Move fluence-identity to fluence-keypair (#17)

This commit is contained in:
Aleksey Proshutisnkiy 2021-09-29 18:14:39 +03:00 committed by GitHub
parent e15cfa9ceb
commit 18f010c710
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
24 changed files with 1281 additions and 255 deletions

35
.circleci/config.yml Normal file
View File

@ -0,0 +1,35 @@
version: 2.1
orbs:
docker: circleci/docker@1.5.0
jobs:
Build:
docker:
- image: circleci/rust:latest
resource_class: xlarge
environment:
RUST_BACKTRACE: 1
steps:
- checkout
- run: |
sudo bash .github/download_marine.sh
- restore_cache:
keys:
- trust-graph00-{{ checksum "./service/Cargo.lock" }}-{{ checksum "./Cargo.lock" }}-{{ checksum "./keypair/Cargo.lock" }}
- run: |
rustup toolchain install nightly-2021-04-24-x86_64-unknown-linux-gnu
rustup default nightly-2021-04-24-x86_64-unknown-linux-gnu
cargo test --no-fail-fast --release --all-features --
- save_cache:
paths:
- ~/.cargo
- ~/.rustup
key: trust-graph00-{{ checksum "./Cargo.lock" }}-{{ checksum "./keypair/Cargo.lock" }}
workflows:
version: 2
CircleCI:
jobs:
- Build

407
Cargo.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -1,6 +1,6 @@
[package]
name = "trust-graph"
version = "0.2.7"
version = "0.2.8"
authors = ["Fluence Labs"]
edition = "2018"
description = "trust graph"
@ -11,7 +11,7 @@ repository = "https://github.com/fluencelabs/trust-graph"
libp2p-core = { package = "fluence-fork-libp2p-core", version = "0.27.2" }
serde = { version = "=1.0.118", features = ["derive"] }
fluence-identity = { path = "./identity", version = "0.3.0" }
fluence-keypair = { path = "./keypair", version = "0.4.0" }
serde_json = "1.0.58"
bs58 = "0.3.1"
failure = "0.1.6"
@ -28,5 +28,5 @@ ring = "0.16.20"
[workspace]
members = [
"identity"
"keypair"
]

