Merge branch 'develop' into enhancement/SKALE-2794-clean-up-code

LevelDB.cpp

@@ -53,14 +53,15 @@ std::shared_ptr<string> LevelDB::readString(const string &_key) {
         throw SGXException(NULL_DATABASE, "Null db");
     }
 
-    auto status = db->Get(readOptions, _key, &*result);
+    spdlog::info("key to read from db: {}",_key );
 
-    spdlog::debug("key to read from db: {}",_key );
+    auto status = db->Get(readOptions, _key, &*result);
 
     throwExceptionOnError(status);
 
-    if (status.IsNotFound())
+    if (status.IsNotFound()) {
         return nullptr;
+    }
 
     return result;
 }
@@ -114,7 +115,6 @@ void LevelDB::deleteKey(const string &_key) {
 }
 
 
-
 void LevelDB::writeByteArray(const char *_key, size_t _keyLen, const char *value,
                              size_t _valueLen) {
     std::lock_guard<std::recursive_mutex> lock(mutex);

SEKManager.cpp

@@ -26,6 +26,7 @@
 #include "BLSCrypto.h"
 #include "LevelDB.h"
 
+#include <fstream>
 #include <iostream>
 #include <algorithm>
 
@@ -143,8 +144,13 @@ void gen_SEK() {
 
   carray2Hex(encr_SEK.data(), enc_len, hexEncrKey.data());
 
-  cout << "ATTENTION! THIS IS YOUR KEY FOR BACK UP. PLEASE COPY IT TO THE SAFE PLACE" << endl;
-  cout << "YOUR KEY IS " << SEK << endl;
+  std::ofstream sek_file("backup_key.txt");
+  sek_file.clear();
+
+  cout << "ATTENTION! YOUR BACKUP KEY WILL BE WRITTEN INTO backup_key.txt.\n" <<
+          "PLEASE COPY IT TO THE SAFE PLACE AND THEN DELETE THE FILE MANUALLY BY RUNNING THE FOLLOWING COMMAND:\n" <<
+          "`sudo apt-get install secure-delete && srm -vz backup_key.txt`" << endl;
+  sek_file << SEK;
 
   if (!autoconfirm) {
     std::string confirm_str = "I confirm";

SGXWalletServer.cpp

@@ -536,7 +536,7 @@ SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName, const string
             throw SGXException(INVALID_POLY_NAME, "Invalid polynomial name");
         }
         if (!checkName(_blsKeyName, "BLS_KEY")) {
-            throw SGXException(INVALID_POLY_NAME, "Invalid BLS key name");
+            throw SGXException(INVALID_BLS_NAME, "Invalid BLS key name");
         }
         if (!check_n_t(_t, _n)) {
             throw SGXException(INVALID_DKG_PARAMS, "Invalid DKG parameters: n or t ");
@@ -559,6 +559,7 @@ SGXWalletServer::createBLSPrivateKeyImpl(const string &_blsKeyName, const string
             LevelDB::getLevelDb()->deleteDHDKGKey(name);
             string shareG2_name = "shareG2_" + _polyName + "_" + to_string(i) + ":";
             LevelDB::getLevelDb()->deleteKey(shareG2_name);
+            LevelDB::getLevelDb()->deleteKey(_polyName);
         }
 
     } HANDLE_SGX_EXCEPTION(result)
@@ -571,7 +572,7 @@ Json::Value SGXWalletServer::getBLSPublicKeyShareImpl(const string &_blsKeyName)
 
     try {
         if (!checkName(_blsKeyName, "BLS_KEY")) {
-            throw SGXException(INVALID_POLY_NAME, "Invalid BLSKey name");
+            throw SGXException(INVALID_BLS_NAME, "Invalid BLSKey name");
         }
         shared_ptr <string> encryptedKeyHex_ptr = readFromDb(_blsKeyName);
         spdlog::debug("encr_bls_key_share is {}", *encryptedKeyHex_ptr);
@@ -646,6 +647,29 @@ Json::Value SGXWalletServer::getServerVersionImpl() {
     return result;
 }
 
