Fix sslcrypto thread safety (#2454)

* Use sslcrypto instead of pyelliptic and pybitcointools

* Fix CryptMessage

* Support Python 3.4

* Fix user creation

* Get rid of pyelliptic and pybitcointools

* Fix typo

* Delete test file

* Add sslcrypto to tree

* Update sslcrypto

* Add pyaes to src/lib

* Fix typo in tests

* Update sslcrypto version

* Use privatekey_bin instead of privatekey for bytes objects

* Fix sslcrypto

* Fix Benchmark plugin

* Don't calculate the same thing twice

* Only import sslcrypto once

* Handle fallback sslcrypto implementation during tests

* Fix sslcrypto fallback implementation selection

* Fix thread safety

* Add derivation

* Bring split back

* Fix typo

* v3.3

* Fix custom OpenSSL discovery

Author: HelloZeroNet

.gitlab-ci.yml

@@ -21,7 +21,7 @@ stages:
     - python -m pytest -x plugins/Multiuser/Test --color=yes
     - mv plugins/disabled-Bootstrapper plugins/Bootstrapper
     - python -m pytest -x plugins/Bootstrapper/Test --color=yes
-    - flake8 . --count --select=E9,F63,F72,F82 --show-source --statistics --exclude=src/lib/pybitcointools/
+    - flake8 . --count --select=E9,F63,F72,F82 --show-source --statistics --exclude=src/lib/pyaes/
 
 test:py3.4:
   image: python:3.4.3

.travis.yml

@@ -33,10 +33,13 @@ script:
  - export ZERONET_LOG_DIR="log/Bootstrapper"; mv plugins/disabled-Bootstrapper plugins/Bootstrapper && catchsegv python -m pytest -x plugins/Bootstrapper/Test
  - find src -name "*.json" | xargs -n 1 python3 -c "import json, sys; print(sys.argv[1], end=' '); json.load(open(sys.argv[1])); print('[OK]')"
  - find plugins -name "*.json" | xargs -n 1 python3 -c "import json, sys; print(sys.argv[1], end=' '); json.load(open(sys.argv[1])); print('[OK]')"
- - flake8 . --count --select=E9,F63,F72,F82 --show-source --statistics --exclude=src/lib/pybitcointools/
+ - flake8 . --count --select=E9,F63,F72,F82 --show-source --statistics --exclude=src/lib/pyaes/
 after_failure:
   - zip -r log.zip log/
   - curl --upload-file ./log.zip https://transfer.sh/log.zip 
+after_success:
+  - codecov
+  - coveralls --rcfile=src/Test/coverage.ini
 notifications:
   email:
     recipients:

plugins/Benchmark/BenchmarkPlugin.py

@@ -104,8 +104,8 @@ def getBenchmarkTests(self, online=False):
         tests.extend([
             {"func": self.testHdPrivatekey, "num": 50, "time_standard": 0.57},
             {"func": self.testSign, "num": 20, "time_standard": 0.46},
-            {"func": self.testVerify, "kwargs": {"lib_verify": "btctools"}, "num": 20, "time_standard": 0.38},
-            {"func": self.testVerify, "kwargs": {"lib_verify": "openssl"}, "num": 200, "time_standard": 0.30},
+            {"func": self.testVerify, "kwargs": {"lib_verify": "sslcrypto_fallback"}, "num": 20, "time_standard": 0.38},
+            {"func": self.testVerify, "kwargs": {"lib_verify": "sslcrypto"}, "num": 200, "time_standard": 0.30},
             {"func": self.testVerify, "kwargs": {"lib_verify": "libsecp256k1"}, "num": 200, "time_standard": 0.10},
 
             {"func": self.testPackMsgpack, "num": 100, "time_standard": 0.35},

plugins/CryptMessage/CryptMessage.py

@@ -1,28 +1,22 @@
 import hashlib
 import base64
 import struct
-
-import lib.pybitcointools as btctools
+from lib import sslcrypto
 from Crypt import Crypt
 
