Commit Graph

29 Commits

Author SHA1 Message Date
Toralf Wittner
e30839e85f Consolidate crypto functionality in ethcore-crypto. (#8432)
* Consolidate crypto functionality in `ethcore-crypto`.

- Move `ecdh`/`ecies` modules to `ethkey`.
- Refactor `ethcore-crypto` to use file per module.
- Replace `subtle` with `ethcore_crypto::is_equal`.
- Add `aes_gcm` module to `ethcore-crypto`.

* Rename `aes::{encrypt,decrypt,decrypt_cbc}` ...

... to `aes::{encrypt_128_ctr,decrypt_128_ctr,decrypt_128_cbc}`.
2018-05-05 11:02:33 +02:00
Svyatoslav Nikolsky
d1f5284fe6 SecretStore: merge two types of errors into single one + Error::is_non_fatal (#8357)
* SecretStore: error unify initial commit

SecretStore: pass real error in error messages

SecretStore: is_internal_error -> Error::is_non_fatal

warnings

SecretStore: ConsensusTemporaryUnreachable

fix after merge

removed comments

removed comments

SecretStore: updated HTTP error responses

SecretStore: more ConsensusTemporaryUnreachable tests

fix after rebase

* fixed grumbles

* use HashSet in tests
2018-05-01 15:02:14 +02:00
Toralf Wittner
2b05eb43a9 Add util/mem to zero out memory on drop. (#8356)
* Add `util/mem` to zero out memory on drop.

* Remove nonsense.

* Remove `Into` impls for `Memzero`.

* Update ethereum-types and remove H256Mut.
2018-04-11 13:57:12 +02:00
Marek Kotewicz
bd7273061e
ethcrypto renamed to ethcore-crypto and moved to ethcore dir (#8340)
* ethcrypto renamed to ethcore-crypto and moved to ethcore dir

* fixed renaming
2018-04-10 13:56:56 +02:00
Svyatoslav Nikolsky
ec96091369 SecretStore: generating and retrieving decryption keys via service contract (#8029)
* SecretStore: started document keys generation via contract

* fixed Cargo.lock

* SecretStore: doc key contract gen tests

* SecretStore: fixed log parsing

* SecretStore: flush

* SecretStore: secretstore_generateDocumentKey RPC

* SecretStore: return encrypted_key from secretstore_generateDocumentKey

* prepare to GenerateDocKey -> StoreDocKey

* SecretStore: ability to identify requester via Public/Address

* SecretStore: store author address instead of public in db

* flush

* SecretStore: flush

* SecretStore: fixed test

* SecretStore: flush

* SecretStore: flush

* SecretStore: flush

* SecretStore: flush

* SecretStore: start async generation session

* SecretStore: process StoreDocumentKey service tasks

* SecretStore: flush

* SecretStore: update service contact ABI

* SecretStore: flush

* SecretStore: flush

* SecretStore: fixed event

* SecretStore: flush

* SecretStore: fixed tests

* SecretStore: fix broadcast shadows decryption

* SecretStore: finally decryption via service contract works

* SecretStore: fix for updated contract

* SecretStore: restored pending requests reqding

* SecretStore: fixed some TODOs

* SecretStore: OnChainServiceContractAggregate

* SecretStore: different names for different contracts types

* SecretStore: updated contracts interfaces

* SecretStore: utilize aggregate service contract

* fixed compilation

* SecretStore: fixes for updated contract

* SecretStore: service fixes after testing

* fixed cli test compilation

* SecretStore: decryption_session_origin_is_known_to_all_initialized_nodes

* SecretStore: added new contract listener tests

* SecretStore: session_listener_works

* removed optional TODO

* SecretStore: fixed KeyServer shutdown

* fixed warn + grumble

* const durations
2018-04-03 16:54:34 +02:00
Svyatoslav Nikolsky
a6915778bb SecretStore: ability to identify requester via Public/Address (#7886) 2018-03-19 06:42:40 +01:00
Svyatoslav Nikolsky
0da6c7eb45 SecretStore: ECDSA session for cases when 2*t < N (#7739)
* SecretStore: ECDSA PoC