811
example/generated/export.ts Normal file
View File

@ -0,0 +1,811 @@
/**
*
* This file is auto-generated. Do not edit manually: changes may be erased.
* Generated by Aqua compiler: https://github.com/fluencelabs/aqua/.
* If you find any bugs, please write an issue on GitHub: https://github.com/fluencelabs/aqua/issues
* Aqua version: 0.3.1-228
*
*/
import { Fluence, FluencePeer } from '@fluencelabs/fluence';
import {
ResultCodes,
RequestFlow,
RequestFlowBuilder,
CallParams,
} from '@fluencelabs/fluence/dist/internal/compilerSupport/v1';
// Services
// Functions
export function verify_trust(node: string, trust: {expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}, issuer_peer_id: string, config?: {ttl?: number}) : Promise<{error:string;success:boolean}>;
export function verify_trust(peer: FluencePeer, node: string, trust: {expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}, issuer_peer_id: string, config?: {ttl?: number}) : Promise<{error:string;success:boolean}>;
export function verify_trust(...args: any) {
let peer: FluencePeer;
let node: any;
let trust: any;
let issuer_peer_id: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
trust = args[2];
issuer_peer_id = args[3];
config = args[4];
} else {
peer = Fluence.getPeer();
node = args[0];
trust = args[1];
issuer_peer_id = args[2];
config = args[3];
}
let request: RequestFlow;
const promise = new Promise<{error:string;success:boolean}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "trust") [] trust)
)
(call %init_peer_id% ("getDataSrv" "issuer_peer_id") [] issuer_peer_id)
)
(call -relay- ("op" "noop") [])
)
(xor
(seq
(call node ("peer" "timestamp_sec") [] timestamp_sec)
(call node ("trust-graph" "verify_trust") [trust issuer_peer_id timestamp_sec] result)
)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'trust', () => {return trust;});
h.on('getDataSrv', 'issuer_peer_id', () => {return issuer_peer_id;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for verify_trust');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}
export function issue_trust(node: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number, trust_bytes: number[], config?: {ttl?: number}) : Promise<{error:string;success:boolean;trust:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}}>;
export function issue_trust(peer: FluencePeer, node: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number, trust_bytes: number[], config?: {ttl?: number}) : Promise<{error:string;success:boolean;trust:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}}>;
export function issue_trust(...args: any) {
let peer: FluencePeer;
let node: any;
let issued_for_peer_id: any;
let expires_at_sec: any;
let issued_at_sec: any;
let trust_bytes: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
issued_for_peer_id = args[2];
expires_at_sec = args[3];
issued_at_sec = args[4];
trust_bytes = args[5];
config = args[6];
} else {
peer = Fluence.getPeer();
node = args[0];
issued_for_peer_id = args[1];
expires_at_sec = args[2];
issued_at_sec = args[3];
trust_bytes = args[4];
config = args[5];
}
let request: RequestFlow;
const promise = new Promise<{error:string;success:boolean;trust:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "issued_for_peer_id") [] issued_for_peer_id)
)
(call %init_peer_id% ("getDataSrv" "expires_at_sec") [] expires_at_sec)
)
(call %init_peer_id% ("getDataSrv" "issued_at_sec") [] issued_at_sec)
)
(call %init_peer_id% ("getDataSrv" "trust_bytes") [] trust_bytes)
)
(call -relay- ("op" "noop") [])
)
(xor
(call node ("trust-graph" "issue_trust") [issued_for_peer_id expires_at_sec issued_at_sec trust_bytes] result)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'issued_for_peer_id', () => {return issued_for_peer_id;});
h.on('getDataSrv', 'expires_at_sec', () => {return expires_at_sec;});
h.on('getDataSrv', 'issued_at_sec', () => {return issued_at_sec;});
h.on('getDataSrv', 'trust_bytes', () => {return trust_bytes;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for issue_trust');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}
export function insert_cert(node: string, certificate: {chain:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}[]}, config?: {ttl?: number}) : Promise<{error:string;success:boolean}>;
export function insert_cert(peer: FluencePeer, node: string, certificate: {chain:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}[]}, config?: {ttl?: number}) : Promise<{error:string;success:boolean}>;
export function insert_cert(...args: any) {
let peer: FluencePeer;
let node: any;
let certificate: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
certificate = args[2];
config = args[3];
} else {
peer = Fluence.getPeer();
node = args[0];
certificate = args[1];
config = args[2];
}
let request: RequestFlow;
const promise = new Promise<{error:string;success:boolean}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "certificate") [] certificate)
)
(call -relay- ("op" "noop") [])
)
(xor
(seq
(call node ("peer" "timestamp_sec") [] timestamp_sec)
(call node ("trust-graph" "insert_cert") [certificate timestamp_sec] result)
)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'certificate', () => {return certificate;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for insert_cert');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}
export function get_all_certs(node: string, issued_for: string, config?: {ttl?: number}) : Promise<{certificates:{chain:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}[]}[];error:string;success:boolean}>;
export function get_all_certs(peer: FluencePeer, node: string, issued_for: string, config?: {ttl?: number}) : Promise<{certificates:{chain:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}[]}[];error:string;success:boolean}>;
export function get_all_certs(...args: any) {
let peer: FluencePeer;
let node: any;
let issued_for: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
issued_for = args[2];
config = args[3];
} else {
peer = Fluence.getPeer();
node = args[0];
issued_for = args[1];
config = args[2];
}
let request: RequestFlow;
const promise = new Promise<{certificates:{chain:{expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}[]}[];error:string;success:boolean}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "issued_for") [] issued_for)
)
(call -relay- ("op" "noop") [])
)
(xor
(seq
(call node ("peer" "timestamp_sec") [] timestamp_sec)
(call node ("trust-graph" "get_all_certs") [issued_for timestamp_sec] result)
)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'issued_for', () => {return issued_for;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for get_all_certs');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}
