore: node_moved_using_servers_set_change * SecretStore: node_removed_using_share_remove * SecretStore: node_removed_using_servers_set_change * SecretStore: different folders for client && admin sessions * SecretStore: started adding share change consensus (flush) * SecretStore: fixed spurious tests failures * enum JobPartialRequestAction * SecretStore: started adding consensus layer to ShareAdd session * SecretStore: starting external consensus for ShareAdd * SecretStore: started restoring node_added_using_servers_set_change * SecretStore: node_added_using_servers_set_change works with external consensus * SecretStore: node_added_using_server_set_change_from_this_node works with external consensus * removed debug comments/printlns * SecretStore: share move session supports consensus * SecretStore: share remove with external consensus * SecretStore: started adding basic ShareAdd tests * SecretStore: added ShareAdd tests * SecretStore: added ShareAdd session to cluster * SecretStore: added share move && remove sessions to cluster * SecretStore: ShareMove session tests cleanup * SecretStore: ShareRemove session tests cleanup * SecretStore: added check_secret_is_preserved check * SecretStore: added servers set change to cluster * SecretStore: cleaned up ServersSetChange session tests * SecretStore: cleaning + added tests for ShareRemove * SecretStore: cleaning up * SecretStore: propagated admin_public * SecretStore: fixed persistent_key_storage test * SecretStore: upgrade_db_from_1 * SecretStore: fixed ServersSetChange session completion * SecretStore: check polynom1 in ShareAdd sessions (error for pre-v2 shares) * SecretStore: fixing TODOs * SecretStore: fixing TODOs * SecretStore: check share change plan on 'old' slave nodes * SecretStore: fixing TODOs * SecretStore: store all admin sessions in single container to avoid overlaps * SecretStore: do not update nodes set during admin sessions * SecretStore: moved TODOs to appropriate methods * SecretStore: TODOs * SecretStore: added admin_public arg && fixed warnigs * SecretStore: added shares_to_move_reversed to ShareMove session * SecretStore: additional checks during consensus establishing * license * SecretStore: added TODO about starting ServersSetChange session * SecretStore: redundant clones + docs + lsot unimplemented-s * SecretStore: generation_session_completion_signalled_if_failed_on_master * SecretStore: updated obsolete comment * SecretStore: added type alias for current DocumentKeyShare serialization format * SecretStore: fixed typo * SecretStore; fixed warnings for futures 0.1.15 * fixed warning
2017-10-02 15:27:31 +02:00
extern crate tiny_keccak;
extern crate tokio;
extern crate tokio_io;
extern crate tokio_service;
extern crate url;
#[macro_use]
extern crate ethabi_derive;
#[macro_use]
extern crate ethabi_contract;
#[macro_use]
extern crate futures;
#[macro_use]
extern crate serde_derive;
#[macro_use]
extern crate lazy_static;
#[macro_use]
extern crate log;
#[cfg(test)]
extern crate env_logger;
#[cfg(test)]
extern crate kvdb_rocksdb;
#[cfg(feature = "accounts")]
extern crate ethcore_accounts as accounts;
mod key_server_cluster;
mod types;
mod helpers;
2017-10-16 17:12:02 +02:00
mod traits;
mod acl_storage;
mod key_server;
mod key_storage;
mod serialization;
2017-07-19 10:35:17 +02:00
mod key_server_set;
2017-07-25 08:24:54 +02:00
mod node_key_pair;
mod listener;
2017-12-20 14:02:21 +01:00
mod trusted_client;
use std::sync::Arc;
use kvdb::KeyValueDB;
use ethcore::client::Client;
use ethcore::miner::Miner;
2018-04-10 12:13:49 +02:00
use sync::SyncProvider;
use parity_runtime::Executor;
pub use types::{ServerKeyId, EncryptedDocumentKey, RequestSignature, Public,
Error, NodeAddress, ContractAddress, ServiceConfiguration, ClusterConfiguration};
2017-07-25 08:24:54 +02:00
pub use traits::{NodeKeyPair, KeyServer};
pub use self::node_key_pair::PlainNodeKeyPair;
#[cfg(feature = "accounts")]
pub use self::node_key_pair::KeyStoreNodeKeyPair;
/// Start new key server instance
pub fn start(client: Arc<Client>, sync: Arc<SyncProvider>, miner: Arc<Miner>, self_key_pair: Arc<NodeKeyPair>, mut config: ServiceConfiguration,
db: Arc<KeyValueDB>, executor: Executor) -> Result<Box<KeyServer>, Error>
{
let trusted_client = trusted_client::TrustedClient::new(self_key_pair.clone(), client.clone(), sync, miner);
let acl_storage: Arc<acl_storage::AclStorage> = match config.acl_check_contract_address.take() {
