From 0dbe24290fd8560f1edd809fe9f7f03153d08ec2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9goire=20Henry?= Date: Sat, 26 May 2018 12:37:19 +0200 Subject: [PATCH] Signer: explicit registration of signers instead of toplevel side-effects and `-link-all` --- src/lib_client_base_unix/client_main_run.ml | 6 + src/lib_client_base_unix/jbuild | 1 + src/lib_signer_backends/encrypted.ml | 361 +++++++++--------- src/lib_signer_backends/encrypted.mli | 10 + src/lib_signer_backends/jbuild | 2 +- src/lib_signer_backends/remote.ml | 3 +- src/lib_signer_backends/remote.mli | 10 + src/lib_signer_backends/unencrypted.ml | 95 +++-- src/lib_signer_backends/unencrypted.mli | 10 + .../lib_baking/test/proto_alpha_helpers.ml | 4 + 10 files changed, 266 insertions(+), 236 deletions(-) create mode 100644 src/lib_signer_backends/encrypted.mli create mode 100644 src/lib_signer_backends/remote.mli create mode 100644 src/lib_signer_backends/unencrypted.mli diff --git a/src/lib_client_base_unix/client_main_run.ml b/src/lib_client_base_unix/client_main_run.ml index a19cb62d9..d56e05ff8 100644 --- a/src/lib_client_base_unix/client_main_run.ml +++ b/src/lib_client_base_unix/client_main_run.ml @@ -74,6 +74,12 @@ let main select_commands = ignore Clic.(setup_formatter Format.err_formatter (if Unix.isatty Unix.stderr then Ansi else Plain) Short) ; init_logger () >>= fun () -> + Client_keys.register_signer + (module Tezos_signer_backends.Unencrypted) ; + Client_keys.register_signer + (module Tezos_signer_backends.Encrypted) ; + Client_keys.register_signer + (module Tezos_signer_backends.Remote) ; Lwt.catch begin fun () -> begin Client_config.parse_config_args (new unix_full diff --git a/src/lib_client_base_unix/jbuild b/src/lib_client_base_unix/jbuild index aea8fcc24..c4aef11d7 100644 --- a/src/lib_client_base_unix/jbuild +++ b/src/lib_client_base_unix/jbuild @@ -8,6 +8,7 @@ tezos-client-commands tezos-stdlib-unix tezos-rpc-http + tezos-signer-backends pbkdf bip39 tezos-shell-services)) diff --git a/src/lib_signer_backends/encrypted.ml b/src/lib_signer_backends/encrypted.ml index 9d2079ff4..f422def9c 100644 --- a/src/lib_signer_backends/encrypted.ml +++ b/src/lib_signer_backends/encrypted.ml @@ -9,209 +9,204 @@ open Client_keys -module Encrypted_signer : SIGNER = struct - let scheme = "encrypted" +let scheme = "encrypted" - let title = - "Built-in signer using encrypted keys." +let title = + "Built-in signer using encrypted keys." - let description = - "If you try to import a secret key without additional argument, you will \ - be asked to either generate a new key, or to import the elements \ - from your fundraiser paper wallet.\n\ - If you add an argument when importing a secret key, \ - the format is the raw Base58-encoded key (starting with 'edsk').\n\ - The format for importing public keys is the raw Base58-encoded \ - key (starting with 'edpk')." +let description = + "If you try to import a secret key without additional argument, you will \ + be asked to either generate a new key, or to import the elements \ + from your fundraiser paper wallet.\n\ + If you add an argument when importing a secret key, \ + the format is the raw Base58-encoded key (starting with 'edsk').\n\ + The format for importing public keys is the raw Base58-encoded \ + key (starting with 'edpk')." - type secret_key = Signature.Secret_key.t - type public_key = Signature.Public_key.t +type secret_key = Signature.Secret_key.t +type public_key = Signature.Public_key.t - (* https://tools.ietf.org/html/rfc2898#section-4.1 *) - let salt_len = 8 +(* https://tools.ietf.org/html/rfc2898#section-4.1 *) +let salt_len = 8 - (* Fixed zero nonce *) - let nonce = Crypto_box.zero_nonce +(* Fixed zero nonce *) +let nonce = Crypto_box.zero_nonce - (* skloc -> Signature.Secret_key.t *) - let decrypted_sks = Hashtbl.create 13 +(* skloc -> Signature.Secret_key.t *) +let decrypted_sks = Hashtbl.create 13 - let pbkdf ~salt ~password = - let open Cstruct in - let salt = of_bigarray salt in - let password = of_bigarray password in - to_bigarray - (Pbkdf.pbkdf2 ~prf:`SHA512 ~count:2048 ~dk_len:32l ~salt ~password) +let pbkdf ~salt ~password = + let open Cstruct in + let salt = of_bigarray salt in + let password = of_bigarray password in + to_bigarray + (Pbkdf.pbkdf2 ~prf:`SHA512 ~count:2048 ~dk_len:32l ~salt ~password) - let rec decrypt_sk sk salt = function - | [] -> None - | password :: pws -> - let key = Crypto_box.Secretbox.unsafe_of_bytes (pbkdf ~password ~salt) in - match Crypto_box.Secretbox.box_open key sk nonce with - | None -> decrypt_sk sk salt pws - | Some sk -> Some sk +let rec decrypt_sk sk salt = function + | [] -> None + | password :: pws -> + let key = Crypto_box.Secretbox.unsafe_of_bytes (pbkdf ~password ~salt) in + match Crypto_box.Secretbox.box_open key sk nonce with + | None -> decrypt_sk sk salt pws + | Some sk -> Some sk - let salt_skenc_of_skloc skloc = - let open Cstruct in - let skloc = of_string skloc in - let len = len skloc in - let salt = sub skloc 0 salt_len in - let skenc = sub skloc salt_len (len - salt_len) in - to_bigarray salt, to_bigarray skenc +let salt_skenc_of_skloc skloc = + let open Cstruct in + let skloc = of_string skloc in + let len = len skloc in + let salt = sub skloc 0 salt_len in + let skenc = sub skloc salt_len (len - salt_len) in + to_bigarray salt, to_bigarray skenc - let rec passwd_ask_loop (cctxt : #Client_context.io_wallet) ~name ~salt ~skenc = - cctxt#prompt_password "Enter password for encrypted key %s: " name >>=? fun password -> - let key = pbkdf ~salt ~password in - let key = Crypto_box.Secretbox.unsafe_of_bytes key in - match Crypto_box.Secretbox.box_open key skenc nonce with - | None -> passwd_ask_loop cctxt ~name ~salt ~skenc - | Some decrypted_sk -> - return (password, (Data_encoding.Binary.of_bytes_exn - Signature.Secret_key.encoding - decrypted_sk)) +let rec passwd_ask_loop (cctxt : #Client_context.io_wallet) ~name ~salt ~skenc = + cctxt#prompt_password "Enter password for encrypted key %s: " name >>=? fun password -> + let key = pbkdf ~salt ~password in + let key = Crypto_box.Secretbox.unsafe_of_bytes key in + match Crypto_box.Secretbox.box_open key skenc nonce with + | None -> passwd_ask_loop cctxt ~name ~salt ~skenc + | Some decrypted_sk -> + return (password, (Data_encoding.Binary.of_bytes_exn + Signature.Secret_key.encoding + decrypted_sk)) - let ask_all_passwords (cctxt : #Client_context.io_wallet) sks = - fold_left_s begin fun a (name, skloc) -> - if Secret_key_locator.scheme skloc <> scheme then - return a - else - match Secret_key_locator.location skloc with - |location :: _ -> begin - match Base58.safe_decode location with - | None -> Lwt.fail Exit - | Some payload -> - let salt, skenc = salt_skenc_of_skloc payload in - match decrypt_sk skenc salt a with - | Some sk -> - Hashtbl.replace decrypted_sks location - (Data_encoding.Binary.of_bytes_exn Signature.Secret_key.encoding sk); - return a - | None -> - passwd_ask_loop - cctxt ~name ~salt ~skenc >>=? fun (passwd, decrypted_sk) -> - Hashtbl.replace decrypted_sks location decrypted_sk ; - return (passwd :: a) - end - |_ -> Lwt.fail Exit - end [] sks +let ask_all_passwords (cctxt : #Client_context.io_wallet) sks = + fold_left_s begin fun a (name, skloc) -> + if Secret_key_locator.scheme skloc <> scheme then + return a + else + match Secret_key_locator.location skloc with + |location :: _ -> begin + match Base58.safe_decode location with + | None -> Lwt.fail Exit + | Some payload -> + let salt, skenc = salt_skenc_of_skloc payload in + match decrypt_sk skenc salt a with + | Some sk -> + Hashtbl.replace decrypted_sks location + (Data_encoding.Binary.of_bytes_exn Signature.Secret_key.encoding sk); + return a + | None -> + passwd_ask_loop + cctxt ~name ~salt ~skenc >>=? fun (passwd, decrypted_sk) -> + Hashtbl.replace decrypted_sks location decrypted_sk ; + return (passwd :: a) + end + |_ -> Lwt.fail Exit + end [] sks - let init cctxt = - Secret_key.load cctxt >>=? fun sks -> - Lwt.try_bind - (fun () -> ask_all_passwords cctxt sks) - (fun _ -> return ()) - (fun _ -> failwith "Corrupted secret key database. Aborting.") +let init cctxt = + Secret_key.load cctxt >>=? fun sks -> + Lwt.try_bind + (fun () -> ask_all_passwords cctxt sks) + (fun _ -> return ()) + (fun _ -> failwith "Corrupted secret key database. Aborting.") - let input_new_passphrase (cctxt : #Client_context.io_wallet) = - cctxt#prompt_password "Enter passphrase to encrypt your key: " >>=? fun password -> - cctxt#prompt_password "Confirm passphrase: " >>=? fun confirm -> - if password <> confirm then - failwith "Passphrases do not match." - else return password +let input_new_passphrase (cctxt : #Client_context.io_wallet) = + cctxt#prompt_password "Enter passphrase to encrypt your key: " >>=? fun password -> + cctxt#prompt_password "Confirm passphrase: " >>=? fun confirm -> + if password <> confirm then + failwith "Passphrases do not match." + else return password - let encrypt_sk cctxt sk = - input_new_passphrase cctxt >>=? fun password -> - let salt = Rand.generate salt_len in - let key = Crypto_box.Secretbox.unsafe_of_bytes (pbkdf ~password ~salt) in - let msg = Data_encoding.Binary.to_bytes_exn Signature.Secret_key.encoding sk in - let encrypted_passwd = Crypto_box.Secretbox.box key msg nonce in - let payload = MBytes.(to_string (concat "" [salt; encrypted_passwd])) in - let location = Base58.safe_encode payload in - Hashtbl.replace decrypted_sks location sk ; - return (Secret_key_locator.create ~scheme ~location:[location]) +let encrypt_sk cctxt sk = + input_new_passphrase cctxt >>=? fun password -> + let salt = Rand.generate salt_len in + let key = Crypto_box.Secretbox.unsafe_of_bytes (pbkdf ~password ~salt) in + let msg = Data_encoding.Binary.to_bytes_exn Signature.Secret_key.encoding sk in + let encrypted_passwd = Crypto_box.Secretbox.box key msg nonce in + let payload = MBytes.(to_string (concat "" [salt; encrypted_passwd])) in + let location = Base58.safe_encode payload in + Hashtbl.replace decrypted_sks location sk ; + return (Secret_key_locator.create ~scheme ~location:[location]) - let rec get_boolean_answer (cctxt : #Client_context.io_wallet) ~default ~msg = - let prompt = if default then "(Y/n/q)" else "(y/N/q)" in - cctxt#prompt "%s %s: " msg prompt >>=? fun gen -> - match default, String.lowercase_ascii gen with - | default, "" -> return default - | _, "y" -> return true - | _, "n" -> return false - | _, "q" -> failwith "Exit by user request." - | _ -> get_boolean_answer cctxt ~msg ~default +let rec get_boolean_answer (cctxt : #Client_context.io_wallet) ~default ~msg = + let prompt = if default then "(Y/n/q)" else "(y/N/q)" in + cctxt#prompt "%s %s: " msg prompt >>=? fun gen -> + match default, String.lowercase_ascii gen with + | default, "" -> return default + | _, "y" -> return true + | _, "n" -> return false + | _, "q" -> failwith "Exit by user request." + | _ -> get_boolean_answer cctxt ~msg ~default - let rec sk_of_mnemonic (cctxt : #Client_context.io_wallet) = - cctxt#prompt "Enter the e-mail used for the paper wallet: " >>=? fun email -> - let rec loop_words acc i = - if i > 14 then return (List.rev acc) else - cctxt#prompt_password "Enter word %d: " i >>=? fun word -> - match Bip39.index_of_word (MBytes.to_string word) with - | None -> loop_words acc i - | Some wordidx -> loop_words (wordidx :: acc) (succ i) in - loop_words [] 0 >>=? fun words -> - match Bip39.of_indices words with - | None -> assert false - | Some t -> - cctxt#prompt_password - "Enter the password used for the paper wallet: " >>=? fun password -> - (* TODO: unicode normalization (NFKD)... *) - let sk = Bip39.to_seed ~passphrase:(email ^ MBytes.to_string password) t in - let sk = Cstruct.