Encrypted Key Store

[connormullett]

Summary of changes
Changes introduced in this pull request:

• This PR introduces methods to encrypt and decrypt messages and payloads symmetrically. This will further be utilized in the keystore to securely save keys.

Reference issue to close (if applicable)

Closes #1033

Thank you 🔥

[CLAassistant]

All committers have signed the CLA.

[cryptoquick]

In addition to key_info I think we should have two additional properties on the MemKeyStore struct:

• unlocked: bool: has it been unlocked yet
• encrypted_key: bool: it's an encrypted key

@ec2 I'd like your opinions on these:

1. We may have to introduce checks wherever the keystore is read from to throw if an encrypted key needs to be decrypted. I'm not sure if we should have a default key that's read-only.
2. Should we introduce checks or requirements for encrypted keys to only work if an HTTP connection is secure?
3. Should we introduce a requirement for admin, sign, and write keys to require encryption?

I think 2 & 3 these are nice-to-haves, maybe I can put them in a separate issue, when we have the option for running in "production" mode vs "development" mode.

[cryptoquick]

Also @connormullett , check this out:

• target/release/forest -c ../config.toml -p 1235
• FULLNODE_API_INFO="/ip4/127.0.0.1/tcp/1235/http" lotus auth create-token --perm admin
• Take the resulting admin JWT, and replace the one here:
• FULLNODE_API_INFO="eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJBbGxvdyI6WyJyZWFkIiwid3JpdGUiLCJzaWduIiwiYWRtaW4iXX0.PFlC4lndH_Dw8GitzmTS6nxxGOia_kuefCWHd5FwtR0:/ip4/127.0.0.1/tcp/1235/http" lotus wallet new
• Then check keystore.json
• All these private keys should be capable of being encrypted

Though, should we be able to encrypt a private key that's already be written to the keystore, or should we only write freshly encrypted keys?

[cryptoquick]

I just tested it out, it works great!
Great work, @connormullett, and a fantastic first contribution!

[creativcoder]

Nit: we don't need the ()

[cryptoquick]

Yeah, that's fair. I just figured it looked more consistent that way.

[connormullett]

Refactored.

[creativcoder]

We can just pass KEYSTORE_NAME to join, as it accepts anything that implements AsRef and &str does: https://doc.rust-lang.org/std/path/struct.PathBuf.html#method.join

[connormullett]

LGTM. It does seem like if you use encrypted mode, you cant access your unencrypted keys. I wonder if we want that functionality in the future...

While the daemon is running, yes; However, the file still exists. Switching the daemon off to use another set of keys doesn't sound ideal so I agree.

[creativcoder]

ok_or is perfect for these situations where we want to return an Err in None match arm.

[connormullett]

This makes it much cleaner (cause ? op). Thanks for this.

[creativcoder]

Yeah, i love how std lib APIs compose well together

[creativcoder]

Awesome work! Let's get this merged

[ec2]

LGTM. It does seem like if you use encrypted mode, you cant access your unencrypted keys. I wonder if we want that functionality in the future...