2016-09-08 19:13:10 +02:00
(* *)
2018-02-05 21:17:03 +01:00
(* Copyright (c) 2014 - 2018. *)
2016-09-08 19:13:10 +02:00
(* Dynamic Ledger Solutions, Inc. <contact@tezos.com> *)
(* *)
(* All rights reserved. No warranty, explicit or implicit, provided. *)
(* *)
2018-02-01 17:31:08 +01:00
type error += Unregistered_key_scheme of string
2018-05-27 12:31:52 +02:00
type error += Invalid_uri of Uri.t
2018-04-12 17:57:08 +02:00
2018-02-01 17:31:08 +01:00
let () =
register_error_kind `Permanent
~id: "cli.unregistered_key_scheme"
~title: "Unregistered key scheme"
~description: "A key has been provided with an \
unregistered scheme (no corresponding plugin)"
(fun ppf s ->
Format.fprintf ppf "No matching plugin for key scheme %s" s)
Data_encoding.(obj1 (req "value" string))
(function Unregistered_key_scheme s -> Some s | _ -> None)
2018-05-27 12:31:52 +02:00
(fun s -> Unregistered_key_scheme s) ;
register_error_kind `Permanent
~id: "cli.key.invalid_uri"
~title: "Invalid key uri"
~description: "A key has been provided with an invalid uri."
(fun ppf s ->
Format.fprintf ppf "Cannot parse the key uri: %s" s)
Data_encoding.(obj1 (req "value" string))
(function Invalid_uri s -> Some (Uri.to_string s) | _ -> None)
(fun s -> Invalid_uri (Uri.of_string s))
2018-02-01 17:31:08 +01:00
2016-09-08 19:13:10 +02:00
module Public_key_hash = Client_aliases.Alias (struct
2018-04-05 17:35:35 +02:00
type t = Signature.Public_key_hash.t
let encoding = Signature.Public_key_hash.encoding
let of_source s = Lwt.return (Signature.Public_key_hash.of_b58check s)
let to_source p = return (Signature.Public_key_hash.to_b58check p)
2016-09-08 19:13:10 +02:00
let name = "public key hash"
2018-02-01 17:31:08 +01:00
module type KEY = sig
type t
val to_b58check : t -> string
val of_b58check_exn : string -> t
2018-05-26 13:22:47 +02:00
let uri_encoding =
Data_encoding.(conv Uri.to_string Uri.of_string string)
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
module Entity (Name : sig val name: string end) = struct
include Name
type t = Uri.t
let pp = Uri.pp_hum
let of_source s = return (Uri.of_string s)
let to_source t = return (Uri.to_string t)
let encoding = uri_encoding
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
type pk_uri = Uri.t
let make_pk_uri x = x
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
type sk_uri = Uri.t
let make_sk_uri x = x
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
module Secret_key =
Client_aliases.Alias (Entity(struct let name = "secret_key" end))
module Public_key =
Client_aliases.Alias (Entity(struct let name = "public_key" end))
2018-02-01 17:31:08 +01:00
module type SIGNER = sig
val scheme : string
2018-02-01 22:43:09 +01:00
val title : string
val description : string
2018-05-26 13:22:47 +02:00
val neuterize : sk_uri -> pk_uri tzresult Lwt.t
val public_key : pk_uri -> Signature.Public_key.t tzresult Lwt.t
val public_key_hash : pk_uri -> Signature.Public_key_hash.t tzresult Lwt.t
2018-05-25 15:50:31 +02:00
val sign :
?watermark: Signature.watermark ->
2018-05-26 13:22:47 +02:00
sk_uri -> MBytes.t -> Signature.t tzresult Lwt.t
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
