Commit Graph

27 Commits

Author SHA1 Message Date
Svyatoslav Nikolsky
ec96091369 SecretStore: generating and retrieving decryption keys via service contract (#8029)
* SecretStore: started document keys generation via contract

* fixed Cargo.lock

* SecretStore: doc key contract gen tests

* SecretStore: fixed log parsing

* SecretStore: flush

* SecretStore: secretstore_generateDocumentKey RPC

* SecretStore: return encrypted_key from secretstore_generateDocumentKey

* prepare to GenerateDocKey -> StoreDocKey

* SecretStore: ability to identify requester via Public/Address

* SecretStore: store author address instead of public in db

* flush

* SecretStore: flush

* SecretStore: fixed test

* SecretStore: flush

* SecretStore: flush

* SecretStore: flush

* SecretStore: flush

* SecretStore: start async generation session

* SecretStore: process StoreDocumentKey service tasks

* SecretStore: flush

* SecretStore: update service contact ABI

* SecretStore: flush

* SecretStore: flush

* SecretStore: fixed event

* SecretStore: flush

* SecretStore: fixed tests

* SecretStore: fix broadcast shadows decryption

* SecretStore: finally decryption via service contract works

* SecretStore: fix for updated contract

* SecretStore: restored pending requests reqding

* SecretStore: fixed some TODOs

* SecretStore: OnChainServiceContractAggregate

* SecretStore: different names for different contracts types

* SecretStore: updated contracts interfaces

* SecretStore: utilize aggregate service contract

* fixed compilation

* SecretStore: fixes for updated contract

* SecretStore: service fixes after testing

* fixed cli test compilation

* SecretStore: decryption_session_origin_is_known_to_all_initialized_nodes

* SecretStore: added new contract listener tests

* SecretStore: session_listener_works

* removed optional TODO

* SecretStore: fixed KeyServer shutdown

* fixed warn + grumble

* const durations
2018-04-03 16:54:34 +02:00
Svyatoslav Nikolsky
a91e562021 SecretStore: store key author address in db (#7887)
* SecretStore: ability to identify requester via Public/Address

* SecretStore: store author address instead of public in db
2018-03-20 03:03:51 +01:00
Marek Kotewicz
e95b093483 dissolve util (#7460)
* ethereum-types refactor in progress

* ethereum-types refactor in progress

* ethereum-types refactor in progress

* ethereum-types refactor in progress

* ethereum-types refactor finished

* removed obsolete util/src/lib.rs

* removed commented out code
2018-01-10 15:35:18 +03:00
Svyatoslav Nikolsky
b685b7fae3 SecretStore: tx retry pattern (#7323)
* SecretStore: auto migrate initial commit

* SecretStore: flush automigrate

* SecretStore: debug flush

* SecretStore: added migration to KeyServerSet contract

* SecretStore: flush automigrate

* SecretStore: flush before testing

* SecretStore: flush

* SecretStore: flush

* SecretStore: bunch of tests for simple ConnectionTrigger && KeyServerSet

* SecretStore: started work on TriggerWithMigration tests

* SecretStore: maintain_session tests

* SecretStore: updated some comments

* SecretStore pass migration_id to ServerSetChangeSession

* SecretStore: fixed lock scope

* SecretStore: fixed error response condition

* SecretStore: fixed ServerSetChange session auto-creation

* SecretStore: update active migration in connector

* removed commented code

* SecretStore: fixed tests compilation

* SecretStore: marked test-related unimplemented-s

* SecretStore: labeled all SS TODOs

* SecretStore: do not read auto-migration stuff when auto-migration is disabled + stripped KeyServerSet contract ABI

