SKALE-4262 automatically add key owners

SGXWalletServer.cpp

@@ -1009,28 +1009,6 @@ Json::Value SGXWalletServer::getDecryptionShareImpl(const std::string& blsKeyNam
     RETURN_SUCCESS(result)
 }
 
-Json::Value SGXWalletServer::registerKeyOwnerImpl(const std::string& keyName, const std::string& cert) {
-    spdlog::info("Entering {}", __FUNCTION__);
-    INIT_RESULT(result)
-
-    try {
-        if (!checkName(keyName, "BLS_KEY") && !checkECDSAKeyName(keyName)) {
-            throw SGXException(INVALID_KEY_FORMAT, string(__FUNCTION__) + ":Invalid key format");
-        }
-
-        std::string ownerKeyName = keyName  + ":OWNER";
-        if ( !LevelDB::getLevelDb()->readString( ownerKeyName ) ) {
-            spdlog::info("Cert {} registers key {}", cert, keyName);
-            LevelDB::getLevelDb()->writeString( ownerKeyName, cert );
-        } else {
-            spdlog::error("The key {} already registered", keyName);
-            throw SGXException(KEY_ALREADY_REGISTERED, string(__FUNCTION__) + ":The key is already registered");
-        }
-    } HANDLE_SGX_EXCEPTION(result)
-
-    RETURN_SUCCESS(result)
-}
-
 Json::Value SGXWalletServer::generateDKGPoly(const string &_polyName, int _t) {
     return generateDKGPolyImpl(_polyName, _t);
 }

SGXWalletServer.hpp

@@ -175,8 +175,6 @@ public:
 
     static Json::Value getDecryptionShareImpl(const std::string& KeyName, const std::string& publicDecryptionValue);
 
-    static Json::Value registerKeyOwnerImpl(const std::string& keyName, const std::string& cert);
-
     static void printDB();
 
     static void initHttpServer();

zmq_src/ReqMessage.cpp

@@ -32,9 +32,15 @@ Json::Value ECDSASignReqMessage::process() {
     auto base = getInt64Rapid("base");
     auto keyName = getStringRapid("keyName");
     auto hash = getStringRapid("messageHash");
-    if (checkKeyOwnership && !isKeyByOwner(keyName, getStringRapid("cert"))) {
-        spdlog::error("Cert {} try to access key {} which does not belong to it", getStringRapid("cert"), keyName);
-        throw std::invalid_argument("Only owner of the key can access it");
+    if (checkKeyOwnership) {
+        if (!isKeyRegistered(keyName)) {
+            addKeyByOwner(keyName, getStringRapid("cert"));
+        } else {
+            if (!isKeyByOwner(keyName, getStringRapid("cert"))) {
+                spdlog::error("Cert {} try to access key {} which does not belong to it", getStringRapid("cert"), keyName);
+                throw std::invalid_argument("Only owner of the key can access it");
+            }
+        }
     }
     auto result = SGXWalletServer::ecdsaSignMessageHashImpl(base, keyName, hash);
     result["type"] = ZMQMessage::ECDSA_SIGN_RSP;
@@ -46,9 +52,15 @@ Json::Value BLSSignReqMessage::process() {
     auto hash = getStringRapid("messageHash");
     auto t = getInt64Rapid("t");
     auto n = getInt64Rapid("n");
-    if (checkKeyOwnership && !isKeyByOwner(keyName, getStringRapid("cert"))) {
-        spdlog::error("Cert {} try to access key {} which does not belong to it", getStringRapid("cert"), keyName);
-        throw std::invalid_argument("Only owner of the key can access it");
+    if (checkKeyOwnership) {
+        if (!isKeyRegistered(keyName)) {
+            addKeyByOwner(keyName, getStringRapid("cert"));
+        } else {
+            if (!isKeyByOwner(keyName, getStringRapid("cert"))) {
+                spdlog::error("Cert {} try to access key {} which does not belong to it", getStringRapid("cert"), keyName);
+                throw std::invalid_argument("Only owner of the key can access it");
+            }
+        }
     }
     auto result = SGXWalletServer::blsSignMessageHashImpl(keyName, hash, t, n);
     result["type"] = ZMQMessage::BLS_SIGN_RSP;
@@ -261,11 +273,3 @@ Json::Value GetDecryptionShareReqMessage::process() {
     result["type"] = ZMQMessage::GET_DECRYPTION_SHARE_RSP;
     return result;
 }
-
-Json::Value RegisterKeyOwnerReqMessage::process() {
-    auto keyName = getStringRapid("keyName");
-    auto cert = getStringRapid("cert");
-    auto result = SGXWalletServer::registerKeyOwnerImpl(keyName, cert);
-    result["type"] = ZMQMessage::REGISTER_KEY_OWNER_RSP;
-    return result;
-}

zmq_src/ReqMessage.h

@@ -185,11 +185,4 @@ public:
     virtual Json::Value process();
 };
 