let signers_table : (string, (module SIGNER)) Hashtbl.t = Hashtbl.create 13
2018-02-08 19:00:01 +01:00
2018-02-01 17:31:08 +01:00
let register_signer signer =
let module Signer = (val signer : SIGNER) in
2018-05-26 13:22:47 +02:00
Hashtbl.replace signers_table Signer.scheme signer
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
let find_signer_for_key ~scheme =
2018-02-01 17:31:08 +01:00
match Hashtbl.find signers_table scheme with
2018-04-12 17:57:08 +02:00
| exception Not_found ->
fail (Unregistered_key_scheme scheme)
2018-05-26 13:22:47 +02:00
| signer -> return signer
2018-02-01 17:31:08 +01:00
2018-02-14 11:01:23 +01:00
let registered_signers () : (string * (module SIGNER)) list =
2018-05-26 13:22:47 +02:00
Hashtbl.fold (fun k v acc -> (k, v) :: acc) signers_table []
2018-02-14 11:01:23 +01:00
2018-05-26 13:22:47 +02:00
type error += Signature_mismatch of sk_uri
2018-04-12 17:57:08 +02:00
let () =
register_error_kind `Permanent
~id: "cli.signature_mismatch"
~title: "Signature mismatch"
~description: "The signer produced an invalid signature"
(fun ppf sk ->
Format.fprintf ppf
"The signer for %a produced an invalid signature"
2018-05-26 13:22:47 +02:00
Uri.pp_hum sk)
Data_encoding.(obj1 (req "locator" uri_encoding))
2018-04-12 17:57:08 +02:00
(function Signature_mismatch sk -> Some sk | _ -> None)
(fun sk -> Signature_mismatch sk)
2018-05-26 13:22:47 +02:00
let neuterize sk_uri =
let scheme = Option.unopt ~default:"" (Uri.scheme sk_uri) in
find_signer_for_key ~scheme >>=? fun signer ->
let module Signer = (val signer : SIGNER) in
Signer.neuterize sk_uri
let public_key pk_uri =
let scheme = Option.unopt ~default:"" (Uri.scheme pk_uri) in
find_signer_for_key ~scheme >>=? fun signer ->
let module Signer = (val signer : SIGNER) in
Signer.public_key pk_uri
let public_key_hash pk_uri =
public_key pk_uri >>=? fun pk ->
return (Signature.Public_key.hash pk)
let sign ?watermark sk_uri buf =
let scheme = Option.unopt ~default:"" (Uri.scheme sk_uri) in
find_signer_for_key ~scheme >>=? fun signer ->
2018-02-01 17:31:08 +01:00
let module Signer = (val signer : SIGNER) in
2018-05-26 13:22:47 +02:00
Signer.sign ?watermark sk_uri buf >>=? fun signature ->
Signer.neuterize sk_uri >>=? fun pk_uri ->
public_key pk_uri >>=? fun pubkey ->
2018-04-12 17:57:08 +02:00
2018-05-24 02:26:10 +02:00
(Signature.check ?watermark pubkey signature buf)
2018-05-26 13:22:47 +02:00
(Signature_mismatch sk_uri) >>=? fun () ->
2018-04-12 17:57:08 +02:00
return signature
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
let append ?watermark loc buf =
sign ?watermark loc buf >>|? fun signature ->
2018-04-05 17:35:35 +02:00
Signature.concat buf signature
2018-04-09 10:13:19 -04:00
let check ?watermark pk_uri signature buf =
public_key pk_uri >>=? fun pk ->
return (Signature.check ?watermark pk signature buf)
2018-05-26 13:22:47 +02:00
let register_key cctxt ?(force=false) (public_key_hash, pk_uri, sk_uri) name =
Public_key.add ~force cctxt name pk_uri >>=? fun () ->
Secret_key.add ~force cctxt name sk_uri >>=? fun () ->
Public_key_hash.add ~force cctxt name public_key_hash >>=? fun () ->
