Persist directory key configuration

Include functions for generation and reading from persistence. Note KeyId = 1
Is still used and there is no function for key rotation yet.

Persist a key on first run if none already exists.

The OHTTP Server configuration is now an argument to listen functions.
For now, a default path of `ohttp_keys/1.ikm` is used to persist the key
material. "1" is the KeyId. The default path is relative to where the
binary is run.

Author: DanGould

.gitignore

@@ -5,3 +5,4 @@ target
 Cargo.lock
 .vscode
 mutants.out*
+*.ikm

Cargo-minimal.lock

@@ -1665,6 +1665,7 @@ dependencies = [
  "payjoin",
  "redis",
  "rustls 0.22.4",
+ "tempfile",
  "tokio",
  "tokio-rustls",
  "tracing",

Cargo-recent.lock

@@ -1665,6 +1665,7 @@ dependencies = [
  "payjoin",
  "redis",
  "rustls 0.22.4",
+ "tempfile",
  "tokio",
  "tokio-rustls",
  "tracing",

payjoin-directory/Cargo.toml

@@ -18,7 +18,7 @@ _danger-local-https = ["hyper-rustls", "rustls", "tokio-rustls"]
 
 [dependencies]
 anyhow = "1.0.71"
-bitcoin = { version = "0.32.4", features = ["base64"] }
+bitcoin = { version = "0.32.4", features = ["base64", "rand-std"] }
 bhttp = { version = "=0.5.1", features = ["http"] }
 futures = "0.3.17"
 http-body-util = "0.1.2"
@@ -33,3 +33,6 @@ tokio = { version = "1.12.0", features = ["full"] }
 tokio-rustls = { version = "0.25", features = ["ring"], default-features = false, optional = true }
 tracing = "0.1.37"
 tracing-subscriber = { version = "0.3.17", features = ["env-filter"] }
+
+[dev-dependencies]
+tempfile = "3.5.0"

payjoin-directory/src/key_config.rs

@@ -1,19 +1,93 @@
 //! Manage the OHTTP key configuration
 
-use anyhow::Result;
+use std::fs;
+use std::path::{Path, PathBuf};
+
+use anyhow::{anyhow, Result};
+use ohttp::hpke::{Aead, Kdf, Kem};
+use ohttp::SymmetricSuite;
 use tracing::info;
 
-pub fn init_ohttp() -> Result<ohttp::Server> {
-    use ohttp::hpke::{Aead, Kdf, Kem};
-    use ohttp::{KeyId, SymmetricSuite};
+const KEY_ID: u8 = 1;
+const KEM: Kem = Kem::K256Sha256;
+const SYMMETRIC: &[SymmetricSuite] =
+    &[SymmetricSuite::new(Kdf::HkdfSha256, Aead::ChaCha20Poly1305)];
+
+/// OHTTP server key configuration
+///
+/// This is combined so that the test path and the prod path both use the same
+/// code. The ServerKeyConfig.ikm is persisted to the configured path, and the
+/// server is used to run the directory server.
+#[derive(Debug, Clone)]
+pub struct ServerKeyConfig {
+    ikm: [u8; 32],
+    server: ohttp::Server,
+}
+
+impl From<ServerKeyConfig> for ohttp::Server {
+    fn from(value: ServerKeyConfig) -> Self { value.server }
+}
+
+/// Generate a new OHTTP server key configuration
+pub fn gen_ohttp_server_config() -> Result<ServerKeyConfig> {
+    let ikm = bitcoin::key::rand::random::<[u8; 32]>();
+    let config = ohttp::KeyConfig::new(KEY_ID, KEM, Vec::from(SYMMETRIC))?;
+    Ok(ServerKeyConfig { ikm, server: ohttp::Server::new(config)? })
+}
+
+/// Persist an OHTTP Key Configuration to the default path
+pub fn persist_new_key_config(ohttp_config: ServerKeyConfig, dir: &Path) -> Result<PathBuf> {
+    use std::fs::OpenOptions;
+    use std::io::Write;
+
+    let key_path = key_path(dir);
+
+    let mut file = OpenOptions::new()
+        .write(true)
+        .create_new(true)
+        .open(&key_path)
+        .map_err(|e| anyhow!("Failed to create new OHTTP key file: {}", e))?;
+
+    file.write_all(&ohttp_config.ikm)
+        .map_err(|e| anyhow!("Failed to write OHTTP keys to file: {}", e))?;
+    info!("Saved OHTTP Key Configuration to {}", &key_path.display());
+
+    Ok(key_path)
+}
+
+/// Read the configured server from the default path
+/// May panic if key exists but is the unexpected format.
+pub fn read_server_config(dir: &Path) -> Result<ServerKeyConfig> {
+    let key_path = key_path(dir);
+    let ikm: [u8; 32] = fs::read(&key_path)
+        .map_err(|e| anyhow!("Failed to read OHTTP key file: {}", e))?
+        .try_into()
+        .expect("Key wrong size: expected 32 bytes");
+
+    let server_config = ohttp::KeyConfig::derive(KEY_ID, KEM, SYMMETRIC.to_vec(), &ikm)
+        .expect("Failed to derive OHTTP keys from file");
+
+    info!("Loaded existing OHTTP Key Configuration from {}", key_path.display());
+    Ok(ServerKeyConfig { ikm, server: ohttp::Server::new(server_config)? })
+}
+
+/// Get the path to the key configuration file
+/// For now, default to [KEY_ID].ikm.
+/// In the future this might be able to save multiple keys named by KeyId.
+fn key_path(dir: &Path) -> PathBuf { dir.join(format!("{}.ikm", KEY_ID)) }
 