-class RegisterKeyOwnerReqMessage : public ZMQMessage {
-public:
-    RegisterKeyOwnerReqMessage(shared_ptr<rapidjson::Document>& _d) : ZMQMessage(_d) {};
-
-    virtual Json::Value process();
-};
-
 #endif //SGXWALLET_REQMESSAGE_H

zmq_src/RspMessage.cpp

@@ -114,7 +114,3 @@ Json::Value deleteBLSKeyRspMessage::process() {
 Json::Value GetDecryptionShareRspMessage::process() {
     assert(false);
 }
-
-Json::Value RegisterKeyOwnerRspMessage::process() {
-    assert(false);
-}

zmq_src/RspMessage.h

@@ -259,16 +259,4 @@ public:
     }
 };
 
-class RegisterKeyOwnerRspMessage : public ZMQMessage {
-public:
-    RegisterKeyOwnerRspMessage(shared_ptr<rapidjson::Document>& _d) : ZMQMessage(_d) {};
-
-    virtual Json::Value process();
-
-    Json::Value getShare() {
-        return getJsonValueRapid("decryptionShare");
-    }
-};
-
-
 #endif //SGXWALLET_RSPMESSAGE_H

zmq_src/ZMQMessage.cpp

@@ -230,9 +230,6 @@ shared_ptr <ZMQMessage> ZMQMessage::buildRequest(string &_type, shared_ptr <rapi
         case ENUM_GET_DECRYPTION_SHARE_REQ:
             ret = make_shared<GetDecryptionShareReqMessage>(_d);
             break;
-        case ENUM_REGISTER_KEY_OWNER_REQ:
-            ret = make_shared<RegisterKeyOwnerReqMessage>(_d);
-            break;
         default:
             break;
     }
@@ -317,9 +314,6 @@ shared_ptr <ZMQMessage> ZMQMessage::buildResponse(string &_type, shared_ptr <rap
         case ENUM_GET_DECRYPTION_SHARE_RSP:
             ret = make_shared<GetDecryptionShareRspMessage>(_d);
             break;
-        case ENUM_REGISTER_KEY_OWNER_RSP:
-            ret = make_shared<RegisterKeyOwnerRspMessage>(_d);
-            break;
         default:
             break;
     }
@@ -340,6 +334,10 @@ void ZMQMessage::addKeyByOwner(const string& keyName, const string& cert) {
     SGXWalletServer::writeDataToDB(keyName + ":OWNER", cert);
 }
 
+bool ZMQMessage::isKeyRegistered(const string& keyName) {
+    return LevelDB::getLevelDb()->readString(keyName  + ":OWNER") != nullptr;
+}
+
 cache::lru_cache<string, pair < EVP_PKEY * , X509 *>> ZMQMessage::verifiedCerts(256);
 
 const std::map<string, int> ZMQMessage::requests{
@@ -349,7 +347,7 @@ const std::map<string, int> ZMQMessage::requests{
     {CREATE_BLS_PRIVATE_REQ, 10}, {GET_BLS_PUBLIC_REQ, 11}, {GET_ALL_BLS_PUBLIC_REQ, 12},
     {COMPLAINT_RESPONSE_REQ, 13}, {MULT_G2_REQ, 14}, {IS_POLY_EXISTS_REQ, 15},
     {GET_SERVER_STATUS_REQ, 16}, {GET_SERVER_VERSION_REQ, 17}, {DELETE_BLS_KEY_REQ, 18},
-    {GET_DECRYPTION_SHARE_REQ, 19}, {REGISTER_KEY_OWNER_REQ, 20}
+    {GET_DECRYPTION_SHARE_REQ, 19} }
 };
 
 const std::map<string, int> ZMQMessage::responses {
@@ -359,5 +357,5 @@ const std::map<string, int> ZMQMessage::responses {
     {CREATE_BLS_PRIVATE_RSP, 10}, {GET_BLS_PUBLIC_RSP, 11}, {GET_ALL_BLS_PUBLIC_RSP, 12},
     {COMPLAINT_RESPONSE_RSP, 13}, {MULT_G2_RSP, 14}, {IS_POLY_EXISTS_RSP, 15},
     {GET_SERVER_STATUS_RSP, 16}, {GET_SERVER_VERSION_RSP, 17}, {DELETE_BLS_KEY_RSP, 18},
-    {GET_DECRYPTION_SHARE_RSP, 19}, {REGISTER_KEY_OWNER_RSP, 20}
+    {GET_DECRYPTION_SHARE_RSP, 19} }
 };

zmq_src/ZMQMessage.h

@@ -57,6 +57,8 @@ protected:
 
     static void addKeyByOwner(const string& keyName, const string& cert);
 