export function add_trust(node: string, trust: {expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}, issuer_peer_id: string, config?: {ttl?: number}) : Promise<{error:string;success:boolean;weight:number}>;
export function add_trust(peer: FluencePeer, node: string, trust: {expires_at:number;issued_at:number;issued_for:string;sig_type:string;signature:string}, issuer_peer_id: string, config?: {ttl?: number}) : Promise<{error:string;success:boolean;weight:number}>;
export function add_trust(...args: any) {
let peer: FluencePeer;
let node: any;
let trust: any;
let issuer_peer_id: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
trust = args[2];
issuer_peer_id = args[3];
config = args[4];
} else {
peer = Fluence.getPeer();
node = args[0];
trust = args[1];
issuer_peer_id = args[2];
config = args[3];
}
let request: RequestFlow;
const promise = new Promise<{error:string;success:boolean;weight:number}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "trust") [] trust)
)
(call %init_peer_id% ("getDataSrv" "issuer_peer_id") [] issuer_peer_id)
)
(call -relay- ("op" "noop") [])
)
(xor
(seq
(call node ("peer" "timestamp_sec") [] timestamp_sec)
(call node ("trust-graph" "add_trust") [trust issuer_peer_id timestamp_sec] result)
)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'trust', () => {return trust;});
h.on('getDataSrv', 'issuer_peer_id', () => {return issuer_peer_id;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for add_trust');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}
export function add_root(node: string, peer_id: string, weight_factor: number, config?: {ttl?: number}) : Promise<{error:string;success:boolean}>;
export function add_root(peer: FluencePeer, node: string, peer_id: string, weight_factor: number, config?: {ttl?: number}) : Promise<{error:string;success:boolean}>;
export function add_root(...args: any) {
let peer: FluencePeer;
let node: any;
let peer_id: any;
let weight_factor: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
peer_id = args[2];
weight_factor = args[3];
config = args[4];
} else {
peer = Fluence.getPeer();
node = args[0];
peer_id = args[1];
weight_factor = args[2];
config = args[3];
}
let request: RequestFlow;
const promise = new Promise<{error:string;success:boolean}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "peer_id") [] peer_id)
)
(call %init_peer_id% ("getDataSrv" "weight_factor") [] weight_factor)
)
(call -relay- ("op" "noop") [])
)
(xor
(call node ("trust-graph" "add_root") [peer_id weight_factor] result)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'peer_id', () => {return peer_id;});
h.on('getDataSrv', 'weight_factor', () => {return weight_factor;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for add_root');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}
export function get_weight(node: string, peer_id: string, config?: {ttl?: number}) : Promise<{error:string;peer_id:string;success:boolean;weight:number}>;
export function get_weight(peer: FluencePeer, node: string, peer_id: string, config?: {ttl?: number}) : Promise<{error:string;peer_id:string;success:boolean;weight:number}>;
export function get_weight(...args: any) {
let peer: FluencePeer;
let node: any;
let peer_id: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
peer_id = args[2];
config = args[3];
} else {
peer = Fluence.getPeer();
node = args[0];
peer_id = args[1];
config = args[2];
}
let request: RequestFlow;
const promise = new Promise<{error:string;peer_id:string;success:boolean;weight:number}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "peer_id") [] peer_id)
)
(call -relay- ("op" "noop") [])
)
(xor
(seq
(call node ("peer" "timestamp_sec") [] timestamp_sec)
(call node ("trust-graph" "get_weight") [peer_id timestamp_sec] result)
)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'peer_id', () => {return peer_id;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for get_weight');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}
export function get_trust_bytes(node: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number, config?: {ttl?: number}) : Promise<{error:string;result:number[];success:boolean}>;
export function get_trust_bytes(peer: FluencePeer, node: string, issued_for_peer_id: string, expires_at_sec: number, issued_at_sec: number, config?: {ttl?: number}) : Promise<{error:string;result:number[];success:boolean}>;
export function get_trust_bytes(...args: any) {
let peer: FluencePeer;
let node: any;
let issued_for_peer_id: any;
let expires_at_sec: any;
let issued_at_sec: any;
let config: any;
if (FluencePeer.isInstance(args[0])) {
peer = args[0];
node = args[1];
issued_for_peer_id = args[2];
expires_at_sec = args[3];
issued_at_sec = args[4];
config = args[5];
} else {
peer = Fluence.getPeer();
node = args[0];
issued_for_peer_id = args[1];
expires_at_sec = args[2];
issued_at_sec = args[3];
config = args[4];
}
let request: RequestFlow;
const promise = new Promise<{error:string;result:number[];success:boolean}>((resolve, reject) => {
const r = new RequestFlowBuilder()
.disableInjections()
.withRawScript(
`
(xor
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(seq
(call %init_peer_id% ("getDataSrv" "-relay-") [] -relay-)
(call %init_peer_id% ("getDataSrv" "node") [] node)
)
(call %init_peer_id% ("getDataSrv" "issued_for_peer_id") [] issued_for_peer_id)
)
(call %init_peer_id% ("getDataSrv" "expires_at_sec") [] expires_at_sec)
)
(call %init_peer_id% ("getDataSrv" "issued_at_sec") [] issued_at_sec)
)
(call -relay- ("op" "noop") [])
)
(xor
(call node ("trust-graph" "get_trust_bytes") [issued_for_peer_id expires_at_sec issued_at_sec] result)
(seq
(call -relay- ("op" "noop") [])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 1])
)
)
)
(call -relay- ("op" "noop") [])
)
(xor
(call %init_peer_id% ("callbackSrv" "response") [result])
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 2])
)
)
(call %init_peer_id% ("errorHandlingSrv" "error") [%last_error% 3])
)
`,
)
.configHandler((h) => {
h.on('getDataSrv', '-relay-', () => {
return peer.getStatus().relayPeerId;
});
h.on('getDataSrv', 'node', () => {return node;});
h.on('getDataSrv', 'issued_for_peer_id', () => {return issued_for_peer_id;});
h.on('getDataSrv', 'expires_at_sec', () => {return expires_at_sec;});
h.on('getDataSrv', 'issued_at_sec', () => {return issued_at_sec;});
h.onEvent('callbackSrv', 'response', (args) => {
const [res] = args;
resolve(res);
});
h.onEvent('errorHandlingSrv', 'error', (args) => {
const [err] = args;
reject(err);
});
})
.handleScriptError(reject)
.handleTimeout(() => {
reject('Request timed out for get_trust_bytes');
})
if(config && config.ttl) {
r.withTTL(config.ttl)
}
request = r.build();
});
peer.internals.initiateFlow(request!);
return promise;
}

