feat: introduce signer abstraction for secret key operations (#196)

* initial implementation

* initial implementation

* initial implementation

* initial implementation

* javadoc

* renaming

* renaming

* renaming

* renaming

* renaming

* fix tests

* fix tests

Author: Gabriel-Trintinalia

src/main/java/org/ethereum/beacon/discovery/DiscoveryManagerImpl.java

@@ -19,7 +19,7 @@
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.apache.tuweni.bytes.Bytes;
-import org.apache.tuweni.crypto.SECP256K1.SecretKey;
+import org.ethereum.beacon.discovery.crypto.Signer;
 import org.ethereum.beacon.discovery.message.FindNodeMessage;
 import org.ethereum.beacon.discovery.message.PingMessage;
 import org.ethereum.beacon.discovery.message.TalkReqMessage;
@@ -79,7 +79,7 @@ public DiscoveryManagerImpl(
       final List<NettyDiscoveryServer> discoveryServers,
       final KBuckets nodeBucketStorage,
       final LocalNodeRecordStore localNodeRecordStore,
-      final SecretKey homeNodeSecretKey,
+      final Signer signer,
       final NodeRecordFactory nodeRecordFactory,
       final Scheduler taskScheduler,
       final ExpirationSchedulerFactory expirationSchedulerFactory,
@@ -94,7 +94,7 @@ public DiscoveryManagerImpl(
     nodeSessionManager =
         new NodeSessionManager(
             localNodeRecordStore,
-            homeNodeSecretKey,
+            signer,
             nodeBucketStorage,
             outgoingPipeline,
             expirationSchedulerFactory);

src/main/java/org/ethereum/beacon/discovery/DiscoverySystemBuilder.java

@@ -29,7 +29,7 @@
 import java.util.function.Function;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
-import org.apache.tuweni.crypto.SECP256K1.SecretKey;
+import org.ethereum.beacon.discovery.crypto.Signer;
 import org.ethereum.beacon.discovery.liveness.LivenessChecker;
 import org.ethereum.beacon.discovery.liveness.LivenessChecker.Pinger;
 import org.ethereum.beacon.discovery.message.handler.DefaultExternalAddressSelector;
@@ -52,7 +52,7 @@ public class DiscoverySystemBuilder {
   private List<NodeRecord> bootnodes = Collections.emptyList();
   private Optional<List<InetSocketAddress>> listenAddresses = Optional.empty();
   private NodeRecord localNodeRecord;
-  private SecretKey secretKey;
+  private Signer signer;
   private NodeRecordFactory nodeRecordFactory = NodeRecordFactory.DEFAULT;
   private Schedulers schedulers;
   private NodeRecordListener localNodeRecordListener = NodeRecordListener.NOOP;
@@ -89,8 +89,8 @@ public DiscoverySystemBuilder listen(final InetSocketAddress... listenAddresses)
     return this;
   }
 
-  public DiscoverySystemBuilder secretKey(final SecretKey secretKey) {
-    this.secretKey = secretKey;
+  public DiscoverySystemBuilder signer(final Signer signer) {
+    this.signer = signer;
     return this;
   }
 
@@ -215,7 +215,7 @@ private void createDefaults() {
                           newAddress,
                           oldTcpAddress.map(InetSocketAddress::getPort),
                           oldQuicAddress.map(InetSocketAddress::getPort),
-                          secretKey));
+                          signer));
                 });
     schedulers = requireNonNullElseGet(schedulers, Schedulers::createDefault);
     final List<InetSocketAddress> serverListenAddresses =
@@ -245,7 +245,7 @@ private void createDefaults() {
             localNodeRecordStore,
             () ->
                 new LocalNodeRecordStore(
-                    localNodeRecord, secretKey, localNodeRecordListener, newAddressHandler));
+                    localNodeRecord, signer, localNodeRecordListener, newAddressHandler));
     nodeBucketStorage =
         requireNonNullElseGet(
             nodeBucketStorage, () -> new KBuckets(clock, localNodeRecordStore, livenessChecker));
@@ -280,7 +280,7 @@ public MutableDiscoverySystem buildMutable() {
 
   private DiscoverySystemImpl buildImpl() {
     checkNotNull(localNodeRecord, "Missing local node record");
-    checkNotNull(secretKey, "Missing secret key");
+    checkNotNull(signer, "Missing signer");
     createDefaults();
 