-ecc_cache = {}
+
+curve = sslcrypto.ecc.get_curve("secp256k1")
 
 
-def eciesEncrypt(data, pubkey, ephemcurve=None, ciphername='aes-256-cbc'):
-    from lib import pyelliptic
-    pubkey_openssl = toOpensslPublickey(base64.b64decode(pubkey))
-    curve, pubkey_x, pubkey_y, i = pyelliptic.ECC._decode_pubkey(pubkey_openssl)
-    if ephemcurve is None:
-        ephemcurve = curve
-    ephem = pyelliptic.ECC(curve=ephemcurve)
-    key = hashlib.sha512(ephem.raw_get_ecdh_key(pubkey_x, pubkey_y)).digest()
-    key_e, key_m = key[:32], key[32:]
-    pubkey = ephem.get_pubkey()
-    iv = pyelliptic.OpenSSL.rand(pyelliptic.OpenSSL.get_cipher(ciphername).get_blocksize())
-    ctx = pyelliptic.Cipher(key_e, iv, 1, ciphername)
-    ciphertext = iv + pubkey + ctx.ciphering(data)
-    mac = pyelliptic.hmac_sha256(key_m, ciphertext)
-    return key_e, ciphertext + mac
+def eciesEncrypt(data, pubkey, ciphername="aes-256-cbc"):
+    ciphertext, key_e = curve.encrypt(
+        data,
+        base64.b64decode(pubkey),
+        algo=ciphername,
+        derivation="sha512",
+        return_aes_key=True
+    )
+    return key_e, ciphertext
 
 
 @Crypt.thread_pool_crypt.wrap
@@ -37,9 +31,8 @@ def eciesDecryptMulti(encrypted_datas, privatekey):
     return texts
 
 
-def eciesDecrypt(encrypted_data, privatekey):
-    ecc_key = getEcc(privatekey)
-    return ecc_key.decrypt(base64.b64decode(encrypted_data))
+def eciesDecrypt(ciphertext, privatekey):
+    return curve.decrypt(base64.b64decode(ciphertext), curve.wif_to_private(privatekey), derivation="sha512")
 
 
 def decodePubkey(pubkey):
@@ -63,29 +56,3 @@ def split(encrypted):
     ciphertext = encrypted[16 + i:-32]
 
     return iv, ciphertext
-
-
-def getEcc(privatekey=None):
-    from lib import pyelliptic
-    global ecc_cache
-    if privatekey not in ecc_cache:
-        if privatekey:
-            publickey_bin = btctools.encode_pubkey(btctools.privtopub(privatekey), "bin")
-            publickey_openssl = toOpensslPublickey(publickey_bin)
-            privatekey_openssl = toOpensslPrivatekey(privatekey)
-            ecc_cache[privatekey] = pyelliptic.ECC(curve='secp256k1', privkey=privatekey_openssl, pubkey=publickey_openssl)
-        else:
-            ecc_cache[None] = pyelliptic.ECC()
-    return ecc_cache[privatekey]
-
-
-def toOpensslPrivatekey(privatekey):
-    privatekey_bin = btctools.encode_privkey(privatekey, "bin")
-    return b'\x02\xca\x00\x20' + privatekey_bin
-
-
-def toOpensslPublickey(publickey):
-    publickey_bin = btctools.encode_pubkey(publickey, "bin")
-    publickey_bin = publickey_bin[1:]
-    publickey_openssl = b'\x02\xca\x00 ' + publickey_bin[:32] + b'\x00 ' + publickey_bin[32:]
-    return publickey_openssl

plugins/CryptMessage/CryptMessagePlugin.py

@@ -5,24 +5,22 @@
 
 from Plugin import PluginManager
 from Crypt import CryptBitcoin, CryptHash
-import lib.pybitcointools as btctools
 from Config import config
+import sslcrypto
+
 from . import CryptMessage
 