* SecretStore: ignore duplicated addresses in KeyServerSet

* fied compilation

* SecretStore: wait for N block confirmations before starting auto-migration

* SecretStore: more tests for migration delay

* SecretStore: clear current nodes set when KSS contract is uninstalled

* SecretStore: retry transaction interval
2018-01-10 11:33:45 +01:00
Svyatoslav Nikolsky
c0e7abcc81 Merge branch 'master' into secretstore_kovan 2017-12-27 11:44:28 +03:00
NikVolf
516725abe4 ok_or -> ok_or_else 2017-12-21 16:50:58 +03:00
Svyatoslav Nikolsky
14686f2652 SecretStore: cli option to configure service contract 2017-11-24 12:33:33 +03:00
Svyatoslav Nikolsky
ea9c8a174c SecretStore: started adding tests for ServiceContractListener 2017-11-22 17:31:34 +03:00
Svyatoslav Nikolsky
7da66c24f0 SecretStore: store joint_public in key_storage 2017-11-22 11:09:48 +03:00
debris
a22c48b6b0 removed redundant imports 2017-11-14 17:47:41 +01:00
Svyatoslav Nikolsky
7703cd226b SecretStore: versioned keys (#6910)
* SecretStore: first key versions flush

* SecretStore: key versions in encryption session

* SecretStore: flush key versions negotiation session

* SecretStore: connected key version negotiation session to cluster

* SecretStore: cluster sessions container refactoring

* SecretStore: flush

* SecretStore: flush key versions

* SecretStore: flush

* SecretStore: delegation proto

* SecretStore: decryption_session_is_delegated_when_node_does_not_have_key_share

* SecretStore: fixed version in decryption session

* SecretStore: signing_session_is_delegated_when_node_does_not_have_key_share

* SecretStore: started restoring admin sessions

* SecretStore: restoring admin sessions

* SecretStore: removed obsolete ShareRemove && ShareMove sessions

* SecretStore: ShareAdd math tests only require old_t+1 nodes

* SecretStore: ShareAdd revamp using new math backend

* SecretStore: do not include isolated nodes into consensus_group

* SecretStore: ServersSetChange + ShareAdd revamp

* removed debug printlns

* SecretStore: key version negotiation tests

* SecretStore: removed debug/merge artifacts

* SecretStore: fixed master node selection

* SecretStore: cleanup + tests + fixes

* SecretStore: uncommented tests

* SecretStore: cleaning up

* SecretStore: cleaning up + tests

* SecretStore: cleaning up

* SecretStore: cleaning up && tests

* SecretStore: fixing TODOs

* SecretStore: fixing TODOs + cleanup

* SecretStore: fixing TODOs

* SecretStore: nodes_add_to_the_node_with_obsolete_version

* SecretStore: nodes_add_fails_when_not_enough_share_owners_are_connected

* SecretStore: tests

* SecretStore: signing && delegation tests

* SecretStore: signing && decryption tests when some nodes are isolated

* SecretStore: sessions_are_removed_when_initialization_fails

* SecretStore: ceaning up

* SecretStore: removed obsolete comments

* SecretStore: signing_session_completes_if_node_does_not_have_a_share
2017-11-02 15:33:11 +01:00
debris
7661e93a56 fixed secret_store conversion from kvdb error 2017-10-16 14:55:11 +02:00
debris
eb526b7769 separated kvdb into 3 crates: kvdb, kvdb-memorydb && kvdb-rocksdb, #6693 2017-10-12 15:36:27 +02:00
Marek Kotewicz
6279ff32f5 Separate migrations from util (#6690)
* separate migration from util and make its dependencies into libs:

* snappy
* kvdb
* error
* common

* renamed common -> macros

* util error does not depend on snappy module

* ethsync does not depend on util nor ethcore_error

* nibbleslice and nibblevec merged with patricia_trie crate

* removed unused dependencies from util

* util journaldb traits does not need to be public

* util_error

* fixed ethcore compile error

* ignore .swo files

* Update chain.rs
2017-10-10 20:01:27 +02:00
Svyatoslav Nikolsky
9a086face4 SecretStore: administrative sessions prototypes (#6605)
* generate random channel encryption key on restart

* session-level nonces

* fixed warning after rebase

* session_nonce -> nonce

* full_generation_math_session_with_refreshing_shares && full_generation_math_session_with_adding_new_node

