From db6f8b805d660aad00111bf3198b22685405c579 Mon Sep 17 00:00:00 2001 From: zo-el Date: Mon, 17 Feb 2020 00:37:39 -0600 Subject: [PATCH 1/5] hc dpki cli to generate auth/rev/root keys --- crates/cli/src/cli/dpki.rs | 486 +++++++++++++++++++++++++++ crates/cli/src/cli/keygen.rs | 191 +++++++++-- crates/cli/src/cli/mod.rs | 2 + crates/cli/src/main.rs | 46 ++- crates/cli/src/util.rs | 68 +++- crates/conductor_lib/src/keystore.rs | 30 +- crates/dpki/src/keypair.rs | 20 ++ crates/dpki/src/lib.rs | 3 + crates/dpki/src/seed.rs | 167 +++++++-- 9 files changed, 936 insertions(+), 77 deletions(-) create mode 100644 crates/cli/src/cli/dpki.rs diff --git a/crates/cli/src/cli/dpki.rs b/crates/cli/src/cli/dpki.rs new file mode 100644 index 0000000000..fdae021fda --- /dev/null +++ b/crates/cli/src/cli/dpki.rs @@ -0,0 +1,486 @@ +use crate::{ + cli::keygen, + util::{self, get_secure_string_double_check, user_prompt, user_prompt_yes_no, WordCountable}, +}; +use holochain_core_types::error::HcResult; +use holochain_dpki::{ + key_bundle::KeyBundle, + keypair::KeyPair, + seed::{MnemonicableSeed, RootSeed, SeedTrait, SeedType, TypedSeed}, + utils::generate_random_seed_buf, +}; +use lib3h_sodium::secbuf::SecBuf; +use std::{path::PathBuf, str::FromStr, string::ParseError}; +use structopt::StructOpt; + +const MNEMONIC_WORD_COUNT: usize = 24; +const ENCRYPTED_MNEMONIC_WORD_COUNT: usize = 2 * MNEMONIC_WORD_COUNT; + +const DEFAULT_REVOCATION_KEY_DEV_INDEX: u64 = 1; +const DEFAULT_AUTH_KEY_DEV_INDEX: u64 = 1; + +pub enum SignType { + Revoke, + Auth, +} + +impl FromStr for SignType { + type Err = ParseError; + fn from_str(day: &str) -> Result { + match day { + "revoke" => Ok(SignType::Revoke), + "auth" => Ok(SignType::Auth), + _ => panic!(), + } + } +} + +#[derive(StructOpt)] +pub enum Dpki { + #[structopt( + name = "genroot", + about = "Generate a new random DPKI root seed. This is encrypyed with a passphrase and printed in BIP39 mnemonic form to stdout. Both the passphrase and mnemonic should be recorded and kept safe to be used later for key management." + )] + GenRoot { + passphrase: Option, + quiet: bool, + }, + + #[structopt( + name = "keygen", + about = "Identical to `hc keygen` but derives agent key pair from a DPKI root seed at a given derivation index. This allows the keys to be recovered provided the root seed is known." + )] + Keygen { + #[structopt(long, short, help = "Specify path of file")] + path: Option, + + #[structopt( + long, + short, + help = "Only print machine-readable output; intended for use by programs and scripts" + )] + quiet: bool, + + #[structopt( + long, + short, + help = "Set passphrase via argument and don't prompt for it (not reccomended)" + )] + keystore_passphrase: Option, + + #[structopt( + long, + short, + help = "Use insecure, hard-wired passphrase for testing and Don't ask for passphrase" + )] + nullpass: bool, + + #[structopt( + long, + short, + help = "Set root seed via argument and don't prompt for it (not reccomended). BIP39 mnemonic encoded root seed to derive device seed and agent key from" + )] + root_seed: Option, + + #[structopt( + long, + short, + help = "Set mnemonic passphrase via argument and don't prompt for it (not reccomended)" + )] + mnemonic_passphrase: Option, + + #[structopt(help = "Derive device seed from root seed with this index")] + device_derivation_index: u64, + }, + + #[structopt( + name = "genrevoke", + about = "Generate a revocation seed given an encrypted root seed mnemonic, passphrase and derivation index." + )] + GenRevoke { + #[structopt(help = "Derive revocation seed from root seed with this index")] + derivation_index: u64, + + #[structopt( + long, + short, + help = "unsecurely pass passphrase to decrypt root seed (not reccomended). Will prompt if encrypted seed provided." + )] + root_seed_passphrase: Option, + + #[structopt( + long, + short, + help = "unsecurely pass passphrase to encrypt revocation seed (not reccomended)." + )] + revocation_seed_passphrase: Option, + + #[structopt( + long, + short, + help = "Only print machine-readable output; intended for use by programs and scripts" + )] + quiet: bool, + }, + + #[structopt( + name = "genauth", + about = "Generate an auth seed given an encrypted root seed mnemonic, passphrase and derivation index." + )] + GenAuth { + #[structopt(help = "Derive auth seed from root seed with this index")] + derivation_index: u64, + + #[structopt( + long, + short, + help = "unsecurely pass passphrase to decrypt root seed (not reccomended). Will prompt if encrypted seed provided." + )] + root_seed_passphrase: Option, + + #[structopt( + long, + short, + help = "unsecurely pass passphrase to encrypt auth seed (not reccomended)." + )] + auth_seed_passphrase: Option, + + #[structopt( + long, + short, + help = "Only print machine-readable output; intended for use by programs and scripts" + )] + quiet: bool, + }, + + #[structopt( + name = "sign", + about = "Produce the signed string needed to revoke a key given a revocation seed mnemonic and passphrase." + )] + Sign { + #[structopt( + help = "Public key to revoke/authorize (or any other string you want to sign with an auth/revocation key)" + )] + key: String, + + #[structopt( + long, + short, + help = "unsecurely pass passphrase to decrypt revocation seed (not reccomended). Will prompt if encrypted seed provided." + )] + passphrase: Option, + + #[structopt( + long, + short, + help = "Only print machine-readable output; intended for use by programs and scripts" + )] + quiet: bool, + + #[structopt(long, short, help = "How to interpred seed (revoke/auth)")] + sign_type: SignType, + }, +} + +impl Dpki { + pub fn execute(self) -> HcResult { + match self { + Self::GenRoot { passphrase, quiet } => genroot(passphrase, quiet), + Self::Keygen { + path, + keystore_passphrase, + nullpass, + quiet, + root_seed, + mnemonic_passphrase, + device_derivation_index, + } => keygen( + path, + keystore_passphrase, + nullpass, + mnemonic_passphrase, + root_seed, + Some(device_derivation_index), + quiet, + ) + .map(|_| "success".to_string()), + Self::GenRevoke { + derivation_index, + root_seed_passphrase, + revocation_seed_passphrase, + quiet, + } => genrevoke( + root_seed_passphrase, + revocation_seed_passphrase, + derivation_index, + quiet, + ), + Self::GenAuth { + derivation_index, + root_seed_passphrase, + auth_seed_passphrase, + quiet, + } => genauth( + root_seed_passphrase, + auth_seed_passphrase, + derivation_index, + quiet, + ), + Self::Sign { + passphrase, + key, + sign_type, + quiet, + } => sign(passphrase, key, sign_type, quiet), + } + } +} + +fn genroot(passphrase: Option, quiet: bool) -> HcResult { + user_prompt( + "This will generate a new random DPKI root seed. +You should only have to do this once and you should keep the seed safe. +It will be printed out once as a mnemonic at the end of this process. +The root seed can be used to generate new device, revocation and auth keys.\n", + quiet, + ); + + let passphrase = passphrase.or_else(|| { + match user_prompt_yes_no("Would you like to encrypt the root seed?", quiet) { + true => Some( + get_secure_string_double_check("Root Seed Passphrase", quiet) + .expect("Could not read revocation passphrase"), + ), + false => None, + } + }); + println!(); + genroot_inner(passphrase) +} + +pub(crate) fn genroot_inner(passphrase: Option) -> HcResult { + let seed_buf = generate_random_seed_buf(); + let mut root_seed = RootSeed::new(seed_buf); + match passphrase { + Some(passphrase) => root_seed.encrypt(passphrase, None)?.get_mnemonic(), + None => root_seed.seed_mut().get_mnemonic(), + } +} + +fn genrevoke( + root_seed_passphrase: Option, + revocation_seed_passphrase: Option, + derivation_index: u64, + quiet: bool, +) -> HcResult { + user_prompt( + "This will generate a new revocation seed derived from a root seed. +This can be used to revoke access to keys you have previously authorized.\n", + quiet, + ); + + let root_seed_mnemonic = get_secure_string_double_check("Root Seed", quiet)?; + let root_seed_passphrase = match root_seed_mnemonic.word_count() { + MNEMONIC_WORD_COUNT => None, // ignore any passphrase passed if it is an unencrypted mnemonic + ENCRYPTED_MNEMONIC_WORD_COUNT => root_seed_passphrase.or_else(|| { + Some( + get_secure_string_double_check("Root Seed Passphrase", quiet) + .expect("Could not read passphrase"), + ) + }), + _ => panic!