SecretMgr Class Reference

#include "SecretMgr.h"

Classes
struct	Secret

Public Member Functions
	SecretMgr (SecretMgr const &)=delete
void	Initialize ()
Secret const &	GetSecret (Secrets i)

Static Public Member Functions
static SecretMgr *	instance ()

Private Member Functions
	SecretMgr ()=default
	~SecretMgr ()=default
void	AttemptLoad (Secrets i, LogLevel errorLevel, std::unique_lock< std::mutex > const &)
Optional< std::string >	AttemptTransition (Secrets i, Optional< BigNumber > const &newSecret, Optional< BigNumber > const &oldSecret, bool hadOldSecret) const

Private Attributes
std::array< Secret, NUM_SECRETS >	_secrets

Detailed Description

Constructor & Destructor Documentation

SecretMgr() [1/2]

SecretMgr::SecretMgr ( )

privatedefault

~SecretMgr()

SecretMgr::~SecretMgr ( )

privatedefault

SecretMgr() [2/2]

SecretMgr::SecretMgr ( SecretMgr const &  )

delete

Member Function Documentation

AttemptLoad()

void SecretMgr::AttemptLoad ( Secrets  i, LogLevel  errorLevel, std::unique_lock< std::mutex > const &    )

private

{
    auto const& info = secret_info[i];
 
    Optional<std::string> oldDigest;
    {
        auto* stmt = LoginDatabase.GetPreparedStatement(LOGIN_SEL_SECRET_DIGEST);
        stmt->SetData(0, i);
        PreparedQueryResult result = LoginDatabase.Query(stmt);
        if (result)
            oldDigest = result->Fetch()->Get<std::string>();
    }
 
    Optional<BigNumber> currentValue = GetHexFromConfig(info.configKey, info.bits);
 
    // verify digest
    if (
        ((!oldDigest) != (!currentValue)) || // there is an old digest, but no current secret (or vice versa)
        (oldDigest && !Acore::Crypto::Argon2::Verify(currentValue->AsHexStr(), *oldDigest)) // there is an old digest, and the current secret does not match it
        )
    {
        if (info.owner != THIS_SERVER_PROCESS)
        {
            if (currentValue)
                LOG_MESSAGE_BODY("server.loading", errorLevel, "Invalid value for '{}' specified - this is not actually the secret being used in your auth DB.", info.configKey);
            else
                LOG_MESSAGE_BODY("server.loading", errorLevel, "No value for '{}' specified - please specify the secret currently being used in your auth DB.", info.configKey);
            _secrets[i].state = Secret::LOAD_FAILED;
            return;
        }
 
        Optional<BigNumber> oldSecret;
        if (oldDigest && info.oldKey) // there is an old digest, so there might be an old secret (if possible)
        {
            oldSecret = GetHexFromConfig(info.oldKey, info.bits);
            if (oldSecret && !Acore::Crypto::Argon2::Verify(oldSecret->AsHexStr(), *oldDigest))
            {
                LOG_MESSAGE_BODY("server.loading", errorLevel, "Invalid value for '{}' specified - this is not actually the secret previously used in your auth DB.", info.oldKey);
                _secrets[i].state = Secret::LOAD_FAILED;
                return;
            }
        }
 
        // attempt to transition us to the new key, if possible
        Optional<std::string> error = AttemptTransition(Secrets(i), currentValue, oldSecret, static_cast<bool>(oldDigest));
        if (error)
        {
            LOG_MESSAGE_BODY("server.loading", errorLevel, "Your value of '{}' changed, but we cannot transition your database to the new value:\n{}", info.configKey, error->c_str());
            _secrets[i].state = Secret::LOAD_FAILED;
            return;
        }
 
        LOG_INFO("server.loading", "Successfully transitioned database to new '{}' value.", info.configKey);
    }
 
    if (currentValue)
    {
        _secrets[i].state = Secret::PRESENT;
        _secrets[i].value = *currentValue;
    }
    else
        _secrets[i].state = Secret::NOT_PRESENT;
}

References _secrets, AttemptTransition(), GetHexFromConfig(), SecretMgr::Secret::LOAD_FAILED, LOG_INFO, LOG_MESSAGE_BODY, LOGIN_SEL_SECRET_DIGEST, LoginDatabase, SecretMgr::Secret::NOT_PRESENT, SecretMgr::Secret::PRESENT, secret_info, THIS_SERVER_PROCESS, and Acore::Crypto::Argon2::Verify().

Referenced by GetSecret(), and Initialize().