+Json::Value SGXWalletServer::deleteBlsKeyImpl(const std::string& name) {
+    INIT_RESULT(result)
+
+    result["deleted"] = false;
+    try {
+        if (!checkName(name, "BLS_KEY")) {
+            throw SGXException(INVALID_BLS_NAME, "Invalid BLSKey name format");
+        }
+        std::string key = "BLSKEYSHARE:" + name;
+        std::shared_ptr <std::string> bls_ptr = LevelDB::getLevelDb()->readString(key);
+
+        if (bls_ptr != nullptr) {
+            result["deleted"] = true;
+            return result;
+        } else {
+            std::string error_msg = "BLS key with such name not found: " + name;
+            throw SGXException(INVALID_BLS_NAME, error_msg.c_str());
+          }
+        LevelDB::getLevelDb()->deleteKey(name);
+    } HANDLE_SGX_EXCEPTION(result)
+    return result;
+}
+
 Json::Value SGXWalletServer::generateDKGPoly(const string &_polyName, int _t) {
     WRITE_LOCK(m)
     return generateDKGPolyImpl(_polyName, _t);
@@ -745,6 +769,11 @@ Json::Value SGXWalletServer::getServerVersion() {
     return getServerVersionImpl();
 }
 
+Json::Value SGXWalletServer::deleteBlsKey(const std::string& name) {
+    READ_LOCK(m)
+    return deleteBlsKeyImpl(name);
+}
+
 shared_ptr <string> SGXWalletServer::readFromDb(const string &name, const string &prefix) {
     auto dataStr = LevelDB::getLevelDb()->readString(prefix + name);
 

SGXWalletServer.hpp

@@ -97,6 +97,8 @@ public:
 
     virtual Json::Value getServerVersion();
 
+    virtual Json::Value deleteBlsKey( const std::string& name );
+
     static shared_ptr<string> readFromDb(const string &name, const string &prefix = "");
 
     static void writeDataToDB(const string &Name, const string &value);
@@ -148,6 +150,8 @@ public:
 
     static Json::Value getServerVersionImpl();
 
+    static Json::Value deleteBlsKeyImpl(const std::string& name);
+
     static void printDB();
 
     static int initHttpServer();

VERSION

-1.52.0
+1.53.0
\ No newline at end of file

abstractstubserver.h

@@ -57,6 +57,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
 
           this->bindAndAddMethod(jsonrpc::Procedure("getServerStatus", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,  NULL), &AbstractStubServer::getServerStatusI);
           this->bindAndAddMethod(jsonrpc::Procedure("getServerVersion", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT,  NULL), &AbstractStubServer::getServerVersionI);
+          this->bindAndAddMethod(jsonrpc::Procedure("deleteBlsKey", jsonrpc::PARAMS_BY_NAME, jsonrpc::JSON_OBJECT, "blsKeyName", jsonrpc::JSON_STRING, NULL), &AbstractStubServer::deleteBlsKeyI);
         }
 
         inline virtual void importBLSKeyShareI(const Json::Value &request, Json::Value &response)
@@ -140,6 +141,10 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
           response = this->getServerVersion();
         }
 
+        inline virtual void deleteBlsKeyI(const Json::Value& request, Json::Value& response) {
+            response = this->deleteBlsKey(request["blsKeyName"].asString());
+        }
+
         virtual Json::Value importBLSKeyShare(const std::string& keyShare, const std::string& keyShareName, int t, int n, int index) = 0;
         virtual Json::Value blsSignMessageHash(const std::string& keyShareName, const std::string& messageHash, int t, int n, int signerIndex ) = 0;
         virtual Json::Value importECDSAKey(const std::string& key, const std::string& keyName) = 0;
@@ -160,6 +165,7 @@ class AbstractStubServer : public jsonrpc::AbstractServer<AbstractStubServer>
 
         virtual Json::Value getServerStatus() = 0;
         virtual Json::Value getServerVersion() = 0;
+        virtual Json::Value deleteBlsKey(const std::string& name) = 0;
 };
 
