Skip to content

Commit

Permalink
Merge pull request #23 from FigureTechnologies/hyperschwartz/configur…
Browse files Browse the repository at this point in the history
…ation-fix

Bugfix: Master key overwrites private keys
  • Loading branch information
hyperschwartz authored Sep 24, 2022
2 parents 309d592 + d6f10be commit 0228e9b
Show file tree
Hide file tree
Showing 7 changed files with 25 additions and 9 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import io.provenance.scope.encryption.util.toJavaPrivateKey
import io.provenance.scope.encryption.util.toKeyPair
import io.provenance.scope.objectstore.client.CachedOsClient
import io.provenance.scope.objectstore.client.OsClient
import org.springframework.beans.factory.annotation.Qualifier
import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration

Expand All @@ -21,14 +22,14 @@ class AppConfig {
return CachedOsClient(osClient, objectStoreProperties.decryptionWorkerThreads, objectStoreProperties.concurrencySize, objectStoreProperties.cacheRecordSizeBytes)
}

@Bean
@Bean(BeanQualifiers.OBJECTSTORE_ENCRYPTION_KEYS)
fun encryptionKeys(provenanceProperties: ProvenanceProperties, objectStoreProperties: ObjectStoreProperties): Map<String, KeyRef> = objectStoreProperties.privateKeys.map {
it.toJavaPrivateKey().toKeyPair().let { keyPair ->
keyPair.public.getAddress(provenanceProperties.mainNet) to DirectKeyRef(keyPair)
}
}.toMap()

@Bean
@Bean(BeanQualifiers.OBJECTSTORE_MASTER_KEY)
fun masterKey(objectStoreProperties: ObjectStoreProperties): KeyRef = objectStoreProperties.masterKey.toJavaPrivateKey().toKeyPair().let(::DirectKeyRef)

@Bean
Expand All @@ -38,6 +39,8 @@ class AppConfig {
gasEstimationMethod = GasEstimationMethod.MSG_FEE_CALCULATION,
)

@Bean
fun accountAddresses(encryptionKeys: Map<String, KeyRef>): Set<String> = encryptionKeys.keys
@Bean(BeanQualifiers.OBJECTSTORE_PRIVATE_KEYS)
fun accountAddresses(
@Qualifier(BeanQualifiers.OBJECTSTORE_ENCRYPTION_KEYS) encryptionKeys: Map<String, KeyRef>,
): Set<String> = encryptionKeys.keys
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,7 @@ package tech.figure.objectstore.gateway.configuration

object BeanQualifiers {
const val EVENT_STREAM_COROUTINE_SCOPE_QUALIFIER = "eventStreamCoroutineScopeBean"
const val OBJECTSTORE_ENCRYPTION_KEYS: String = "objectStoreEncryptionKeys"
const val OBJECTSTORE_PRIVATE_KEYS: String = "objectStorePrivateKeys"
const val OBJECTSTORE_MASTER_KEY: String = "objectStoreMasterKey"
}
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,14 @@ import io.provenance.scope.encryption.model.KeyRef
import io.provenance.scope.encryption.util.getAddress
import mu.KLogging
import org.lognet.springboot.grpc.GRpcService
import org.springframework.beans.factory.annotation.Qualifier
import tech.figure.objectstore.gateway.address
import tech.figure.objectstore.gateway.admin.Admin.FetchDataStorageAccountRequest
import tech.figure.objectstore.gateway.admin.Admin.FetchDataStorageAccountResponse
import tech.figure.objectstore.gateway.admin.Admin.PutDataStorageAccountRequest
import tech.figure.objectstore.gateway.admin.Admin.PutDataStorageAccountResponse
import tech.figure.objectstore.gateway.admin.GatewayAdminGrpc.GatewayAdminImplBase
import tech.figure.objectstore.gateway.configuration.BeanQualifiers
import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
import tech.figure.objectstore.gateway.exception.AccessDeniedException
import tech.figure.objectstore.gateway.exception.NotFoundException
Expand All @@ -23,7 +25,7 @@ import tech.figure.objectstore.gateway.server.interceptor.JwtServerInterceptor
@GRpcService(interceptors = [JwtServerInterceptor::class])
class ObjectStoreGatewayAdminServer(
private val accountsRepository: DataStorageAccountsRepository,
private val masterKey: KeyRef,
@Qualifier(BeanQualifiers.OBJECTSTORE_MASTER_KEY) private val masterKey: KeyRef,
private val provenanceProperties: ProvenanceProperties,
) : GatewayAdminImplBase() {
private companion object : KLogging()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,13 @@ import io.provenance.scope.encryption.model.KeyRef
import io.provenance.scope.encryption.util.getAddress
import mu.KLogging
import org.lognet.springboot.grpc.GRpcService
import org.springframework.beans.factory.annotation.Qualifier
import tech.figure.objectstore.gateway.GatewayGrpc
import tech.figure.objectstore.gateway.GatewayOuterClass
import tech.figure.objectstore.gateway.GatewayOuterClass.GrantScopePermissionResponse
import tech.figure.objectstore.gateway.GatewayOuterClass.RevokeScopePermissionResponse
import tech.figure.objectstore.gateway.address
import tech.figure.objectstore.gateway.configuration.BeanQualifiers
import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
import tech.figure.objectstore.gateway.publicKey
import tech.figure.objectstore.gateway.server.interceptor.JwtServerInterceptor
Expand All @@ -23,7 +25,7 @@ import tech.figure.objectstore.gateway.service.ScopePermissionsService