Some(acl_check_contract_address) => acl_storage::OnChainAclStorage::new(trusted_client.clone(), acl_check_contract_address)?,
None => Arc::new(acl_storage::DummyAclStorage::default()),
};
let key_server_set = key_server_set::OnChainKeyServerSet::new(trusted_client.clone(), config.cluster_config.key_server_set_contract_address.take(),
self_key_pair.clone(), config.cluster_config.auto_migrate_enabled, config.cluster_config.nodes.clone())?;
let key_storage = Arc::new(key_storage::PersistentKeyStorage::new(db)?);
let key_server = Arc::new(key_server::KeyServerImpl::new(&config.cluster_config, key_server_set.clone(), self_key_pair.clone(),
acl_storage.clone(), key_storage.clone(), executor.clone())?);
2017-11-22 08:05:14 +01:00
let cluster = key_server.cluster();
SecretStore: generating and retrieving decryption keys via service contract (#8029) * SecretStore: started document keys generation via contract * fixed Cargo.lock * SecretStore: doc key contract gen tests * SecretStore: fixed log parsing * SecretStore: flush * SecretStore: secretstore_generateDocumentKey RPC * SecretStore: return encrypted_key from secretstore_generateDocumentKey * prepare to GenerateDocKey -> StoreDocKey * SecretStore: ability to identify requester via Public/Address * SecretStore: store author address instead of public in db * flush * SecretStore: flush * SecretStore: fixed test * SecretStore: flush * SecretStore: flush * SecretStore: flush * SecretStore: flush * SecretStore: start async generation session * SecretStore: process StoreDocumentKey service tasks * SecretStore: flush * SecretStore: update service contact ABI * SecretStore: flush * SecretStore: flush * SecretStore: fixed event * SecretStore: flush * SecretStore: fixed tests * SecretStore: fix broadcast shadows decryption * SecretStore: finally decryption via service contract works * SecretStore: fix for updated contract * SecretStore: restored pending requests reqding * SecretStore: fixed some TODOs * SecretStore: OnChainServiceContractAggregate * SecretStore: different names for different contracts types * SecretStore: updated contracts interfaces * SecretStore: utilize aggregate service contract * fixed compilation * SecretStore: fixes for updated contract * SecretStore: service fixes after testing * fixed cli test compilation * SecretStore: decryption_session_origin_is_known_to_all_initialized_nodes * SecretStore: added new contract listener tests * SecretStore: session_listener_works * removed optional TODO * SecretStore: fixed KeyServer shutdown * fixed warn + grumble * const durations
2018-04-03 16:54:34 +02:00
let key_server: Arc<KeyServer> = key_server;
SecretStore: generating and retrieving decryption keys via service contract (#8029) * SecretStore: started document keys generation via contract * fixed Cargo.lock * SecretStore: doc key contract gen tests * SecretStore: fixed log parsing * SecretStore: flush * SecretStore: secretstore_generateDocumentKey RPC * SecretStore: return encrypted_key from secretstore_generateDocumentKey * prepare to GenerateDocKey -> StoreDocKey * SecretStore: ability to identify requester via Public/Address * SecretStore: store author address instead of public in db * flush * SecretStore: flush * SecretStore: fixed test * SecretStore: flush * SecretStore: flush * SecretStore: flush * SecretStore: flush * SecretStore: start async generation session * SecretStore: process StoreDocumentKey service tasks * SecretStore: flush * SecretStore: update service contact ABI * SecretStore: flush * SecretStore: flush * SecretStore: fixed event * SecretStore: flush * SecretStore: fixed tests * SecretStore: fix broadcast shadows decryption * SecretStore: finally decryption via service contract works * SecretStore: fix for updated contract * SecretStore: restored pending requests reqding * SecretStore: fixed some TODOs * SecretStore: OnChainServiceContractAggregate * SecretStore: different names for different contracts types * SecretStore: updated contracts interfaces * SecretStore: utilize aggregate service contract * fixed compilation * SecretStore: fixes for updated contract * SecretStore: service fixes after testing * fixed cli test compilation * SecretStore: decryption_session_origin_is_known_to_all_initialized_nodes * SecretStore: added new contract listener tests * SecretStore: session_listener_works * removed optional TODO * SecretStore: fixed KeyServer shutdown * fixed warn + grumble * const durations
2018-04-03 16:54:34 +02:00
// prepare HTTP listener
let http_listener = match config.listener_address {
