SKALE-4262 automatically add key owners

7a98a6ef · Oleh · 14789615 · 7a98a6ef · 7a98a6ef · 7a98a6ef
Unverified Commit 7a98a6ef authored Sep 16, 2021 by Oleh
8 changed files
--- a/SGXWalletServer.cpp
+++ b/SGXWalletServer.cpp
@@ -1009,28 +1009,6 @@ Json::Value SGXWalletServer::getDecryptionShareImpl(const std::string& blsKeyNam
    RETURN_SUCCESS(result)
 }

-Json::Value SGXWalletServer::registerKeyOwnerImpl(const std::string& keyName, const std::string& cert) {
-    spdlog::info("Entering {}", __FUNCTION__);
-    INIT_RESULT(result)
-
-    try {
-        if (!checkName(keyName, "BLS_KEY") && !checkECDSAKeyName(keyName)) {
-            throw SGXException(INVALID_KEY_FORMAT, string(__FUNCTION__) + ":Invalid key format");
-        }
-
-        std::string ownerKeyName = keyName  + ":OWNER";
-        if ( !LevelDB::getLevelDb()->readString( ownerKeyName ) ) {
-            spdlog::info("Cert {} registers key {}", cert, keyName);
-            LevelDB::getLevelDb()->writeString( ownerKeyName, cert );
-        } else {
-            spdlog::error("The key {} already registered", keyName);
-            throw SGXException(KEY_ALREADY_REGISTERED, string(__FUNCTION__) + ":The key is already registered");
-        }
-    } HANDLE_SGX_EXCEPTION(result)
-
-    RETURN_SUCCESS(result)
-}
-
 Json::Value SGXWalletServer::generateDKGPoly(const string &_polyName, int _t) {
    return generateDKGPolyImpl(_polyName, _t);
 }

--- a/SGXWalletServer.hpp
+++ b/SGXWalletServer.hpp
@@ -175,8 +175,6 @@ public:

    static Json::Value getDecryptionShareImpl(const std::string& KeyName, const std::string& publicDecryptionValue);

-    static Json::Value registerKeyOwnerImpl(const std::string& keyName, const std::string& cert);
-
    static void printDB();

    static void initHttpServer();

--- a/zmq_src/ReqMessage.cpp
+++ b/zmq_src/ReqMessage.cpp
@@ -32,10 +32,16 @@ Json::Value ECDSASignReqMessage::process() {
    auto base = getInt64Rapid("base");
    auto keyName = getStringRapid("keyName");
    auto hash = getStringRapid("messageHash");
-    if (checkKeyOwnership && !isKeyByOwner(keyName, getStringRapid("cert"))) {
+    if (checkKeyOwnership) {
+        if (!isKeyRegistered(keyName)) {
+            addKeyByOwner(keyName, getStringRapid("cert"));
+        } else {
+            if (!isKeyByOwner(keyName, getStringRapid("cert"))) {
                spdlog::error("Cert {} try to access key {} which does not belong to it", getStringRapid("cert"), keyName);
                throw std::invalid_argument("Only owner of the key can access it");
            }
+        }
+    }
    auto result = SGXWalletServer::ecdsaSignMessageHashImpl(base, keyName, hash);
    result["type"] = ZMQMessage::ECDSA_SIGN_RSP;
    return result;
@@ -46,10 +52,16 @@ Json::Value BLSSignReqMessage::process() {
    auto hash = getStringRapid("messageHash");
    auto t = getInt64Rapid("t");
    auto n = getInt64Rapid("n");
-    if (checkKeyOwnership && !isKeyByOwner(keyName, getStringRapid("cert"))) {
+    if (checkKeyOwnership) {
+        if (!isKeyRegistered(keyName)) {
+            addKeyByOwner(keyName, getStringRapid("cert"));
+        } else {
+            if (!isKeyByOwner(keyName, getStringRapid("cert"))) {
                spdlog::error("Cert {} try to access key {} which does not belong to it", getStringRapid("cert"), keyName);
                throw std::invalid_argument("Only owner of the key can access it");
            }
+        }
+    }
    auto result = SGXWalletServer::blsSignMessageHashImpl(keyName, hash, t, n);
    result["type"] = ZMQMessage::BLS_SIGN_RSP;
    return result;
@@ -261,11 +273,3 @@ Json::Value GetDecryptionShareReqMessage::process() {
    result["type"] = ZMQMessage::GET_DECRYPTION_SHARE_RSP;
    return result;
 }
-
-Json::Value RegisterKeyOwnerReqMessage::process() {
-    auto keyName = getStringRapid("keyName");
-    auto cert = getStringRapid("cert");
-    auto result = SGXWalletServer::registerKeyOwnerImpl(keyName, cert);
-    result["type"] = ZMQMessage::REGISTER_KEY_OWNER_RSP;
-    return result;
-}
--- a/zmq_src/ReqMessage.h
+++ b/zmq_src/ReqMessage.h
@@ -185,11 +185,4 @@ public:
    virtual Json::Value process();
 };