("Invalid word count for mnemonic"), + }; + let revocation_seed_passphrase = + revocation_seed_passphrase.or_else(|| { + match user_prompt_yes_no("Would you like to encrypt the revocation seed?", quiet) { + true => Some( + get_secure_string_double_check("Revocation Seed Passphrase", quiet) + .expect("Could not read revocation passphrase"), + ), + false => None, + } + }); + println!(); + let (mnemonic, pubkey) = genauth_genrevoke_inner( + root_seed_mnemonic, + root_seed_passphrase, + revocation_seed_passphrase, + derivation_index, + SignType::Revoke, + )?; + Ok(format!("Public Key: {}\n\nMnemonic: {}", pubkey, mnemonic)) +} + +fn genauth( + root_seed_passphrase: Option, + auth_seed_passphrase: Option, + derivation_index: u64, + quiet: bool, +) -> HcResult { + user_prompt( + "This will generate a new authorization seed derived from a root seed. +This can be used to authorize new keys in DPKI.\n", + quiet, + ); + + let root_seed_mnemonic = get_secure_string_double_check("Root Seed", quiet)?; + let root_seed_passphrase = match root_seed_mnemonic.word_count() { + MNEMONIC_WORD_COUNT => None, // ignore any passphrase passed if it is an unencrypted mnemonic + ENCRYPTED_MNEMONIC_WORD_COUNT => root_seed_passphrase.or_else(|| { + Some( + get_secure_string_double_check("Root Seed Passphrase", quiet) + .expect("Could not read passphrase"), + ) + }), + _ => panic!("Invalid word count for mnemonic"), + }; + let auth_seed_passphrase = auth_seed_passphrase.or_else(|| { + match user_prompt_yes_no("Would you like to encrypt the auth seed?", quiet) { + true => Some( + get_secure_string_double_check("Auth Seed Passphrase", quiet) + .expect("Could not read auth passphrase"), + ), + false => None, + } + }); + println!(); + let (mnemonic, pubkey) = genauth_genrevoke_inner( + root_seed_mnemonic, + root_seed_passphrase, + auth_seed_passphrase, + derivation_index, + SignType::Auth, + )?; + Ok(format!("Public Key: {}\n\nMnemonic: {}", pubkey, mnemonic)) +} + +fn genauth_genrevoke_inner( + root_seed_mnemonic: String, + root_seed_passphrase: Option, + new_seed_passphrase: Option, + derivation_index: u64, + key_type: SignType, +) -> HcResult<(String, String)> { + let mut root_seed = + match util::get_seed(root_seed_mnemonic, root_seed_passphrase, SeedType::Root)? { + TypedSeed::Root(s) => s, + _ => unreachable!(), + }; + + match key_type { + SignType::Revoke => { + let mut revocation_seed = root_seed.generate_revocation_seed(derivation_index)?; + let pubkey = revocation_seed + .generate_revocation_key(DEFAULT_REVOCATION_KEY_DEV_INDEX)? + .sign_keys + .public(); + match new_seed_passphrase { + Some(passphrase) => Ok(( + revocation_seed.encrypt(passphrase, None)?.get_mnemonic()?, + pubkey, + )), + None => Ok((revocation_seed.seed_mut().get_mnemonic()?, pubkey)), + } + } + SignType::Auth => { + // TODO: Allow different derivation paths for the auth key + let mut auth_seed = root_seed + .generate_device_seed(derivation_index)? + .generate_auth_seed(1)?; + let pubkey = auth_seed + .generate_auth_key(DEFAULT_AUTH_KEY_DEV_INDEX)? + .sign_keys + .public(); + match new_seed_passphrase { + Some(passphrase) => { + Ok((auth_seed.encrypt(passphrase, None)?.get_mnemonic()?, pubkey)) + } + None => Ok((auth_seed.seed_mut().get_mnemonic()?, pubkey)), + } + } + } +} + +fn sign( + passphrase: Option, + key_string: String, + sign_type: SignType, + quiet: bool, +) -> HcResult { + user_prompt("This will sign a given key/string with a auth/revocation key. +The resulting signed message can be used to publish a DPKI auth/revocation message which will auth/revoke a key.\n", quiet); + + let seed_mnemonic = get_secure_string_double_check("Seed", false)?; + let passphrase = match seed_mnemonic.word_count() { + MNEMONIC_WORD_COUNT => None, // ignore any passphrase passed if it is an unencrypted mnemonic + ENCRYPTED_MNEMONIC_WORD_COUNT => passphrase.or_else(|| { + Some( + get_secure_string_double_check("Seed Passphrase", quiet) + .expect("Could not read passphrase"), + ) + }), + _ => panic!("Invalid word count for mnemonic"), + }; + println!(); + sign_inner(seed_mnemonic, passphrase, key_string, sign_type) +} + +fn sign_inner( + seed_mnemonic: String, + passphrase: Option, + key_string: String, + sign_type: SignType, +) -> HcResult { + let mut keypair = match sign_type { + SignType::Revoke => { + let mut revocation_seed = + match util::get_seed(seed_mnemonic, passphrase, SeedType::Revocation)? { + TypedSeed::Revocation(s) => s, + _ => unreachable!(), + }; + revocation_seed.generate_revocation_key(DEFAULT_REVOCATION_KEY_DEV_INDEX)? + } + SignType::Auth => { + let mut auth_seed = match util::get_seed(seed_mnemonic, passphrase, SeedType::Auth)? { + TypedSeed::Auth(s) => s, + _ => unreachable!(), + }; + auth_seed.generate_auth_key(DEFAULT_AUTH_KEY_DEV_INDEX)? + } + }; + sign_with_key_from_seed(&mut keypair, key_string) +} + +fn sign_with_key_from_seed(keypair: &mut KeyBundle, key_string: String) -> HcResult { + let mut data_buf = SecBuf::with_insecure_from_string(key_string); + let mut signature_buf = keypair.sign(&mut data_buf)?; + let buf = signature_buf.read_lock(); + let signature_str = base64::encode(&**buf); + Ok(signature_str) +} + +#[cfg(test)] +pub mod tests { + + use super::*; + use holochain_core_types::signature::{Provenance, Signature}; + use holochain_dpki::{keypair::*, utils::Verify}; + use holochain_persistence_api::cas::content::Address; + + #[test] + fn can_verify_signature() { + let payload = "test signing payload"; + let mut seed = generate_random_seed_buf(); + let sign_keys = SigningKeyPair::new_from_seed(&mut seed).unwrap(); + let enc_keys = EncryptingKeyPair::new_from_seed(&mut seed).unwrap(); + let mut key_bundle = KeyBundle::new(sign_keys, enc_keys).unwrap(); + + let sig = sign_with_key_from_seed(&mut key_bundle, payload.to_string()).unwrap(); + + let prov = Provenance::new( + Address::from(key_bundle.sign_keys.public), + Signature::from(sig), + ); + assert!(prov.verify(payload.to_string()).unwrap()); + } +} diff --git a/crates/cli/src/cli/keygen.rs b/crates/cli/src/cli/keygen.rs index 7058664650..bd635695df 100644 --- a/crates/cli/src/cli/keygen.rs +++ b/crates/cli/src/cli/keygen.rs @@ -1,48 +1,106 @@ -use crate::NEW_RELIC_LICENSE_KEY; -use error::DefaultResult; use holochain_common::paths::keys_directory; -use holochain_conductor_lib::{key_loaders::mock_passphrase_manager, keystore::Keystore}; -use rpassword; +use holochain_conductor_lib::{ + key_loaders::mock_passphrase_manager, + keystore::{Keystore, PRIMARY_KEYBUNDLE_ID}, +}; +use holochain_core_types::error::HcResult; +use holochain_locksmith::Mutex; +use holochain_dpki::seed::{SeedType, TypedSeed}; use std::{ fs::create_dir_all, io::{self, Write}, path::PathBuf, + sync::Arc, }; +use util::{get_secure_string_double_check, get_seed, user_prompt}; -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_CLI)] -pub fn keygen(path: Option, passphrase: Option, quiet: bool) -> DefaultResult<()> { - let passphrase = passphrase.unwrap_or_else(|| { - if !quiet { - println!( - " -This will create a new agent keystore and populate it with an agent keybundle +pub fn keygen( + path: Option, + keystore_passphrase: Option, + nullpass: bool, + mnemonic_passphrase: Option, + root_seed_mnemonic: Option, + device_derivation_index: Option, + quiet: bool, +) -> HcResult<()> { + user_prompt( + "This will create a new agent keystore and populate it with an agent keybundle containing a public and a private key, for signing and encryption by the agent. This keybundle will be stored encrypted by passphrase within the keystore file. The passphrase is securing the keys and will be needed, together with the file, -in order to use the key. -Please enter a secret passphrase below. You will have to enter it again -when unlocking the keybundle to use within a Holochain conductor." +in order to use the key.\n", + quiet, + ); + + let keystore_passphrase = match (keystore_passphrase, nullpass) { + (None, true) => String::from(holochain_common::DEFAULT_PASSPHRASE), + (Some(s), false) => s, + (Some(_), true) => panic!( + "Invalid combination of args. Cannot pass --nullpass and also provide a passphrase" + ), + (None, false) => { + // prompt for the passphrase + user_prompt( + "Please enter a secret passphrase below. You will have to enter it again +when unlocking the keybundle to use within a Holochain conductor.