Some(listener_address) => Some(listener::http_listener::KeyServerHttpListener::start(listener_address, Arc::downgrade(&key_server), executor)?),
None => None,
};
SecretStore: generating and retrieving decryption keys via service contract (#8029) * SecretStore: started document keys generation via contract * fixed Cargo.lock * SecretStore: doc key contract gen tests * SecretStore: fixed log parsing * SecretStore: flush * SecretStore: secretstore_generateDocumentKey RPC * SecretStore: return encrypted_key from secretstore_generateDocumentKey * prepare to GenerateDocKey -> StoreDocKey * SecretStore: ability to identify requester via Public/Address * SecretStore: store author address instead of public in db * flush * SecretStore: flush * SecretStore: fixed test * SecretStore: flush * SecretStore: flush * SecretStore: flush * SecretStore: flush * SecretStore: start async generation session * SecretStore: process StoreDocumentKey service tasks * SecretStore: flush * SecretStore: update service contact ABI * SecretStore: flush * SecretStore: flush * SecretStore: fixed event * SecretStore: flush * SecretStore: fixed tests * SecretStore: fix broadcast shadows decryption * SecretStore: finally decryption via service contract works * SecretStore: fix for updated contract * SecretStore: restored pending requests reqding * SecretStore: fixed some TODOs * SecretStore: OnChainServiceContractAggregate * SecretStore: different names for different contracts types * SecretStore: updated contracts interfaces * SecretStore: utilize aggregate service contract * fixed compilation * SecretStore: fixes for updated contract * SecretStore: service fixes after testing * fixed cli test compilation * SecretStore: decryption_session_origin_is_known_to_all_initialized_nodes * SecretStore: added new contract listener tests * SecretStore: session_listener_works * removed optional TODO * SecretStore: fixed KeyServer shutdown * fixed warn + grumble * const durations
2018-04-03 16:54:34 +02:00
// prepare service contract listeners
let create_service_contract = |address, name, api_mask|
Arc::new(listener::service_contract::OnChainServiceContract::new(
api_mask,
trusted_client.clone(),
name,
address,
self_key_pair.clone()));
let mut contracts: Vec<Arc<listener::service_contract::ServiceContract>> = Vec::new();
config.service_contract_address.map(|address|
create_service_contract(address,
listener::service_contract::SERVICE_CONTRACT_REGISTRY_NAME.to_owned(),
listener::ApiMask::all()))
.map(|l| contracts.push(l));
config.service_contract_srv_gen_address.map(|address|
create_service_contract(address,
listener::service_contract::SRV_KEY_GEN_SERVICE_CONTRACT_REGISTRY_NAME.to_owned(),
listener::ApiMask { server_key_generation_requests: true, ..Default::default() }))
.map(|l| contracts.push(l));
config.service_contract_srv_retr_address.map(|address|
create_service_contract(address,
listener::service_contract::SRV_KEY_RETR_SERVICE_CONTRACT_REGISTRY_NAME.to_owned(),
listener::ApiMask { server_key_retrieval_requests: true, ..Default::default() }))
.map(|l| contracts.push(l));
config.service_contract_doc_store_address.map(|address|
create_service_contract(address,
listener::service_contract::DOC_KEY_STORE_SERVICE_CONTRACT_REGISTRY_NAME.to_owned(),
listener::ApiMask { document_key_store_requests: true, ..Default::default() }))
.map(|l| contracts.push(l));
config.service_contract_doc_sretr_address.map(|address|
create_service_contract(address,
listener::service_contract::DOC_KEY_SRETR_SERVICE_CONTRACT_REGISTRY_NAME.to_owned(),
listener::ApiMask { document_key_shadow_retrieval_requests: true, ..Default::default() }))
.map(|l| contracts.push(l));
let contract: Option<Arc<listener::service_contract::ServiceContract>> = match contracts.len() {
0 => None,
1 => Some(contracts.pop().expect("contract.len() is 1; qed")),
_ => Some(Arc::new(listener::service_contract_aggregate::OnChainServiceContractAggregate::new(contracts))),
};
let contract_listener = match contract {
Some(contract) => Some({
let listener = listener::service_contract_listener::ServiceContractListener::new(
listener::service_contract_listener::ServiceContractListenerParams {
contract: contract,
self_key_pair: self_key_pair.clone(),
key_server_set: key_server_set,
acl_storage: acl_storage,
cluster: cluster,
key_storage: key_storage,
}
)?;
client.add_notify(listener.clone());
listener
}),
None => None,
};
Ok(Box::new(listener::Listener::new(key_server, http_listener, contract_listener)))
}