+curve = sslcrypto.ecc.get_curve("secp256k1")
+
 
 @PluginManager.registerTo("UiWebsocket")
 class UiWebsocketPlugin(object):
-    def eciesDecrypt(self, encrypted, privatekey):
-        back = CryptMessage.getEcc(privatekey).decrypt(encrypted)
-        return back.decode("utf8")
-
     # - Actions -
 
     # Returns user's public key unique to site
     # Return: Public key
     def actionUserPublickey(self, to, index=0):
-        publickey = self.user.getEncryptPublickey(self.site.address, index)
-        self.response(to, publickey)
+        self.response(to, self.user.getEncryptPublickey(self.site.address, index))
 
     # Encrypt a text using the publickey or user's sites unique publickey
     # Return: Encrypted text using base64 encoding
@@ -55,32 +53,23 @@ def actionEciesDecrypt(self, to, param, privatekey=0):
 
     # Encrypt a text using AES
     # Return: Iv, AES key, Encrypted text
-    def actionAesEncrypt(self, to, text, key=None, iv=None):
-        from lib import pyelliptic
-
+    def actionAesEncrypt(self, to, text, key=None):
         if key:
             key = base64.b64decode(key)
         else:
-            key = os.urandom(32)
-
-        if iv:  # Generate new AES key if not definied
-            iv = base64.b64decode(iv)
-        else:
-            iv = pyelliptic.Cipher.gen_IV('aes-256-cbc')
+            key = sslcrypto.aes.new_key()
 
         if text:
-            encrypted = pyelliptic.Cipher(key, iv, 1, ciphername='aes-256-cbc').ciphering(text.encode("utf8"))
+            encrypted, iv = sslcrypto.aes.encrypt(text.encode("utf8"), key)
         else:
-            encrypted = b""
+            encrypted, iv = b"", b""
 
         res = [base64.b64encode(item).decode("utf8") for item in [key, iv, encrypted]]
         self.response(to, res)
 
     # Decrypt a text using AES
     # Return: Decrypted text
     def actionAesDecrypt(self, to, *args):
-        from lib import pyelliptic
-
         if len(args) == 3:  # Single decrypt
             encrypted_texts = [(args[0], args[1])]
             keys = [args[2]]
@@ -93,9 +82,8 @@ def actionAesDecrypt(self, to, *args):
             iv = base64.b64decode(iv)
             text = None
             for key in keys:
-                ctx = pyelliptic.Cipher(base64.b64decode(key), iv, 0, ciphername='aes-256-cbc')
                 try:
-                    decrypted = ctx.ciphering(encrypted_text)
+                    decrypted = sslcrypto.aes.decrypt(encrypted_text, iv, base64.b64decode(key))
                     if decrypted and decrypted.decode("utf8"):  # Valid text decoded
                         text = decrypted.decode("utf8")
                 except Exception as err:
@@ -122,12 +110,11 @@ def actionEcdsaVerify(self, to, data, address, signature):
 
     # Gets the publickey of a given privatekey
     def actionEccPrivToPub(self, to, privatekey):
-        self.response(to, btctools.privtopub(privatekey))
+        self.response(to, curve.private_to_public(curve.wif_to_private(privatekey)))
 
     # Gets the address of a given publickey
     def actionEccPubToAddr(self, to, publickey):
-        address = btctools.pubtoaddr(btctools.decode_pubkey(publickey))
-        self.response(to, address)
+        self.response(to, curve.public_to_address(bytes.fromhex(publickey)))
 
 
 @PluginManager.registerTo("User")
@@ -163,7 +150,7 @@ def getEncryptPublickey(self, address, param_index=0):
 
         if "encrypt_publickey_%s" % index not in site_data:
             privatekey = self.getEncryptPrivatekey(address, param_index)
-            publickey = btctools.encode_pubkey(btctools.privtopub(privatekey), "bin_compressed")
+            publickey = curve.private_to_public(curve.wif_to_private(privatekey))
             site_data["encrypt_publickey_%s" % index] = base64.b64encode(publickey).decode("utf8")
         return site_data["encrypt_publickey_%s" % index]
 