\n", + quiet, ); - print!("Passphrase: "); - io::stdout().flush().expect("Could not flush stdout"); - } - let passphrase1 = rpassword::read_password().unwrap(); - if !quiet { - print!("Re-enter passphrase: "); io::stdout().flush().expect("Could not flush stdout"); + get_secure_string_double_check("keystore Passphrase", quiet) + .expect("Could not retrieve passphrase") } - let passphrase2 = rpassword::read_password().unwrap(); - if passphrase1 != passphrase2 { - println!("Passphrases do not match. Please retry..."); - ::std::process::exit(1); - } - passphrase1 - }); + }; - if !quiet { - println!("Generating keystore (this will take a few moments)..."); - } - let (keystore, pub_key) = Keystore::new_standalone(mock_passphrase_manager(passphrase), None)?; + let (keystore, pub_key) = if let Some(derivation_index) = device_derivation_index { + user_prompt("This keystore is to be generated from a DPKI root seed. You can regenerate this keystore at any time by using the same root key mnemonic and device derivation index.", quiet); + + let root_seed_mnemonic = root_seed_mnemonic.unwrap_or_else(|| { + get_secure_string_double_check("Root Seed Mnemonic", quiet) + .expect("Could not retrieve mnemonic") + }); + + match root_seed_mnemonic.split(" ").count() { + 24 => { + // unencrypted mnemonic + user_prompt( + "Generating keystore (this will take a few moments)...", + quiet, + ); + keygen_dpki( + root_seed_mnemonic, + None, + derivation_index, + keystore_passphrase, + )? + } + 48 => { + // encrypted mnemonic + let mnemonic_passphrase = mnemonic_passphrase.unwrap_or_else(|| { + get_secure_string_double_check("Root Seed Mnemonic passphrase", quiet) + .expect("Could not retrieve mnemonic passphrase") + }); + user_prompt( + "Generating keystore (this will take a few moments)...", + quiet, + ); + keygen_dpki( + root_seed_mnemonic, + Some(mnemonic_passphrase), + derivation_index, + keystore_passphrase, + )? + } + _ => panic!( + "Invalid number of words in mnemonic. Must be 24 (unencrypted) or 48 (encrypted)" + ), + } + } else { + user_prompt( + "Generating keystore (this will take a few moments)...", + quiet, + ); + keygen_standalone(keystore_passphrase)? + }; let path = if None == path { let p = keys_directory(); @@ -70,21 +128,52 @@ when unlocking the keybundle to use within a Holochain conductor." Ok(()) } +fn keygen_standalone(keystore_passphrase: String) -> HcResult<(Keystore, String)> { + Keystore::new_standalone(mock_passphrase_manager(keystore_passphrase), None) +} + +fn keygen_dpki( + root_seed_mnemonic: String, + root_seed_passphrase: Option, + derivation_index: u64, + keystore_passphrase: String, +) -> HcResult<(Keystore, String)> { + let mut root_seed = match get_seed(root_seed_mnemonic, root_seed_passphrase, SeedType::Root)? { + TypedSeed::Root(s) => s, + _ => unreachable!(), + }; + let mut keystore = Keystore::new(mock_passphrase_manager(keystore_passphrase), None)?; + let device_seed = root_seed.generate_device_seed(derivation_index)?; + keystore.add("device_seed", Arc::new(Mutex::new(device_seed.into())))?; + let (pub_key, _) = keystore.add_keybundle_from_seed("device_seed", PRIMARY_KEYBUNDLE_ID)?; + Ok((keystore, pub_key)) +} + #[cfg(test)] pub mod test { use super::*; - use holochain_conductor_lib::{ + use cli::dpki; + use holochain_conductor_api::{ key_loaders::mock_passphrase_manager, keystore::{Keystore, PRIMARY_KEYBUNDLE_ID}, }; use std::{fs::remove_file, path::PathBuf}; #[test] - fn keygen_roundtrip() { + fn keygen_roundtrip_no_dpki() { let path = PathBuf::new().join("test.key"); let passphrase = String::from("secret"); - keygen(Some(path.clone()), Some(passphrase.clone()), true).expect("Keygen should work"); + keygen( + Some(path.clone()), + Some(passphrase.clone()), + false, + None, + None, + None, + true, + ) + .expect("Keygen should work"); let mut keystore = Keystore::new_from_file(path.clone(), mock_passphrase_manager(passphrase), None) @@ -96,4 +185,38 @@ pub mod test { let _ = remove_file(path); } + + #[test] + fn keygen_roundtrip_with_dpki() { + let path = PathBuf::new().join("test_dpki.key"); + let keystore_passphrase = String::from("secret_dpki"); + let mnemonic_passphrase = String::from("dummy passphrase"); + + let mnemonic = dpki::genroot_inner(Some(mnemonic_passphrase.clone())) + .expect("Could not generate root seed mneomonic"); + + keygen( + Some(path.clone()), + Some(keystore_passphrase.clone()), + false, + Some(mnemonic_passphrase), + Some(mnemonic), + Some(1), + true, + ) + .expect("Keygen should work"); + + let mut keystore = Keystore::new_from_file( + path.clone(), + mock_passphrase_manager(keystore_passphrase), + None, + ) + .unwrap(); + + let keybundle = keystore.get_keybundle(PRIMARY_KEYBUNDLE_ID); + + assert!(keybundle.is_ok()); + + let _ = remove_file(path); + } } diff --git a/crates/cli/src/cli/mod.rs b/crates/cli/src/cli/mod.rs index f606459e65..2626bbe198 100644 --- a/crates/cli/src/cli/mod.rs +++ b/crates/cli/src/cli/mod.rs @@ -1,6 +1,7 @@ mod chain_log; mod generate; mod hash_dna; +mod dpki; pub mod init; mod keygen; pub mod package; @@ -11,6 +12,7 @@ pub mod test; pub use self::{ chain_log::{chain_list, chain_log}, generate::generate, + dpki::Dpki, hash_dna::hash_dna, init::init, keygen::keygen, diff --git a/crates/cli/src/main.rs b/crates/cli/src/main.rs index b01bce5ba5..612b92065a 100755 --- a/crates/cli/src/main.rs +++ b/crates/cli/src/main.rs @@ -27,6 +27,7 @@ extern crate serde_json; extern crate dns_lookup; extern crate flate2; extern crate glob; +extern crate holochain_dpki; extern crate ignore; extern crate in_stream; extern crate rpassword; @@ -40,7 +41,10 @@ mod config_files; mod error; mod util; -use crate::error::{HolochainError, HolochainResult}; +use crate::{ + cli::Dpki, + error::{HolochainError, HolochainResult}, +}; use holochain_conductor_lib::happ_bundle::HappBundle; use std::{fs::File, io::Read, path::PathBuf, str::FromStr}; use structopt::{clap::arg_enum, StructOpt}; @@ -129,10 +133,25 @@ enum Cli { #[structopt(long, short)] /// Only print machine-readable output; intended for use by programs and scripts quiet: bool, - #[structopt(long, short)] + #[structopt( + long, + short, + help = "Use insecure, hard-wired passphrase for testing and Don't ask for passphrase" + )] /// Don't ask for passphrase nullpass: bool, + #[structopt( + long, + short, + help = "Set passphrase via argument and don't prompt for it (not reccomended)" + )] + passphrase: Option, }, + #[structopt( + name = "dpki-init", + alias = "d", + about = "Generates a new DPKI root seed and outputs the encrypted key as a BIP39 mnemonic" + )] #[structopt(name = "chain")] /// View the contents of a source chain ChainLog { @@ -156,6 +175,12 @@ enum Cli { /// Property (in the form 'name=value') that gets set/overwritten before calculating hash property: Option>, }, + #[structopt( + name = "dpki", + alias = "d", + about = "Operations to manage keys for DPKI" + )] + Dpki(Dpki), Sim2hClient { #[structopt(long, short = "u")] /// url of the sim2h server @@ -294,15 +319,14 @@ fn run() -> HolochainResult<()> { path, quiet, nullpass, - } => { - let passphrase = if nullpass { - Some(String::from(holochain_common::DEFAULT_PASSPHRASE)) - } else { - None - }; - cli::keygen(path, passphrase, quiet) - .map_err(|e| HolochainError::Default(format_err!("{}", e)))? - } + passphrase, + } => cli::keygen(path, passphrase, nullpass, None, None, None, quiet) + .map_err(|e| HolochainError::Default(format_err!("{}", e)))?, + + Cli::Dpki(dpki) => dpki + .execute() + .map(|result| println!("{}", result)) + .map_err(|e| HolochainError::Default(format_err!("{}", e)))?, Cli::ChainLog { instance_id, diff --git a/crates/cli/src/util.rs b/crates/cli/src/util.rs index 44913e49ba..8eec0cdf91 100644 --- a/crates/cli/src/util.rs +++ b/crates/cli/src/util.rs @@ -1,13 +1,79 @@ use crate::{error::DefaultResult, NEW_RELIC_LICENSE_KEY}; use colored::*; pub use holochain_common::paths::DNA_EXTENSION; +use holochain_core_types::error::HcResult; +use holochain_dpki::seed::{EncryptedSeed, MnemonicableSeed, Seed, SeedType, TypedSeed}; +use rpassword; +use std::io::stdin; use std::{ fs, - io::ErrorKind, + io::{self, ErrorKind, Write}, path::PathBuf, process::{Command, Stdio}, }; +pub fn get_secure_string_double_check(name: &str, quiet: bool) -> HcResult { + if !quiet { + print!