From c6db6eddb381ea375c64594081298e784073ecbb Mon Sep 17 00:00:00 2001
From: Salvatore Ingala <6681844+bigspider@users.noreply.github.com>
Date: Fri, 11 Oct 2019 11:53:29 +0700
Subject: [PATCH] Using a PEM keyfile instead of a DER for the signing key

---
 .gitignore           |  3 ++-
 apps/generate_key.py | 12 +++++++++++-
 pisa/watcher.py      | 10 +++++++---
 3 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/.gitignore b/.gitignore
index 62e6f5b..545268b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -12,4 +12,5 @@ appointments/
 test.py
 *.pyc
 .cache
-.pytest_cache/
\ No newline at end of file
+.pytest_cache/
+*.pem
\ No newline at end of file
diff --git a/apps/generate_key.py b/apps/generate_key.py
index 806da97..5d272f7 100644
--- a/apps/generate_key.py
+++ b/apps/generate_key.py
@@ -1,6 +1,16 @@
 import ecdsa
+import os.path
+from sys import exit
 
+# Simple tool to generate an ECDSA private key using the secp256k1 curve and save it to signing_key.pem
+
+FILE_NAME = 'signing_key.pem'
 
 if __name__ == '__main__':
+    if os.path.exists(FILE_NAME):
+        print("A key with name \"{}\" already exists. Aborting.".format(FILE_NAME))
+        exit(1)
+
     sk = ecdsa.SigningKey.generate(curve=ecdsa.SECP256k1)
-    print(sk.to_der())
+    open(FILE_NAME, 'wb').write(sk.to_pem())
+    print("Saved key \"{}\".".format(FILE_NAME))
diff --git a/pisa/watcher.py b/pisa/watcher.py
index 03743f6..91b4aab 100644
--- a/pisa/watcher.py
+++ b/pisa/watcher.py
@@ -1,11 +1,11 @@
 from uuid import uuid4
 from queue import Queue
 from threading import Thread
-import ecdsa
+from ecdsa import SigningKey
 
 from pisa.logger import Logger
 from pisa.cleaner import Cleaner
-from pisa.conf import EXPIRY_DELTA, MAX_APPOINTMENTS, SIGNING_KEY_DER
+from pisa.conf import EXPIRY_DELTA, MAX_APPOINTMENTS, SIGNING_KEY_FILE
 from pisa.responder import Responder
 from pisa.block_processor import BlockProcessor
 from pisa.utils.zmq_subscriber import ZMQHandler
@@ -22,7 +22,11 @@ class Watcher:
         self.max_appointments = max_appointments
         self.zmq_subscriber = None
         self.responder = Responder()
-        self.signing_key = ecdsa.SigningKey.from_der(SIGNING_KEY_DER) if SIGNING_KEY_DER is not None else None
+        if SIGNING_KEY_FILE is not None:
+            self.signing_key = SigningKey.from_pem(open(SIGNING_KEY_FILE).read())
+        else:
+            self.signing_key = None
+            logger.warning("No signing key provided. Appointments will not be signed.")
 
     def add_appointment(self, appointment):
         # Rationale: