2017-08-18 04:50:15 +03:00
|
|
|
package macaroons
|
|
|
|
|
|
|
|
import (
|
2019-09-29 02:10:57 +03:00
|
|
|
"context"
|
2017-08-18 04:50:15 +03:00
|
|
|
"crypto/rand"
|
|
|
|
"fmt"
|
|
|
|
"io"
|
2019-11-10 05:12:11 +03:00
|
|
|
"sync"
|
2017-08-18 04:50:15 +03:00
|
|
|
|
2020-01-10 05:45:26 +03:00
|
|
|
"github.com/lightningnetwork/lnd/channeldb/kvdb"
|
2018-02-01 03:04:56 +03:00
|
|
|
|
2018-06-05 04:34:16 +03:00
|
|
|
"github.com/btcsuite/btcwallet/snacl"
|
2017-08-18 04:50:15 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
// RootKeyLen is the length of a root key.
|
|
|
|
RootKeyLen = 32
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
// rootKeyBucketName is the name of the root key store bucket.
|
|
|
|
rootKeyBucketName = []byte("macrootkeys")
|
|
|
|
|
|
|
|
// defaultRootKeyID is the ID of the default root key. The first is
|
|
|
|
// just 0, to emulate the memory storage that comes with bakery.
|
2017-08-22 09:18:19 +03:00
|
|
|
//
|
2017-08-18 04:50:15 +03:00
|
|
|
// TODO(aakselrod): Add support for key rotation.
|
2018-01-16 19:18:41 +03:00
|
|
|
defaultRootKeyID = []byte("0")
|
2017-08-18 04:50:15 +03:00
|
|
|
|
2018-02-01 03:04:56 +03:00
|
|
|
// encryptedKeyID is the name of the database key that stores the
|
|
|
|
// encryption key, encrypted with a salted + hashed password. The
|
|
|
|
// format is 32 bytes of salt, and the rest is encrypted key.
|
|
|
|
encryptedKeyID = []byte("enckey")
|
|
|
|
|
|
|
|
// ErrAlreadyUnlocked specifies that the store has already been
|
|
|
|
// unlocked.
|
|
|
|
ErrAlreadyUnlocked = fmt.Errorf("macaroon store already unlocked")
|
|
|
|
|
|
|
|
// ErrStoreLocked specifies that the store needs to be unlocked with
|
|
|
|
// a password.
|
|
|
|
ErrStoreLocked = fmt.Errorf("macaroon store is locked")
|
|
|
|
|
|
|
|
// ErrPasswordRequired specifies that a nil password has been passed.
|
|
|
|
ErrPasswordRequired = fmt.Errorf("a non-nil password is required")
|
2017-08-18 04:50:15 +03:00
|
|
|
)
|
|
|
|
|
|
|
|
// RootKeyStorage implements the bakery.RootKeyStorage interface.
|
|
|
|
type RootKeyStorage struct {
|
2020-01-10 05:45:26 +03:00
|
|
|
kvdb.Backend
|
2018-02-01 03:04:56 +03:00
|
|
|
|
2019-11-10 05:12:11 +03:00
|
|
|
encKeyMtx sync.RWMutex
|
|
|
|
encKey *snacl.SecretKey
|
2017-08-18 04:50:15 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
// NewRootKeyStorage creates a RootKeyStorage instance.
|
|
|
|
// TODO(aakselrod): Add support for encryption of data with passphrase.
|
2020-01-10 05:45:26 +03:00
|
|
|
func NewRootKeyStorage(db kvdb.Backend) (*RootKeyStorage, error) {
|
2017-08-18 04:50:15 +03:00
|
|
|
// If the store's bucket doesn't exist, create it.
|
2020-01-10 05:45:26 +03:00
|
|
|
err := kvdb.Update(db, func(tx kvdb.RwTx) error {
|
|
|
|
_, err := tx.CreateTopLevelBucket(rootKeyBucketName)
|
2017-08-18 04:50:15 +03:00
|
|
|
return err
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2017-08-22 09:18:19 +03:00
|
|
|
|
2017-08-18 04:50:15 +03:00
|
|
|
// Return the DB wrapped in a RootKeyStorage object.
|
2020-01-10 05:45:26 +03:00
|
|
|
return &RootKeyStorage{Backend: db, encKey: nil}, nil
|
2018-02-01 03:04:56 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
// CreateUnlock sets an encryption key if one is not already set, otherwise it
|
|
|
|
// checks if the password is correct for the stored encryption key.
|
|
|
|
func (r *RootKeyStorage) CreateUnlock(password *[]byte) error {
|
2019-11-10 05:12:11 +03:00
|
|
|
r.encKeyMtx.Lock()
|
|
|
|
defer r.encKeyMtx.Unlock()
|
|
|
|
|
2018-02-01 03:04:56 +03:00
|
|
|
// Check if we've already unlocked the store; return an error if so.
|
|
|
|
if r.encKey != nil {
|
|
|
|
return ErrAlreadyUnlocked
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check if a nil password has been passed; return an error if so.
|
|
|
|
if password == nil {
|
|
|
|
return ErrPasswordRequired
|
|
|
|
}
|
|
|
|
|
2020-01-10 05:45:26 +03:00
|
|
|
return kvdb.Update(r, func(tx kvdb.RwTx) error {
|
|
|
|
bucket := tx.ReadWriteBucket(rootKeyBucketName)
|
2018-02-01 03:04:56 +03:00
|
|
|
dbKey := bucket.Get(encryptedKeyID)
|
|
|
|
if len(dbKey) > 0 {
|
|
|
|
// We've already stored a key, so try to unlock with
|
|
|
|
// the password.
|
|
|
|
encKey := &snacl.SecretKey{}
|
|
|
|
err := encKey.Unmarshal(dbKey)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = encKey.DeriveKey(password)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
r.encKey = encKey
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// We haven't yet stored a key, so create a new one.