("Enter {}: ", name); + io::stdout().flush()?; + } + let retrieved_str_1 = rpassword::read_password()?; + if !quiet { + print!("Re-enter {}: ", name); + io::stdout().flush()?; + } + let retrieved_str_2 = rpassword::read_password()?; + if retrieved_str_1 != retrieved_str_2 { + panic!("Root seeds do not match. Aborting"); + } + Ok(retrieved_str_1) +} + +pub fn user_prompt(message: &str, quiet: bool) { + if !quiet { + println!("{}", message); + } +} + +pub fn user_prompt_yes_no(message: &str, quiet: bool) -> bool { + user_prompt(format!("{} (Y/n)", message).as_str(), quiet); + let mut input = String::new(); + stdin() + .read_line(&mut input) + .expect("Could not read from stdin"); + match input.as_str() { + "Y\n" => true, + "n\n" => false, + _ => panic!(format!("Invalid response: {}", input)), + } +} + +/// Retrieve a seed from a BIP39 mnemonic +/// If a passphrase is provided assume it is encrypted and decrypt it +/// If not then assume it is unencrypted +pub fn get_seed( + seed_mnemonic: String, + passphrase: Option, + seed_type: SeedType, +) -> HcResult { + match passphrase { + Some(passphrase) => { + EncryptedSeed::new_with_mnemonic(seed_mnemonic, seed_type)?.decrypt(passphrase, None) + } + None => Seed::new_with_mnemonic(seed_mnemonic, seed_type)?.into_typed(), + } +} + +pub trait WordCountable { + fn word_count(&self) -> usize; +} + +impl WordCountable for String { + fn word_count(&self) -> usize { + self.split(" ").count() + } +} + #[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_CLI)] pub fn run_cmd(base_path: &PathBuf, bin: String, args: &[&str]) -> DefaultResult<()> { let pretty_command = format!("{} {}", bin.green(), args.join(" ").cyan()); diff --git a/crates/conductor_lib/src/keystore.rs b/crates/conductor_lib/src/keystore.rs index 62eddb9d3f..b003b70ee7 100644 --- a/crates/conductor_lib/src/keystore.rs +++ b/crates/conductor_lib/src/keystore.rs @@ -7,7 +7,7 @@ use holochain_dpki::{ key_blob::{BlobType, Blobbable, KeyBlob}, key_bundle::KeyBundle, keypair::{EncryptingKeyPair, KeyPair, SigningKeyPair}, - seed::Seed, + seed::{Seed, SeedTrait}, utils::{ decrypt_with_passphrase_buf, encrypt_with_passphrase_buf, generate_derived_seed_buf, generate_random_buf, SeedContext, @@ -46,6 +46,12 @@ pub enum Secret { Seed(SecBuf), } +impl From for Secret { + fn from(s: S) -> Self { + Secret::Seed(s.seed().buf.clone()) + } +} + pub enum KeyType { Signing, Encrypting, @@ -668,7 +674,7 @@ pub mod tests { } #[test] - fn test_keystore_add_random_seed() { + fn test_keystore_add_seed_functions() { let mut keystore = new_test_keystore(random_test_passphrase()); assert_eq!(keystore.add_random_seed("my_root_seed", SEED_SIZE), Ok(())); @@ -679,6 +685,26 @@ pub mod tests { "identifier already exists".to_string() )) ); + // Confirm we can round-trip a specific seed value through the Keystore + let seed: [u8; SEED_SIZE] = [ + 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, + 24, 25, 26, 27, 28, 29, 30, 31, + ]; + assert_eq!(keystore.add_seed("my_custom_seed", &seed), Ok(())); + assert_eq!( + keystore.list(), + vec!["my_custom_seed".to_string(), "my_root_seed".to_string(),] + ); + + let got_seed = match *keystore.get("my_custom_seed").unwrap().lock().unwrap() { + Secret::Seed(ref mut buf) => { + let lock = buf.read_lock(); + format!("{:?}", *lock) + } + _ => unreachable!(), + }; + assert_eq!(got_seed, + "[0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31]"); } #[test] diff --git a/crates/dpki/src/keypair.rs b/crates/dpki/src/keypair.rs index 7333e6f9c3..29dc9f2314 100755 --- a/crates/dpki/src/keypair.rs +++ b/crates/dpki/src/keypair.rs @@ -329,4 +329,24 @@ mod tests { let succeeded = sign_keys.verify(&mut message, &mut signature); assert!(!succeeded); } + + #[test] + fn keypair_should_generate_consistent_keys() { + let mut seed = SecBuf::with_insecure(32); + seed.from_array(&[ + 0u8, 1u8, 2u8, 3u8, 4u8, 5u8, 6u8, 7u8, 8u8, 9u8, + 10u8, 11u8, 12u8, 13u8, 14u8, 15u8, 16u8, 17u8, 18u8, 19u8, + 20u8, 21u8, 22u8, 23u8, 24u8, 25u8, 26u8, 27u8, 28u8, 29u8, + 30u8,255u8, + ]).unwrap(); + let mut keypair = SigningKeyPair::new_from_seed(&mut seed).expect("Failed to generate keypair"); + + assert_eq!(keypair.public(), "HcSciPgAEa7N4e6os7X7zK4JdbXnmxygkVVkHChDT3cbuh3wByfwzx9SNuo9xbz"); + + // ed25519 Private Keys + let pk = keypair.private().read_lock(); + assert_eq!(format!("{:?}", *pk), + "[0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 255, 56, 192, 32, 58, 205, 19, 141, 143, 109, 220, 43, 73, 24, 108, 197, 218, 230, 85, 40, 163, 136, 227, 150, 68, 25, 159, 53, 13, 203, 92, 91, 241]" + ); + } } diff --git a/crates/dpki/src/lib.rs b/crates/dpki/src/lib.rs index 725035c58a..bf80df65e5 100644 --- a/crates/dpki/src/lib.rs +++ b/crates/dpki/src/lib.rs @@ -12,6 +12,9 @@ extern crate holochain_common; pub const CONTEXT_SIZE: usize = 8; pub const SEED_SIZE: usize = 32; pub const AGENT_ID_CTX: [u8; 8] = *b"HCAGNTID"; +pub const DEVICE_CTX: [u8; 8] = *b"HCDEVICE"; +pub const REVOKE_CTX: [u8; 8] = *b"HCREVOKE"; +pub const AUTH_CTX: [u8; 8] = *b"HCAUTHRZ"; pub(crate) const SIGNATURE_SIZE: usize = 64; lazy_static! { diff --git a/crates/dpki/src/seed.rs b/crates/dpki/src/seed.rs index db4eb81650..aca5597f26 100644 --- a/crates/dpki/src/seed.rs +++ b/crates/dpki/src/seed.rs @@ -2,7 +2,7 @@ use crate::{ key_bundle::KeyBundle, password_encryption::*, utils::{generate_derived_seed_buf, SeedContext}, - AGENT_ID_CTX, NEW_RELIC_LICENSE_KEY, SEED_SIZE, + AGENT_ID_CTX, AUTH_CTX, DEVICE_CTX, REVOKE_CTX, SEED_SIZE, }; use bip39::{Language, Mnemonic, MnemonicType}; use holochain_core_types::error::{HcResult, HolochainError}; @@ -31,6 +31,8 @@ pub enum SeedType { Root, /// Revocation seed Revocation, + /// Auth seed + Auth, /// Device seed Device, /// Derivative of a Device seed with a PIN @@ -48,6 +50,8 @@ pub enum TypedSeed { Root(RootSeed), Device(DeviceSeed), DevicePin(DevicePinSeed), + Revocation(RevocationSeed), + Auth(AuthSeed), } /// Common Trait for TypedSeeds @@ -69,12 +73,16 @@ pub trait SeedTrait { } } + +/// Implement the API to create new Seeds from BIP39 Mnemonics, and to output various Seeds as BIP32 +/// Mnemonics. Some formats require mutability in order to perform this conversion; for example, a +/// Seed w/ a SecBuf will require it to be set to readable before its contents can be accessed. pub trait MnemonicableSeed where Self: Sized, { fn new_with_mnemonic(phrase: String, seed_type: SeedType) -> HcResult; - fn get_mnemonic(&mut self) -> HcResult; + fn get_mnemonic(&self) -> HcResult; } //-------------------------------------------------------------------------------------------------- @@ -88,7 +96,6 @@ pub struct Seed { pub buf: SecBuf, } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl Seed { pub fn new(seed_buf: SecBuf, seed_type: SeedType) -> Self { assert_eq!(seed_buf.len(), SEED_SIZE); @@ -114,8 +121,10 @@ impl Seed { SeedType::Root => Ok(TypedSeed::Root(RootSeed::new(self.buf))), SeedType::Device => Ok(TypedSeed::Device(DeviceSeed::new(self.buf))), SeedType::DevicePin => Ok(TypedSeed::DevicePin(DevicePinSeed::new(self.buf))), + SeedType::Revocation => Ok(TypedSeed::Revocation(RevocationSeed::new(self.buf))), + SeedType::Auth => Ok(TypedSeed::Auth(AuthSeed::new(self.buf))), _ => Err(HolochainError::ErrorGeneric( - "Seed does have specific behavior for its type".to_string(), + "Seed does not have specific behavior for its type".to_string(), )), } } @@ -141,14 +150,16 @@ impl MnemonicableSeed for Seed { /// Generate a mnemonic for the seed. // TODO: We need some way of zeroing the internal memory used by mnemonic - fn get_mnemonic(&mut self) -> HcResult { - let entropy = self.buf.read_lock(); + fn get_mnemonic(&self) -> HcResult { + let mut buf = self.buf.clone(); + let entropy = buf.read_lock(); let e = &*entropy; let mnemonic = Mnemonic::from_entropy(e, Language::English).map_err(|e| { HolochainError::ErrorGeneric(format!("Error generating Mnemonic phrase: {}", e)) })?; Ok(mnemonic.into_phrase()) } + } //-------------------------------------------------------------------------------------------------- @@ -160,7 +171,6 @@ pub struct RootSeed { inner: Seed, } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl SeedTrait for RootSeed { fn seed(&self) -> &Seed { &self.inner @@ -170,7 +180,6 @@ impl SeedTrait for RootSeed { } } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl RootSeed { /// Construct from a 32 bytes seed buffer pub fn new(seed_buf: SecBuf) -> Self { @@ -179,17 +188,29 @@ impl RootSeed { } } - /// Generate Device Seed + // Generate Device Seed /// @param {number} index - the index number in this seed group, must not be zero pub fn generate_device_seed( &mut self, - seed_context: &SeedContext, index: u64, ) -> HcResult { + let device_ctx = SeedContext::new(REVOKE_CTX); let device_seed_buf = - generate_derived_seed_buf(&mut self.inner.buf, seed_context, index, SEED_SIZE)?; + generate_derived_seed_buf(&mut self.inner.buf, &device_ctx, index, SEED_SIZE)?; Ok(DeviceSeed::new(device_seed_buf)) } + + /// Generate Revocation Seed + /// @param {number} index - the index number in this seed group, must not be zero + pub fn generate_revocation_seed( + &mut self, + index: u64, + ) -> HcResult { + let seed_context = SeedContext::new(REVOKE_CTX); + let seed_buf = + generate_derived_seed_buf(&mut self.inner.buf, &seed_context, index, SEED_SIZE)?; + Ok(RevocationSeed::new(seed_buf)) + } } //-------------------------------------------------------------------------------------------------- @@ -201,7 +222,6 @@ pub struct DeviceSeed { inner: Seed, } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl SeedTrait for DeviceSeed { fn seed(&self) -> &Seed { &self.inner @@ -211,7 +231,6 @@ impl SeedTrait for DeviceSeed { } } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl DeviceSeed { /// Construct from a 32 bytes seed buffer pub fn new(seed_buf: SecBuf) -> Self { @@ -221,7 +240,7 @@ impl DeviceSeed { } /// generate a device pin seed by applying pwhash of pin with this seed as the salt - /// @param {string} pin - should be >= 4 characters 1-9 + /// @param {string} pin - should be >= 4 characters 0-9 /// @return {DevicePinSeed} Resulting Device Pin Seed pub fn generate_device_pin_seed( &mut self, @@ -232,6 +251,18 @@ impl DeviceSeed { pw_hash(pin, &mut self.inner.buf, &mut hash, config)?; Ok(DevicePinSeed::new(hash)) } + + /// Generate Auth Seed + /// @param {number} index - the index number in this seed group, must not be zero + pub fn generate_auth_seed( + &mut self, + index: u64, + ) -> HcResult { + let seed_context = SeedContext::new(AUTH_CTX); + let seed_buf = + generate_derived_seed_buf(&mut self.inner.buf, &seed_context, index, SEED_SIZE)?; + Ok(AuthSeed::new(seed_buf)) + } } //-------------------------------------------------------------------------------------------------- @@ -243,7 +274,6 @@ pub struct DevicePinSeed { inner: Seed, } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl SeedTrait for DevicePinSeed { fn seed(&self) -> &Seed { &self.inner @@ -253,7 +283,6 @@ impl SeedTrait for DevicePinSeed { } } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl DevicePinSeed { /// Construct from a 32 bytes seed buffer pub fn new(seed_buf: SecBuf) -> Self { @@ -278,6 +307,91 @@ impl DevicePinSeed { } } +//-------------------------------------------------------------------------------------------------- +// Revocation Seed +//-------------------------------------------------------------------------------------------------- + +#[derive(Debug)] +pub struct RevocationSeed { + inner: Seed, +} + +impl SeedTrait for RevocationSeed { + fn seed(&self) -> &Seed { + &self.inner + } + fn seed_mut(&mut self) -> &mut Seed { + &mut self.inner + } +} + +impl RevocationSeed { + /// Construct from a 32 bytes seed buffer + pub fn new(seed_buf: SecBuf) -> Self { + RevocationSeed { + inner: Seed::new_with_initializer( + SeedInitializer::Seed(seed_buf), + SeedType::Revocation, + ), + } + } + + /// Generate a revocation key + pub fn generate_revocation_key(&mut self, derivation_index: u64) -> HcResult { + let mut ref_seed_buf = SecBuf::with_secure(SEED_SIZE); + let context = SeedContext::new(DEVICE_CTX); + let mut context = context.to_sec_buf(); + kdf::derive( + &mut ref_seed_buf, + derivation_index, + &mut context, + &mut self.inner.buf, + )?; + Ok(KeyBundle::new_from_seed_buf(&mut ref_seed_buf)?) + } +} + +//-------------------------------------------------------------------------------------------------- +// Auth Seed +//-------------------------------------------------------------------------------------------------- + +#[derive(Debug)] +pub struct AuthSeed { + inner: Seed, +} + +impl SeedTrait for AuthSeed { + fn seed(&self) -> &Seed { + &self.inner + } + fn seed_mut(&mut self) -> &mut Seed { + &mut self.inner + } +} + +impl AuthSeed { + /// Construct from a 32 bytes seed buffer + pub fn new(seed_buf: SecBuf) -> Self { + AuthSeed { + inner: Seed::new_with_initializer(SeedInitializer::Seed(seed_buf), SeedType::Auth), + } + } + + /// Generate a revocation key + pub fn generate_auth_key(&mut self, derivation_index: u64) -> HcResult { + let mut ref_seed_buf = SecBuf::with_secure(SEED_SIZE); + let context = SeedContext::new(DEVICE_CTX); + let mut context = context.to_sec_buf(); + kdf::derive( + &mut ref_seed_buf, + derivation_index, + &mut context, + &mut self.inner.buf, + )?; + Ok(KeyBundle::new_from_seed_buf(&mut ref_seed_buf)?) + } +} + //-------------------------------------------------------------------------------------------------- // Encrypted Seed //-------------------------------------------------------------------------------------------------- @@ -287,7 +401,6 @@ pub struct EncryptedSeed { data: EncryptedData, } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl EncryptedSeed { fn new(data: EncryptedData, kind: SeedType) -> Self { Self { kind, data } @@ -308,7 +421,6 @@ impl EncryptedSeed { } } -#[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_DPKI)] impl MnemonicableSeed for EncryptedSeed { fn new_with_mnemonic(phrase: String, seed_type: SeedType) -> HcResult { // split out the two phrases, decode then combine the bytes @@ -341,7 +453,7 @@ impl MnemonicableSeed for EncryptedSeed { /// Generate a mnemonic for the seed. /// Encrypted seeds produce a 48 word mnemonic as the encrypted output also contains auth bytes and salt bytes /// which adds an extra 32 bytes. This fits nicely into two 24 word BIP39 mnemonics. - fn get_mnemonic(&mut self) -> HcResult { + fn get_mnemonic(&self) -> HcResult { let bytes: Vec = self .data .cipher @@ -398,14 +510,13 @@ mod tests { #[test] fn it_should_create_a_device_seed() { let seed_buf = generate_random_seed_buf(); - let context = SeedContext::new(*b"HCDEVICE"); let mut root_seed = RootSeed::new(seed_buf); - let mut device_seed_3 = root_seed.generate_device_seed(&context, 3).unwrap(); + let mut device_seed_3 = root_seed.generate_device_seed(3).unwrap(); assert_eq!(SeedType::Device, device_seed_3.seed().kind); - let _ = root_seed.generate_device_seed(&context, 0).unwrap_err(); - let mut device_seed_1 = root_seed.generate_device_seed(&context, 1).unwrap(); - let mut device_seed_3_b = root_seed.generate_device_seed(&context, 3).unwrap(); + let _ = root_seed.generate_device_seed(0).unwrap_err(); + let mut device_seed_1 = root_seed.generate_device_seed(1).unwrap(); + let mut device_seed_3_b = root_seed.generate_device_seed(3).unwrap(); assert!( device_seed_3 .seed_mut() @@ -427,9 +538,8 @@ mod tests { let seed_buf = generate_random_seed_buf(); let mut pin = generate_random_seed_buf(); - let context = SeedContext::new(*b"HCDEVICE"); let mut root_seed = RootSeed::new(seed_buf); - let mut device_seed = root_seed.generate_device_seed(&context, 3).unwrap(); + let mut device_seed = root_seed.generate_device_seed(3).unwrap(); let device_pin_seed = device_seed .generate_device_pin_seed(&mut pin, TEST_CONFIG) .unwrap(); @@ -441,9 +551,8 @@ mod tests { let seed_buf = generate_random_seed_buf(); let mut pin = generate_random_seed_buf(); - let context = SeedContext::new(*b"HCDEVICE"); let mut rs = RootSeed::new(seed_buf); - let mut ds = rs.generate_device_seed(&context, 3).unwrap(); + let mut ds = rs.generate_device_seed(3).unwrap(); let mut dps = ds.generate_device_pin_seed(&mut pin, TEST_CONFIG).unwrap(); let mut keybundle_5 = dps.generate_dna_key(5).unwrap(); @@ -537,7 +646,7 @@ mod tests { TypedSeed::Root(s) => s, _ => unreachable!(), }; - let mut enc_seed = seed.encrypt("some passphrase".to_string(), None).unwrap(); + let enc_seed = seed.encrypt("some passphrase".to_string(), None).unwrap(); let mnemonic = enc_seed.get_mnemonic().unwrap(); println!