AttemptTransition()

Optional< std::string > SecretMgr::AttemptTransition ( Secrets  i, Optional< BigNumber > const &  newSecret, Optional< BigNumber > const &  oldSecret, bool  hadOldSecret  ) const

private

{
    auto trans = LoginDatabase.BeginTransaction();
 
    switch (i)
    {
        case SECRET_TOTP_MASTER_KEY:
        {
            QueryResult result = LoginDatabase.Query("SELECT id, totp_secret FROM account");
            if (result) do
            {
                Field* fields = result->Fetch();
                if (fields[1].IsNull())
                    continue;
 
                uint32 id = fields[0].Get<uint32>();
                std::vector<uint8> totpSecret = fields[1].Get<Binary>();
 
                if (hadOldSecret)
                {
                    if (!oldSecret)
                        return Acore::StringFormat("Cannot decrypt old TOTP tokens - add config key '{}' to authserver.conf!", secret_info[i].oldKey);
 
                    bool success = Acore::Crypto::AEDecrypt<Acore::Crypto::AES>(totpSecret, oldSecret->ToByteArray<Acore::Crypto::AES::KEY_SIZE_BYTES>());
                    if (!success)
                        return Acore::StringFormat("Cannot decrypt old TOTP tokens - value of '{}' is incorrect for some users!", secret_info[i].oldKey);
                }
 
                if (newSecret)
                    Acore::Crypto::AEEncryptWithRandomIV<Acore::Crypto::AES>(totpSecret, newSecret->ToByteArray<Acore::Crypto::AES::KEY_SIZE_BYTES>());
 
                auto* updateStmt = LoginDatabase.GetPreparedStatement(LOGIN_UPD_ACCOUNT_TOTP_SECRET);
                updateStmt->SetData(0, totpSecret);
                updateStmt->SetData(1, id);
                trans->Append(updateStmt);
            } while (result->NextRow());
 
            break;
        }
        default:
            return std::string("Unknown secret index - huh?");
    }
 
    if (hadOldSecret)
    {
        auto* deleteStmt = LoginDatabase.GetPreparedStatement(LOGIN_DEL_SECRET_DIGEST);
        deleteStmt->SetData(0, i);
        trans->Append(deleteStmt);
    }
 
    if (newSecret)
    {
        BigNumber salt;
        salt.SetRand(128);
        Optional<std::string> hash = Acore::Crypto::Argon2::Hash(newSecret->AsHexStr(), salt);
        if (!hash)
            return std::string("Failed to hash new secret");
 
        auto* insertStmt = LoginDatabase.GetPreparedStatement(LOGIN_INS_SECRET_DIGEST);
        insertStmt->SetData(0, i);
        insertStmt->SetData(1, *hash);
        trans->Append(insertStmt);
    }
 
    LoginDatabase.CommitTransaction(trans);
    return {};
}

References Field::Get(), Acore::Crypto::Argon2::Hash(), Acore::Crypto::AES::KEY_SIZE_BYTES, LOGIN_DEL_SECRET_DIGEST, LOGIN_INS_SECRET_DIGEST, LOGIN_UPD_ACCOUNT_TOTP_SECRET, LoginDatabase, secret_info, SECRET_TOTP_MASTER_KEY, BigNumber::SetRand(), and Acore::StringFormat().

Referenced by AttemptLoad().

GetSecret()

SecretMgr::Secret const & SecretMgr::GetSecret

(

Secrets

i

)

{
    std::unique_lock<std::mutex> lock(_secrets[i].lock);
 
    if (_secrets[i].state == Secret::NOT_LOADED_YET)
        AttemptLoad(i, LogLevel::LOG_LEVEL_ERROR, lock);
    return _secrets[i];
}

References _secrets, AttemptLoad(), and SecretMgr::Secret::NOT_LOADED_YET.

Initialize()

void SecretMgr::Initialize

(

)

{
    for (uint32 i = 0; i < NUM_SECRETS; ++i)
    {
        if (secret_info[i].flags() & SECRET_FLAG_DEFER_LOAD)
            continue;
        std::unique_lock<std::mutex> lock(_secrets[i].lock);
        AttemptLoad(Secrets(i), LogLevel::LOG_LEVEL_FATAL, lock);
        if (!_secrets[i].IsAvailable())
            ABORT(); // load failed
    }
}

References _secrets, ABORT, AttemptLoad(), NUM_SECRETS, and secret_info.

instance()

SecretMgr * SecretMgr::instance ( )

static

{
    static SecretMgr instance;
    return &instance;
}

References instance().

Referenced by instance().

Member Data Documentation

_secrets

std::array<Secret, NUM_SECRETS> SecretMgr::_secrets

private

Referenced by AttemptLoad(), GetSecret(), and Initialize().