-class RegisterKeyOwnerReqMessage : public ZMQMessage {
-public:
-    RegisterKeyOwnerReqMessage(shared_ptr<rapidjson::Document>& _d) : ZMQMessage(_d) {};
-
-    virtual Json::Value process();
-};
-
 #endif //SGXWALLET_REQMESSAGE_H
--- a/zmq_src/RspMessage.cpp
+++ b/zmq_src/RspMessage.cpp
@@ -114,7 +114,3 @@ Json::Value deleteBLSKeyRspMessage::process() {
 Json::Value GetDecryptionShareRspMessage::process() {
    assert(false);
 }
-
-Json::Value RegisterKeyOwnerRspMessage::process() {
-    assert(false);
-}
--- a/zmq_src/RspMessage.h
+++ b/zmq_src/RspMessage.h
@@ -259,16 +259,4 @@ public:
    }
 };

-class RegisterKeyOwnerRspMessage : public ZMQMessage {
-public:
-    RegisterKeyOwnerRspMessage(shared_ptr<rapidjson::Document>& _d) : ZMQMessage(_d) {};
-
-    virtual Json::Value process();
-
-    Json::Value getShare() {
-        return getJsonValueRapid("decryptionShare");
-    }
-};
-
-
 #endif //SGXWALLET_RSPMESSAGE_H
--- a/zmq_src/ZMQMessage.cpp
+++ b/zmq_src/ZMQMessage.cpp
@@ -230,9 +230,6 @@ shared_ptr <ZMQMessage> ZMQMessage::buildRequest(string &_type, shared_ptr <rapi
        case ENUM_GET_DECRYPTION_SHARE_REQ:
            ret = make_shared<GetDecryptionShareReqMessage>(_d);
            break;
-        case ENUM_REGISTER_KEY_OWNER_REQ:
-            ret = make_shared<RegisterKeyOwnerReqMessage>(_d);
-            break;
        default:
            break;
    }
@@ -317,9 +314,6 @@ shared_ptr <ZMQMessage> ZMQMessage::buildResponse(string &_type, shared_ptr <rap
        case ENUM_GET_DECRYPTION_SHARE_RSP:
            ret = make_shared<GetDecryptionShareRspMessage>(_d);
            break;
-        case ENUM_REGISTER_KEY_OWNER_RSP:
-            ret = make_shared<RegisterKeyOwnerRspMessage>(_d);
-            break;
        default:
            break;
    }
@@ -340,6 +334,10 @@ void ZMQMessage::addKeyByOwner(const string& keyName, const string& cert) {
    SGXWalletServer::writeDataToDB(keyName + ":OWNER", cert);
 }

+bool ZMQMessage::isKeyRegistered(const string& keyName) {
+    return LevelDB::getLevelDb()->readString(keyName  + ":OWNER") != nullptr;
+}
+
 cache::lru_cache<string, pair < EVP_PKEY * , X509 *>> ZMQMessage::verifiedCerts(256);

 const std::map<string, int> ZMQMessage::requests{
@@ -349,7 +347,7 @@ const std::map<string, int> ZMQMessage::requests{
    {CREATE_BLS_PRIVATE_REQ, 10}, {GET_BLS_PUBLIC_REQ, 11}, {GET_ALL_BLS_PUBLIC_REQ, 12},
    {COMPLAINT_RESPONSE_REQ, 13}, {MULT_G2_REQ, 14}, {IS_POLY_EXISTS_REQ, 15},
    {GET_SERVER_STATUS_REQ, 16}, {GET_SERVER_VERSION_REQ, 17}, {DELETE_BLS_KEY_REQ, 18},
-    {GET_DECRYPTION_SHARE_REQ, 19}, {REGISTER_KEY_OWNER_REQ, 20}
+    {GET_DECRYPTION_SHARE_REQ, 19} }
 };