@GRpcService(interceptors = [JwtServerInterceptor::class])
class ObjectStoreGatewayServer(
private val masterKey: KeyRef,
@Qualifier(BeanQualifiers.OBJECTSTORE_MASTER_KEY) private val masterKey: KeyRef,
private val scopeFetchService: ScopeFetchService,
private val scopePermissionsService: ScopePermissionsService,
private val objectService: ObjectService,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,10 @@ import io.provenance.scope.objectstore.util.base64Decode
import io.provenance.scope.objectstore.util.toHex
import io.provenance.scope.util.NotFoundException
import io.provenance.scope.util.base64String
import org.springframework.beans.factory.annotation.Qualifier
import org.springframework.stereotype.Component
import tech.figure.objectstore.gateway.GatewayOuterClass
import tech.figure.objectstore.gateway.configuration.BeanQualifiers
import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
import tech.figure.objectstore.gateway.exception.AccessDeniedException
import tech.figure.objectstore.gateway.repository.DataStorageAccountsRepository
Expand All @@ -20,7 +22,7 @@ import java.security.PublicKey
class ObjectService(
private val accountsRepository: DataStorageAccountsRepository,
private val objectStoreClient: CachedOsClient,
private val masterKey: KeyRef,
@Qualifier(BeanQualifiers.OBJECTSTORE_MASTER_KEY) private val masterKey: KeyRef,
private val objectPermissionsRepository: ObjectPermissionsRepository,
private val provenanceProperties: ProvenanceProperties,
) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@ import io.provenance.scope.objectstore.client.CachedOsClient
import io.provenance.scope.objectstore.util.base64Decode
import io.provenance.scope.sdk.extensions.resultType
import mu.KLogging
import org.springframework.beans.factory.annotation.Qualifier
import org.springframework.stereotype.Component
import tech.figure.objectstore.gateway.GatewayOuterClass
import tech.figure.objectstore.gateway.configuration.BeanQualifiers
import tech.figure.objectstore.gateway.configuration.ProvenanceProperties
import tech.figure.objectstore.gateway.exception.AccessDeniedException
import tech.figure.objectstore.gateway.repository.ScopePermissionsRepository
Expand All @@ -23,7 +25,7 @@ class ScopeFetchService(
private val objectStoreClient: CachedOsClient,
private val pbClient: PbClient,
private val scopePermissionsRepository: ScopePermissionsRepository,
private val encryptionKeys: Map<String, KeyRef>,
@Qualifier(BeanQualifiers.OBJECTSTORE_ENCRYPTION_KEYS) private val encryptionKeys: Map<String, KeyRef>,
private val provenanceProperties: ProvenanceProperties,
) {
companion object : KLogging()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,14 @@ package tech.figure.objectstore.gateway.service

import io.provenance.metadata.v1.ScopeResponse
import mu.KLogging
import org.springframework.beans.factory.annotation.Qualifier
import org.springframework.stereotype.Service
import tech.figure.objectstore.gateway.configuration.BeanQualifiers
import tech.figure.objectstore.gateway.repository.ScopePermissionsRepository

@Service
class ScopePermissionsService(
private val accountAddresses: Set<String>,
@Qualifier(BeanQualifiers.OBJECTSTORE_PRIVATE_KEYS) private val accountAddresses: Set<String>,
private val scopeFetchService: ScopeFetchService,
private val scopePermissionsRepository: ScopePermissionsRepository,
) {
Expand Down

0 comments on commit 0228e9b

Please sign in to comment.