-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathkeys.go
226 lines (199 loc) · 6.17 KB
/
keys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
package ants
import (
"crypto/ed25519"
"crypto/rand"
"fmt"
"io"
"os"
"github.com/ipfs/go-cid"
"github.com/libp2p/go-libp2p/core/crypto"
"github.com/libp2p/go-libp2p/core/peer"
mh "github.com/multiformats/go-multihash"
mhreg "github.com/multiformats/go-multihash/core"
"github.com/probe-lab/go-libdht/kad/key"
"github.com/probe-lab/go-libdht/kad/key/bit256"
"github.com/probe-lab/go-libdht/kad/key/bitstr"
"github.com/probe-lab/go-libdht/kad/trie"
)
type KeysDB struct {
filepath string
}
func NewKeysDB(filepath string) *KeysDB {
return &KeysDB{filepath: filepath}
}
func (db *KeysDB) readKeysFromFile() *trie.Trie[bit256.Key, crypto.PrivKey] {
keysTrie := trie.New[bit256.Key, crypto.PrivKey]()
// load file
file, err := os.OpenFile(db.filepath, os.O_RDONLY, 0o600)
if err != nil {
logger.Warn("Couldn't open file", db.filepath, ":", err)
return keysTrie
}
defer file.Close()
for {
// Read exactly ed25519.PrivateKeySize bytes into keyBytes
keyBytes := make([]byte, ed25519.PrivateKeySize)
_, err := io.ReadFull(file, keyBytes)
if err == io.EOF {
break // End of file, exit the loop
}
if err != nil {
logger.Warnf("Error reading key: %v", err)
break
}
// Unmarshal the private key
privKey, err := crypto.UnmarshalEd25519PrivateKey(keyBytes)
if err != nil {
logger.Warnf("Error parsing key: %v", err)
continue
}
// Derive the peer ID from the private key
pid, err := peer.IDFromPrivateKey(privKey)
if err != nil {
logger.Warnf("Error getting peer ID: %v", err)
continue
}
// Add to your keysTrie or equivalent data structure
keysTrie.Add(PeerIDToKadID(pid), privKey)
}
return keysTrie
}
func (db *KeysDB) writeKeysToFile(keysTrie *trie.Trie[bit256.Key, crypto.PrivKey]) {
file, err := os.OpenFile(db.filepath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
if err != nil {
logger.Warn("Couldn't open file", db.filepath, ":", err)
return
}
defer file.Close()
allKeys := trie.Closest(keysTrie, bit256.ZeroKey(), keysTrie.Size())
for _, entry := range allKeys {
if entry.Data == nil {
fmt.Println(entry)
continue
}
raw, err := entry.Data.Raw()
if err != nil {
logger.Warn("error getting raw key", err)
continue
}
_, err = file.Write(raw)
if err != nil {
logger.Warn("error writing key to file", err)
}
}
}
// integrateKeysIntoTrie converts the provided privkeys into kademlia ids and
// adds them to the provided binary trie
func integrateKeysIntoTrie(keysTrie *trie.Trie[bit256.Key, crypto.PrivKey], keys []crypto.PrivKey) {
for _, key := range keys {
if key == nil {
logger.Warn("skipping nil key")
continue
}
pid, err := peer.IDFromPrivateKey(key)
if err != nil {
logger.Warnf("Error getting peer ID: %v", err)
continue
}
keysTrie.Add(PeerIDToKadID(pid), key)
}
}
func genKey() crypto.PrivKey {
priv, _, err := crypto.GenerateEd25519Key(rand.Reader)
if err != nil {
panic(err)
}
return priv
}
// getMatchingKeys will return a list of private keys whose kademlia IDs match
// the provided list of prefixes, by looking for matches in the provided binary
// trie, and if no match by bruteforcing new keys until a match is found. All
// keys generated during bruteforces are added to the trie.
func getMatchingKeys(prefixes []bitstr.Key, keysTrie *trie.Trie[bit256.Key, crypto.PrivKey]) []crypto.PrivKey {
// generate a random mask to be used as key suffix. If the same suffix is
// used for all keys, the trie will be unbalanced
randomMask := make([]byte, bit256.KeyLen)
rand.Read(randomMask)
keys := make([]crypto.PrivKey, len(prefixes))
// find or generate a key for each prefix
for i, prefix := range prefixes {
// apply random suffix to generate a 256-bit key from the prefix
b256 := bitstrToBit256(prefix, randomMask)
// find the closest key in the trie
foundKeys := trie.Closest(keysTrie, b256, 1)
if len(foundKeys) > 0 && key.CommonPrefixLength(foundKeys[0].Key, prefix) == prefix.BitLen() {
// closest key is matching prefix
keys[i] = foundKeys[0].Data
// remove found key from db to avoid exposing private keys of live nodes
keysTrie.Remove(foundKeys[0].Key)
} else {
// no matching key found in trie, generate new keys until one matches
for {
newKey := genKey()
// derive peer ID from the private key
pid, err := peer.IDFromPrivateKey(newKey)
if err != nil {
logger.Warnf("Error getting peer ID: %v", err)
continue
}
// check if the new key matches the prefix
if key.CommonPrefixLength(PeerIDToKadID(pid), prefix) == prefix.BitLen() {
keys[i] = newKey
break
}
// add to keysTrie if not matching prefix
keysTrie.Add(PeerIDToKadID(pid), newKey)
}
}
}
return keys
}
// MatchingKeys returns a list of private keys whose kademlia IDs match the
// provided list of prefixes. It also write back to disk the returned private
// keys for future use.
func (db *KeysDB) MatchingKeys(prefixes []bitstr.Key, returned []crypto.PrivKey) []crypto.PrivKey {
// read keys from disk
keysTrie := db.readKeysFromFile()
// integrate returned keys into the trie, they are available again
integrateKeysIntoTrie(keysTrie, returned)
// pop any matching keys from the keysTrie, generate new keys if needed
// and store them in keysTrie
keys := getMatchingKeys(prefixes, keysTrie)
// save keys to disk
db.writeKeysToFile(keysTrie)
return keys
}
// PeerIDToKadID converts a libp2p peer.ID to its binary kademlia identifier
func PeerIDToKadID(pid peer.ID) bit256.Key {
hasher, err := mhreg.GetHasher(mh.SHA2_256)
if err != nil {
panic(err)
}
hasher.Write([]byte(pid))
return bit256.NewKey(hasher.Sum(nil))
}
func NsToCid(ns string) (cid.Cid, error) {
h, err := mh.Sum([]byte(ns), mh.SHA2_256, -1)
if err != nil {
return cid.Undef, err
}
return cid.NewCidV1(cid.Raw, h), nil
}
func bitstrToBit256(strKey bitstr.Key, padding []byte) bit256.Key {
bit256Key := make([]byte, 32)
copy(bit256Key, padding)
var currByte byte
i := 0
for ; i < strKey.BitLen(); i++ {
currByte = currByte | (byte(strKey.Bit(i)) << (7 - (i % 8)))
if i%8 == 7 {
bit256Key[i/8] = currByte
currByte = 0
}
}
if i%8 != 0 {
currByte = currByte | bit256Key[i/8]<<(7-(i%8))>>(7-(i%8))
bit256Key[i/8] = currByte
}
return bit256.NewKey(bit256Key)
}