View File

@ -1,6 +1,6 @@
[package]
name = "fluence-identity"
version = "0.3.0"
name = "fluence-keypair"
version = "0.4.0"
authors = ["Fluence Labs"]
edition = "2018"
description = "identity"
@ -18,13 +18,16 @@ ed25519 = "1.0.3"
serde_with = "1.6.0"
thiserror = "1.0.23"
lazy_static = "1.2"
libsecp256k1 = "0.3.5"
ring = { version = "0.16.9", features = ["alloc", "std"], default-features = false }
libsecp256k1 = "0.3.1"
asn1_der = "0.6.1"
sha2 = "0.9.1"
zeroize = "1"
serde_bytes = "0.11"
libp2p-core = { package = "fluence-fork-libp2p-core", version = "0.27.2" }
libp2p-core = { package = "fluence-fork-libp2p-core", version = "0.27.2", features = ["secp256k1"]}
eyre = "0.6.5"
[target.'cfg(not(target_arch = "wasm32"))'.dependencies]
ring = { version = "0.16.9", features = ["alloc", "std"], default-features = false }
[dev-dependencies]
quickcheck = "0.9.0"

View File

@ -136,7 +136,7 @@ impl PublicKey {
}
/// An Ed25519 secret key.
pub struct SecretKey(ed25519::SecretKey);
pub struct SecretKey(pub ed25519::SecretKey);
/// View the bytes of the secret key.
impl AsRef<[u8]> for SecretKey {

View File

@ -47,6 +47,8 @@ pub enum DecodingError {
InvalidTypeByte,
#[error("Cannot decode public key from base58 :{0}")]
Base58DecodeError(#[source] bs58::decode::Error),
#[error("Raw signature decoding failed: type {0} not supported")]
RawSignatureUnsupportedType(String),
}
/// An error during signing of a message.

View File

@ -28,6 +28,7 @@ use crate::signature::Signature;
use crate::error::{Error, DecodingError, SigningError};
use std::str::FromStr;
use std::convert::TryFrom;
use libp2p_core::PeerId;
/// Identity keypair of a node.
///
@ -167,6 +168,16 @@ impl KeyPair {
}
}
pub fn secret(&self) -> eyre::Result<Vec<u8>> {
use KeyPair::*;
match self {
Ed25519(pair) => Ok(pair.secret().0.to_bytes().to_vec()),
#[cfg(not(target_arch = "wasm32"))]
Rsa(_) => Err(eyre::eyre!("secret key is not available for RSA")),
Secp256k1(pair) => Ok(pair.secret().to_bytes().to_vec()),
}
}
/// Verify the signature on a message using the public key.
pub fn verify(pk: &PublicKey, msg: &[u8], signature: &Signature) -> Result<(), SigningError> {
pk.verify(msg, signature)
@ -192,6 +203,10 @@ impl KeyPair {
KeyFormat::Rsa => Err(DecodingError::KeypairDecodingIsNotSupported)
}
}
pub fn get_peer_id(&self) -> PeerId {
self.public().to_peer_id()
}
}
impl From<libp2p_core::identity::Keypair> for KeyPair {