@@ -200,8 +187,8 @@ def testCryptEciesDecrypt(self, num_run=1):
         aes_key, encrypted = CryptMessage.eciesEncrypt(self.utf8_text.encode("utf8"), self.publickey)
         for i in range(num_run):
             assert len(aes_key) == 32
-            ecc = CryptMessage.getEcc(self.privatekey)
-            assert ecc.decrypt(encrypted) == self.utf8_text.encode("utf8"), "%s != %s" % (ecc.decrypt(encrypted), self.utf8_text.encode("utf8"))
+            decrypted = CryptMessage.eciesDecrypt(base64.b64encode(encrypted), self.privatekey)
+            assert decrypted == self.utf8_text.encode("utf8"), "%s != %s" % (decrypted, self.utf8_text.encode("utf8"))
             yield "."
 
     def testCryptEciesDecryptMulti(self, num_run=1):
@@ -223,23 +210,16 @@ def testCryptEciesDecryptMulti(self, num_run=1):
         gevent.joinall(threads)
 
     def testCryptAesEncrypt(self, num_run=1):
-        from lib import pyelliptic
-
         for i in range(num_run):
             key = os.urandom(32)
-            iv = pyelliptic.Cipher.gen_IV('aes-256-cbc')
-            encrypted = pyelliptic.Cipher(key, iv, 1, ciphername='aes-256-cbc').ciphering(self.utf8_text.encode("utf8"))
+            encrypted = sslcrypto.aes.encrypt(self.utf8_text.encode("utf8"), key)
             yield "."
 
     def testCryptAesDecrypt(self, num_run=1):
-        from lib import pyelliptic
-
         key = os.urandom(32)
-        iv = pyelliptic.Cipher.gen_IV('aes-256-cbc')
-        encrypted_text = pyelliptic.Cipher(key, iv, 1, ciphername='aes-256-cbc').ciphering(self.utf8_text.encode("utf8"))
+        encrypted_text, iv = sslcrypto.aes.encrypt(self.utf8_text.encode("utf8"), key)
 
         for i in range(num_run):
-            ctx = pyelliptic.Cipher(key, iv, 0, ciphername='aes-256-cbc')
-            decrypted = ctx.ciphering(encrypted_text).decode("utf8")
+            decrypted = sslcrypto.aes.decrypt(encrypted_text, iv, key).decode("utf8")
             assert decrypted == self.utf8_text
             yield "."

plugins/CryptMessage/Test/TestCrypt.py

@@ -18,13 +18,10 @@ def testEncryptEcies(self, text, text_repeat):
         assert len(aes_key) == 32
         # assert len(encrypted) == 134 + int(len(text) / 16) * 16  # Not always true
 
-        ecc = CryptMessage.getEcc(self.privatekey)
-        assert ecc.decrypt(encrypted) == text_repeated
+        assert CryptMessage.eciesDecrypt(base64.b64encode(encrypted), self.privatekey) == text_repeated
 
     def testDecryptEcies(self, user):
-        encrypted = base64.b64decode(self.ecies_encrypted_text)
-        ecc = CryptMessage.getEcc(self.privatekey)
-        assert ecc.decrypt(encrypted) == b"hello"
+        assert CryptMessage.eciesDecrypt(self.ecies_encrypted_text, self.privatekey) == b"hello"
 
     def testPublickey(self, ui_websocket):
         pub = ui_websocket.testAction("UserPublickey", 0)

requirements.txt

@@ -9,5 +9,4 @@ pyasn1
 websocket_client
 gevent-ws
 coincurve
-python-bitcoinlib
 maxminddb