 #endif //JSONRPC_CPP_STUB_ABSTRACTSTUBSERVER_H_

docs/backup-procedure.md

@@ -4,6 +4,11 @@
 
 When SGXWallet is initialized, the server will print the backup key. 
 **This key must be securely recorded and stored.**
+Be sure to store this key in a safe place, then securely remove it with the following command:
+
+```bash
+sudo apt-get install secure-delete && srm -vz backup_key.txt
+```
 
 Master-Slave replication is recommended to support the SGXWallet backup strategy. Below are general instructions for a basic backup and recovery process.
 

sgxwallet_common.h

@@ -70,6 +70,7 @@ extern int autoconfirm;
 #define INVALID_POLY_NAME -11
 #define INVALID_DKG_PARAMS -12
 #define INVALID_SECRET_SHARES_LENGTH -13
+#define INVALID_BLS_NAME -15
 
 #define CERT_REQUEST_DOES_NOT_EXIST -14
 

stubclient.h

@@ -220,6 +220,18 @@ class StubClient : public jsonrpc::Client
                 throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
         }
 
+        Json::Value deleteBlsKey(const std::string & polyName)
+        {
+            Json::Value p;
+            p["blsKeyName"] = polyName;
+
+            Json::Value result = this->CallMethod("deleteBlsKey",p);
+            if (result.isObject())
+                return result;
+            else
+                throw jsonrpc::JsonRpcException(jsonrpc::Errors::ERROR_CLIENT_INVALID_RESPONSE, result.toStyledString());
+        }
+
 
     ////CSRManagerServer
 

testw.cpp

@@ -544,6 +544,28 @@ TEST_CASE_METHOD(TestFixture, "DKG_BLS test", "[dkg-bls]") {
     TestUtils::doDKG(c, 16, 5, ecdsaKeyNames, blsKeyNames, schainID, dkgID);
 }
 
+TEST_CASE_METHOD(TestFixture, "Delete Bls Key", "[delete-bls-key]") {
+    HttpClient client(RPC_ENDPOINT);
+    StubClient c(client, JSONRPC_CLIENT_V2);
+    std::string name = "BLS_KEY:SCHAIN_ID:123456789:NODE_ID:0:DKG_ID:0";
+    libff::alt_bn128_Fr key = libff::alt_bn128_Fr("6507625568967977077291849236396320012317305261598035438182864059942098934847");
+    std::string key_str = TestUtils::stringFromFr(key);
+    c.importBLSKeyShare(key_str, name, 1, 2, 1);
+
+    REQUIRE(c.deleteBlsKey(name)["deleted"] == true);
+}
+
+TEST_CASE_METHOD(TestFixture, "Backup Key", "[backup-key]") {
+    HttpClient client(RPC_ENDPOINT);
+    StubClient c(client, JSONRPC_CLIENT_V2);
+    std::ifstream sek_file("backup_key.txt");
+    REQUIRE(sek_file.good());
+
+    std::string sek;
+    sek_file >> sek;
+
+    REQUIRE(sek.size() == 32);
+}
 
 TEST_CASE_METHOD(TestFixture, "Get ServerStatus", "[get-server-status]") {
     HttpClient client(RPC_ENDPOINT);

testw.py

@@ -32,6 +32,8 @@ print("Top directory is:" + topDir)
 testList = [ "[cert-sign]",
             "[get-server-status]",
             "[get-server-version]",
+            "[backup-key]",
+            "[delete-bls-key]",
             "[ecdsa-key-gen]",
             "[ecdsa-aes-key-gen]",
             "[ecdsa-key-sig-gen]",