* add serveral secret shares at once

* SecretStore: initial ShareAdd session prototype

* SecretStore: ServersSetChange jobs

* SecretStore: servers set change session continued

* SecretStore: servers set change session continued

* SecretStore: servers set change session continued

* SecretStore: known_sessions iterator

* SecretStore: implemented SessionsQueue

* SecretStore: UnknownSessionsJobTransport

* SecretStore: node_added_using_servers_set_change almost done

* SecretStore: continue adding tests

* SecretStore: node_added_using_servers_set_change + node_added_using_share_add

* SecretStore: node_added_using_server_set_change_from_this_node

* SecretStore: node_moved_using_share_move

* SecretStore: node_moved_using_servers_set_change

* SecretStore: node_removed_using_share_remove

* SecretStore: node_removed_using_servers_set_change

* SecretStore: different folders for client && admin sessions

* SecretStore: started adding share change consensus (flush)

* SecretStore: fixed spurious tests failures

* enum JobPartialRequestAction

* SecretStore: started adding consensus layer to ShareAdd session

* SecretStore: starting external consensus for ShareAdd

* SecretStore: started restoring node_added_using_servers_set_change

* SecretStore: node_added_using_servers_set_change works with external consensus

* SecretStore: node_added_using_server_set_change_from_this_node works with external consensus

* removed debug comments/printlns

* SecretStore: share move session supports consensus

* SecretStore: share remove with external consensus

* SecretStore: started adding basic ShareAdd tests

* SecretStore: added ShareAdd tests

* SecretStore: added ShareAdd session to cluster

* SecretStore: added share move && remove sessions to cluster

* SecretStore: ShareMove session tests cleanup

* SecretStore: ShareRemove session tests cleanup

* SecretStore: added check_secret_is_preserved check

* SecretStore: added servers set change to cluster

* SecretStore: cleaned up ServersSetChange session tests

* SecretStore: cleaning + added tests for ShareRemove

* SecretStore: cleaning up

* SecretStore: propagated admin_public

* SecretStore: fixed persistent_key_storage test

* SecretStore: upgrade_db_from_1

* SecretStore: fixed ServersSetChange session completion

* SecretStore: check polynom1 in ShareAdd sessions (error for pre-v2 shares)

* SecretStore: fixing TODOs

* SecretStore: fixing TODOs

* SecretStore: check share change plan on 'old' slave nodes

* SecretStore: fixing TODOs

* SecretStore: store all admin sessions in single container to avoid overlaps

* SecretStore: do not update nodes set during admin sessions

* SecretStore: moved TODOs to appropriate methods

* SecretStore: TODOs

* SecretStore: added admin_public arg && fixed warnigs

* SecretStore: added shares_to_move_reversed to ShareMove session

* SecretStore: additional checks during consensus establishing

* license

* SecretStore: added TODO about starting ServersSetChange session

* SecretStore: redundant clones + docs + lsot unimplemented-s

* SecretStore: generation_session_completion_signalled_if_failed_on_master

* SecretStore: updated obsolete comment

* SecretStore: added type alias for current DocumentKeyShare serialization format

* SecretStore: fixed typo

* SecretStore; fixed warnings for futures 0.1.15

* fixed warning
2017-10-02 15:27:31 +02:00
Svyatoslav Nikolsky
8f434cd02c secretstore: attributes under docs (#6475) 2017-09-06 11:09:22 +02:00
Svyatoslav Nikolsky
cc95edf4dc fixed grumbles 2017-08-09 18:17:28 +03:00
Svyatoslav Nikolsky
c345bc3d85 cli option to disable SS ACL check 2017-07-27 15:48:07 +03:00
Svyatoslav Nikolsky
7c05a906d0 cli option to disable SS HTTP API 2017-07-27 13:29:09 +03:00
Svyatoslav Nikolsky
4938dfd971 removed comment 2017-07-25 17:57:27 +03:00
Svyatoslav Nikolsky
45f2b82411 NodeKeyPAir trait 2017-07-25 09:24:54 +03:00
Svyatoslav Nikolsky
6334893561 SecretStore: generating signatures (#5764)
* refactoring traits

* separate generation session

* generalized ClusterSessions

* signing session prototype

* full_signature_math_session

* consensus session prototype

* continue signing session

* continue signing session

* continue signing session

* continue signing session

* isolated consensus logic

* started work on signing test

* complete_gen_sign_session works

* consensus tests

* get rid of duplicated data in SigningSession

* TODOs in signing session

* fixing tests

* fixed last test

* signing session in http listener

* new key server tests

* fix after merge

* enabled warnings

* fixed possible race

* ignore previous jobs responses

* include sef node in consensus when confirmed

* fixed warning

* removed extra clones

* consensus_restarts_after_node_timeout

* encrypt signature before return

* return error text along with HTTP status

* fix for odd-of-N (share check fails + not equal to local sign)