View File

@ -26,16 +26,39 @@
unreachable_patterns
)]
mod secp256k1;
mod ed25519;
pub mod error;
pub mod key_pair;
pub mod public_key;
#[cfg(not(target_arch = "wasm32"))]
mod rsa;
pub mod key_pair;
pub mod error;
pub mod public_key;
mod secp256k1;
pub mod signature;
pub use key_pair::KeyPair;
pub use key_pair::KeyFormat;
pub use crate::public_key::PublicKey;
pub use crate::signature::Signature;
pub use key_pair::KeyFormat;
pub use key_pair::KeyPair;
pub mod peerid_serializer {
use libp2p_core::PeerId;
use serde::{Deserialize, Deserializer, Serialize, Serializer};
use std::str::FromStr;
pub fn serialize<S>(value: &PeerId, serializer: S) -> Result<S::Ok, S::Error>
where
S: Serializer,
{
value.to_base58().serialize(serializer)
}
pub fn deserialize<'de, D>(deserializer: D) -> Result<PeerId, D::Error>
where
D: Deserializer<'de>,
{
let str = String::deserialize(deserializer)?;
PeerId::from_str(&str).map_err(|e| {
serde::de::Error::custom(format!("peer id deserialization failed for {:?}", e))
})
}
}

View File

@ -14,14 +14,15 @@
* limitations under the License.
*/
use crate::ed25519;
use crate::error::{DecodingError, SigningError};
#[cfg(not(target_arch = "wasm32"))]
use crate::rsa;
use crate::secp256k1;
use crate::error::{DecodingError, SigningError};
use crate::signature::Signature;
use serde::{Deserialize, Serialize};
use crate::key_pair::KeyFormat;
use libp2p_core::PeerId;
use serde::{Deserialize, Serialize};
use std::convert::TryFrom;
/// The public key of a node's identity keypair.
@ -41,13 +42,14 @@ impl PublicKey {
/// that the signature has been produced by the corresponding
/// private key (authenticity), and that the message has not been
/// tampered with (integrity).
// TODO: add VerificationError
pub fn verify(&self, msg: &[u8], sig: &Signature) -> Result<(), SigningError> {
use PublicKey::*;
match self {
Ed25519(pk) => pk.verify(msg, sig.to_vec()),
#[cfg(not(target_arch = "wasm32"))]
Rsa(pk) => pk.verify(msg, sig.to_vec()),
Secp256k1(pk) => pk.verify(msg, sig.to_vec())
Secp256k1(pk) => pk.verify(msg, sig.to_vec()),
}
}
@ -69,8 +71,12 @@ impl PublicKey {
match KeyFormat::try_from(bytes[0])? {
KeyFormat::Ed25519 => Ok(PublicKey::Ed25519(ed25519::PublicKey::decode(&bytes[1..])?)),
#[cfg(not(target_arch = "wasm32"))]
KeyFormat::Rsa => Ok(PublicKey::Rsa(rsa::PublicKey::from_pkcs1(bytes[1..].to_owned())?)),
KeyFormat::Secp256k1 => Ok(PublicKey::Secp256k1(secp256k1::PublicKey::decode(&bytes[1..])?)),
KeyFormat::Rsa => Ok(PublicKey::Rsa(rsa::PublicKey::from_pkcs1(
bytes[1..].to_owned(),
)?)),
KeyFormat::Secp256k1 => Ok(PublicKey::Secp256k1(secp256k1::PublicKey::decode(
&bytes[1..],
)?)),
}
}
@ -80,12 +86,14 @@ impl PublicKey {
Ed25519(_) => KeyFormat::Ed25519.into(),
#[cfg(not(target_arch = "wasm32"))]
Rsa(_) => KeyFormat::Rsa.into(),
Secp256k1(_) => KeyFormat::Secp256k1.into()
Secp256k1(_) => KeyFormat::Secp256k1.into(),
}
}
pub fn from_base58(str: &str) -> Result<PublicKey, DecodingError> {
let bytes = bs58::decode(str).into_vec().map_err(DecodingError::Base58DecodeError)?;
let bytes = bs58::decode(str)
.into_vec()
.map_err(DecodingError::Base58DecodeError)?;
Self::decode(&bytes)
}
@ -99,6 +107,10 @@ impl PublicKey {
Secp256k1(pk) => pk.encode().to_vec(),
}
}
pub fn to_peer_id(&self) -> PeerId {
PeerId::from_public_key(self.clone().into())
}
}
impl From<libp2p_core::identity::PublicKey> for PublicKey {
@ -106,12 +118,49 @@ impl From<libp2p_core::identity::PublicKey> for PublicKey {
use libp2p_core::identity::PublicKey::*;
match key {
Ed25519(key) => PublicKey::Ed25519(ed25519::PublicKey::decode(&key.encode()[..]).unwrap()),
Ed25519(key) => {
PublicKey::Ed25519(ed25519::PublicKey::decode(&key.encode()[..]).unwrap())
}
#[cfg(not(target_arch = "wasm32"))]
Rsa(key) => PublicKey::Rsa(rsa::PublicKey::from_pkcs1(key.encode_pkcs1()).unwrap()),
Secp256k1(key) => PublicKey::Secp256k1(secp256k1::PublicKey::decode(&key.encode()[..]).unwrap()),
Secp256k1(key) => {
PublicKey::Secp256k1(secp256k1::PublicKey::decode(&key.encode()[..]).unwrap())
}
}
}
}
impl From<PublicKey> for libp2p_core::identity::PublicKey {
fn from(key: PublicKey) -> Self {
use libp2p_core::identity as libp2p_identity;
match key {
PublicKey::Ed25519(key) => libp2p_identity::PublicKey::Ed25519(
libp2p_identity::ed25519::PublicKey::decode(&key.encode()[..]).unwrap(),
),
#[cfg(not(target_arch = "wasm32"))]
PublicKey::Rsa(key) => libp2p_identity::PublicKey::Rsa(
libp2p_identity::rsa::PublicKey::decode_x509(&key.encode_x509()).unwrap(),
),
PublicKey::Secp256k1(key) => libp2p_identity::PublicKey::Secp256k1(
libp2p_identity::secp256k1::PublicKey::decode(&key.encode()[..]).unwrap(),
),
}
}
}
impl TryFrom<libp2p_core::PeerId> for PublicKey {
type Error = eyre::Error;
fn try_from(peer_id: libp2p_core::PeerId) -> eyre::Result<PublicKey> {
Ok(peer_id
.as_public_key()
.ok_or(eyre::eyre!(
"public key is not inlined in peer id: {}",
peer_id
))?
.into())
}
}
#[cfg(test)]
@ -134,4 +183,15 @@ mod tests {
let encoded_pk = pk.encode();
assert_eq!(pk, PublicKey::decode(&encoded_pk).unwrap());
}
#[test]
fn public_key_peer_id_conversions() {
let kp = KeyPair::generate_secp256k1();
let fluence_pk = kp.public();
let libp2p_pk: libp2p_core::PublicKey = fluence_pk.clone().into();
let peer_id = PeerId::from_public_key(libp2p_pk);
let fluence_pk_converted = PublicKey::try_from(peer_id).unwrap();
assert_eq!(fluence_pk, fluence_pk_converted);
}
}