("mnemonic: {:?}", mnemonic); assert_eq!( From 379b6d819cd937512d4a6650653b7483a99fe451 Mon Sep 17 00:00:00 2001 From: zo-el Date: Mon, 17 Feb 2020 17:06:19 -0600 Subject: [PATCH 2/5] fmt --- crates/cli/src/cli/keygen.rs | 2 +- crates/cli/src/cli/mod.rs | 4 ++-- crates/cli/src/main.rs | 2 +- crates/cli/src/util.rs | 3 +-- .../src/nucleus/validation/agent_entry.rs | 2 +- crates/dpki/src/keypair.rs | 20 +++++++++++-------- crates/dpki/src/seed.rs | 17 +++------------- crates/metrics/src/stats.rs | 3 +-- crates/sim2h/src/lib.rs | 2 +- crates/sim2h/src/sim2h_im_state.rs | 6 +++--- 10 files changed, 26 insertions(+), 35 deletions(-) diff --git a/crates/cli/src/cli/keygen.rs b/crates/cli/src/cli/keygen.rs index bd635695df..c8cc36e7f9 100644 --- a/crates/cli/src/cli/keygen.rs +++ b/crates/cli/src/cli/keygen.rs @@ -4,8 +4,8 @@ use holochain_conductor_lib::{ keystore::{Keystore, PRIMARY_KEYBUNDLE_ID}, }; use holochain_core_types::error::HcResult; -use holochain_locksmith::Mutex; use holochain_dpki::seed::{SeedType, TypedSeed}; +use holochain_locksmith::Mutex; use std::{ fs::create_dir_all, io::{self, Write}, diff --git a/crates/cli/src/cli/mod.rs b/crates/cli/src/cli/mod.rs index 2626bbe198..532d418aad 100644 --- a/crates/cli/src/cli/mod.rs +++ b/crates/cli/src/cli/mod.rs @@ -1,7 +1,7 @@ mod chain_log; +mod dpki; mod generate; mod hash_dna; -mod dpki; pub mod init; mod keygen; pub mod package; @@ -11,8 +11,8 @@ pub mod test; pub use self::{ chain_log::{chain_list, chain_log}, - generate::generate, dpki::Dpki, + generate::generate, hash_dna::hash_dna, init::init, keygen::keygen, diff --git a/crates/cli/src/main.rs b/crates/cli/src/main.rs index 612b92065a..8ae4b543af 100755 --- a/crates/cli/src/main.rs +++ b/crates/cli/src/main.rs @@ -148,7 +148,7 @@ enum Cli { passphrase: Option, }, #[structopt( - name = "dpki-init", + name = "dpki-init", alias = "d", about = "Generates a new DPKI root seed and outputs the encrypted key as a BIP39 mnemonic" )] diff --git a/crates/cli/src/util.rs b/crates/cli/src/util.rs index 8eec0cdf91..a9b8c20c86 100644 --- a/crates/cli/src/util.rs +++ b/crates/cli/src/util.rs @@ -4,10 +4,9 @@ pub use holochain_common::paths::DNA_EXTENSION; use holochain_core_types::error::HcResult; use holochain_dpki::seed::{EncryptedSeed, MnemonicableSeed, Seed, SeedType, TypedSeed}; use rpassword; -use std::io::stdin; use std::{ fs, - io::{self, ErrorKind, Write}, + io::{self, stdin, ErrorKind, Write}, path::PathBuf, process::{Command, Stdio}, }; diff --git a/crates/core/src/nucleus/validation/agent_entry.rs b/crates/core/src/nucleus/validation/agent_entry.rs index 5a21a06404..2ccbfcfbbb 100644 --- a/crates/core/src/nucleus/validation/agent_entry.rs +++ b/crates/core/src/nucleus/validation/agent_entry.rs @@ -15,7 +15,7 @@ use holochain_core_types::{ use holochain_persistence_api::cas::content::AddressableContent; use holochain_wasm_utils::api_serialization::validation::AgentIdValidationArgs; -use futures::{future, future::FutureExt}; +use futures::future::{self, FutureExt}; use std::sync::Arc; #[holochain_tracing_macros::newrelic_autotrace(HOLOCHAIN_CORE)] diff --git a/crates/dpki/src/keypair.rs b/crates/dpki/src/keypair.rs index 29dc9f2314..49011127d2 100755 --- a/crates/dpki/src/keypair.rs +++ b/crates/dpki/src/keypair.rs @@ -334,14 +334,18 @@ mod tests { fn keypair_should_generate_consistent_keys() { let mut seed = SecBuf::with_insecure(32); seed.from_array(&[ - 0u8, 1u8, 2u8, 3u8, 4u8, 5u8, 6u8, 7u8, 8u8, 9u8, - 10u8, 11u8, 12u8, 13u8, 14u8, 15u8, 16u8, 17u8, 18u8, 19u8, - 20u8, 21u8, 22u8, 23u8, 24u8, 25u8, 26u8, 27u8, 28u8, 29u8, - 30u8,255u8, - ]).unwrap(); - let mut keypair = SigningKeyPair::new_from_seed(&mut seed).expect("Failed to generate keypair"); - - assert_eq!(keypair.public(), "HcSciPgAEa7N4e6os7X7zK4JdbXnmxygkVVkHChDT3cbuh3wByfwzx9SNuo9xbz"); + 0u8, 1u8, 2u8, 3u8, 4u8, 5u8, 6u8, 7u8, 8u8, 9u8, 10u8, 11u8, 12u8, 13u8, 14u8, 15u8, + 16u8, 17u8, 18u8, 19u8, 20u8, 21u8, 22u8, 23u8, 24u8, 25u8, 26u8, 27u8, 28u8, 29u8, + 30u8, 255u8, + ]) + .unwrap(); + let mut keypair = + SigningKeyPair::new_from_seed(&mut seed).expect("Failed to generate keypair"); + + assert_eq!( + keypair.public(), + "HcSciPgAEa7N4e6os7X7zK4JdbXnmxygkVVkHChDT3cbuh3wByfwzx9SNuo9xbz" + ); // ed25519 Private Keys let pk = keypair.private().read_lock(); diff --git a/crates/dpki/src/seed.rs b/crates/dpki/src/seed.rs index aca5597f26..5eb671766c 100644 --- a/crates/dpki/src/seed.rs +++ b/crates/dpki/src/seed.rs @@ -73,7 +73,6 @@ pub trait SeedTrait { } } - /// Implement the API to create new Seeds from BIP39 Mnemonics, and to output various Seeds as BIP32 /// Mnemonics. Some formats require mutability in order to perform this conversion; for example, a /// Seed w/ a SecBuf will require it to be set to readable before its contents can be accessed. @@ -159,7 +158,6 @@ impl MnemonicableSeed for Seed { })?; Ok(mnemonic.into_phrase()) } - } //-------------------------------------------------------------------------------------------------- @@ -190,10 +188,7 @@ impl RootSeed { // Generate Device Seed /// @param {number} index - the index number in this seed group, must not be zero - pub fn generate_device_seed( - &mut self, - index: u64, - ) -> HcResult { + pub fn generate_device_seed(&mut self, index: u64) -> HcResult { let device_ctx = SeedContext::new(REVOKE_CTX); let device_seed_buf = generate_derived_seed_buf(&mut self.inner.buf, &device_ctx, index, SEED_SIZE)?; @@ -202,10 +197,7 @@ impl RootSeed { /// Generate Revocation Seed /// @param {number} index - the index number in this seed group, must not be zero - pub fn generate_revocation_seed( - &mut self, - index: u64, - ) -> HcResult { + pub fn generate_revocation_seed(&mut self, index: u64) -> HcResult { let seed_context = SeedContext::new(REVOKE_CTX); let seed_buf = generate_derived_seed_buf(&mut self.inner.buf, &seed_context, index, SEED_SIZE)?; @@ -254,10 +246,7 @@ impl DeviceSeed { /// Generate Auth Seed /// @param {number} index - the index number in this seed group, must not be zero - pub fn generate_auth_seed( - &mut self, - index: u64, - ) -> HcResult { + pub fn generate_auth_seed(&mut self, index: u64) -> HcResult { let seed_context = SeedContext::new(AUTH_CTX); let seed_buf = generate_derived_seed_buf(&mut self.inner.buf, &seed_context, index, SEED_SIZE)?; diff --git a/crates/metrics/src/stats.rs b/crates/metrics/src/stats.rs index 3e1924b596..2f8d4f2478 100644 --- a/crates/metrics/src/stats.rs +++ b/crates/metrics/src/stats.rs @@ -6,8 +6,7 @@ use stats::Commute; use std::{ collections::HashMap, error::Error, - fmt, - fmt::{Display, Formatter}, + fmt::{self, Display, Formatter}, io, iter::FromIterator, }; diff --git a/crates/sim2h/src/lib.rs b/crates/sim2h/src/lib.rs index 218261be17..8d131eec53 100644 --- a/crates/sim2h/src/lib.rs +++ b/crates/sim2h/src/lib.rs @@ -125,7 +125,7 @@ impl MetricsTimerGenerator { .publish(&Metric::new_timestamped_now(msg.0, None, msg.1)); } } - .boxed(); + .boxed(); (Self { sender }, out) } diff --git a/crates/sim2h/src/sim2h_im_state.rs b/crates/sim2h/src/sim2h_im_state.rs index 1698371837..30b7bf4b65 100644 --- a/crates/sim2h/src/sim2h_im_state.rs +++ b/crates/sim2h/src/sim2h_im_state.rs @@ -887,7 +887,7 @@ impl StoreHandle { async move { let _ = receiver.await; } - .boxed() + .boxed() } pub fn spawn_new_connection(&self, space_hash: SpaceHash, agent_id: AgentId, uri: Lib3hUri) { @@ -930,7 +930,7 @@ impl StoreHandle { async move { let _ = receiver.await; } - .boxed() + .boxed() } pub fn spawn_drop_connection_by_uri(&self, uri: Lib3hUri) { @@ -960,7 +960,7 @@ impl StoreHandle { async move { let _ = receiver.await; } - .boxed() + .boxed() } pub fn spawn_agent_holds_aspects( From 7fbd1cc8030b070ceae67d8dd03e0b199cc57872 Mon Sep 17 00:00:00 2001 From: Joel U Date: Mon, 24 Feb 2020 13:07:42 -0500 Subject: [PATCH 3/5] [WIP]: Fixing CI for the cli branch (#2125) * updated tests --- crates/cli/src/cli/keygen.rs | 4 ++-- crates/cli/src/util.rs | 2 +- crates/sim2h/src/lib.rs | 2 +- crates/sim2h/src/sim2h_im_state.rs | 6 +++--- 4 files changed, 7 insertions(+), 7 deletions(-) diff --git a/crates/cli/src/cli/keygen.rs b/crates/cli/src/cli/keygen.rs index c8cc36e7f9..d4c2f960d0 100644 --- a/crates/cli/src/cli/keygen.rs +++ b/crates/cli/src/cli/keygen.rs @@ -59,7 +59,7 @@ when unlocking the keybundle to use within a Holochain conductor.