mirror of https://github.com/oxen-io/lokinet
Reorganize priv key file loading a bit and hook KeyManager into Router
This commit is contained in:
parent
7084dae79a
commit
e8e2e21fa2
|
@ -1,20 +1,28 @@
|
|||
#include <config/key_manager.hpp>
|
||||
|
||||
#include <system_error>
|
||||
#include <util/logging/logger.hpp>
|
||||
#include "config/config.hpp"
|
||||
#include "crypto/crypto.hpp"
|
||||
#include "crypto/types.hpp"
|
||||
|
||||
namespace llarp
|
||||
{
|
||||
KeyManager::KeyManager(const llarp::Config& config)
|
||||
: m_rcPath(config.router.ourRcFile())
|
||||
, m_idKeyPath(config.router.identKeyfile())
|
||||
, m_encKeyPath(config.router.encryptionKeyfile())
|
||||
, m_transportKeyPath(config.router.transportKeyfile())
|
||||
KeyManager::KeyManager()
|
||||
: m_initialized(false)
|
||||
{
|
||||
}
|
||||
|
||||
bool
|
||||
KeyManager::initializeFromDisk(bool genIfAbsent)
|
||||
KeyManager::initializeFromDisk(const llarp::Config& config, bool genIfAbsent)
|
||||
{
|
||||
if (m_initialized)
|
||||
return false;
|
||||
|
||||
m_rcPath = config.router.ourRcFile();
|
||||
m_idKeyPath = config.router.identKeyfile();
|
||||
m_encKeyPath = config.router.encryptionKeyfile();
|
||||
m_transportKeyPath = config.router.transportKeyfile();
|
||||
|
||||
RouterContact rc;
|
||||
if (!rc.Read(m_rcPath.c_str()))
|
||||
|
@ -36,36 +44,70 @@ namespace llarp
|
|||
return false;
|
||||
}
|
||||
|
||||
// TODO: generate files
|
||||
|
||||
// load identity key or create if needed
|
||||
auto identityKeygen = [](llarp::SecretKey& key)
|
||||
{
|
||||
// TODO: handle generating from service node seed
|
||||
llarp::CryptoManager::instance()->identity_keygen(key);
|
||||
};
|
||||
if (not loadOrCreateKey(m_idKeyPath, m_idKey, identityKeygen))
|
||||
return false;
|
||||
|
||||
// load encryption key
|
||||
auto encryptionKeygen = [](llarp::SecretKey& key)
|
||||
{
|
||||
llarp::CryptoManager::instance()->encryption_keygen(key);
|
||||
};
|
||||
if (not loadOrCreateKey(m_encKeyPath, m_encKey, encryptionKeygen))
|
||||
return false;
|
||||
|
||||
// TODO: transport key (currently done in LinkLayer)
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: load files
|
||||
|
||||
m_initialized = true;
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
KeyManager::getIdentityKey(llarp::SecretKey &key) const
|
||||
{
|
||||
if (! m_initialized)
|
||||
return false;
|
||||
|
||||
key = m_idKey;
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
KeyManager::getEncryptionKey(llarp::SecretKey &key) const
|
||||
{
|
||||
if (! m_initialized)
|
||||
return false;
|
||||
|
||||
key = m_encKey;
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
KeyManager::getTransportKey(llarp::SecretKey &key) const
|
||||
{
|
||||
if (! m_initialized)
|
||||
return false;
|
||||
|
||||
key = m_transportKey;
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
KeyManager::getRouterContact(llarp::RouterContact& rc) const
|
||||
{
|
||||
if (! m_initialized)
|
||||
return false;
|
||||
|
||||
rc = m_rc;
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -110,6 +152,37 @@ namespace llarp
|
|||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
KeyManager::loadOrCreateKey(
|
||||
const std::string& filepath,
|
||||
llarp::SecretKey key,
|
||||
std::function<void(llarp::SecretKey& key)> keygen)
|
||||
{
|
||||
fs::path path(filepath);
|
||||
std::error_code ec;
|
||||
if (! fs::exists(path, ec))
|
||||
{
|
||||
if (ec)
|
||||
{
|
||||
LogError("Error checking key", filepath, ec.message());
|
||||
return false;
|
||||
}
|
||||
|
||||
LogInfo("Generating new key", filepath);
|
||||
keygen(key);
|
||||
|
||||
if (! key.SaveToFile(filepath.c_str()))
|
||||
{
|
||||
LogError("Failed to save new key");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return key.LoadFromFile(filepath.c_str());
|
||||
}
|
||||
|
||||
} // namespace llarp
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
#ifndef LLARP_KEY_MANAGER_HPP
|
||||
#define LLARP_KEY_MANAGER_HPP
|
||||
|
||||
#include <atomic>
|
||||
#include <config/config.hpp>
|
||||
#include <crypto/types.hpp>
|
||||
#include <router_contact.hpp>
|
||||
|
@ -21,20 +22,19 @@ namespace llarp
|
|||
struct KeyManager {
|
||||
|
||||
/// Constructor
|
||||
///
|
||||
/// @param config should be a prepared config object
|
||||
KeyManager(const llarp::Config& config);
|
||||
KeyManager();
|
||||
|
||||
/// Initializes from disk. This reads enough from disk to understand the current
|
||||
/// state of the stored keys.