* fixed t-of-N for odd t

* fixed test cases in complete_gen_sign_session

* fixed mistimed response reaction

* jobs draft

* DecryptionJob

* consensus session tets

* fixed decryption tests

* signing job implementation

* siginng_session using new consensus_session

* added license preambles

* same_consensus_group_returned_after_second_selection

* database upgrade v0 -> v1

* typo

* fixed grumbles
2017-07-06 14:02:10 +02:00
Vurich
3d8dc11442 Upgrade elastic-array to 0.9.0
This is a huge change, which includes some changes to replace code that
originally cloned to reuse allocations instead. The updated
`elastic-array` crate renames its consuming `Vec`-conversion method to
`into_vec`, which means that I can do a simple
`sed -i 's/to_vec/into_vec/'` and then fix the compilation errors.

This commit is probably a minor performance win and definitely a
significant readability win.
2017-06-29 13:05:33 +02:00
Svyatoslav Nikolsky
1a262048a6 Fixing secretstore TODOs - part 2 (#5416)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* on-chain ACL checker proto

* fixed compilation

* fixed compilation

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* updated AclStorage with real contract ABI

* remove unnecessary unsafety

* fixed grumbles

* wakeup on access denied

* encrypt secretstore messages

* 'shadow' decryption

* fix grumbles

* lost files

* secretstore cli-options

* decryption seccion when ACL check failed on master

* disallow regenerating key for existing document

* removed obsolete TODO

* fix after merge

* switched to tokio_io

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fixed test

* fix after merge

* encryption session errors are now fatal

* session timeouts

* autorestart decryption session

* remove sessions on completion

* exclude disconnected nodes from decryption session

* test for enc/dec session over network with 1 node

* remove debug printlns

* fixed 1-of-1 scheme

* drop for KeyServerHttpListener

* added some tests

* fixed typo
2017-04-25 21:34:03 +02:00
Svyatoslav Nikolsky
93a6047912 Fixing secretstore TODOs - part 1 (#5386)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* on-chain ACL checker proto

* fixed compilation

* fixed compilation

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* updated AclStorage with real contract ABI

* remove unnecessary unsafety

* fixed grumbles

* wakeup on access denied

* encrypt secretstore messages

* 'shadow' decryption

* fix grumbles

* lost files

* secretstore cli-options

* decryption seccion when ACL check failed on master

* disallow regenerating key for existing document

* removed obsolete TODO

* fix after merge

* switched to tokio_io

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fix after merge

* fixed test

* fix after merge
2017-04-08 11:26:16 +02:00
Svyatoslav Nikolsky
c0c06fdc53 Secretstore over network (#4974)
* ECDKG protocol prototype

* added test for enc/dec math

* get rid of decryption_session

* added licenses

* fix after merge

* get rid of unused serde dependency

* doc

* decryption session [without commutative enc]

* failed_dec_session

* fixed tests

* added commen

* added more decryption session tests

* helper to localize an issue

* more computations to localize error

* decryption_session::SessionParams

* added tests for EC math to localize problem

* secretstore network transport

* encryption_session_works_over_network

* network errors processing

* connecting to KeyServer

* licenses

* get rid of debug println-s

* fixed secretstore args

* encryption results are stored in KS database

* decryption protocol works over network

* enc/dec Session traits

* fixing warnings

* fix after merge

* finally fixed <odd>-of-N-scheme

* temporary commented test

* 1-of-N works in math

* scheme 1-of-N works

* remove unnecessary unsafety

* fixed grumbles

* fix grumbles

* lost files
2017-04-03 11:13:51 +02:00
Svyatoslav Nikolsky
b9665c7cfe Secret store - initial version (#4567)
* initial secret store commit

* various fixes

* license

* (sstore, secstore) -> secretstore

* marked KeyServer trait as IPC-ready

* fixed style

* ignore requests with Origin header

* fixed tests

* fixed Origin header check
2017-02-20 16:13:21 +01:00