     // Check local node record is valid
@@ -315,7 +315,7 @@ DiscoveryManagerImpl buildDiscoveryManager() {
         discoveryServers,
         nodeBucketStorage,
         localNodeRecordStore,
-        secretKey,
+        signer,
         nodeRecordFactory,
         schedulers.newSingleThreadDaemon("discovery-client-" + clientNumber),
         expirationSchedulerFactory,

src/main/java/org/ethereum/beacon/discovery/crypto/DefaultSigner.java

@@ -0,0 +1,37 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.ethereum.beacon.discovery.crypto;
+
+import org.apache.tuweni.bytes.Bytes;
+import org.apache.tuweni.bytes.Bytes32;
+import org.apache.tuweni.crypto.SECP256K1.SecretKey;
+import org.ethereum.beacon.discovery.util.Functions;
+
+/** In-memory {@link Signer} implementation backed by a SECP256K1 {@link SecretKey}. */
+public class DefaultSigner implements Signer {
+  private final SecretKey secretKey;
+
+  public DefaultSigner(final SecretKey secretKey) {
+    this.secretKey = secretKey;
+  }
+
+  /** {@inheritDoc} */
+  @Override
+  public Bytes deriveECDHKeyAgreement(final Bytes peerPublicKey) {
+    return Functions.deriveECDHKeyAgreement(secretKey, peerPublicKey);
+  }
+
+  /** {@inheritDoc} */
+  @Override
+  public Bytes sign(final Bytes32 messageHash) {
+    return Functions.sign(secretKey, messageHash);
+  }
+
+  /** {@inheritDoc} */
+  @Override
+  public Bytes deriveCompressedPublicKeyFromPrivate() {
+    return Functions.deriveCompressedPublicKeyFromPrivate(secretKey);
+  }
+}

src/main/java/org/ethereum/beacon/discovery/crypto/Signer.java

@@ -0,0 +1,39 @@
+/*
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+package org.ethereum.beacon.discovery.crypto;
+
+import org.apache.tuweni.bytes.Bytes;
+import org.apache.tuweni.bytes.Bytes32;
+
+/**
+ * Abstraction for performing private-key operations.
+ *
+ * <p>Implementations perform signing and ECDH key agreement without exposing private key material.
+ */
+public interface Signer {
+
+  /**
+   * Creates a signature of message `x`.
+   *
+   * @param messageHash message, hashed
+   * @return ECDSA signature with properties merged together: r || s
+   */
+  Bytes sign(final Bytes32 messageHash);
+
+  /**
+   * Derives a shared secret using ECDH with the given peer public key.
+   *
+   * @param destPubKey the destination peer's public key
+   * @return the derived shared secret
+   */
+  Bytes deriveECDHKeyAgreement(Bytes destPubKey);
+
+  /**
+   * Derives the compressed public key corresponding to the private key held by this module.
+   *
+   * @return the compressed public key
+   */
+  Bytes deriveCompressedPublicKeyFromPrivate();
+}

src/main/java/org/ethereum/beacon/discovery/packet/HandshakeMessagePacket.java

@@ -7,7 +7,7 @@
 import java.util.Optional;
 import org.apache.tuweni.bytes.Bytes;
 import org.apache.tuweni.bytes.Bytes32;
-import org.apache.tuweni.crypto.SECP256K1.SecretKey;
+import org.ethereum.beacon.discovery.crypto.Signer;
 import org.ethereum.beacon.discovery.message.V5Message;
 import org.ethereum.beacon.discovery.packet.HandshakeMessagePacket.HandshakeAuthData;
 import org.ethereum.beacon.discovery.packet.impl.HandshakeMessagePacketImpl;
@@ -65,12 +65,12 @@ static Bytes signId(
         final Bytes challengeData,
         final Bytes ephemeralPubKey,
         final Bytes32 destNodeId,
-        final SecretKey homeNodeSecretKey) {
+        final Signer signer) {
 
