Load server and verify server key during startup

Blockstream · Nov 29, 2023 · a43f3b5 · a43f3b5
1 parent 23994d0
commit a43f3b5
Show file tree

Hide file tree

Showing 4 changed files with 13 additions and 7 deletions.
diff --git a/flaskserver.py b/flaskserver.py
@@ -20,9 +20,9 @@
 
 
 def flask_server():
-    if not os.path.exists(PINServerECDH.STATIC_SERVER_PRIVATE_KEY_FILE):
-        print(f'Key file not available, bailing out {PINServerECDH.STATIC_SERVER_PRIVATE_KEY_FILE}')
-        raise Exception
+    # Load, verify, and cache server static key at startup
+    # (Refuse to start if key non-existing or invalid)
+    PINServerECDH.load_private_key()
 
     sessions = {}
     app = Flask(__name__)

diff --git a/server.py b/server.py
@@ -30,15 +30,15 @@ def generate_server_key_pair(cls):
         print(f'New public key written to file {cls.STATIC_SERVER_PUBLIC_KEY_FILE}')
 
     @classmethod
-    def _load_private_key(cls):
+    def load_private_key(cls):
         if not cls.STATIC_SERVER_PRIVATE_KEY:
             with open(cls.STATIC_SERVER_PRIVATE_KEY_FILE, 'rb') as f:
                 cls.STATIC_SERVER_PRIVATE_KEY = f.read()
                 ec_private_key_verify(cls.STATIC_SERVER_PRIVATE_KEY)
 
     @classmethod
     def _sign_with_static_key(cls, msg):
-        cls._load_private_key()
+        assert cls.STATIC_SERVER_PRIVATE_KEY
 
         hashed = sha256(msg)
         return ec_sig_from_bytes(cls.STATIC_SERVER_PRIVATE_KEY,
@@ -47,7 +47,8 @@ def _sign_with_static_key(cls, msg):
 
     @classmethod
     def _get_aes_pin_data_key(cls):
-        cls._load_private_key()
+        cls.STATIC_SERVER_PRIVATE_KEY
+
         if not cls.STATIC_SERVER_AES_PIN_DATA:
             cls.STATIC_SERVER_AES_PIN_DATA = hmac_sha256(cls.STATIC_SERVER_PRIVATE_KEY, b'pin_data')
         return cls.STATIC_SERVER_AES_PIN_DATA
@@ -92,7 +93,8 @@ class PINServerECDHv2(PINServerECDH):
 
     @classmethod
     def generate_ec_key_pair(cls, replay_counter, cke):
-        cls._load_private_key()
+        assert cls.STATIC_SERVER_PRIVATE_KEY
+
         tweak = sha256(hmac_sha256(cke, replay_counter))
         private_key = ec_private_key_bip341_tweak(cls.STATIC_SERVER_PRIVATE_KEY, tweak, 0)
         ec_private_key_verify(private_key)

diff --git a/test/test_ecdh_v1.py b/test/test_ecdh_v1.py
@@ -14,6 +14,8 @@ class ECDHv1Test(unittest.TestCase):
 
     @classmethod
     def setUpClass(cls):
+        PINServerECDH.load_private_key()
+
         # The server public key the client would know
         with open(PINServerECDH.STATIC_SERVER_PUBLIC_KEY_FILE, 'rb') as f:
             cls.static_server_public_key = f.read()

diff --git a/test/test_ecdh_v2.py b/test/test_ecdh_v2.py
@@ -15,6 +15,8 @@ class ECDHv2Test(unittest.TestCase):
 
     @classmethod
     def setUpClass(cls):
+        PINServerECDHv2.load_private_key()
+
         # The server public key the client would know
         with open(PINServerECDHv2.STATIC_SERVER_PUBLIC_KEY_FILE, 'rb') as f:
             cls.static_server_public_key = f.read()