add random key for network encryption

2014-04-30 12:58:40 -03:00 · 2014-04-30 12:58:40 -03:00 · 2dc59de87e
commit 2dc59de87e
parent add1b084cc
8 changed files with 99 additions and 55 deletions
--- a/js/models/core/Wallet.js
+++ b/js/models/core/Wallet.js
@ -9,6 +9,8 @@ var Builder = bitcore.TransactionBuilder;
 var http = require('http');
 var EventEmitter = imports.EventEmitter || require('events').EventEmitter;
 var copay = copay || require('../../../copay');
+var SecureRandom  = bitcore.SecureRandom;
+var Base58Check   = bitcore.Base58.base58Check;

 function Wallet(opts) {
  var self = this;
@ -26,6 +28,8 @@ function Wallet(opts) {

  this.id = opts.id || Wallet.getRandomId();
  this.name = opts.name;
+  this.netKey = opts.netKey || SecureRandom.getRandomBuffer(8).toString('base64');
+
  this.verbose = opts.verbose;
  this.publicKeyRing.walletId = this.id;
  this.txProposals.walletId = this.id;
@ -124,6 +128,7 @@ Wallet.prototype._optsToObj = function() {
    requiredCopayers: this.requiredCopayers,
    totalCopayers: this.totalCopayers,
    name: this.name,
+    netKey: this.netKey,
  };

  return obj;
@ -139,6 +144,26 @@ Wallet.prototype.getMyCopayerId = function() {
  return this.getCopayerId(0);
 };

+
+Wallet.prototype.getSecret = function() {
+  var i = new Buffer(this.getMyCopayerId(),'hex');
+  var k = new Buffer(this.netKey,'base64');
+  var b = Buffer.concat([i,k]);
+  var str = Base58Check.encode(b);
+  return str;
+};
+
+
+Wallet.decodeSecret = function(secretB) {
+  var secret = Base58Check.decode(secretB);
+  var netKeyBuf = secret.slice(-8);
+  var pubKeyBuf = secret.slice(0,33);
+  return {
+    pubKey: pubKeyBuf.toString('hex'),
+    netKey: netKeyBuf.toString('base64'),
+  }
+};
+
 Wallet.prototype._lockIncomming = function() {
  this.network.lockIncommingConnections(this.publicKeyRing.getAllCopayerIds());
 };
@ -162,6 +187,7 @@ Wallet.prototype.netStart = function() {
  var startOpts = {
    copayerId: myId,
    maxPeers: self.totalCopayers,
+    netKey: this.netKey,
  };

  if (this.publicKeyRing.isComplete()) {
--- a/js/models/core/WalletFactory.js
+++ b/js/models/core/WalletFactory.js
@ -149,27 +149,35 @@ WalletFactory.prototype.remove = function(walletId) {
 };


-WalletFactory.prototype.joinCreateSession = function(copayerId, cb) {
+WalletFactory.prototype.joinCreateSession = function(secret, cb) {
  var self = this;

+  var s;
+  try {
+    s=Wallet.decodeSecret(secret);
+  } catch (e) {
+    return cb('badSecret');
+  }
+
  //Create our PrivateK
  var privateKey = new PrivateKey({ networkName: this.networkName });
  this.log('\t### PrivateKey Initialized');
  var opts = {
    copayerId: privateKey.getId(),
+    netKey: s.netKey,
  };
  self.network.cleanUp();
  self.network.start(opts, function() {
-    self.network.connectTo(copayerId);
+    self.network.connectTo(s.pubKey);
    self.network.on('onlyYou', function(sender, data) {
-      return cb();
+      return cb('joinError');
    });
    self.network.on('data', function(sender, data) {
      if (data.type ==='walletId') {
        data.opts.privateKey = privateKey;
        var w = self.open(data.walletId, data.opts);
-        w.firstCopayerId = copayerId;
-        return cb(w);
+        w.firstCopayerId = s.pubKey;
+        return cb(null, w);
      }
    });
  });
--- a/js/models/network/WebRTC.js
+++ b/js/models/network/WebRTC.js
@ -3,7 +3,6 @@ var imports     = require('soop').imports();
 var EventEmitter= imports.EventEmitter || require('events').EventEmitter;
 var bitcore     = require('bitcore');
 var util        = bitcore.util;
-var Key         = bitcore.Key;
 /*
 * Emits
 *  'networkChange'
@ -18,12 +17,11 @@ var Key         = bitcore.Key;
 */