2017-04-04 23:35:41 +02:00
return ()
2016-09-08 19:13:10 +02:00
2018-05-26 13:22:47 +02:00
let raw_get_key (cctxt : #Client_context.wallet) pkh =
2018-05-26 13:41:51 +02:00
Public_key_hash.rev_find cctxt pkh >>=? function
| None -> failwith "no keys for the source contract manager"
| Some n ->
Public_key.find_opt cctxt n >>=? fun pk_uri ->
Secret_key.find_opt cctxt n >>=? fun sk_uri ->
~f:(fun pkh ->
public_key pkh >>= function
| Error e ->
Format.eprintf "PLOP: %a@." pp_print_error e ;
| Ok pk -> Lwt.return_some pk)
end >>= fun pk ->
return (n, pk, sk_uri)
end >>= function
| (Ok (_, None, None) | Error _) as initial_result -> begin
2018-05-26 13:22:47 +02:00
2018-05-26 13:41:51 +02:00
(* try to lookup for a remote key *)
find_signer_for_key ~scheme:"remote" >>=? fun signer ->
let module Signer = (val signer : SIGNER) in
let path = Signature.Public_key_hash.to_b58check pkh in
let uri = Uri.make ~scheme:Signer.scheme ~path () in
Signer.public_key uri >>=? fun pk ->
return (path, Some pk, Some uri)
end >>= function
| Error _ -> Lwt.return initial_result
| Ok _ as success -> Lwt.return success
| Ok _ as success -> Lwt.return success
2018-05-26 13:22:47 +02:00
let get_key cctxt pkh =
raw_get_key cctxt pkh >>=? function
| (pkh, Some pk, Some sk) -> return (pkh, pk, sk)
2018-06-13 23:05:36 +02:00
| (_pkh, _pk, None) -> failwith "Unknown secret key for %a" Signature.Public_key_hash.pp pkh
| (_pkh, None, _sk) -> failwith "Unknown public key for %a" Signature.Public_key_hash.pp pkh
2018-05-26 13:22:47 +02:00
let get_public_key cctxt pkh =
raw_get_key cctxt pkh >>=? function
| (pkh, Some pk, _sk) -> return (pkh, pk)
2018-06-13 23:05:36 +02:00
| (_pkh, None, _sk) -> failwith "Unknown public key for %a" Signature.Public_key_hash.pp pkh
2018-05-26 13:22:47 +02:00
let get_keys (cctxt : #Client_context.wallet) =
Secret_key.load cctxt >>=? fun sks ->
Lwt_list.filter_map_s begin fun (name, sk_uri) ->
2018-02-01 17:31:08 +01:00
2018-05-26 13:22:47 +02:00
Public_key.find cctxt name >>=? fun pk_uri ->
Public_key_hash.find cctxt name >>=? fun pkh ->
public_key pk_uri >>=? fun pk ->
return (name, pkh, pk, sk_uri)
2018-02-01 17:31:08 +01:00
end >>= function
| Ok r -> Lwt.return (Some r)
| Error _ -> Lwt.return_none
end sks >>= fun keys ->
2017-04-10 22:58:36 +02:00
return keys
2017-02-28 08:18:06 +01:00
2017-01-12 16:13:03 +01:00
let list_keys cctxt =
2017-04-05 01:02:10 +02:00
Public_key_hash.load cctxt >>=? fun l ->
(fun (name, pkh) ->
2018-05-26 13:22:47 +02:00
raw_get_key cctxt pkh >>= function
| Ok (_name, pk, sk_uri) ->
return (name, pkh, pk, sk_uri)
| Error _ ->
return (name, pkh, None, None))
2017-01-12 16:13:03 +01:00
2017-02-28 08:18:06 +01:00
2017-09-15 15:18:00 +02:00
let alias_keys cctxt name =
2018-05-26 13:22:47 +02:00
Public_key_hash.find cctxt name >>=? fun pkh ->
raw_get_key cctxt pkh >>= function
| Ok (_name, pk, sk_uri) -> return (Some (pkh, pk, sk_uri))
| Error _ -> return None
2017-09-15 15:18:00 +02:00
2018-02-11 19:17:39 +01:00
let force_switch () =
2018-04-03 11:39:09 +02:00
2018-02-14 15:54:52 +01:00
~long:"force" ~short:'f'
~doc:"overwrite existing keys" ()