View File

@ -14,12 +14,12 @@
* limitations under the License.
*/
use crate::ed25519;
use crate::secp256k1;
use crate::error::DecodingError;
use crate::key_pair::KeyFormat;
#[cfg(not(target_arch = "wasm32"))]
use crate::rsa;
use crate::error::DecodingError;
use crate::secp256k1;
use serde::{Deserialize, Serialize};
use crate::key_pair::KeyFormat;
use std::convert::TryFrom;
#[derive(Debug, Clone, PartialEq, Eq, Deserialize, Serialize)]
@ -30,6 +30,11 @@ pub enum Signature {
Secp256k1(secp256k1::Signature),
}
pub struct RawSignature {
pub bytes: Vec<u8>,
pub sig_type: KeyFormat,
}
impl Signature {
fn get_prefix(&self) -> u8 {
use Signature::*;
@ -37,7 +42,7 @@ impl Signature {
Ed25519(_) => KeyFormat::Ed25519.into(),
#[cfg(not(target_arch = "wasm32"))]
Rsa(_) => KeyFormat::Rsa.into(),
Secp256k1(_) => KeyFormat::Secp256k1.into()
Secp256k1(_) => KeyFormat::Secp256k1.into(),
}
}
@ -63,8 +68,9 @@ impl Signature {
KeyFormat::Ed25519 => Ok(Signature::Ed25519(ed25519::Signature(bytes[1..].to_vec()))),
#[cfg(not(target_arch = "wasm32"))]
KeyFormat::Rsa => Ok(Signature::Rsa(rsa::Signature(bytes[1..].to_vec()))),
KeyFormat::Secp256k1 => Ok(Signature::Secp256k1(secp256k1::Signature(bytes[1..].to_vec()))),
KeyFormat::Secp256k1 => Ok(Signature::Secp256k1(secp256k1::Signature(
bytes[1..].to_vec(),
))),
}
}
@ -78,6 +84,33 @@ impl Signature {
Secp256k1(sig) => &sig.0,
}
}
pub fn get_signature_type(&self) -> KeyFormat {
use Signature::*;
match self {
Ed25519(_) => KeyFormat::Ed25519,
#[cfg(not(target_arch = "wasm32"))]
Rsa(_) => KeyFormat::Rsa,
Secp256k1(_) => KeyFormat::Secp256k1,
}
}
pub fn get_raw_signature(&self) -> RawSignature {
RawSignature {
bytes: self.to_vec().clone().to_vec(),
sig_type: self.get_signature_type(),
}
}
pub fn from_bytes_with_public_key(key_format: KeyFormat, bytes: Vec<u8>) -> Self {
match key_format {
KeyFormat::Ed25519 => Signature::Ed25519(ed25519::Signature(bytes)),
#[cfg(not(target_arch = "wasm32"))]
KeyFormat::Rsa => Signature::Rsa(rsa::Signature(bytes)),
KeyFormat::Secp256k1 => Signature::Secp256k1(secp256k1::Signature(bytes)),
}
}
}
#[cfg(test)]
@ -92,8 +125,14 @@ mod tests {
#[cfg(not(target_arch = "wasm32"))]
let rsa_sig = Signature::Rsa(crate::rsa::Signature(bytes.clone()));
assert_eq!(Signature::decode(ed25519_sig.encode()).unwrap(), ed25519_sig);
assert_eq!(Signature::decode(secp256k1_sig.encode()).unwrap(), secp256k1_sig);
assert_eq!(
Signature::decode(ed25519_sig.encode()).unwrap(),
ed25519_sig
);
assert_eq!(
Signature::decode(secp256k1_sig.encode()).unwrap(),
secp256k1_sig
);
#[cfg(not(target_arch = "wasm32"))]
assert_eq!(Signature::decode(rsa_sig.encode()).unwrap(), rsa_sig);
}

