funga

Signer and keystore daemon and library for cryptocurrency software development
Log | Files | Refs | README | LICENSE

commit f91a1acc92f30542a217adb54ba2c49fc4147621
parent 636b60f6f6791cc18ba91da4cdecbe3aabc3dca0
Author: nolash <dev@holbrook.no>
Date:   Wed,  5 Aug 2020 19:47:38 +0200

Add encrypt and password to symmetric key hash in postgres package

Diffstat:
Msrc/keystore/postgres.py | 47++++++++++++++++++++++++++++++++++++-----------
Mtest/sign.py | 2+-
Mtest/test_database.py | 35++++++++++++++++-------------------
3 files changed, 53 insertions(+), 31 deletions(-)

diff --git a/src/keystore/postgres.py b/src/keystore/postgres.py @@ -1,9 +1,15 @@ import logging import base64 +import os from cryptography.fernet import Fernet import psycopg2 from psycopg2 import sql +from eth_keys import KeyAPI +from eth_keys.backends import NativeECCBackend +import sha3 + +keyapi = KeyAPI(NativeECCBackend) logging.basicConfig(level=logging.DEBUG) logg = logging.getLogger(__file__) @@ -16,25 +22,44 @@ class ReferenceDatabase: logg.debug(kwargs) self.conn = psycopg2.connect('dbname='+dbname) self.cur = self.conn.cursor() - self.cryptengine = None - if kwargs.get('symmetric_key') != None: - be = kwargs.get('symmetric_key') - self.cryptengine = Fernet(base64.b64encode(be)) + self.symmetric_key = kwargs.get('symmetric_key') - def get(self, address): + def get(self, address, password=None): s = sql.SQL('SELECT key_ciphertext FROM ethereum WHERE wallet_address_hex = %s') logg.debug(address) self.cur.execute(s, [ address ] ) k = self.cur.fetchone()[0] - return self.decrypt(k) + return self._decrypt(k, password) + + + def new(self, address, password=None): + b = os.urandom(32) + pk = keyapi.PrivateKey(b) + logg.debug('pk {}'.format(pk.to_hex())) + c = self._encrypt(pk.to_bytes(), password) + logg.debug('pkc {} {}'.format(c, len(pk.to_bytes()))) + s = sql.SQL('INSERT INTO ethereum (wallet_address_hex, key_ciphertext) VALUES (%s, %s)') + self.cur.execute(s, [ address, c.decode('utf-8') ]) + + + def _encrypt(self, private_key, password): + f = self._generate_encryption_engine(password) + return f.encrypt(private_key) + + + def _generate_encryption_engine(self, password): + h = sha3.keccak_256() + h.update(self.symmetric_key) + if password != None: + h.update(password) + g = h.digest() + return Fernet(base64.b64encode(g)) - def decrypt(self, c): - if self.cryptengine == None: - return c - logg.debug('decryption') - return self.cryptengine.decrypt(c.encode('utf-8')) + def _decrypt(self, c, password): + f = self._generate_encryption_engine(password) + return f.decrypt(c.encode('utf-8')) def __exit__(self): diff --git a/test/sign.py b/test/sign.py @@ -58,7 +58,7 @@ class TestSign(unittest.TestCase): z = s.signTransaction(t) logg.debug('{}'.format(z.to_bytes())) logg.debug('{}'.format(t.serialize().hex())) - + if __name__ == '__main__': unittest.main() diff --git a/test/test_database.py b/test/test_database.py @@ -19,19 +19,14 @@ class TestDatabase(unittest.TestCase): conn = None cur = None symkey = None - addr = None + address_hex = None db = None - pk = None def setUp(self): - # arbitrary value - symk_hex = 'E92431CAEE69313A7BE9E443C4ABEED9BF8157E9A13553B4D5D6E7D51B5021D9' - self.symkey = bytes.fromhex(symk_hex) - f = Fernet(base64.b64encode(self.symkey)) - pk_hex = 'F8E1FB7E4959693ABC2AB099D689A5C7EB521EC52ED4A32633A1A02889B35030' - self.pk = bytes.fromhex(pk_hex) - pk_ciphertext = f.encrypt(self.pk) - self.addr = '9FA61f0E52A5C51b43f0d32404625BC436bb7041' + # arbitrary value + symkey_hex = 'E92431CAEE69313A7BE9E443C4ABEED9BF8157E9A13553B4D5D6E7D51B5021D9' + self.symkey = bytes.fromhex(symkey_hex) + self.address_hex = '9FA61f0E52A5C51b43f0d32404625BC436bb7041' kw = { 'symmetric_key': self.symkey, @@ -46,15 +41,17 @@ class TestDatabase(unittest.TestCase): self.db.conn.commit() self.db.cur.execute("CREATE UNIQUE INDEX ethereum_address_idx ON ethereum ( wallet_address_hex );") - self.db.cur.execute( - sql.SQL('INSERT INTO ethereum (key_ciphertext, wallet_address_hex) VALUES (%s, %s)'), - [ - pk_ciphertext.decode('utf-8'), - self.addr, - ], - ) +# self.db.cur.execute( +# sql.SQL('INSERT INTO ethereum (key_ciphertext, wallet_address_hex) VALUES (%s, %s)'), +# [ +# pk_ciphertext.decode('utf-8'), +# self.addr, +# ], +# ) self.db.conn.commit() + self.db.new(self.address_hex) + def tearDown(self): self.db.conn = psycopg2.connect('dbname=signer_test') @@ -65,8 +62,8 @@ class TestDatabase(unittest.TestCase): def test_get_key(self): - pk = self.db.get(self.addr) - self.assertEqual(self.pk, pk) + pk = self.db.get(self.address_hex) + logg.info('pk {}'.format(pk.hex())) if __name__ == '__main__':