-    const KEY_ID: KeyId = 1;
-    const KEM: Kem = Kem::K256Sha256;
-    const SYMMETRIC: &[SymmetricSuite] =
-        &[SymmetricSuite::new(Kdf::HkdfSha256, Aead::ChaCha20Poly1305)];
+#[cfg(test)]
+mod tests {
+    use super::*;
 
-    // create or read from file
-    let server_config = ohttp::KeyConfig::new(KEY_ID, KEM, Vec::from(SYMMETRIC))?;
-    info!("Initialized a new OHTTP Key Configuration. GET /ohttp-keys to fetch it.");
-    Ok(ohttp::Server::new(server_config)?)
+    #[test]
+    fn round_trip_server_config() {
+        let temp_dir = tempfile::tempdir().expect("Failed to create temp dir");
+        let ohttp_config = gen_ohttp_server_config().expect("Failed to generate server config");
+        let _path = persist_new_key_config(ohttp_config.clone(), temp_dir.path())
+            .expect("Failed to persist server config");
+        let ohttp_config_again =
+            read_server_config(temp_dir.path()).expect("Failed to read server config");
+        assert_eq!(ohttp_config.ikm, ohttp_config_again.ikm);
+    }
 }

payjoin-directory/src/lib.rs

@@ -18,8 +18,8 @@ use tokio::sync::Mutex;
 use tracing::{debug, error, trace};
 
 use crate::db::DbPool;
-mod key_config;
-use crate::key_config::init_ohttp;
+pub mod key_config;
+pub use crate::key_config::*;
 
 pub const DEFAULT_DIR_PORT: u16 = 8080;
 pub const DEFAULT_DB_HOST: &str = "localhost:6379";
@@ -45,11 +45,13 @@ pub async fn listen_tcp_with_tls_on_free_port(
     db_host: String,
     timeout: Duration,
     cert_key: (Vec<u8>, Vec<u8>),
+    ohttp: ohttp::Server,
 ) -> Result<(u16, tokio::task::JoinHandle<Result<(), BoxError>>), BoxError> {
     let listener = tokio::net::TcpListener::bind("[::]:0").await?;
     let port = listener.local_addr()?.port();
     println!("Directory server binding to port {}", listener.local_addr()?);
-    let handle = listen_tcp_with_tls_on_listener(listener, db_host, timeout, cert_key).await?;
+    let handle =
+        listen_tcp_with_tls_on_listener(listener, db_host, timeout, cert_key, ohttp).await?;
     Ok((port, handle))
 }
 