* SecretStore: fixed ECDSA serialization + cleanup

* removed unused param

* removed unused method

* removed debug unwrap

* SecretStore: 'limited' ECDSA session

* fix after merge
2018-03-01 09:59:21 +01:00
Marek Kotewicz
e95b093483 dissolve util (#7460)
* ethereum-types refactor in progress

* ethereum-types refactor in progress

* ethereum-types refactor in progress

* ethereum-types refactor in progress

* ethereum-types refactor finished

* removed obsolete util/src/lib.rs

* removed commented out code
2018-01-10 15:35:18 +03:00
Svyatoslav Nikolsky
b685b7fae3 SecretStore: tx retry pattern (#7323)
* SecretStore: auto migrate initial commit

* SecretStore: flush automigrate

* SecretStore: debug flush

* SecretStore: added migration to KeyServerSet contract

* SecretStore: flush automigrate

* SecretStore: flush before testing

* SecretStore: flush

* SecretStore: flush

* SecretStore: bunch of tests for simple ConnectionTrigger && KeyServerSet

* SecretStore: started work on TriggerWithMigration tests

* SecretStore: maintain_session tests

* SecretStore: updated some comments

* SecretStore pass migration_id to ServerSetChangeSession

* SecretStore: fixed lock scope

* SecretStore: fixed error response condition

* SecretStore: fixed ServerSetChange session auto-creation

* SecretStore: update active migration in connector

* removed commented code

* SecretStore: fixed tests compilation

* SecretStore: marked test-related unimplemented-s

* SecretStore: labeled all SS TODOs

* SecretStore: do not read auto-migration stuff when auto-migration is disabled + stripped KeyServerSet contract ABI

* SecretStore: ignore duplicated addresses in KeyServerSet

* fied compilation

* SecretStore: wait for N block confirmations before starting auto-migration

* SecretStore: more tests for migration delay

* SecretStore: clear current nodes set when KSS contract is uninstalled

* SecretStore: retry transaction interval
2018-01-10 11:33:45 +01:00
Svyatoslav Nikolsky
ea9c8a174c SecretStore: started adding tests for ServiceContractListener 2017-11-22 17:31:34 +03:00
Svyatoslav Nikolsky
fc7f3433b7 SecretStore: removed obsolete traits 2017-11-22 10:21:14 +03:00
Svyatoslav Nikolsky
5a7e065e41 SecretStore: Kovan flush3 2017-11-22 10:05:14 +03:00
Svyatoslav Nikolsky
e16f6fb9d9 SecretStore: servers set change session api (#6925)
* SecretStore: first key versions flush

