/
filestore.go
116 lines (92 loc) · 3.22 KB
/
filestore.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
// Copyright 2019 Finobo
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package nacl
import (
"bytes"
"crypto/rand"
"encoding/json"
"fmt"
"io"
"strings"
"github.com/mailchain/mailchain/encoding"
"github.com/mailchain/mailchain/internal/keystore"
"github.com/pkg/errors"
"github.com/rs/zerolog/log"
"github.com/spf13/afero"
)
// NewFileStore create a new filestore with the path specified
func NewFileStore(path string) *FileStore {
return &FileStore{
fs: afero.NewBasePathFs(afero.NewOsFs(), path),
rand: rand.Reader,
}
}
// FileStore object
type FileStore struct {
fs afero.Fs
rand io.Reader
}
func (f FileStore) getEncryptedKeys(protocol, network string) ([]keystore.EncryptedKey, error) {
logger := log.With().Str("component", "nacl-filestore").Str("action", "getEncryptedKeys").Logger()
// directory needs to be created if looking for a key before one has been added and sub directories created
const dirPerm = 0700
if err := f.fs.MkdirAll(fmt.Sprintf("./%s/%s", protocol, network), dirPerm); err != nil {
return nil, errors.WithStack(err)
}
files, err := afero.ReadDir(f.fs, fmt.Sprintf("./%s/%s", protocol, network))
if err != nil {
return nil, err
}
encryptedKeys := []keystore.EncryptedKey{}
for _, file := range files {
fileName := file.Name()
if !strings.HasSuffix(fileName, ".json") {
logger.Warn().Msgf("skipping non .json filename %s", fileName)
continue
}
fileName = strings.TrimSuffix(fileName, ".json")
splits := strings.Split(fileName, "/")
pubKeyPortion := splits[len(splits)-1]
pubKeyBytes, err := encoding.DecodeHex(pubKeyPortion)
if err != nil {
logger.Warn().Err(err).Msgf("invalid filename %s", fileName)
continue
}
encryptedKey, err := f.getEncryptedKey(protocol, network, pubKeyBytes)
if err != nil {
logger.Warn().Err(err).Msgf("invalid file %s", file.Name())
continue
}
encryptedKeys = append(encryptedKeys, *encryptedKey)
}
return encryptedKeys, nil
}
func (f FileStore) getEncryptedKey(protocol, network string, pubKeyBytes []byte) (*keystore.EncryptedKey, error) {
fd, err := f.fs.Open(fmt.Sprintf("./%s/%s/%s", protocol, network, f.filename(pubKeyBytes)))
if err != nil {
return nil, errors.WithMessage(err, "could not find key file")
}
defer fd.Close()
encryptedKey := new(keystore.EncryptedKey)
if err := json.NewDecoder(fd).Decode(encryptedKey); err != nil {
return nil, errors.WithStack(err)
}
if !bytes.Equal(encryptedKey.PublicKeyBytes, pubKeyBytes) {
return nil, errors.Errorf("key content mismatch: have pubKey %x, want %x", encryptedKey.PublicKeyBytes, pubKeyBytes)
}
return encryptedKey, nil
}
func (f FileStore) filename(pubKeyBytes []byte) string {
return fmt.Sprintf("%s.json", encoding.EncodeHex(pubKeyBytes))
}