View File

@ -20,8 +20,8 @@ use crate::certificate::CertificateError::{
VerificationError,
};
use crate::trust::{Trust, TrustError};
use fluence_identity::key_pair::KeyPair;
use fluence_identity::public_key::PublicKey;
use fluence_keypair::key_pair::KeyPair;
use fluence_keypair::public_key::PublicKey;
use std::str::FromStr;
use std::time::Duration;
use thiserror::Error as ThisError;
@ -281,7 +281,7 @@ impl FromStr for Certificate {
mod tests {
use super::*;
use crate::misc::current_time;
use fluence_identity::key_pair::KeyPair;
use fluence_keypair::KeyPair;
use std::time::{Duration, SystemTime, UNIX_EPOCH};
pub fn one_second() -> Duration {

View File

@ -13,8 +13,7 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
use fluence_identity::public_key::PublicKey;
use fluence_keypair::PublicKey;
use core::fmt;
use ref_cast::RefCast;
@ -82,7 +81,7 @@ impl Display for PublicKeyHashable {
}
impl FromStr for PublicKeyHashable {
type Err = fluence_identity::error::DecodingError;
type Err = fluence_keypair::error::DecodingError;
fn from_str(s: &str) -> Result<Self, Self::Err> {
let pk = PublicKey::from_base58(s)?;

View File

@ -15,9 +15,9 @@
*/
use crate::revoke::RevokeError::IncorrectSignature;
use fluence_identity::key_pair::KeyPair;
use fluence_identity::public_key::PublicKey;
use fluence_identity::signature::Signature;
use fluence_keypair::key_pair::KeyPair;
use fluence_keypair::public_key::PublicKey;
use fluence_keypair::signature::Signature;
use serde::{Deserialize, Serialize};
use std::time::Duration;
use thiserror::Error as ThisError;
@ -28,7 +28,7 @@ pub enum RevokeError {
IncorrectSignature(
#[from]
#[source]
fluence_identity::error::SigningError
fluence_keypair::error::SigningError
),
}

View File

@ -14,16 +14,18 @@
* limitations under the License.
*/
use crate::trust::TrustError::{Base58DecodeError, DecodePublicKeyError, ParseError, SignatureError, DecodeErrorInvalidSize};
use crate::trust::TrustError::{
Base58DecodeError, DecodeErrorInvalidSize, DecodePublicKeyError, ParseError, SignatureError,
};
use derivative::Derivative;
use fluence_identity::key_pair::KeyPair;
use fluence_identity::public_key::PublicKey;
use fluence_identity::signature::Signature;
use fluence_keypair::key_pair::KeyPair;
use fluence_keypair::public_key::PublicKey;
use fluence_keypair::signature::Signature;
use serde::{Deserialize, Serialize};
use std::convert::TryInto;
use std::num::ParseIntError;
use std::time::Duration;
use thiserror::Error as ThisError;
use serde::{Deserialize, Serialize};
pub const EXPIRATION_LEN: usize = 8;
pub const ISSUED_LEN: usize = 8;
@ -65,12 +67,12 @@ pub enum TrustError {
SignatureError(
#[from]
#[source]
fluence_identity::error::SigningError,
fluence_keypair::error::SigningError,
),
/// Errors occurred on trust decoding from different formats
#[error("Cannot decode the public key: {0} in the trust: {1}")]
DecodePublicKeyError(String, #[source] fluence_identity::error::DecodingError),
DecodePublicKeyError(String, #[source] fluence_keypair::error::DecodingError),
#[error("Cannot parse `{0}` field in the trust '{1}': {2}")]
ParseError(String, String, #[source] ParseIntError),
@ -82,7 +84,7 @@ pub enum TrustError {
PublicKeyError(
#[from]
#[source]
fluence_identity::error::DecodingError,
fluence_keypair::error::DecodingError,
),
#[error("Cannot decode `{0}` field in the trust: invalid size")]

