feat: Waku v2 bridge

Issue #12610
2023-11-12 13:29:38 +01:00
parent 56e7bd01ca
commit 6d31343205
6716 changed files with 1982502 additions and 5891 deletions
--- a/vendor/github.com/status-im/status-go/sqlite/sqlite.go
+++ b/vendor/github.com/status-im/status-go/sqlite/sqlite.go
@@ -0,0 +1,323 @@
+package sqlite
+
+import (
+	"database/sql"
+	"database/sql/driver"
+	"errors"
+	"fmt"
+	"net/url"
+	"os"
+	"runtime"
+	"strings"
+
+	sqlcipher "github.com/mutecomm/go-sqlcipher/v4" // We require go sqlcipher that overrides default implementation
+
+	"github.com/status-im/status-go/common/dbsetup"
+)
+
+const (
+	// The reduced number of kdf iterations (for performance reasons) which is
+	// used as the default value
+	// https://github.com/status-im/status-go/pull/1343
+	// https://notes.status.im/i8Y_l7ccTiOYq09HVgoFwA
+	ReducedKDFIterationsNumber = 3200
+
+	// WALMode for sqlite.
+	WALMode          = "wal"
+	InMemoryPath     = ":memory:"
+	V4CipherPageSize = 8192
+	V3CipherPageSize = 1024
+	sqlMainDatabase  = "main"
+)
+
+// DecryptDB completely removes the encryption from the db
+func DecryptDB(oldPath string, newPath string, key string, kdfIterationsNumber int) error {
+
+	db, err := openDB(oldPath, key, kdfIterationsNumber, V4CipherPageSize)
+	if err != nil {
+		return err
+	}
+
+	_, err = db.Exec(`ATTACH DATABASE '` + newPath + `' AS plaintext KEY ''`)
+	if err != nil {
+		return err
+	}
+
+	_, err = db.Exec(`SELECT sqlcipher_export('plaintext')`)
+	if err != nil {
+		return err
+	}
+	_, err = db.Exec(`DETACH DATABASE plaintext`)
+	return err
+}
+
+func encryptDB(db *sql.DB, encryptedPath string, key string, kdfIterationsNumber int, onStart func(), onEnd func()) error {
+	if onStart != nil {
+		onStart()
+	}
+	if onEnd != nil {
+		defer onEnd()
+	}
+
+	attachedDbName := "encrypted"
+	err := attachDatabaseWithDefaultSettings(db, encryptedPath, attachedDbName, key, kdfIterationsNumber)
+	if err != nil {
+		return err
+	}
+
+	_, err = db.Exec(fmt.Sprintf(`SELECT sqlcipher_export('%s')`, attachedDbName))
+	if err != nil {
+		return err
+	}
+	_, err = db.Exec(fmt.Sprintf(`DETACH DATABASE %s`, attachedDbName))
+	return err
+}
+
+func attachDatabaseWithDefaultSettings(db *sql.DB, attachedDbPath string, attachedDbName string, key string, kdfIterationsNumber int) error {
+	_, err := db.Exec(fmt.Sprintf(`ATTACH DATABASE '%s' AS %s KEY '%s'`, attachedDbPath, attachedDbName, key))
+	if err != nil {
+		return err
+	}
+
+	if kdfIterationsNumber <= 0 {
+		kdfIterationsNumber = dbsetup.ReducedKDFIterationsNumber
+	}
+
+	if _, err := db.Exec(fmt.Sprintf(`PRAGMA %s.busy_timeout = 60000`, attachedDbName)); err != nil {
+		return errors.New("failed to set `busy_timeout` pragma on attached db")
+	}
+
+	return setDatabaseCipherSettings(db, kdfIterationsNumber, attachedDbName)
+}
+
+func setDatabaseCipherSettings(db *sql.DB, kdfIterationsNumber int, dbNameOpt ...string) error {
+	dbName := sqlMainDatabase
+	if len(dbNameOpt) > 0 {
+		dbName = dbNameOpt[0]
+	}
+
+	_, err := db.Exec(fmt.Sprintf("PRAGMA %s.kdf_iter = '%d'", dbName, kdfIterationsNumber))
+	if err != nil {
+		return err
+	}
+
+	if _, err := db.Exec(fmt.Sprintf("PRAGMA %s.cipher_page_size = %d", dbName, V4CipherPageSize)); err != nil {
+		fmt.Println("failed to set cipher_page_size pragma")
+		return err
+	}