|
2020-01-17 16:23:42 +03:00
|
|
|
encKey, err := snacl.NewSecretKey(
|
|
|
|
password, scryptN, scryptR, scryptP,
|
|
|
|
)
|
2018-02-01 03:04:56 +03:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
err = bucket.Put(encryptedKeyID, encKey.Marshal())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
r.encKey = encKey
|
|
|
|
return nil
|
|
|
|
})
|
2017-08-18 04:50:15 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
// Get implements the Get method for the bakery.RootKeyStorage interface.
|
2018-01-16 19:18:41 +03:00
|
|
|
func (r *RootKeyStorage) Get(_ context.Context, id []byte) ([]byte, error) {
|
2019-11-10 05:12:11 +03:00
|
|
|
r.encKeyMtx.RLock()
|
|
|
|
defer r.encKeyMtx.RUnlock()
|
|
|
|
|
2018-02-01 03:04:56 +03:00
|
|
|
if r.encKey == nil {
|
|
|
|
return nil, ErrStoreLocked
|
|
|
|
}
|
2017-08-18 04:50:15 +03:00
|
|
|
var rootKey []byte
|
2020-01-10 05:45:26 +03:00
|
|
|
err := kvdb.View(r, func(tx kvdb.ReadTx) error {
|
|
|
|
dbKey := tx.ReadBucket(rootKeyBucketName).Get(id)
|
2017-08-23 21:30:09 +03:00
|
|
|
if len(dbKey) == 0 {
|
2017-08-18 04:50:15 +03:00
|
|
|
return fmt.Errorf("root key with id %s doesn't exist",
|
2018-01-16 19:18:41 +03:00
|
|
|
string(id))
|
2017-08-18 04:50:15 +03:00
|
|
|
}
|
2017-08-23 21:30:09 +03:00
|
|
|
|
2018-02-01 03:04:56 +03:00
|
|
|
decKey, err := r.encKey.Decrypt(dbKey)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
rootKey = make([]byte, len(decKey))
|
|
|
|
copy(rootKey[:], decKey)
|
2017-08-18 04:50:15 +03:00
|
|
|
return nil
|
|
|
|
})
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2017-08-22 09:18:19 +03:00
|
|
|
|
2017-08-18 04:50:15 +03:00
|
|
|
return rootKey, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// RootKey implements the RootKey method for the bakery.RootKeyStorage
|
|
|
|
// interface.
|
|
|
|
// TODO(aakselrod): Add support for key rotation.
|
2018-01-16 19:18:41 +03:00
|
|
|
func (r *RootKeyStorage) RootKey(_ context.Context) ([]byte, []byte, error) {
|
2019-11-10 05:12:11 +03:00
|
|
|
r.encKeyMtx.RLock()
|
|
|
|
defer r.encKeyMtx.RUnlock()
|
|
|
|
|
2018-02-01 03:04:56 +03:00
|
|
|
if r.encKey == nil {
|
|
|
|
return nil, nil, ErrStoreLocked
|
|
|
|
}
|
2017-08-18 04:50:15 +03:00
|
|
|
var rootKey []byte
|
|
|
|
id := defaultRootKeyID
|
2020-01-10 05:45:26 +03:00
|
|
|
err := kvdb.Update(r, func(tx kvdb.RwTx) error {
|
|
|
|
ns := tx.ReadWriteBucket(rootKeyBucketName)
|
2018-02-01 03:04:56 +03:00
|
|
|
dbKey := ns.Get(id)
|
|
|
|
|
|
|
|
// If there's a root key stored in the bucket, decrypt it and
|
|
|
|
// return it.
|
|
|
|
if len(dbKey) != 0 {
|
|
|
|
decKey, err := r.encKey.Decrypt(dbKey)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
rootKey = make([]byte, len(decKey))
|
|
|
|
copy(rootKey[:], decKey[:])
|
2017-08-18 04:50:15 +03:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2018-02-01 03:04:56 +03:00
|
|
|
// Otherwise, create a RootKeyLen-byte root key, encrypt it,
|
|
|
|
// and store it in the bucket.
|
2017-08-18 04:50:15 +03:00
|
|
|
rootKey = make([]byte, RootKeyLen)
|
|
|
|
if _, err := io.ReadFull(rand.Reader, rootKey[:]); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2018-02-01 03:04:56 +03:00
|
|
|
|
|
|
|
encKey, err := r.encKey.Encrypt(rootKey)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return ns.Put(id, encKey)
|
2017-08-18 04:50:15 +03:00
|
|
|
})
|
|
|
|
if err != nil {
|
2018-01-16 19:18:41 +03:00
|
|
|
return nil, nil, err
|
2017-08-18 04:50:15 +03:00
|
|
|
}
|
2017-08-22 09:18:19 +03:00
|
|
|
|
2017-08-18 04:50:15 +03:00
|
|
|
return rootKey, id, nil
|
|
|
|
}
|
2018-02-01 03:04:56 +03:00
|
|
|
|
|
|
|
// Close closes the underlying database and zeroes the encryption key stored
|
|
|
|
// in memory.
|
|
|
|
func (r *RootKeyStorage) Close() error {
|
2019-11-10 05:12:11 +03:00
|
|
|
r.encKeyMtx.Lock()
|
|
|
|
defer r.encKeyMtx.Unlock()
|
|
|
|
|
2018-03-18 02:34:19 +03:00
|
|
|
if r.encKey != nil {
|
|
|
|
r.encKey.Zero()
|
|
|
|
}
|
2020-01-10 05:45:26 +03:00
|
|
|
return r.Backend.Close()
|
2018-02-01 03:04:56 +03:00
|
|
|
}
|