@@ -60,9 +62,10 @@ async fn listen_tcp_with_tls_on_listener(
     db_host: String,
     timeout: Duration,
     tls_config: (Vec<u8>, Vec<u8>),
+    ohttp: ohttp::Server,
 ) -> Result<tokio::task::JoinHandle<Result<(), BoxError>>, BoxError> {
     let pool = DbPool::new(timeout, db_host).await?;
-    let ohttp = Arc::new(Mutex::new(init_ohttp()?));
+    let ohttp = Arc::new(Mutex::new(ohttp));
     let tls_acceptor = init_tls_acceptor(tls_config)?;
     // Spawn the connection handling loop in a separate task
     let handle = tokio::spawn(async move {
@@ -102,9 +105,10 @@ pub async fn listen_tcp(
     port: u16,
     db_host: String,
     timeout: Duration,
+    ohttp: ohttp::Server,
 ) -> Result<(), Box<dyn std::error::Error>> {
     let pool = DbPool::new(timeout, db_host).await?;
-    let ohttp = Arc::new(Mutex::new(init_ohttp()?));
+    let ohttp = Arc::new(Mutex::new(ohttp));
     let bind_addr = SocketAddr::new(IpAddr::V6(Ipv6Addr::UNSPECIFIED), port);
     let listener = TcpListener::bind(bind_addr).await?;
     while let Ok((stream, _)) = listener.accept().await {
@@ -136,10 +140,11 @@ pub async fn listen_tcp_with_tls(
     db_host: String,
     timeout: Duration,
     cert_key: (Vec<u8>, Vec<u8>),
+    ohttp: ohttp::Server,
 ) -> Result<tokio::task::JoinHandle<Result<(), BoxError>>, BoxError> {
     let addr = format!("0.0.0.0:{}", port);
     let listener = tokio::net::TcpListener::bind(&addr).await?;
-    listen_tcp_with_tls_on_listener(listener, db_host, timeout, cert_key).await
+    listen_tcp_with_tls_on_listener(listener, db_host, timeout, cert_key, ohttp).await
 }
 
 #[cfg(feature = "_danger-local-https")]

payjoin-directory/src/main.rs

@@ -4,6 +4,8 @@ use payjoin_directory::*;
 use tracing_subscriber::filter::LevelFilter;
 use tracing_subscriber::EnvFilter;
 
+const DEFAULT_KEY_CONFIG_DIR: &str = "ohttp_keys";
+
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
     init_logging();
@@ -17,7 +19,24 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
 
     let db_host = env::var("PJ_DB_HOST").unwrap_or_else(|_| DEFAULT_DB_HOST.to_string());
 
-    payjoin_directory::listen_tcp(dir_port, db_host, timeout).await
+    let key_dir =
+        std::env::var("PJ_OHTTP_KEY_DIR").map(std::path::PathBuf::from).unwrap_or_else(|_| {
+            let key_dir = std::path::PathBuf::from(DEFAULT_KEY_CONFIG_DIR);
+            std::fs::create_dir_all(&key_dir).expect("Failed to create key directory");
+            key_dir
+        });
+
+    let ohttp = match key_config::read_server_config(&key_dir) {
+        Ok(config) => config,
+        Err(_) => {
+            let ohttp_config = key_config::gen_ohttp_server_config()?;
+            let path = key_config::persist_new_key_config(ohttp_config, &key_dir)?;
+            println!("Generated new key configuration at {}", path.display());
+            key_config::read_server_config(&key_dir).expect("Failed to read newly generated config")
+        }
+    };
+
+    payjoin_directory::listen_tcp(dir_port, db_host, timeout, ohttp.into()).await
 }
 
 fn init_logging() {

payjoin-test-utils/src/lib.rs

@@ -131,7 +131,14 @@ pub async fn init_directory(
 > {
     println!("Database running on {}", db_host);
     let timeout = Duration::from_secs(2);
-    payjoin_directory::listen_tcp_with_tls_on_free_port(db_host, timeout, local_cert_key).await
+    let ohttp_server = payjoin_directory::gen_ohttp_server_config()?;
+    payjoin_directory::listen_tcp_with_tls_on_free_port(
+        db_host,
+        timeout,
+        local_cert_key,
+        ohttp_server.into(),
+    )
+    .await
 }
 
 /// generate or get a DER encoded localhost cert and key.