+	if _, err := db.Exec(fmt.Sprintf("PRAGMA %s.cipher_hmac_algorithm = HMAC_SHA1", dbName)); err != nil {
+		fmt.Println("failed to set cipher_hmac_algorithm pragma")
+		return err
+	}
+
+	if _, err := db.Exec(fmt.Sprintf("PRAGMA %s.cipher_kdf_algorithm = PBKDF2_HMAC_SHA1", dbName)); err != nil {
+		fmt.Println("failed to set cipher_kdf_algorithm pragma")
+		return err
+	}
+
+	return nil
+}
+
+// EncryptDB takes a plaintext database and adds encryption
+func EncryptDB(unencryptedPath string, encryptedPath string, key string, kdfIterationsNumber int, onStart func(), onEnd func()) error {
+	_ = os.Remove(encryptedPath)
+
+	db, err := OpenUnecryptedDB(unencryptedPath)
+	if err != nil {
+		return err
+	}
+	return encryptDB(db, encryptedPath, key, kdfIterationsNumber, onStart, onEnd)
+}
+
+// Export takes an encrypted database and re-encrypts it in a new file, with a new key
+func ExportDB(encryptedPath string, key string, kdfIterationsNumber int, newPath string, newKey string, onStart func(), onEnd func()) error {
+	db, err := openDB(encryptedPath, key, kdfIterationsNumber, V4CipherPageSize)
+	if err != nil {
+		return err
+	}
+	defer db.Close()
+	return encryptDB(db, newPath, newKey, kdfIterationsNumber, onStart, onEnd)
+}
+
+func buildSqlcipherDSN(path string) (string, error) {
+	if path == InMemoryPath {
+		return InMemoryPath, nil
+	}
+
+	// Adding sqlcipher query parameter to the DSN
+	queryOperator := "?"
+
+	if queryStart := strings.IndexRune(path, '?'); queryStart != -1 {
+		params, err := url.ParseQuery(path[queryStart+1:])
+		if err != nil {
+			return "", err
+		}
+
+		if len(params) > 0 {
+			queryOperator = "&"
+		}
+	}
+
+	// We need to set txlock=immediate to avoid "database is locked" errors during concurrent write operations
+	// This could happen when a read transaction is promoted to write transaction
+	// https://www.sqlite.org/lang_transaction.html
+	return path + queryOperator + "_txlock=immediate", nil
+}
+
+func openDB(path string, key string, kdfIterationsNumber int, cipherPageSize int) (*sql.DB, error) {
+	driverName := fmt.Sprintf("sqlcipher_with_extensions-%d", len(sql.Drivers()))
+	sql.Register(driverName, &sqlcipher.SQLiteDriver{
+		ConnectHook: func(conn *sqlcipher.SQLiteConn) error {
+			if _, err := conn.Exec("PRAGMA foreign_keys=ON", []driver.Value{}); err != nil {
+				return errors.New("failed to set `foreign_keys` pragma")
+			}
+
+			if _, err := conn.Exec(fmt.Sprintf("PRAGMA key = '%s'", key), []driver.Value{}); err != nil {
+				return errors.New("failed to set `key` pragma")
+			}
+
+			if kdfIterationsNumber <= 0 {
+				kdfIterationsNumber = dbsetup.ReducedKDFIterationsNumber
+			}
+
+			if _, err := conn.Exec(fmt.Sprintf("PRAGMA cipher_page_size = %d", cipherPageSize), nil); err != nil {
+				fmt.Println("failed to set cipher_page_size pragma")
+				return err
+			}
+			if _, err := conn.Exec("PRAGMA cipher_hmac_algorithm = HMAC_SHA1", nil); err != nil {
+				fmt.Println("failed to set cipher_hmac_algorithm pragma")
+				return err
+			}
+
+			if _, err := conn.Exec("PRAGMA cipher_kdf_algorithm = PBKDF2_HMAC_SHA1", nil); err != nil {
+				fmt.Println("failed to set cipher_kdf_algorithm pragma")
+				return err
+			}
+
+			if _, err := conn.Exec(fmt.Sprintf("PRAGMA kdf_iter = '%d'", kdfIterationsNumber), []driver.Value{}); err != nil {