 const std::map<string, int> ZMQMessage::responses {
@@ -359,5 +357,5 @@ const std::map<string, int> ZMQMessage::responses {
    {CREATE_BLS_PRIVATE_RSP, 10}, {GET_BLS_PUBLIC_RSP, 11}, {GET_ALL_BLS_PUBLIC_RSP, 12},
    {COMPLAINT_RESPONSE_RSP, 13}, {MULT_G2_RSP, 14}, {IS_POLY_EXISTS_RSP, 15},
    {GET_SERVER_STATUS_RSP, 16}, {GET_SERVER_VERSION_RSP, 17}, {DELETE_BLS_KEY_RSP, 18},
-    {GET_DECRYPTION_SHARE_RSP, 19}, {REGISTER_KEY_OWNER_RSP, 20}
+    {GET_DECRYPTION_SHARE_RSP, 19} }
 };
--- a/zmq_src/ZMQMessage.h
+++ b/zmq_src/ZMQMessage.h
@@ -57,6 +57,8 @@ protected:

    static void addKeyByOwner(const string& keyName, const string& cert);

+    static bool isKeyRegistered(const std::string& keyName);
+
 public:

    static constexpr const char *BLS_SIGN_REQ = "BLSSignReq";
@@ -99,8 +101,6 @@ public:
    static constexpr const char *DELETE_BLS_KEY_RSP = "deleteBLSKeyRsp";
    static constexpr const char *GET_DECRYPTION_SHARE_REQ = "getDecryptionShareReq";
    static constexpr const char *GET_DECRYPTION_SHARE_RSP = "getDecryptionShareRsp";
-    static constexpr const char *REGISTER_KEY_OWNER_REQ = "registerKeyOwnerReq";
-    static constexpr const char *REGISTER_KEY_OWNER_RSP = "registerKeyOwnerRsp";

    static const std::map<string, int> requests;
    static const std::map<string, int> responses;
@@ -108,11 +108,11 @@ public:
    enum Requests { ENUM_BLS_SIGN_REQ, ENUM_ECDSA_SIGN_REQ, ENUM_IMPORT_BLS_REQ, ENUM_IMPORT_ECDSA_REQ, ENUM_GENERATE_ECDSA_REQ, ENUM_GET_PUBLIC_ECDSA_REQ,
                    ENUM_GENERATE_DKG_POLY_REQ, ENUM_GET_VV_REQ, ENUM_GET_SECRET_SHARE_REQ, ENUM_DKG_VERIFY_REQ, ENUM_CREATE_BLS_PRIVATE_REQ,
                    ENUM_GET_BLS_PUBLIC_REQ, ENUM_GET_ALL_BLS_PUBLIC_REQ, ENUM_COMPLAINT_RESPONSE_REQ, ENUM_MULT_G2_REQ, ENUM_IS_POLY_EXISTS_REQ,
-                    ENUM_GET_SERVER_STATUS_REQ, ENUM_GET_SERVER_VERSION_REQ, ENUM_DELETE_BLS_KEY_REQ, ENUM_GET_DECRYPTION_SHARE_REQ, ENUM_REGISTER_KEY_OWNER_REQ };
+                    ENUM_GET_SERVER_STATUS_REQ, ENUM_GET_SERVER_VERSION_REQ, ENUM_DELETE_BLS_KEY_REQ, ENUM_GET_DECRYPTION_SHARE_REQ };
    enum Responses { ENUM_BLS_SIGN_RSP, ENUM_ECDSA_SIGN_RSP, ENUM_IMPORT_BLS_RSP, ENUM_IMPORT_ECDSA_RSP, ENUM_GENERATE_ECDSA_RSP, ENUM_GET_PUBLIC_ECDSA_RSP,
                    ENUM_GENERATE_DKG_POLY_RSP, ENUM_GET_VV_RSP, ENUM_GET_SECRET_SHARE_RSP, ENUM_DKG_VERIFY_RSP, ENUM_CREATE_BLS_PRIVATE_RSP,
                    ENUM_GET_BLS_PUBLIC_RSP, ENUM_GET_ALL_BLS_PUBLIC_RSP, ENUM_COMPLAINT_RESPONSE_RSP, ENUM_MULT_G2_RSP, ENUM_IS_POLY_EXISTS_RSP,
-                    ENUM_GET_SERVER_STATUS_RSP, ENUM_GET_SERVER_VERSION_RSP, ENUM_DELETE_BLS_KEY_RSP, ENUM_GET_DECRYPTION_SHARE_RSP, ENUM_REGISTER_KEY_OWNER_RSP };
+                    ENUM_GET_SERVER_STATUS_RSP, ENUM_GET_SERVER_VERSION_RSP, ENUM_DELETE_BLS_KEY_RSP, ENUM_GET_DECRYPTION_SHARE_RSP };

    explicit ZMQMessage(shared_ptr<rapidjson::Document> &_d) : d(_d) {};