SecretStore: store joint_public in key_storage

This commit is contained in:
Svyatoslav Nikolsky 2017-11-22 11:09:48 +03:00
parent df3a8a9234
commit 7da66c24f0
7 changed files with 38 additions and 3 deletions

View File

@ -700,6 +700,7 @@ mod tests {
nodes.values().nth(0).unwrap().insert(Default::default(), DocumentKeyShare {
author: Default::default(),
threshold: 1,
public: Default::default(),
common_point: None,
encrypted_point: None,
versions: vec![DocumentKeyShareVersion {

View File

@ -90,6 +90,8 @@ struct SessionData<T: SessionTransport> {
pub key_share_threshold: Option<usize>,
/// NewKeyShare: author.
pub key_share_author: Option<Public>,
/// NewKeyShare: joint public.
pub key_share_joint_public: Option<Public>,
/// NewKeyShare: Common (shared) encryption point.
pub key_share_common_point: Option<Public>,
/// NewKeyShare: Encrypted point.
@ -167,6 +169,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
consensus_session: None,
key_share_threshold: None,
key_share_author: None,
key_share_joint_public: None,
key_share_common_point: None,
key_share_encrypted_point: None,
id_numbers: None,
@ -435,7 +438,9 @@ impl<T> SessionImpl<T> where T: SessionTransport {
}
// we only expect this message once
if data.key_share_threshold.is_some() || data.key_share_author.is_some() || data.key_share_common_point.is_some() || data.key_share_encrypted_point.is_some() {
if data.key_share_threshold.is_some() || data.key_share_author.is_some() ||
data.key_share_common_point.is_some() || data.key_share_encrypted_point.is_some() ||
data.key_share_joint_public.is_some() {
return Err(Error::InvalidStateForRequest);
}
@ -452,6 +457,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
data.state = SessionState::WaitingForKeysDissemination;
data.key_share_threshold = Some(message.threshold);
data.key_share_author = Some(message.author.clone().into());
data.key_share_joint_public = Some(message.joint_public.clone().into());
data.key_share_common_point = message.common_point.clone().map(Into::into);
data.key_share_encrypted_point = message.encrypted_point.clone().map(Into::into);
@ -624,6 +630,7 @@ impl<T> SessionImpl<T> where T: SessionTransport {
session_nonce: core.nonce,
threshold: old_key_share.threshold,
author: old_key_share.author.clone().into(),
joint_public: old_key_share.public.clone().into(),
common_point: old_key_share.common_point.clone().map(Into::into),
encrypted_point: old_key_share.encrypted_point.clone().map(Into::into),
id_numbers: old_key_version.id_numbers.iter().map(|(k, v)| (k.clone().into(), v.clone().into())).collect(),
@ -703,6 +710,8 @@ impl<T> SessionImpl<T> where T: SessionTransport {
.expect("this is new node; on new nodes this field is filled before KRD; session is completed after KRD; qed"),
threshold: data.key_share_threshold.clone()
.expect("this is new node; on new nodes this field is filled before KRD; session is completed after KRD; qed"),
public: data.key_share_joint_public.clone()
.expect("this is new node; on new nodes this field is filled before KRD; session is completed after KRD; qed"),
common_point: data.key_share_common_point.clone(),
encrypted_point: data.key_share_encrypted_point.clone(),
versions: Vec::new(),

View File

@ -685,6 +685,7 @@ mod tests {
let encrypted_datas: Vec<_> = (0..5).map(|i| DocumentKeyShare {
author: Public::default(),
threshold: 3,
public: Default::default(),
common_point: Some(common_point.clone()),
encrypted_point: Some(encrypted_point.clone()),
versions: vec![DocumentKeyShareVersion {
@ -756,6 +757,7 @@ mod tests {
key_share: Some(DocumentKeyShare {
author: Public::default(),
threshold: 0,
public: Default::default(),
common_point: Some(Random.generate().unwrap().public().clone()),
encrypted_point: Some(Random.generate().unwrap().public().clone()),
versions: vec![DocumentKeyShareVersion {
@ -809,6 +811,7 @@ mod tests {
key_share: Some(DocumentKeyShare {
author: Public::default(),
threshold: 2,
public: Default::default(),
common_point: Some(Random.generate().unwrap().public().clone()),
encrypted_point: Some(Random.generate().unwrap().public().clone()),
versions: vec![DocumentKeyShareVersion {

