mirror of
https://github.com/pezkuwichain/pezkuwi-subxt.git
synced 2026-06-14 06:21:11 +00:00
Refactor key management (#3296)
* Add Call type to extensible transactions. Cleanup some naming * Merge Resource and BlockExhausted into just Exhausted * Fix * Another fix * Call * Some fixes * Fix srml tests. * Fix all tests. * Refactor crypto so each application of it has its own type. * Introduce new AuthorityProvider API into Aura This will eventually allow for dynamic determination of authority keys and avoid having to set them directly on CLI. * Introduce authority determinator for Babe. Experiment with modular consensus API. * Work in progress to introduce KeyTypeId and avoid polluting API with validator IDs * Finish up drafting imonline * Rework offchain workers API. * Rework API implementation. * Make it compile for wasm, simplify app_crypto. * Fix compilation of im-online. * Fix compilation of im-online. * Fix more compilation errors. * Make it compile. * Fixing tests. * Rewrite `keystore` * Fix session tests * Bring back `TryFrom`'s' * Fix `srml-grandpa` * Fix `srml-aura` * Fix consensus babe * More fixes * Make service generate keys from dev_seed * Build fixes * Remove offchain tests * More fixes and cleanups * Fixes finality grandpa * Fix `consensus-aura` * Fix cli * Fix `node-cli` * Fix chain_spec builder * Fix doc tests * Add authority getter for grandpa. * Test fix * Fixes * Make keystore accessible from the runtime * Move app crypto to its own crate * Update `Cargo.lock` * Make the crypto stuff usable from the runtime * Adds some runtime crypto tests * Use last finalized block for grandpa authority * Fix warning * Adds `SessionKeys` runtime api * Remove `FinalityPair` and `ConsensusPair` * Minor governance tweaks to get it inline with docs. * Make the governance be up to date with the docs. * Build fixes. * Generate the inital session keys * Failing keystore is a hard error * Make babe work again * Fix grandpa * Fix tests * Disable `keystore` in consensus critical stuff * Build fix. * ImOnline supports multiple authorities at once. * Update core/application-crypto/src/ed25519.rs * Merge branch 'master' into gav-in-progress * Remove unneeded code for now. * Some `session` testing * Support querying the public keys * Cleanup offchain * Remove warnings * More cleanup * Apply suggestions from code review Co-Authored-By: Benjamin Kampmann <ben.kampmann@googlemail.com> * More cleanups * JSONRPC API for setting keys. Also, rename traits::KeyStore* -> traits::BareCryptoStore* * Bad merge * Fix integration tests * Fix test build * Test fix * Fixes * Warnings * Another warning * Bump version.
This commit is contained in:
Gavin Wood
@@ -33,12 +33,11 @@ use rstd::vec::Vec;
|
||||
pub use codec;
|
||||
|
||||
pub use primitives::Blake2Hasher;
|
||||
use primitives::offchain::{
|
||||
Timestamp,
|
||||
HttpRequestId, HttpRequestStatus, HttpError,
|
||||
CryptoKind, CryptoKey,
|
||||
StorageKind,
|
||||
OpaqueNetworkState,
|
||||
use primitives::{
|
||||
crypto::KeyTypeId, ed25519, sr25519,
|
||||
offchain::{
|
||||
Timestamp, HttpRequestId, HttpRequestStatus, HttpError, StorageKind, OpaqueNetworkState,
|
||||
},
|
||||
};
|
||||
|
||||
/// Error verifying ECDSA signature
|
||||
@@ -69,7 +68,7 @@ macro_rules! export_api {
|
||||
$( #[$attr:meta] )*
|
||||
fn $name:ident
|
||||
$(< $( $g_name:ident $( : $g_ty:path )? ),+ >)?
|
||||
( $( $arg:ident : $arg_ty:ty ),* )
|
||||
( $( $arg:ident : $arg_ty:ty ),* $(,)? )
|
||||
$( -> $ret:ty )?
|
||||
$( where $( $w_name:path : $w_ty:path ),+ )?;
|
||||
)*
|
||||
@@ -200,11 +199,45 @@ export_api! {
|
||||
|
||||
export_api! {
|
||||
pub(crate) trait CryptoApi {
|
||||
/// Verify a ed25519 signature.
|
||||
fn ed25519_verify<P: AsRef<[u8]>>(sig: &[u8; 64], msg: &[u8], pubkey: P) -> bool;
|
||||
/// Returns all ed25519 public keys for the given key id from the keystore.
|
||||
fn ed25519_public_keys(id: KeyTypeId) -> Vec<ed25519::Public>;
|
||||
/// Generate an ed22519 key for the given key type and store it in the keystore.