+				return errors.New("failed to set `kdf_iter` pragma")
+			}
+
+			// readers do not block writers and faster i/o operations
+			if _, err := conn.Exec("PRAGMA journal_mode=WAL", []driver.Value{}); err != nil && path != InMemoryPath {
+				return fmt.Errorf("failed to set `journal_mode` pragma: %w", err)
+			}
+
+			// workaround to mitigate the issue of "database is locked" errors during concurrent write operations
+			if _, err := conn.Exec("PRAGMA busy_timeout=60000", []driver.Value{}); err != nil {
+				return errors.New("failed to set `busy_timeout` pragma")
+			}
+
+			return nil
+		},
+	})
+
+	dsn, err := buildSqlcipherDSN(path)
+	if err != nil {
+		return nil, err
+	}
+
+	db, err := sql.Open(driverName, dsn)
+	if err != nil {
+		return nil, err
+	}
+
+	if path == InMemoryPath {
+		db.SetMaxOpenConns(1)
+	} else {
+		nproc := func() int {
+			maxProcs := runtime.GOMAXPROCS(0)
+			numCPU := runtime.NumCPU()
+			if maxProcs < numCPU {
+				return maxProcs
+			}
+			return numCPU
+		}()
+		db.SetMaxOpenConns(nproc)
+		db.SetMaxIdleConns(nproc)
+	}
+
+	// Dummy select to check if the key is correct. Will return last error from initialization
+	if _, err := db.Exec("SELECT 'Key check'"); err != nil {
+		db.Close()
+		return nil, err
+	}
+
+	return db, nil
+}
+
+// OpenDB opens encrypted database.
+func OpenDB(path string, key string, kdfIterationsNumber int) (*sql.DB, error) {
+	return openDB(path, key, kdfIterationsNumber, V4CipherPageSize)
+}
+
+// OpenUnecryptedDB opens database with setting PRAGMA key.
+func OpenUnecryptedDB(path string) (*sql.DB, error) {
+	db, err := sql.Open("sqlite3", path)
+	if err != nil {
+		return nil, err
+	}
+
+	// Disable concurrent access as not supported by the driver
+	db.SetMaxOpenConns(1)
+
+	if _, err = db.Exec("PRAGMA foreign_keys=ON"); err != nil {
+		return nil, err
+	}
+	// readers do not block writers and faster i/o operations
+	// https://www.sqlite.org/draft/wal.html
+	// must be set after db is encrypted
+	if path != InMemoryPath {
+		var mode string
+		err = db.QueryRow("PRAGMA journal_mode=WAL").Scan(&mode)
+		if err != nil {
+			return nil, err
+		}
+		if mode != WALMode {
+			return nil, fmt.Errorf("unable to set journal_mode to WAL. actual mode %s", mode)
+		}
+	}
+
+	return db, nil
+}
+
+func ChangeEncryptionKey(path string, key string, kdfIterationsNumber int, newKey string, onStart func(), onEnd func()) error {
+	if onStart != nil {
+		onStart()
+	}
+
+	if onEnd != nil {
+		defer onEnd()
+	}
+
+	if kdfIterationsNumber <= 0 {
+		kdfIterationsNumber = dbsetup.ReducedKDFIterationsNumber
+	}
+
+	db, err := openDB(path, key, kdfIterationsNumber, V4CipherPageSize)
+
+	if err != nil {
+		return err
+	}
+
+	resetKeyString := fmt.Sprintf("PRAGMA rekey = '%s'", newKey)
+	if _, err = db.Exec(resetKeyString); err != nil {
+		return errors.New("failed to set rekey pragma")
+	}
+
+	return nil
+}
+
+// MigrateV3ToV4 migrates database from v3 to v4 format with encryption.
+func MigrateV3ToV4(v3Path string, v4Path string, key string, kdfIterationsNumber int, onStart func(), onEnd func()) error {
+
+	db, err := openDB(v3Path, key, kdfIterationsNumber, V3CipherPageSize)
+
+	if err != nil {
+		fmt.Println("failed to open db", err)
+		return err
+	}
+	defer db.Close()
+
+	return encryptDB(db, v4Path, key, kdfIterationsNumber, onStart, onEnd)
+}