* SecretStore: key versions in encryption session

* SecretStore: flush key versions negotiation session

* SecretStore: connected key version negotiation session to cluster

* SecretStore: cluster sessions container refactoring

* SecretStore: flush

* SecretStore: flush key versions

* SecretStore: flush

* SecretStore: delegation proto

* SecretStore: decryption_session_is_delegated_when_node_does_not_have_key_share

* SecretStore: fixed version in decryption session

* SecretStore: signing_session_is_delegated_when_node_does_not_have_key_share

* SecretStore: started restoring admin sessions

* SecretStore: restoring admin sessions

* SecretStore: removed obsolete ShareRemove && ShareMove sessions

* SecretStore: ShareAdd math tests only require old_t+1 nodes

* SecretStore: ShareAdd revamp using new math backend

* SecretStore: do not include isolated nodes into consensus_group

* SecretStore: ServersSetChange + ShareAdd revamp

* removed debug printlns

* SecretStore: key version negotiation tests

* SecretStore: removed debug/merge artifacts

* SecretStore: fixed master node selection

* SecretStore: cleanup + tests + fixes

* SecretStore: uncommented tests

* SecretStore: cleaning up

* SecretStore: cleaning up + tests

* SecretStore: cleaning up

* SecretStore: cleaning up && tests

* SecretStore: fixing TODOs

* SecretStore: fixing TODOs + cleanup

* SecretStore: fixing TODOs

* SecretStore: nodes_add_to_the_node_with_obsolete_version

* SecretStore: nodes_add_fails_when_not_enough_share_owners_are_connected

* SecretStore: tests

* SecretStore: signing && delegation tests

* SecretStore: signing && decryption tests when some nodes are isolated

* SecretStore: sessions_are_removed_when_initialization_fails

* SecretStore: ceaning up

* SecretStore: removed obsolete comments

* SecretStore: signing_session_completes_if_node_does_not_have_a_share

* SecretStore: initial ServersSetChange API

* SecretStore: added secretstore_signServersSet RPC

* SecretStore: ChangeServersSet parse tests

* SecretStore: fixes after manual ServersSetChange tests

* lost file

* fixed network ports overlap in tests

* lost files
2017-11-16 17:34:23 +01:00
Svyatoslav Nikolsky
7703cd226b SecretStore: versioned keys (#6910)
* SecretStore: first key versions flush

* SecretStore: key versions in encryption session

* SecretStore: flush key versions negotiation session

* SecretStore: connected key version negotiation session to cluster

* SecretStore: cluster sessions container refactoring

* SecretStore: flush

* SecretStore: flush key versions

* SecretStore: flush

* SecretStore: delegation proto

* SecretStore: decryption_session_is_delegated_when_node_does_not_have_key_share

* SecretStore: fixed version in decryption session

* SecretStore: signing_session_is_delegated_when_node_does_not_have_key_share

* SecretStore: started restoring admin sessions

* SecretStore: restoring admin sessions

* SecretStore: removed obsolete ShareRemove && ShareMove sessions

* SecretStore: ShareAdd math tests only require old_t+1 nodes

* SecretStore: ShareAdd revamp using new math backend

* SecretStore: do not include isolated nodes into consensus_group

* SecretStore: ServersSetChange + ShareAdd revamp

* removed debug printlns

* SecretStore: key version negotiation tests

* SecretStore: removed debug/merge artifacts

* SecretStore: fixed master node selection

* SecretStore: cleanup + tests + fixes

* SecretStore: uncommented tests

* SecretStore: cleaning up

* SecretStore: cleaning up + tests

* SecretStore: cleaning up

* SecretStore: cleaning up && tests

* SecretStore: fixing TODOs

* SecretStore: fixing TODOs + cleanup

* SecretStore: fixing TODOs

* SecretStore: nodes_add_to_the_node_with_obsolete_version

* SecretStore: nodes_add_fails_when_not_enough_share_owners_are_connected

* SecretStore: tests

* SecretStore: signing && delegation tests

* SecretStore: signing && decryption tests when some nodes are isolated

* SecretStore: sessions_are_removed_when_initialization_fails

* SecretStore: ceaning up

* SecretStore: removed obsolete comments

* SecretStore: signing_session_completes_if_node_does_not_have_a_share
2017-11-02 15:33:11 +01:00
Svyatoslav Nikolsky
9a086face4 SecretStore: administrative sessions prototypes (#6605)
* generate random channel encryption key on restart

* session-level nonces

* fixed warning after rebase

* session_nonce -> nonce

* full_generation_math_session_with_refreshing_shares && full_generation_math_session_with_adding_new_node

* add serveral secret shares at once

* SecretStore: initial ShareAdd session prototype

* SecretStore: ServersSetChange jobs

* SecretStore: servers set change session continued

* SecretStore: servers set change session continued

* SecretStore: servers set change session continued

* SecretStore: known_sessions iterator

* SecretStore: implemented SessionsQueue

* SecretStore: UnknownSessionsJobTransport

* SecretStore: node_added_using_servers_set_change almost done

* SecretStore: continue adding tests

* SecretStore: node_added_using_servers_set_change + node_added_using_share_add

* SecretStore: node_added_using_server_set_change_from_this_node

* SecretStore: node_moved_using_share_move

* SecretStore: node_moved_using_servers_set_change

* SecretStore: node_removed_using_share_remove

* SecretStore: node_removed_using_servers_set_change

* SecretStore: different folders for client && admin sessions

* SecretStore: started adding share change consensus (flush)

* SecretStore: fixed spurious tests failures

* enum JobPartialRequestAction

* SecretStore: started adding consensus layer to ShareAdd session

* SecretStore: starting external consensus for ShareAdd

* SecretStore: started restoring node_added_using_servers_set_change

* SecretStore: node_added_using_servers_set_change works with external consensus

* SecretStore: node_added_using_server_set_change_from_this_node works with external consensus