|
||||
///
|
||||
/// Returns the raw public key.
|
||||
fn ed25519_generate(id: KeyTypeId, seed: Option<&str>) -> ed25519::Public;
|
||||
/// Sign the given `msg` with the ed25519 key that corresponds to the given public key and
|
||||
/// key type in the keystore.
|
||||
///
|
||||
/// Returns the raw signature.
|
||||
fn ed25519_sign<M: AsRef<[u8]>>(
|
||||
id: KeyTypeId,
|
||||
pubkey: &ed25519::Public,
|
||||
msg: &M,
|
||||
) -> Option<ed25519::Signature>;
|
||||
/// Verify an ed25519 signature.
|
||||
///
|
||||
/// Returns `true` when the verification in successful.
|
||||
fn ed25519_verify(sig: &ed25519::Signature, msg: &[u8], pubkey: &ed25519::Public) -> bool;
|
||||
|
||||
/// Returns all sr25519 public keys for the given key id from the keystore.
|
||||
fn sr25519_public_keys(id: KeyTypeId) -> Vec<sr25519::Public>;
|
||||
/// Generate an sr22519 key for the given key type and store it in the keystore.
|
||||
///
|
||||
/// Returns the raw public key.
|
||||
fn sr25519_generate(id: KeyTypeId, seed: Option<&str>) -> sr25519::Public;
|
||||
/// Sign the given `msg` with the sr25519 key that corresponds to the given public key and
|
||||
/// key type in the keystore.
|
||||
///
|
||||
/// Returns the raw signature.
|
||||
fn sr25519_sign<M: AsRef<[u8]>>(
|
||||
id: KeyTypeId,
|
||||
pubkey: &sr25519::Public,
|
||||
msg: &M,
|
||||
) -> Option<sr25519::Signature>;
|
||||
/// Verify an sr25519 signature.
|
||||
fn sr25519_verify<P: AsRef<[u8]>>(sig: &[u8; 64], msg: &[u8], pubkey: P) -> bool;
|
||||
///
|
||||
/// Returns `true` when the verification in successful.
|
||||
fn sr25519_verify(sig: &sr25519::Signature, msg: &[u8], pubkey: &sr25519::Public) -> bool;
|
||||
|
||||
/// Verify and recover a SECP256k1 ECDSA signature.
|
||||
/// - `sig` is passed in RSV format. V should be either 0/1 or 27/28.
|
||||
@@ -245,42 +278,6 @@ export_api! {
|
||||
/// Returns information about the local node's network state.
|
||||
fn network_state() -> Result<OpaqueNetworkState, ()>;
|
||||
|
||||
/// Returns the currently configured authority public key, if available.
|
||||
fn pubkey(key: CryptoKey) -> Result<Vec<u8>, ()>;
|
||||
|
||||
/// Create new key(pair) for signing/encryption/decryption.
|
||||
///
|
||||
/// Returns an error if given crypto kind is not supported.
|
||||
fn new_crypto_key(crypto: CryptoKind) -> Result<CryptoKey, ()>;
|
||||
|
||||
/// Encrypt a piece of data using given crypto key.
|
||||
///
|
||||
/// If `key` is `None`, it will attempt to use current authority key.
|
||||
///
|
||||
/// Returns an error if `key` is not available or does not exist.
|
||||
fn encrypt(key: CryptoKey, data: &[u8]) -> Result<Vec<u8>, ()>;
|
||||
|
||||
/// Decrypt a piece of data using given crypto key.
|
||||
///
|
||||
/// If `key` is `None`, it will attempt to use current authority key.
|
||||
///
|
||||
/// Returns an error if data cannot be decrypted or the `key` is not available or does not exist.
|
||||
fn decrypt(key: CryptoKey, data: &[u8]) -> Result<Vec<u8>, ()>;
|
||||
|
||||
/// Sign a piece of data using given crypto key.
|
||||
///
|
||||
/// If `key` is `None`, it will attempt to use current authority key.
|
||||
///
|
||||
/// Returns an error if `key` is not available or does not exist.
|
||||
fn sign(key: CryptoKey, data: &[u8]) -> Result<Vec<u8>, ()>;
|
||||
|
||||
/// Verifies that `signature` for `msg` matches given `key`.
|
||||
///
|
||||
/// Returns an `Ok` with `true` in case it does, `false` in case it doesn't.
|
||||
/// Returns an error in case the key is not available or does not exist or the parameters
|
||||
/// lengths are incorrect.
|
||||
fn verify(key: CryptoKey, msg: &[u8], signature: &[u8]) -> Result<bool, ()>;
|
||||
|
||||
/// Returns current UNIX timestamp (in millis)
|
||||
fn timestamp() -> Timestamp;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user