       Bytes32 idSignatureInput =
           CryptoUtil.sha256(
               Bytes.wrap(ID_SIGNATURE_PREFIX, challengeData, ephemeralPubKey, destNodeId));
-      return Functions.sign(homeNodeSecretKey, idSignatureInput);
+      return signer.sign(idSignatureInput);
     }
 
     Bytes32 getSourceNodeId();

src/main/java/org/ethereum/beacon/discovery/pipeline/handler/HandshakeMessagePacketHandler.java

@@ -81,7 +81,7 @@ public void handle(Envelope envelope) {
           Functions.hkdfExpand(
               session.getNodeId(),
               session.getHomeNodeId(),
-              session.getStaticNodeKey(),
+              session.getSigner(),
               ephemeralPubKeyCompressed,
               whoAreYouChallenge);
       // Swap keys because we are not initiator, other side is

src/main/java/org/ethereum/beacon/discovery/pipeline/handler/NodeSessionManager.java

@@ -18,7 +18,7 @@
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.apache.tuweni.bytes.Bytes;
-import org.apache.tuweni.crypto.SECP256K1.SecretKey;
+import org.ethereum.beacon.discovery.crypto.Signer;
 import org.ethereum.beacon.discovery.pipeline.Envelope;
 import org.ethereum.beacon.discovery.pipeline.EnvelopeHandler;
 import org.ethereum.beacon.discovery.pipeline.Field;
@@ -42,7 +42,7 @@ public class NodeSessionManager implements EnvelopeHandler {
   private static final int REQUEST_CLEANUP_DELAY_SECONDS = 60;
   private static final Logger LOG = LogManager.getLogger(NodeSessionManager.class);
   private final LocalNodeRecordStore localNodeRecordStore;
-  private final SecretKey staticNodeKey;
+  private final Signer signer;
   private final KBuckets nodeBucketStorage;
   private final Map<SessionKey, NodeSession> recentSessions = new ConcurrentHashMap<>();
   private final Map<Bytes12, NodeSession> lastNonceToSession = new ConcurrentHashMap<>();
@@ -52,12 +52,12 @@ public class NodeSessionManager implements EnvelopeHandler {
 
   public NodeSessionManager(
       final LocalNodeRecordStore localNodeRecordStore,
-      final SecretKey staticNodeKey,
+      final Signer signer,
       final KBuckets nodeBucketStorage,
       final Pipeline outgoingPipeline,
       final ExpirationSchedulerFactory expirationSchedulerFactory) {
     this.localNodeRecordStore = localNodeRecordStore;
-    this.staticNodeKey = staticNodeKey;
+    this.signer = signer;
     this.nodeBucketStorage = nodeBucketStorage;
     this.outgoingPipeline = outgoingPipeline;
     this.sessionExpirationScheduler =
@@ -159,7 +159,7 @@ private NodeSession createNodeSession(
         key.remoteSocketAddress,
         this,
         localNodeRecordStore,
-        staticNodeKey,
+        signer,
         nodeBucketStorage,
         outgoingPipeline::push,
         random,

src/main/java/org/ethereum/beacon/discovery/pipeline/handler/WhoAreYouPacketHandler.java

@@ -120,8 +120,7 @@ public void handle(final Envelope envelope) {
           Functions.deriveCompressedPublicKeyFromPrivate(ephemeralKeyPair.secretKey());
 
       Bytes idSignature =
-          HandshakeAuthData.signId(
-              challengeData, ephemeralPubKey, destNodeId, session.getStaticNodeKey());
+          HandshakeAuthData.signId(challengeData, ephemeralPubKey, destNodeId, session.getSigner());
 
       NodeRecord respRecord = null;
       UInt64 lastKnownOurEnrVer = whoAreYouPacket.getHeader().getAuthData().getEnrSeq();

src/main/java/org/ethereum/beacon/discovery/schema/IdentitySchemaInterpreter.java

@@ -7,7 +7,7 @@
 import java.net.InetSocketAddress;
 import java.util.Optional;
 import org.apache.tuweni.bytes.Bytes;
-import org.apache.tuweni.crypto.SECP256K1.SecretKey;
+import org.ethereum.beacon.discovery.crypto.Signer;
 
 /**
  * Interprets identity schema of ethereum node record:
@@ -26,7 +26,7 @@ public interface IdentitySchemaInterpreter {
   IdentitySchema getScheme();
 
   /* Signs nodeRecord, modifying it */
-  void sign(NodeRecord nodeRecord, SecretKey secretKey);
+  void sign(NodeRecord nodeRecord, Signer signer);
 
   /** Verifies that `nodeRecord` is of scheme implementation */
   default boolean isValid(NodeRecord nodeRecord) {
@@ -53,10 +53,10 @@ NodeRecord createWithNewAddress(
       InetSocketAddress newAddress,
       Optional<Integer> newTcpPort,
       Optional<Integer> newQuicPort,
-      SecretKey secretKey);
+      Signer signer);
 
   NodeRecord createWithUpdatedCustomField(
-      NodeRecord nodeRecord, String newAddress, Bytes value, SecretKey secretKey);
+      NodeRecord nodeRecord, String newAddress, Bytes value, Signer signer);
 
   Bytes calculateNodeId(Bytes publicKey);
 }

src/main/java/org/ethereum/beacon/discovery/schema/IdentitySchemaV4Interpreter.java

@@ -25,8 +25,8 @@
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.apache.tuweni.bytes.Bytes;
-import org.apache.tuweni.crypto.SECP256K1.SecretKey;
 import org.bouncycastle.math.ec.ECPoint;
+import org.ethereum.beacon.discovery.crypto.Signer;
 import org.ethereum.beacon.discovery.util.Functions;
 import org.ethereum.beacon.discovery.util.Utils;
 
@@ -86,9 +86,8 @@ private static Bytes calculateNodeIdImpl(final Bytes publicKey) {
   }
 
   @Override
-  public void sign(final NodeRecord nodeRecord, final SecretKey secretKey) {
-    Bytes signature =
-        Functions.sign(secretKey, Functions.hashKeccak(nodeRecord.serializeNoSignature()));
+  public void sign(final NodeRecord nodeRecord, final Signer signer) {
+    Bytes signature = signer.sign(Functions.hashKeccak(nodeRecord.serializeNoSignature()));
     nodeRecord.setSignature(signature);
   }
 
@@ -131,7 +130,7 @@ public NodeRecord createWithNewAddress(
       final InetSocketAddress newAddress,
       final Optional<Integer> newTcpPort,
       final Optional<Integer> newQuicPort,
-      final SecretKey secretKey) {
+      final Signer signer) {
     final List<EnrField> fields =
         getAllFieldsThatMatch(
             nodeRecord,
@@ -146,21 +145,18 @@ public NodeRecord createWithNewAddress(
     NodeRecordBuilder.addFieldsForAddress(
         fields, newAddress.getAddress(), newAddress.getPort(), newTcpPort, newQuicPort);
     final NodeRecord newRecord = NodeRecord.fromValues(this, nodeRecord.getSeq().add(1), fields);
-    sign(newRecord, secretKey);
+    sign(newRecord, signer);
     return newRecord;
   }
 
   @Override
   public NodeRecord createWithUpdatedCustomField(
-      final NodeRecord nodeRecord,
-      final String fieldName,
-      final Bytes value,
-      final SecretKey secretKey) {
+      final NodeRecord nodeRecord, final String fieldName, final Bytes value, final Signer signer) {
     final List<EnrField> fields =
         getAllFieldsThatMatch(nodeRecord, field -> !field.getName().equals(fieldName));
     addCustomField(fields, fieldName, value);
     final NodeRecord newRecord = NodeRecord.fromValues(this, nodeRecord.getSeq().add(1), fields);
-    sign(newRecord, secretKey);
+    sign(newRecord, signer);
     return newRecord;
   }