Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add `init_api_secure` function #206

Merged
merged 21 commits into from Aug 19, 2019

Conversation

@yeastplume
Copy link
Member

commented Aug 13, 2019

  • Adds a new V3 Owner API, with the V2 API still running for backwards-compatibility purposes
  • Adds functionality to the controller to encrypt and decrypt responses. All V3 API functions except init_secure_api must be encrypted.
  • Secure requests are JSON-RPC calls that look like the following:
{
   "jsonrpc": "2.0",
   "method: "encrypted_request_v3",
   "id": "1",
   "params": {
      "nonce": "ef32...",
      "body_enc": "e0bcd..."
   }
}
  • Encryption is currently AEAD With the following parameters:
    • AES-256 in GCM mode with 128-bit tags and 96 bit nonces
    • 12 byte nonce which must be included in each request/response to use on the decrypting side
    • Empty vector for additional data
    • Suffix length = AES-256 GCM mode tag length = 16 bytes
    • Open to discussion on the encryption scheme, but AEAD/AES256GCM is currently supported in node.js by default so hopefully this encryption shouldn't throw up too much of a block.
  • Adds an init_secure_api function to the V3 API, performs an ECDH exchange (using the usual libsecp256k1 curve, again supported by node.js), sets the shared key internally and returns the public key to the caller.
  • The shared-key on the server side is static and global (as I don't believe hyper method handlers can mutate their state)
  • Also adds many tests exercising the V3 api encryption and error conditions
yeastplume added 11 commits Aug 13, 2019

@yeastplume yeastplume changed the title [WIP] Add `init_api_secure` function Add `init_api_secure` function Aug 15, 2019

@yeastplume

This comment has been minimized.

Copy link
Member Author

commented Aug 15, 2019

No longer WIP and ready for review, updated description in top comment

let value: ECDHPubkey = res.unwrap();
let shared_key = derive_ecdh_key(sec_key_str, &value.ecdh_pubkey);

// 12) A normal request, correct key

This comment has been minimized.

Copy link
@DavidBurkett
@@ -308,15 +415,54 @@ where
OwnerAPIHandlerV3 { wallet }
}

//TODO: Unwraps

This comment has been minimized.

Copy link
@DavidBurkett

DavidBurkett Aug 15, 2019

Has this been addressed?

This comment has been minimized.

Copy link
@yeastplume

yeastplume Aug 15, 2019

Author Member

Yes, leftover reminder comment.

where
OUT: DeserializeOwned,
{
let url = Url::parse(dest).unwrap();

This comment has been minimized.

Copy link
@DavidBurkett

DavidBurkett Aug 15, 2019

Should we really have all of these unwraps in send_request_enc and derive_ecdh_key? What RPC error code would be returned if these panic?

This comment has been minimized.

Copy link
@yeastplume

yeastplume Aug 15, 2019

Author Member

It's just test helper code, I don't usually worry too much about unwraps there. I've been careful to ensure the server side returns proper errors for all conditions (and never unwraps)

yeastplume added 4 commits Aug 15, 2019
change ports for test, add foreign listener to V2 sanity tests, add a…
…bility to select owner api port via command line
yeastplume added 6 commits Aug 19, 2019

@yeastplume yeastplume merged commit a58cae6 into mimblewimble:master Aug 19, 2019

9 checks passed

mimblewimble.grin-wallet Build #20190819.4 succeeded
Details
mimblewimble.grin-wallet (linux config/libwallet/api) linux config/libwallet/api succeeded
Details
mimblewimble.grin-wallet (linux controller/all) linux controller/all succeeded
Details
mimblewimble.grin-wallet (linux impls) linux impls succeeded
Details
mimblewimble.grin-wallet (linux release) linux release succeeded
Details
mimblewimble.grin-wallet (macos release) macos release succeeded
Details
mimblewimble.grin-wallet (macos test) macos test succeeded
Details
mimblewimble.grin-wallet (windows release) windows release succeeded
Details
mimblewimble.grin-wallet (windows test) windows test succeeded
Details

@yeastplume yeastplume deleted the yeastplume:init_api_secure branch Aug 21, 2019

@yeastplume

This comment has been minimized.

Copy link
Member Author

commented Sep 9, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.