\n", .expect("Could not retrieve mnemonic") }); - match root_seed_mnemonic.split(" ").count() { + match root_seed_mnemonic.split(' ').count() { 24 => { // unencrypted mnemonic user_prompt( @@ -153,7 +153,7 @@ fn keygen_dpki( pub mod test { use super::*; use cli::dpki; - use holochain_conductor_api::{ + use holochain_conductor_lib::{ key_loaders::mock_passphrase_manager, keystore::{Keystore, PRIMARY_KEYBUNDLE_ID}, }; diff --git a/crates/cli/src/util.rs b/crates/cli/src/util.rs index a9b8c20c86..192bd78ab9 100644 --- a/crates/cli/src/util.rs +++ b/crates/cli/src/util.rs @@ -69,7 +69,7 @@ pub trait WordCountable { impl WordCountable for String { fn word_count(&self) -> usize { - self.split(" ").count() + self.split(' ').count() } } diff --git a/crates/sim2h/src/lib.rs b/crates/sim2h/src/lib.rs index fd86c5d994..fac1a20ee9 100644 --- a/crates/sim2h/src/lib.rs +++ b/crates/sim2h/src/lib.rs @@ -140,7 +140,7 @@ impl MetricsTimerGenerator { } warn!("metric loop ended"); } - .boxed(); + .boxed(); (Self { sender }, out) } diff --git a/crates/sim2h/src/sim2h_im_state.rs b/crates/sim2h/src/sim2h_im_state.rs index b83872bdf2..63a7e2e17a 100644 --- a/crates/sim2h/src/sim2h_im_state.rs +++ b/crates/sim2h/src/sim2h_im_state.rs @@ -879,7 +879,7 @@ impl StoreHandle { async move { let _ = receiver.await; } - .boxed() + .boxed() } pub fn spawn_new_connection(&self, space_hash: SpaceHash, agent_id: AgentId, uri: Lib3hUri) { @@ -929,7 +929,7 @@ impl StoreHandle { async move { let _ = receiver.await; } - .boxed() + .boxed() } pub fn spawn_drop_connection_by_uri(&self, uri: Lib3hUri) { @@ -962,7 +962,7 @@ impl StoreHandle { async move { let _ = receiver.await; } - .boxed() + .boxed() } pub fn spawn_agent_holds_aspects( From 79bbe8bf5664800dbe7509eac62d6dc8b82bb4f6 Mon Sep 17 00:00:00 2001 From: zo-el Date: Tue, 10 Mar 2020 22:21:24 -0500 Subject: [PATCH 4/5] updated holochain_persistance and lib3h --- Cargo.toml | 10 +++++----- core_api_c_binding/Cargo.toml | 2 +- crates/cli/Cargo.toml | 10 +++++----- crates/cli/src/cli/keygen.rs | 1 - crates/conductor_lib/Cargo.toml | 14 +++++++------- crates/conductor_lib/test-bridge-caller/Cargo.toml | 2 +- crates/core/Cargo.toml | 12 ++++++------ crates/core_types/Cargo.toml | 4 ++-- crates/dpki/Cargo.toml | 4 ++-- crates/hdk/Cargo.toml | 2 +- crates/holochain/Cargo.toml | 2 +- crates/net/Cargo.toml | 12 ++++++------ crates/sim2h/Cargo.toml | 12 ++++++------ crates/sim2h_server/Cargo.toml | 6 +++--- crates/stress/Cargo.toml | 6 +++--- crates/wasm_utils/Cargo.toml | 2 +- test_utils/Cargo.toml | 4 ++-- 17 files changed, 52 insertions(+), 53 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 77dd49123e..e0325287d4 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -30,11 +30,11 @@ exclude = [ ] [patch.crates-io] -#lib3h = "=0.0.41" -#lib3h_protocol = "=0.0.41" -#lib3h_crypto_api = "=0.0.41" -#lib3h_sodium = "=0.0.41" -#lib3h_zombie_actor = "=0.0.41" +#lib3h = "=0.0.42" +#lib3h_protocol = "=0.0.42" +#lib3h_crypto_api = "=0.0.42" +#lib3h_sodium = "=0.0.42" +#lib3h_zombie_actor = "=0.0.42" #lib3h = { git = "https://github.com/holochain/lib3h", branch ="bump_tracing" } #lib3h_protocol = { git = "https://github.com/holochain/lib3h", branch ="bump_tracing" } diff --git a/core_api_c_binding/Cargo.toml b/core_api_c_binding/Cargo.toml index b53192929d..46488b8e24 100644 --- a/core_api_c_binding/Cargo.toml +++ b/core_api_c_binding/Cargo.toml @@ -12,4 +12,4 @@ crate-type = ["staticlib"] holochain_core = { path = "../crates/core" } holochain_conductor_api = { path = "../crates/conductor_api" } holochain_core_types = { path = "../crates/core_types" } -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" diff --git a/crates/cli/Cargo.toml b/crates/cli/Cargo.toml index c95c57a52f..181a12cb01 100644 --- a/crates/cli/Cargo.toml +++ b/crates/cli/Cargo.toml @@ -19,13 +19,13 @@ holochain_tracing = "=0.0.24" holochain_tracing_macros = "=0.0.24" newrelic = { version = "=0.2.2", optional = true } sim2h = { version = "=0.0.44-alpha3", path = "../sim2h" } -lib3h_crypto_api = "=0.0.41" +lib3h_crypto_api = "=0.0.42" in_stream = { version = "=0.0.44-alpha3", path = "../in_stream" } url2 = "=0.0.4" -lib3h_sodium = "=0.0.41" +lib3h_sodium = "=0.0.42" holochain_json_api = "=0.0.23" -holochain_persistence_api = "=0.0.17" -holochain_persistence_file = "=0.0.17" +holochain_persistence_api = "=0.0.18" +holochain_persistence_file = "=0.0.18" holochain_wasm_utils = { path = "../wasm_utils" } crossbeam-channel = "=0.3.8" structopt = "=0.3.3" @@ -45,7 +45,7 @@ rustyline = "=5.0.0" json-patch = "=0.2.2" reqwest = "=0.9.11" tempfile = "=3.0.7" -lib3h_protocol = "=0.0.41" +lib3h_protocol = "=0.0.42" tar = "=0.4.26" flate2 = "=1.0.12" log = "=0.4.8" diff --git a/crates/cli/src/cli/keygen.rs b/crates/cli/src/cli/keygen.rs index 5d002a27e4..d4c2f960d0 100644 --- a/crates/cli/src/cli/keygen.rs +++ b/crates/cli/src/cli/keygen.rs @@ -1,4 +1,3 @@ -use error::DefaultResult; use holochain_common::paths::keys_directory; use holochain_conductor_lib::{ key_loaders::mock_passphrase_manager, diff --git a/crates/conductor_lib/Cargo.toml b/crates/conductor_lib/Cargo.toml index 655ced40be..e5cfc6b7ce 100644 --- a/crates/conductor_lib/Cargo.toml +++ b/crates/conductor_lib/Cargo.toml @@ -14,18 +14,18 @@ holochain_core_types = { version = "=0.0.44-alpha3", path = "../core_types" } holochain_locksmith = { version = "=0.0.44-alpha3", path = "../locksmith" } holochain_json_derive = "=0.0.23" holochain_json_api = "=0.0.23" -holochain_persistence_api = "=0.0.17" -holochain_persistence_mem = "=0.0.17" -holochain_persistence_file = "=0.0.17" -holochain_persistence_pickle = "=0.0.17" -holochain_persistence_lmdb = "=0.0.17" +holochain_persistence_api = "=0.0.18" +holochain_persistence_mem = "=0.0.18" +holochain_persistence_file = "=0.0.18" +holochain_persistence_pickle = "=0.0.18" +holochain_persistence_lmdb = "=0.0.18" holochain_common = { version = "=0.0.44-alpha3", path = "../common" } holochain_dpki = { version = "=0.0.44-alpha3", path = "../dpki" } holochain_net = { version = "=0.0.44-alpha3", path = "../net" } holochain_tracing = "=0.0.24" holochain_tracing_macros = "=0.0.24" -lib3h = "=0.0.41" -lib3h_sodium = "=0.0.41" +lib3h = "=0.0.42" +lib3h_sodium = "=0.0.42" holochain_metrics = { version = "=0.0.44-alpha3", path = "../metrics" } chrono = "=0.4.6" serde = "=1.0.104" diff --git a/crates/conductor_lib/test-bridge-caller/Cargo.toml b/crates/conductor_lib/test-bridge-caller/Cargo.toml index 17e9cbe8c9..ae7c431ae0 100644 --- a/crates/conductor_lib/test-bridge-caller/Cargo.toml +++ b/crates/conductor_lib/test-bridge-caller/Cargo.toml @@ -18,4 +18,4 @@ serde_json = { version = "=1.0.47", features = ["preserve_order"] } hdk = { path = "../../hdk" } serde_derive = "=1.0.104" holochain_json_derive = "=0.0.23" -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" diff --git a/crates/core/Cargo.toml b/crates/core/Cargo.toml index 61550d7677..0b427b8d6d 100644 --- a/crates/core/Cargo.toml +++ b/crates/core/Cargo.toml @@ -29,13 +29,13 @@ holochain_net = { version = "=0.0.44-alpha3", path = "../net" } holochain_wasm_utils = { version = "=0.0.44-alpha3", path = "../wasm_utils" } holochain_common = { version = "=0.0.44-alpha3", path = "../common" } holochain_conductor_lib_api = { version = "=0.0.44-alpha3", path = "../conductor_api" } -lib3h_protocol = "=0.0.41" -lib3h_sodium = "=0.0.41" +lib3h_protocol = "=0.0.42" +lib3h_sodium = "=0.0.42" holochain_json_derive = "=0.0.23" holochain_json_api = "=0.0.23" -holochain_persistence_api = "=0.0.17" -holochain_persistence_file = "=0.0.17" -holochain_persistence_mem = "=0.0.17" +holochain_persistence_api = "=0.0.18" +holochain_persistence_file = "=0.0.18" +holochain_persistence_mem = "=0.0.18" holochain_core_types = { version = "=0.0.44-alpha3", path = "../core_types" } holochain_dpki = { version = "=0.0.44-alpha3", path = "../dpki" } holochain_locksmith = { version = "=0.0.44-alpha3", path = "../locksmith" } @@ -64,7 +64,7 @@ newrelic = { version = "=0.2.2", optional = true } wabt = "=0.7.4" test_utils = { version = "=0.0.44-alpha3", path = "../../test_utils" } tempfile = "=3.0.7" -holochain_persistence_lmdb = "=0.0.17" +holochain_persistence_lmdb = "=0.0.18" [features] default = [] diff --git a/crates/core_types/Cargo.toml