* removed debug comments/printlns

* SecretStore: share move session supports consensus

* SecretStore: share remove with external consensus

* SecretStore: started adding basic ShareAdd tests

* SecretStore: added ShareAdd tests

* SecretStore: added ShareAdd session to cluster

* SecretStore: added share move && remove sessions to cluster

* SecretStore: ShareMove session tests cleanup

* SecretStore: ShareRemove session tests cleanup

* SecretStore: added check_secret_is_preserved check

* SecretStore: added servers set change to cluster

* SecretStore: cleaned up ServersSetChange session tests

* SecretStore: cleaning + added tests for ShareRemove

* SecretStore: cleaning up

* SecretStore: propagated admin_public

* SecretStore: fixed persistent_key_storage test

* SecretStore: upgrade_db_from_1

* SecretStore: fixed ServersSetChange session completion

* SecretStore: check polynom1 in ShareAdd sessions (error for pre-v2 shares)

* SecretStore: fixing TODOs

* SecretStore: fixing TODOs

* SecretStore: check share change plan on 'old' slave nodes

* SecretStore: fixing TODOs

* SecretStore: store all admin sessions in single container to avoid overlaps

* SecretStore: do not update nodes set during admin sessions

* SecretStore: moved TODOs to appropriate methods

* SecretStore: TODOs

* SecretStore: added admin_public arg && fixed warnigs

* SecretStore: added shares_to_move_reversed to ShareMove session

* SecretStore: additional checks during consensus establishing

* license

* SecretStore: added TODO about starting ServersSetChange session

* SecretStore: redundant clones + docs + lsot unimplemented-s

* SecretStore: generation_session_completion_signalled_if_failed_on_master

* SecretStore: updated obsolete comment

* SecretStore: added type alias for current DocumentKeyShare serialization format

* SecretStore: fixed typo

* SecretStore; fixed warnings for futures 0.1.15

* fixed warning
2017-10-02 15:27:31 +02:00
Svyatoslav Nikolsky
8f434cd02c secretstore: attributes under docs (#6475) 2017-09-06 11:09:22 +02:00
Fredrik
308f36a532 Don't reexport bigint from util 2017-09-04 16:36:49 +02:00
Svyatoslav Nikolsky
c345bc3d85 cli option to disable SS ACL check 2017-07-27 15:48:07 +03:00
Svyatoslav Nikolsky
eb895fbb31 completed KeyStoreNodeKeyPair 2017-07-25 17:54:32 +03:00
Svyatoslav Nikolsky
45f2b82411 NodeKeyPAir trait 2017-07-25 09:24:54 +03:00
Svyatoslav Nikolsky
b31b067743 fixed tests 2017-07-24 12:36:31 +03:00
Svyatoslav Nikolsky
81de7e1075 initial KeyServerSet commit 2017-07-19 11:35:17 +03:00
Svyatoslav Nikolsky
6334893561 SecretStore: generating signatures (#5764)
* refactoring traits

* separate generation session

* generalized ClusterSessions

* signing session prototype

* full_signature_math_session

* consensus session prototype

* continue signing session

* continue signing session

* continue signing session

* continue signing session

* isolated consensus logic

* started work on signing test

* complete_gen_sign_session works

* consensus tests

* get rid of duplicated data in SigningSession

* TODOs in signing session

* fixing tests

* fixed last test

* signing session in http listener

* new key server tests

* fix after merge

* enabled warnings

* fixed possible race

* ignore previous jobs responses

* include sef node in consensus when confirmed

* fixed warning

* removed extra clones

* consensus_restarts_after_node_timeout

* encrypt signature before return

* return error text along with HTTP status

* fix for odd-of-N (share check fails + not equal to local sign)

* fixed t-of-N for odd t

* fixed test cases in complete_gen_sign_session

* fixed mistimed response reaction

* jobs draft

* DecryptionJob

* consensus session tets

* fixed decryption tests

* signing job implementation

* siginng_session using new consensus_session

* added license preambles

* same_consensus_group_returned_after_second_selection

* database upgrade v0 -> v1

* typo

* fixed grumbles
2017-07-06 14:02:10 +02:00
Svyatoslav Nikolsky
8b9adb4d74 Secretstore RPCs + integration (#5439)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* on-chain ACL checker proto

