Improve inspection and generation of node keys (#11525)

* Improve inspection and generation of node keys

* Lock stdout before write

* Fix typo

* Fix offset

* Remove useless code

* Set inspect-node-key 'network' option as obsolete

substrate/bin/utils/subkey/src/lib.rs

@@ -30,8 +30,8 @@ use sc_cli::{
 	version
 )]
 pub enum Subkey {
-	/// Generate a random node libp2p key, save it to file or print it to stdout
+	/// Generate a random node key, write it to a file or stdout and write the
-	/// and print its peer ID to stderr.
+	/// corresponding peer-id to stderr
 	GenerateNodeKey(GenerateNodeKeyCmd),
 
 	/// Generate a random account
@@ -40,7 +40,7 @@ pub enum Subkey {
 	/// Gets a public key and a SS58 address from the provided Secret URI
 	Inspect(InspectKeyCmd),
 
-	/// Print the peer ID corresponding to the node key in the given file
+	/// Load a node key from a file or stdin and print the corresponding peer-id
 	InspectNodeKey(InspectNodeKeyCmd),
 
 	/// Sign a message, with a given (secret) key.

substrate/client/cli/src/commands/generate_node_key.rs

@@ -20,14 +20,18 @@
 use crate::Error;
 use clap::Parser;
 use libp2p::identity::{ed25519 as libp2p_ed25519, PublicKey};
-use std::{fs, path::PathBuf};
+use std::{
+	fs,
+	io::{self, Write},
+	path::PathBuf,
+};
 
 /// The `generate-node-key` command
 #[derive(Debug, Parser)]
 #[clap(
 	name = "generate-node-key",
-	about = "Generate a random node libp2p key, save it to \
+	about = "Generate a random node key, write it to a file or stdout \
-			 file or print it to stdout and print its peer ID to stderr"
+		 	and write the corresponding peer-id to stderr"
 )]
 pub struct GenerateNodeKeyCmd {
 	/// Name of file to save secret key to.
@@ -35,22 +39,33 @@ pub struct GenerateNodeKeyCmd {
 	/// If not given, the secret key is printed to stdout.
 	#[clap(long)]
 	file: Option<PathBuf>,
+
+	/// The output is in raw binary format.
+	///
+	/// If not given, the output is written as an hex encoded string.
+	#[clap(long)]
+	bin: bool,
 }
 
 impl GenerateNodeKeyCmd {
 	/// Run the command
 	pub fn run(&self) -> Result<(), Error> {
 		let keypair = libp2p_ed25519::Keypair::generate();
+
 		let secret = keypair.secret();
-		let peer_id = PublicKey::Ed25519(keypair.public()).to_peer_id();
+
-		let secret_hex = hex::encode(secret.as_ref());
+		let file_data = if self.bin {
+			secret.as_ref().to_owned()
+		} else {
+			hex::encode(secret.as_ref()).into_bytes()
+		};
 
 		match &self.file {
-			Some(file) => fs::write(file, secret_hex)?,
+			Some(file) => fs::write(file, file_data)?,
-			None => print!("{}", secret_hex),
+			None => io::stdout().lock().write_all(&file_data)?,
 		}
 
-		eprintln!("{}", peer_id);
+		eprintln!("{}", PublicKey::Ed25519(keypair.public()).to_peer_id());
 
 		Ok(())
 	}

substrate/client/cli/src/commands/inspect_node_key.rs

@@ -17,39 +17,64 @@
 
 //! Implementation of the `inspect-node-key` subcommand
 
-use crate::{Error, NetworkSchemeFlag};
+use crate::Error;
 use clap::Parser;
 use libp2p::identity::{ed25519, PublicKey};
-use std::{fs, path::PathBuf};
+use std::{
+	fs,
+	io::{self, Read},
+	path::PathBuf,
+};
 
 /// The `inspect-node-key` command
 #[derive(Debug, Parser)]
 #[clap(
 	name = "inspect-node-key",
-	about = "Print the peer ID corresponding to the node key in the given file."
+	about = "Load a node key from a file or stdin and print the corresponding peer-id."
 )]
 pub struct InspectNodeKeyCmd {
 	/// Name of file to read the secret key from.
+	///
+	/// If not given, the secret key is read from stdin (up to EOF).
 	#[clap(long)]
-	file: PathBuf,
+	file: Option<PathBuf>,
 
-	#[allow(missing_docs)]
+	/// The input is in raw binary format.
-	#[clap(flatten)]
+	///
-	pub network_scheme: NetworkSchemeFlag,
+	/// If not given, the input is read as an hex encoded string.
+	#[clap(long)]
+	bin: bool,
+
+	/// This argument is deprecated and has no effect for this command.
+	#[deprecated(note = "Network identifier is not used for node-key inspection")]
+	#[clap(short = 'n', long = "network", value_name = "NETWORK", ignore_case = true)]
+	pub network_scheme: Option<String>,
 }
 
 impl InspectNodeKeyCmd {
 	/// runs the command
 	pub fn run(&self) -> Result<(), Error> {
-		let mut file_content =
+		let mut file_data = match &self.file {
-			hex::decode(fs::read(&self.file)?).map_err(|_| "failed to decode secret as hex")?;
+			Some(file) => fs::read(&file)?,
+			None => {
+				let mut buf = Vec::with_capacity(64);
+				io::stdin().lock().read_to_end(&mut buf)?;
+				buf
+			},
+		};
+
+		if !self.bin {
+			// With hex input, give to the user a bit of tolerance about whitespaces
+			let keyhex = String::from_utf8_lossy(&file_data);
+			file_data = hex::decode(keyhex.trim()).map_err(|_| "failed to decode secret as hex")?;
+		}
+
 		let secret =
-			ed25519::SecretKey::from_bytes(&mut file_content).map_err(|_| "Bad node key file")?;
+			ed25519::SecretKey::from_bytes(&mut file_data).map_err(|_| "Bad node key file")?;
 
 		let keypair = ed25519::Keypair::from(secret);
-		let peer_id = PublicKey::Ed25519(keypair.public()).to_peer_id();
 
-		println!("{}", peer_id);
+		println!("{}", PublicKey::Ed25519(keypair.public()).to_peer_id());
 
 		Ok(())
 	}

substrate/client/cli/src/commands/key.rs

@@ -26,8 +26,8 @@ use crate::{Error, SubstrateCli};
 /// Key utilities for the cli.
 #[derive(Debug, clap::Subcommand)]
 pub enum KeySubcommand {
-	/// Generate a random node libp2p key, save it to file or print it to stdout
+	/// Generate a random node key, write it to a file or stdout and write the
-	/// and print its peer ID to stderr.
+	/// corresponding peer-id to stderr
 	GenerateNodeKey(GenerateNodeKeyCmd),
 
 	/// Generate a random account
@@ -36,7 +36,7 @@ pub enum KeySubcommand {
 	/// Gets a public key and a SS58 address from the provided Secret URI
 	Inspect(InspectKeyCmd),
 
-	/// Print the peer ID corresponding to the node key in the given file
+	/// Load a node key from a file or stdin and print the corresponding peer-id
 	InspectNodeKey(InspectNodeKeyCmd),
 
 	/// Insert a key to the keystore of a node.