View File

@ -517,10 +517,17 @@ impl SessionImpl {
return Err(Error::InvalidMessage);
}
// calculate joint public key
let joint_public = {
let public_shares = data.nodes.values().map(|n| n.public_share.as_ref().expect("keys received on KD phase; KG phase follows KD phase; qed"));
math::compute_joint_public(public_shares)?
};
// save encrypted data to key storage
let encrypted_data = DocumentKeyShare {
author: data.author.as_ref().expect("author is filled in initialization phase; KG phase follows initialization phase; qed").clone(),
threshold: data.threshold.expect("threshold is filled in initialization phase; KG phase follows initialization phase; qed"),
public: joint_public,
common_point: None,
encrypted_point: None,
versions: vec![DocumentKeyShareVersion::new(
@ -677,7 +684,7 @@ impl SessionImpl {
fn complete_generation(&self) -> Result<(), Error> {
let mut data = self.data.lock();
// else - calculate joint public key
// calculate joint public key
let joint_public = {
let public_shares = data.nodes.values().map(|n| n.public_share.as_ref().expect("keys received on KD phase; KG phase follows KD phase; qed"));
math::compute_joint_public(public_shares)?
@ -687,6 +694,7 @@ impl SessionImpl {
let encrypted_data = DocumentKeyShare {
author: data.author.as_ref().expect("author is filled in initialization phase; KG phase follows initialization phase; qed").clone(),
threshold: data.threshold.expect("threshold is filled in initialization phase; KG phase follows initialization phase; qed"),
public: joint_public.clone(),
common_point: None,
encrypted_point: None,
versions: vec![DocumentKeyShareVersion::new(

View File

@ -978,6 +978,7 @@ mod tests {
key_share: Some(DocumentKeyShare {
author: Public::default(),
threshold: 0,
public: Default::default(),
common_point: Some(Random.generate().unwrap().public().clone()),
encrypted_point: Some(Random.generate().unwrap().public().clone()),
versions: vec![DocumentKeyShareVersion {
@ -1031,6 +1032,7 @@ mod tests {
key_share: Some(DocumentKeyShare {
author: Public::default(),
threshold: 2,
public: Default::default(),
common_point: Some(Random.generate().unwrap().public().clone()),
encrypted_point: Some(Random.generate().unwrap().public().clone()),
versions: vec![DocumentKeyShareVersion {

View File

@ -773,6 +773,8 @@ pub struct KeyShareCommon {
pub threshold: usize,
/// Author of key share entry.
pub author: SerializablePublic,
/// Joint public.
pub joint_public: SerializablePublic,
/// Common (shared) encryption point.
pub common_point: Option<SerializablePublic>,
/// Encrypted point.

View File

@ -40,6 +40,8 @@ pub struct DocumentKeyShare {
pub author: Public,
/// Decryption threshold (at least threshold + 1 nodes are required to decrypt data).
pub threshold: usize,
/// Server public key.
pub public: Public,
/// Common (shared) encryption point.
pub common_point: Option<Public>,
/// Encrypted point.
@ -122,10 +124,12 @@ struct SerializableDocumentKeyShareV1 {
/// V2 of encrypted key share, as it is stored by key storage on the single key server.
#[derive(Serialize, Deserialize)]
struct SerializableDocumentKeyShareV2 {
/// Authore of the entry.
/// Author of the entry.
pub author: SerializablePublic,
/// Decryption threshold (at least threshold + 1 nodes are required to decrypt data).
pub threshold: usize,
/// Server public.
pub public: SerializablePublic,
/// Common (shared) encryption point.
pub common_point: Option<SerializablePublic>,
/// Encrypted point.
@ -174,6 +178,7 @@ fn upgrade_db(db: Database) -> Result<Database, Error> {
// in v0 there have been only simultaneous GenEnc sessions.
author: Public::default().into(), // added in v1
threshold: v0_key.threshold,
public: Public::default().into(), // addded in v2
common_point: Some(v0_key.common_point),
encrypted_point: Some(v0_key.encrypted_point),
versions: vec![CurrentSerializableDocumentKeyVersion {
@ -196,6 +201,7 @@ fn upgrade_db(db: Database) -> Result<Database, Error> {
let current_key = CurrentSerializableDocumentKeyShare {
author: v1_key.author, // added in v1
threshold: v1_key.threshold,
public: Public::default().into(), // addded in v2
common_point: v1_key.common_point,
encrypted_point: v1_key.encrypted_point,
versions: vec![CurrentSerializableDocumentKeyVersion {
@ -329,6 +335,7 @@ impl From<DocumentKeyShare> for SerializableDocumentKeyShareV2 {
SerializableDocumentKeyShareV2 {
author: key.author.into(),
threshold: key.threshold,
public: key.public.into(),
common_point: key.common_point.map(Into::into),
encrypted_point: key.encrypted_point.map(Into::into),
versions: key.versions.into_iter().map(Into::into).collect(),
@ -351,6 +358,7 @@ impl From<SerializableDocumentKeyShareV2> for DocumentKeyShare {
DocumentKeyShare {
author: key.author.into(),
threshold: key.threshold,
public: key.public.into(),
common_point: key.common_point.map(Into::into),
encrypted_point: key.encrypted_point.map(Into::into),
versions: key.versions.into_iter()
@ -442,6 +450,7 @@ pub mod tests {
let value1 = DocumentKeyShare {
author: Public::default(),
threshold: 100,
public: Public::default(),
common_point: Some(Random.generate().unwrap().public().clone()),
encrypted_point: Some(Random.generate().unwrap().public().clone()),
versions: vec![DocumentKeyShareVersion {
@ -456,6 +465,7 @@ pub mod tests {
let value2 = DocumentKeyShare {
author: Public::default(),
threshold: 200,
public: Public::default(),
common_point: Some(Random.generate().unwrap().public().clone()),
encrypted_point: Some(Random.generate().unwrap().public().clone()),
versions: vec![DocumentKeyShareVersion {