+    static bool isKeyRegistered(const std::string& keyName);
+
 public:
 
     static constexpr const char *BLS_SIGN_REQ = "BLSSignReq";
@@ -99,8 +101,6 @@ public:
     static constexpr const char *DELETE_BLS_KEY_RSP = "deleteBLSKeyRsp";
     static constexpr const char *GET_DECRYPTION_SHARE_REQ = "getDecryptionShareReq";
     static constexpr const char *GET_DECRYPTION_SHARE_RSP = "getDecryptionShareRsp";
-    static constexpr const char *REGISTER_KEY_OWNER_REQ = "registerKeyOwnerReq";
-    static constexpr const char *REGISTER_KEY_OWNER_RSP = "registerKeyOwnerRsp";
 
     static const std::map<string, int> requests;
     static const std::map<string, int> responses;
@@ -108,11 +108,11 @@ public:
     enum Requests { ENUM_BLS_SIGN_REQ, ENUM_ECDSA_SIGN_REQ, ENUM_IMPORT_BLS_REQ, ENUM_IMPORT_ECDSA_REQ, ENUM_GENERATE_ECDSA_REQ, ENUM_GET_PUBLIC_ECDSA_REQ,
                     ENUM_GENERATE_DKG_POLY_REQ, ENUM_GET_VV_REQ, ENUM_GET_SECRET_SHARE_REQ, ENUM_DKG_VERIFY_REQ, ENUM_CREATE_BLS_PRIVATE_REQ,
                     ENUM_GET_BLS_PUBLIC_REQ, ENUM_GET_ALL_BLS_PUBLIC_REQ, ENUM_COMPLAINT_RESPONSE_REQ, ENUM_MULT_G2_REQ, ENUM_IS_POLY_EXISTS_REQ,
-                    ENUM_GET_SERVER_STATUS_REQ, ENUM_GET_SERVER_VERSION_REQ, ENUM_DELETE_BLS_KEY_REQ, ENUM_GET_DECRYPTION_SHARE_REQ, ENUM_REGISTER_KEY_OWNER_REQ };
+                    ENUM_GET_SERVER_STATUS_REQ, ENUM_GET_SERVER_VERSION_REQ, ENUM_DELETE_BLS_KEY_REQ, ENUM_GET_DECRYPTION_SHARE_REQ };
     enum Responses { ENUM_BLS_SIGN_RSP, ENUM_ECDSA_SIGN_RSP, ENUM_IMPORT_BLS_RSP, ENUM_IMPORT_ECDSA_RSP, ENUM_GENERATE_ECDSA_RSP, ENUM_GET_PUBLIC_ECDSA_RSP,
                     ENUM_GENERATE_DKG_POLY_RSP, ENUM_GET_VV_RSP, ENUM_GET_SECRET_SHARE_RSP, ENUM_DKG_VERIFY_RSP, ENUM_CREATE_BLS_PRIVATE_RSP,
                     ENUM_GET_BLS_PUBLIC_RSP, ENUM_GET_ALL_BLS_PUBLIC_RSP, ENUM_COMPLAINT_RESPONSE_RSP, ENUM_MULT_G2_RSP, ENUM_IS_POLY_EXISTS_RSP,
-                    ENUM_GET_SERVER_STATUS_RSP, ENUM_GET_SERVER_VERSION_RSP, ENUM_DELETE_BLS_KEY_RSP, ENUM_GET_DECRYPTION_SHARE_RSP, ENUM_REGISTER_KEY_OWNER_RSP };
+                    ENUM_GET_SERVER_STATUS_RSP, ENUM_GET_SERVER_VERSION_RSP, ENUM_DELETE_BLS_KEY_RSP, ENUM_GET_DECRYPTION_SHARE_RSP };
 
     explicit ZMQMessage(shared_ptr<rapidjson::Document> &_d) : d(_d) {};