View File

@ -26,7 +26,7 @@ use crate::trust_graph::TrustGraphError::{
use crate::trust_graph_storage::Storage;
use crate::trust_node::{Auth, TrustNode};
use crate::StorageError;
use fluence_identity::public_key::PublicKey;
use fluence_keypair::public_key::PublicKey;
use std::borrow::Borrow;
use std::collections::{HashSet, VecDeque};
use std::convert::{From, Into};
@ -92,7 +92,11 @@ where
}
/// Insert new root weight
pub fn add_root_weight(&mut self, pk: PublicKey, weight: Weight) -> Result<(), TrustGraphError> {
pub fn add_root_weight(
&mut self,
pk: PublicKey,
weight: Weight,
) -> Result<(), TrustGraphError> {
Ok(self.storage.add_root_weight(pk.into(), weight)?)
}
@ -339,7 +343,7 @@ mod tests {
use crate::misc::current_time;
use crate::trust_graph_storage::InMemoryStorage;
use failure::_core::time::Duration;
use fluence_identity::key_pair::KeyPair;
use fluence_keypair::key_pair::KeyPair;
use std::collections::HashMap;
pub fn one_minute() -> Duration {
@ -376,13 +380,15 @@ mod tests {
let root_kp = KeyPair::generate_ed25519();
let second_kp = KeyPair::generate_ed25519();
let mut cert =
Certificate::issue_root(&root_kp, second_kp.public(), expires_at, issued_at);
let mut cert = Certificate::issue_root(&root_kp, second_kp.public(), expires_at, issued_at);
let mut key_pairs = vec![root_kp, second_kp];
for idx in 2..len {
let kp = keys.get(&idx).unwrap_or(&KeyPair::generate_ed25519()).clone();
let kp = keys
.get(&idx)
.unwrap_or(&KeyPair::generate_ed25519())
.clone();
let previous_kp = &key_pairs[idx - 1];
cert = Certificate::issue(
&previous_kp,
@ -591,9 +597,15 @@ mod tests {
let st = InMemoryStorage::new();
let mut graph = TrustGraph::new(st);
// add first and last trusts as roots
graph.add_root_weight(cert.chain[0].clone().issued_for.into(), 1).unwrap();
graph.add_root_weight(cert.chain[3].clone().issued_for.into(), 1).unwrap();
graph.add_root_weight(cert.chain[5].clone().issued_for.into(), 1).unwrap();
graph
.add_root_weight(cert.chain[0].clone().issued_for.into(), 1)
.unwrap();
graph
.add_root_weight(cert.chain[3].clone().issued_for.into(), 1)
.unwrap();
graph
.add_root_weight(cert.chain[5].clone().issued_for.into(), 1)
.unwrap();
graph.add(cert.clone(), current_time()).unwrap();

View File

@ -3,7 +3,7 @@ use crate::revoke::Revoke;
use crate::trust_graph::Weight;
use crate::trust_graph_storage::InMemoryStorageError::RevokeError;
use crate::trust_node::{Auth, TrustNode};
use fluence_identity::public_key::PublicKey;
use fluence_keypair::public_key::PublicKey;
use std::collections::HashMap;
use std::fmt::Display;
use std::time::Duration;

View File

@ -18,7 +18,7 @@ use crate::public_key_hashable::PublicKeyHashable;
use crate::revoke::Revoke;
use crate::trust::Trust;
use failure::_core::time::Duration;
use fluence_identity::public_key::PublicKey;
use fluence_keypair::public_key::PublicKey;
use serde::{Deserialize, Serialize};
use serde_with::serde_as;
use std::collections::HashMap;
@ -154,7 +154,7 @@ impl TrustNode {
mod tests {
use std::time::Duration;
use fluence_identity::key_pair::KeyPair;
use fluence_keypair::key_pair::KeyPair;
use super::*;