|
||||
///
|
||||
/// NOTE: Must be called prior to obtaining any keys.
|
||||
///
|
||||
/// @param config should be a prepared config object
|
||||
/// @param genIfAbsent determines whether or not we will create files if they
|
||||
/// do not exist.
|
||||
/// @return true on success, false otherwise
|
||||
bool
|
||||
initializeFromDisk(bool genIfAbsent);
|
||||
initializeFromDisk(const llarp::Config& config, bool genIfAbsent);
|
||||
|
||||
/// Obtain the identity key (e.g. ~/.lokinet/identity.private)
|
||||
///
|
||||
|
@ -70,10 +70,25 @@ namespace llarp
|
|||
std::string m_idKeyPath;
|
||||
std::string m_encKeyPath;
|
||||
std::string m_transportKeyPath;
|
||||
std::atomic_bool m_initialized;
|
||||
|
||||
llarp::RouterContact m_rc;
|
||||
llarp::SecretKey m_idKey;
|
||||
llarp::SecretKey m_encKey;
|
||||
llarp::SecretKey m_transportKey;
|
||||
|
||||
/// Backup each key file (by copying, e.g. foo -> foo.bak)
|
||||
bool
|
||||
backupKeyFilesByMoving() const;
|
||||
|
||||
/// Load the key at a given filepath or create it
|
||||
///
|
||||
/// @param keygen is a function that will generate the key if needed
|
||||
static bool
|
||||
loadOrCreateKey(
|
||||
const std::string& filepath,
|
||||
llarp::SecretKey key,
|
||||
std::function<void(llarp::SecretKey& key)> keygen);
|
||||
};
|
||||
|
||||
} // namespace llarp
|
||||
|
|
|
@ -229,18 +229,21 @@ namespace llarp
|
|||
bool
|
||||
Router::EnsureIdentity()
|
||||
{
|
||||
if(!EnsureEncryptionKey())
|
||||
|
||||
// TODO: handle loading SN identity instead
|
||||
if (not m_keyManager.getIdentityKey(_identity))
|
||||
return false;
|
||||
|
||||
if (not m_keyManager.getEncryptionKey(_encryption))
|
||||
return false;
|
||||
|
||||
if(usingSNSeed)
|
||||
return llarp_loadServiceNodeIdentityKey(ident_keyfile, _identity);
|
||||
{
|
||||
LogError("FIXME: load identity key from SNode seed");
|
||||
return false;
|
||||
}
|
||||
|
||||
return llarp_findOrCreateIdentity(ident_keyfile, _identity);
|
||||
}
|
||||
|
||||
bool
|
||||
Router::EnsureEncryptionKey()
|
||||
{
|
||||
return llarp_findOrCreateEncryption(encryption_keyfile, _encryption);
|
||||
return true;
|
||||
}
|
||||
|
||||
bool
|
||||
|
@ -259,6 +262,10 @@ namespace llarp
|
|||
|
||||
if(!InitOutboundLinks())
|
||||
return false;
|
||||
|
||||
if (not m_keyManager.initializeFromDisk(*conf, true))
|
||||
return false;
|
||||
|
||||
return EnsureIdentity();
|
||||
}
|
||||
|
||||
|
|
|
@ -3,6 +3,7 @@
|
|||
|
||||
#include <router/abstractrouter.hpp>
|
||||
|
||||
#include <config/key_manager.hpp>
|
||||
#include <constants/link_layer.hpp>
|
||||
#include <crypto/types.hpp>
|
||||
#include <ev/ev.h>
|
||||
|
@ -45,13 +46,6 @@ namespace llarp
|
|||
struct Config;
|
||||
} // namespace llarp
|
||||
|
||||
bool
|
||||
llarp_findOrCreateEncryption(const fs::path &fpath,
|
||||
llarp::SecretKey &encryption);
|
||||
|
||||
bool
|
||||
llarp_findOrCreateIdentity(const fs::path &path, llarp::SecretKey &secretkey);
|
||||
|
||||
bool
|
||||
llarp_loadServiceNodeIdentityKey(const fs::path &fpath,
|
||||
llarp::SecretKey &secretkey);
|
||||
|
@ -470,6 +464,8 @@ namespace llarp
|
|||
|
||||
llarp_time_t m_LastStatsReport = 0;
|
||||
|
||||
llarp::KeyManager m_keyManager;
|
||||
|
||||
bool
|
||||
ShouldReportStats(llarp_time_t now) const;
|
||||
|
||||
|
|
|
@ -13,6 +13,9 @@
|
|||
using namespace ::llarp;
|
||||
using namespace ::testing;
|
||||
|
||||
/*
|
||||
* TODO: reimplement
|
||||
*
|
||||
using FindOrCreateFunc = std::function< bool(const fs::path &, SecretKey &) >;
|
||||
|
||||
struct FindOrCreate : public test::LlarpTest<>,
|
||||
|
@ -89,3 +92,4 @@ FindOrCreateFunc findOrCreateFunc[] = {llarp_findOrCreateEncryption,
|
|||
|
||||
INSTANTIATE_TEST_CASE_P(TestRouter, FindOrCreate,
|
||||
::testing::ValuesIn(findOrCreateFunc), );
|
||||
*/
|
||||
|
|
Loading…
Reference in New Issue