b/crates/core_types/Cargo.toml index df43a778ce..7f10bcd6ac 100644 --- a/crates/core_types/Cargo.toml +++ b/crates/core_types/Cargo.toml @@ -27,7 +27,7 @@ hcid = "=0.0.6" rust-base58 = "=0.0.4" snowflake = "=1.3.0" objekt= "=0.1.2" -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" holochain_json_derive = "=0.0.23" holochain_json_api = "=0.0.23" holochain_locksmith = { version = "=0.0.44-alpha3", path = "../locksmith" } @@ -35,7 +35,7 @@ uuid = { version = "=0.7.1", features = ["v4"] } regex = "=1.1.2" shrinkwraprs = "=0.2.1" crossbeam-channel = "=0.3.8" -lib3h_crypto_api = "=0.0.41" +lib3h_crypto_api = "=0.0.42" parking_lot ="=0.9.0" log = "=0.4.8" holochain_logging = "=0.0.7" diff --git a/crates/dpki/Cargo.toml b/crates/dpki/Cargo.toml index 18943afb18..8d1a9781c3 100644 --- a/crates/dpki/Cargo.toml +++ b/crates/dpki/Cargo.toml @@ -14,8 +14,8 @@ base64 = "=0.10.1" holochain_core_types = { version = "=0.0.44-alpha3", path = "../core_types" } holochain_tracing_macros = "=0.0.24" newrelic = { version = "=0.2.2", optional = true } -lib3h_sodium = "=0.0.41" -holochain_persistence_api = "=0.0.17" +lib3h_sodium = "=0.0.42" +holochain_persistence_api = "=0.0.18" serde = "=1.0.104" serde_derive = "=1.0.104" serde_json = { version = "=1.0.47", features = ["preserve_order"] } diff --git a/crates/hdk/Cargo.toml b/crates/hdk/Cargo.toml index cfc7e78cc5..3ae2093711 100644 --- a/crates/hdk/Cargo.toml +++ b/crates/hdk/Cargo.toml @@ -18,7 +18,7 @@ holochain_wasm_utils = { version = "=0.0.44-alpha3", path = "../wasm_utils" } holochain_core_types = { version = "=0.0.44-alpha3", path = "../core_types" } holochain_json_api = "=0.0.23" holochain_json_derive = "=0.0.23" -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" pretty_assertions = "=0.6.1" env_logger = "=0.6.1" url = "=2.1.0" diff --git a/crates/holochain/Cargo.toml b/crates/holochain/Cargo.toml index 2e29a1952d..773a9dd862 100644 --- a/crates/holochain/Cargo.toml +++ b/crates/holochain/Cargo.toml @@ -11,7 +11,7 @@ authors = ["Holochain Core Dev Team "] crossbeam-channel = "=0.3.8" holochain_core_types = { version = "=0.0.44-alpha3", path = "../core_types" } holochain_conductor_lib = { version = "=0.0.44-alpha3", path = "../conductor_lib" } -lib3h_sodium = "=0.0.41" +lib3h_sodium = "=0.0.42" holochain_common = { version = "=0.0.44-alpha3", path = "../common" } holochain_locksmith = { version = "=0.0.44-alpha3", path = "../locksmith" } holochain_tracing = "=0.0.24" diff --git a/crates/net/Cargo.toml b/crates/net/Cargo.toml index 64d952af90..36a9d8883d 100644 --- a/crates/net/Cargo.toml +++ b/crates/net/Cargo.toml @@ -9,7 +9,7 @@ authors = ["Holochain Core Dev Team "] edition = "2018" [dev-dependencies] -lib3h_crypto_api = "=0.0.41" +lib3h_crypto_api = "=0.0.42" base64 = "=0.10.1" hcid = "=0.0.6" jsonrpc-core = "=14.0.1" @@ -18,10 +18,10 @@ tempfile = "=3.0.7" [dependencies] failure = "=0.1.7" sim2h = { version = "=0.0.44-alpha3", path = "../sim2h" } -lib3h_sodium = "=0.0.41" -lib3h_protocol = "=0.0.41" -lib3h = "=0.0.41" -lib3h_zombie_actor = "=0.0.41" +lib3h_sodium = "=0.0.42" +lib3h_protocol = "=0.0.42" +lib3h = "=0.0.42" +lib3h_zombie_actor = "=0.0.42" detach = "=0.0.19" holochain_tracing = "=0.0.24" holochain_metrics = { version = "=0.0.44-alpha3", path = "../metrics" } @@ -31,7 +31,7 @@ holochain_locksmith = { version = "=0.0.44-alpha3", path = "../locksmith" } holochain_json_derive = "=0.0.23" holochain_json_api = "=0.0.23" holochain_tracing_macros = "=0.0.24" -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" holochain_common = { version = "=0.0.44-alpha3", path = "../common" } in_stream = { version = "=0.0.44-alpha3", path = "../in_stream" } lazy_static = "=1.4.0" diff --git a/crates/sim2h/Cargo.toml b/crates/sim2h/Cargo.toml index 763124e2f7..0536c36834 100644 --- a/crates/sim2h/Cargo.toml +++ b/crates/sim2h/Cargo.toml @@ -14,14 +14,14 @@ repository = "https://github.com/holochain/sim2h" [dependencies] backtrace = "=0.3.27" hcid = "=0.0.6" -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" holochain_json_api = "=0.0.23" futures = "=0.3.2" -lib3h = "=0.0.41" -lib3h_crypto_api = "=0.0.41" -lib3h_sodium = "=0.0.41" -lib3h_protocol = "=0.0.41" -lib3h_zombie_actor = "=0.0.41" +lib3h = "=0.0.42" +lib3h_crypto_api = "=0.0.42" +lib3h_sodium = "=0.0.42" +lib3h_protocol = "=0.0.42" +lib3h_zombie_actor = "=0.0.42" holochain_tracing = "=0.0.24" holochain_core_types = { version = "=0.0.44-alpha3", path = "../core_types" } holochain_locksmith = { version = "=0.0.44-alpha3", path = "../locksmith" } diff --git a/crates/sim2h_server/Cargo.toml b/crates/sim2h_server/Cargo.toml index 97411dd094..088f7e37f2 100644 --- a/crates/sim2h_server/Cargo.toml +++ b/crates/sim2h_server/Cargo.toml @@ -20,9 +20,9 @@ holochain_tracing_macros = "=0.0.24" newrelic = { version = "=0.2.2", optional = true } detach = "=0.0.19" futures = "=0.3.2" -lib3h = "=0.0.41" -lib3h_protocol = "=0.0.41" -lib3h_sodium = "=0.0.41" +lib3h = "=0.0.42" +lib3h_protocol = "=0.0.42" +lib3h_sodium = "=0.0.42" lazy_static = "=1.4.0" log = "0.4.8" env_logger = "0.7.0" diff --git a/crates/stress/Cargo.toml b/crates/stress/Cargo.toml index 96df58836e..bac1e92771 100644 --- a/crates/stress/Cargo.toml +++ b/crates/stress/Cargo.toml @@ -14,9 +14,9 @@ base64 = "=0.10.1" crossbeam-channel = "=0.3.8" env_logger = "=0.6.1" hcid = "=0.0.6" -lib3h_crypto_api = "=0.0.41" -lib3h_protocol = "=0.0.41" -lib3h_sodium = "=0.0.41" +lib3h_crypto_api = "=0.0.42" +lib3h_protocol = "=0.0.42" +lib3h_sodium = "=0.0.42" holochain_tracing = "=0.0.24" log = "=0.4.8" nanoid = "=0.2.0" diff --git a/crates/wasm_utils/Cargo.toml b/crates/wasm_utils/Cargo.toml index 62257596a3..b918661a71 100644 --- a/crates/wasm_utils/Cargo.toml +++ b/crates/wasm_utils/Cargo.toml @@ -13,7 +13,7 @@ serde_derive = "=1.0.104" serde_json = { version = "=1.0.47", features = ["preserve_order"] } holochain_core_types = { version = "=0.0.44-alpha3", path = "../core_types" } holochain_json_derive = "=0.0.23" -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" holochain_json_api = "=0.0.23" [dev-dependencies] diff --git a/test_utils/Cargo.toml b/test_utils/Cargo.toml index f260f7e08b..26067f95db 100644 --- a/test_utils/Cargo.toml +++ b/test_utils/Cargo.toml @@ -17,10 +17,10 @@ holochain_core_types = { version = "=0.0.44-alpha3", path = "../crates/core_type holochain_dpki = { version = "=0.0.44-alpha3", path = "../crates/dpki" } holochain_wasm_utils = { version = "=0.0.44-alpha3", path = "../crates/wasm_utils" } holochain_locksmith = { version = "=0.0.44-alpha3", path = "../crates/locksmith" } -holochain_persistence_api = "=0.0.17" +holochain_persistence_api = "=0.0.18" holochain_json_api = "=0.0.23" holochain_json_derive = "=0.0.23" -lib3h_sodium = "=0.0.41" +lib3h_sodium = "=0.0.42" wabt = "=0.7.4" tempfile = "=3.0.7" serde = "=1.0.104" From 1b09f6b92db7f02f63d86f914db3860ad715b5e4 Mon Sep 17 00:00:00 2001 From: zo-el Date: Wed, 11 Mar 2020 00:48:53 -0500 Subject: [PATCH 5/5] update the ctx for revocation and auth keys --- crates/dpki/src/seed.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crates/dpki/src/seed.rs b/crates/dpki/src/seed.rs index 5eb671766c..b7eb066a77 100644 --- a/crates/dpki/src/seed.rs +++ b/crates/dpki/src/seed.rs @@ -2,7 +2,7 @@ use crate::{ key_bundle::KeyBundle, password_encryption::*, utils::{generate_derived_seed_buf, SeedContext}, - AGENT_ID_CTX, AUTH_CTX, DEVICE_CTX, REVOKE_CTX, SEED_SIZE, + AGENT_ID_CTX, AUTH_CTX, REVOKE_CTX, SEED_SIZE, }; use bip39::{Language, Mnemonic, MnemonicType}; use holochain_core_types::error::{HcResult, HolochainError}; @@ -328,7 +328,7 @@ impl RevocationSeed { /// Generate a revocation key pub fn generate_revocation_key(&mut self, derivation_index: u64) -> HcResult { let mut ref_seed_buf = SecBuf::with_secure(SEED_SIZE); - let context = SeedContext::new(DEVICE_CTX); + let context = SeedContext::new(REVOKE_CTX); let mut context = context.to_sec_buf(); kdf::derive( &mut ref_seed_buf, @@ -369,7 +369,7 @@ impl AuthSeed { /// Generate a revocation key pub fn generate_auth_key(&mut self, derivation_index: u64) -> HcResult { let mut ref_seed_buf = SecBuf::with_secure(SEED_SIZE); - let context = SeedContext::new(DEVICE_CTX); + let context = SeedContext::new(AUTH_CTX); let mut context = context.to_sec_buf(); kdf::derive( &mut ref_seed_buf,