 function Network(opts) {
-  var self = this;
+  var self            = this;
  opts                = opts || {};
  this.apiKey         = opts.apiKey || 'lwjd5qra8257b9';
  this.debug          = opts.debug || 3;
  this.maxPeers       = opts.maxPeers || 10;
-  this.opts           = { key: opts.key };
  this.sjclParams     = opts.sjclParams || {
    salt: 'f28bfb49ef70573c', 
    iter:500,
@ -31,8 +29,10 @@ function Network(opts) {
    ts:parseInt(64),   
  };

+
  // For using your own peerJs server
-  ['port', 'host', 'path', 'debug'].forEach(function(k) {
+  self.opts = {};
+  ['port', 'host', 'path', 'debug', 'key'].forEach(function(k) {
    if (opts[k]) self.opts[k] = opts[k];
  });
  this.cleanUp();
@ -44,6 +44,7 @@ Network.prototype.cleanUp = function() {
  this.started = false;
  this.connectedPeers = [];
  this.peerId = null;
+  this.netKey = null;
  this.copayerId = null;
  this.signingKey = null;
  this.allowedCopayerIds=null;
@ -338,6 +339,7 @@ Network.prototype.start = function(opts, openCallback) {

  if (this.started) return openCallback();

+  this.netKey = opts.netKey;
  this.maxPeers = opts.maxPeers || this.maxPeers;

  if (!this.copayerId)
@ -363,22 +365,10 @@ Network.prototype.getPeer = function() {
  return this.peer;
 };

-
-Network.prototype._keyForCopayerId = function(copayerId) {
-  var key=this.keyCache[copayerId];
-  if (key) return key;
-
-  var cBuf = new Buffer(copayerId,'hex');
-  var key = bitcore.util.sha256(cBuf).toString('base64');
-  this.keyCache[copayerId] = key;
-  return key;
-};
-
-Network.prototype._encryptFor = function(copayerId, payloadStr) {
-  var key = this._keyForCopayerId(copayerId);
+Network.prototype._encrypt = function(payloadStr) {
  var plainText = sjcl.codec.utf8String.toBits(payloadStr);
-  var p = this.sjclParams;    // auth strength
-  ct = sjcl.encrypt(key, plainText, p);//,p, rp);
+  var p = this.sjclParams;    
+  ct = sjcl.encrypt(this.netKey, plainText, p);//,p, rp);
  var c = JSON.parse(ct);
  var toSend = {
    iv: c.iv,
@ -394,8 +384,7 @@ Network.prototype._decrypt = function(encStr) {
    i[k] = this.sjclParams[k];
  }
  var str= JSON.stringify(i);
-  var key= this._keyForCopayerId(this.copayerId);
-  var pt = sjcl.decrypt(key, str);
+  var pt = sjcl.decrypt(this.netKey, str);
  return pt;
 };

@ -404,7 +393,7 @@ Network.prototype._sendToOne = function(copayerId, payloadStr, sig, cb) {
  if (peerId !== this.peerId) {
    var dataConn = this.connections[peerId];
    if (dataConn) {
-      dataConn.send(this._encryptFor(copayerId, payloadStr));
+      dataConn.send(this._encrypt(payloadStr));
    }
    else {
      console.log('[WebRTC.js.255] WARN: NO CONNECTION TO:', peerId); //TODO