* fixed compilation

* fixed compilation

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* updated AclStorage with real contract ABI

* remove unnecessary unsafety

* fixed grumbles

* wakeup on access denied

* encrypt secretstore messages

* 'shadow' decryption

* fix grumbles

* lost files

* secretstore cli-options

* decryption seccion when ACL check failed on master

* disallow regenerating key for existing document

* removed obsolete TODO

* fix after merge

* switched to tokio_io

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fixed test

* fix after merge

* encryption session errors are now fatal

* session timeouts

* autorestart decryption session

* remove sessions on completion

* exclude disconnected nodes from decryption session

* test for enc/dec session over network with 1 node

* remove debug printlns

* fixed 1-of-1 scheme

* drop for KeyServerHttpListener

* Use standard encryption and decryption (as in RPC)

* added some tests

* moved DEFAULT_MAC to ethcrypto

* rpc_secretstore_encrypt_and_decrypt

* serialization with "0x" prefix (RPC compatibility)

* secretstore RPC API

* fix after merge

* fixed typo

* secretstore_shadowDecrypt RPC

* enable secretstore RPCs by default

* fixed test

* SecStore RPCs available without SecStore feature

* fixed grumbles

* lost files

* added password argument to Parity RPCs

* update docs

* lost file
2017-05-05 14:57:29 +01:00
Svyatoslav Nikolsky
1a262048a6 Fixing secretstore TODOs - part 2 (#5416)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* on-chain ACL checker proto

* fixed compilation

* fixed compilation

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* updated AclStorage with real contract ABI

* remove unnecessary unsafety

* fixed grumbles

* wakeup on access denied

* encrypt secretstore messages

* 'shadow' decryption

* fix grumbles

* lost files

* secretstore cli-options

* decryption seccion when ACL check failed on master

* disallow regenerating key for existing document

* removed obsolete TODO

* fix after merge

* switched to tokio_io

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fixed test

* fix after merge

* encryption session errors are now fatal

* session timeouts

* autorestart decryption session

* remove sessions on completion

* exclude disconnected nodes from decryption session

* test for enc/dec session over network with 1 node

* remove debug printlns

* fixed 1-of-1 scheme

* drop for KeyServerHttpListener

* added some tests

* fixed typo
2017-04-25 21:34:03 +02:00
Svyatoslav Nikolsky
93a6047912 Fixing secretstore TODOs - part 1 (#5386)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* on-chain ACL checker proto

* fixed compilation

* fixed compilation

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* updated AclStorage with real contract ABI

* remove unnecessary unsafety

* fixed grumbles

* wakeup on access denied

* encrypt secretstore messages

* 'shadow' decryption

* fix grumbles

* lost files

* secretstore cli-options

* decryption seccion when ACL check failed on master

* disallow regenerating key for existing document

* removed obsolete TODO

* fix after merge

* switched to tokio_io

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fixed test

* fix after merge
2017-04-08 11:26:16 +02:00
Svyatoslav Nikolsky
abec06f50c On-chain ACL checker for secretstore (#5015)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* on-chain ACL checker proto

* fixed compilation

* fixed compilation

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* updated AclStorage with real contract ABI

* remove unnecessary unsafety

* fixed grumbles

* wakeup on access denied

* fix after merge

* fix after merge

* moved contract to native-contracts lib
2017-04-03 17:46:51 +02:00
Svyatoslav Nikolsky
c0c06fdc53 Secretstore over network (#4974)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* remove unnecessary unsafety

* fixed grumbles

* fix grumbles

* lost files
2017-04-03 11:13:51 +02:00
Svyatoslav Nikolsky
b9665c7cfe Secret store - initial version (#4567)
* initial secret store commit

* various fixes

* license

* (sstore, secstore) -> secretstore

* marked KeyServer trait as IPC-ready

* fixed style

* ignore requests with Origin header

* fixed tests

* fixed Origin header check
2017-02-20 16:13:21 +01:00