(to_bigarray (sub sk 0 32)) in - let sk : Signature.Secret_key.t = - Ed25519 - (Data_encoding.Binary.of_bytes_exn Ed25519.Secret_key.encoding sk) in - let pk = Signature.Secret_key.to_public_key sk in - let pkh = Signature.Public_key.hash pk in - let msg = Format.asprintf - "Your public Tezos address is %a is that correct?" - Signature.Public_key_hash.pp pkh in - get_boolean_answer cctxt ~msg ~default:true >>=? function - | true -> return sk - | false -> sk_of_mnemonic cctxt +let rec sk_of_mnemonic (cctxt : #Client_context.io_wallet) = + cctxt#prompt "Enter the e-mail used for the paper wallet: " >>=? fun email -> + let rec loop_words acc i = + if i > 14 then return (List.rev acc) else + cctxt#prompt_password "Enter word %d: " i >>=? fun word -> + match Bip39.index_of_word (MBytes.to_string word) with + | None -> loop_words acc i + | Some wordidx -> loop_words (wordidx :: acc) (succ i) in + loop_words [] 0 >>=? fun words -> + match Bip39.of_indices words with + | None -> assert false + | Some t -> + cctxt#prompt_password + "Enter the password used for the paper wallet: " >>=? fun password -> + (* TODO: unicode normalization (NFKD)... *) + let sk = Bip39.to_seed ~passphrase:(email ^ MBytes.to_string password) t in + let sk = Cstruct.(to_bigarray (sub sk 0 32)) in + let sk : Signature.Secret_key.t = + Ed25519 + (Data_encoding.Binary.of_bytes_exn Ed25519.Secret_key.encoding sk) in + let pk = Signature.Secret_key.to_public_key sk in + let pkh = Signature.Public_key.hash pk in + let msg = Format.asprintf + "Your public Tezos address is %a is that correct?" + Signature.Public_key_hash.pp pkh in + get_boolean_answer cctxt ~msg ~default:true >>=? function + | true -> return sk + | false -> sk_of_mnemonic cctxt - let sk_locator_of_human_input cctxt = function - | sk :: _ -> - Lwt.return (Signature.Secret_key.of_b58check sk) >>=? fun sk -> - encrypt_sk cctxt sk - | [] -> begin - get_boolean_answer - cctxt ~msg:"Generate a new key" ~default:true >>=? function - | true -> - let _, _, sk = Signature.generate_key () in - encrypt_sk cctxt sk - | false -> - get_boolean_answer cctxt - ~msg:"Import key from fundraiser" ~default:true >>=? function - | false -> failwith "Goodbye." - | true -> - sk_of_mnemonic cctxt >>=? fun sk -> - encrypt_sk cctxt sk - end +let sk_locator_of_human_input cctxt = function + | sk :: _ -> + Lwt.return (Signature.Secret_key.of_b58check sk) >>=? fun sk -> + encrypt_sk cctxt sk + | [] -> begin + get_boolean_answer + cctxt ~msg:"Generate a new key" ~default:true >>=? function + | true -> + let _, _, sk = Signature.generate_key () in + encrypt_sk cctxt sk + | false -> + get_boolean_answer cctxt + ~msg:"Import key from fundraiser" ~default:true >>=? function + | false -> failwith "Goodbye." + | true -> + sk_of_mnemonic cctxt >>=? fun sk -> + encrypt_sk cctxt sk + end - let pk_locator_of_human_input _cctxt = function - | [] -> failwith "Missing public key argument." - | pk :: _ -> return (Public_key_locator.create ~scheme ~location:[pk]) +let pk_locator_of_human_input _cctxt = function + | [] -> failwith "Missing public key argument." + | pk :: _ -> return (Public_key_locator.create ~scheme ~location:[pk]) - let sk_of_locator = function - | (Sk_locator { location = [location] }) -> begin - match Hashtbl.find decrypted_sks location with - | exception Not_found -> failwith "Unknown secret key location." - | sk -> return sk - end - | (Sk_locator { location = _ }) -> - failwith "Wrong location type." +let sk_of_locator = function + | (Sk_locator { location = [location] }) -> begin + match Hashtbl.find decrypted_sks location with + | exception Not_found -> failwith "Unknown secret key location." + | sk -> return sk + end + | (Sk_locator { location = _ }) -> + failwith "Wrong location type." - let pk_of_locator = function - |(Pk_locator { location = [location] }) -> - Lwt.return (Signature.Public_key.of_b58check location) - |(Pk_locator { location = _ }) -> - failwith "Wrong location type." +let pk_of_locator = function + |(Pk_locator { location = [location] }) -> + Lwt.return (Signature.Public_key.of_b58check location) + |(Pk_locator { location = _ }) -> + failwith "Wrong location type." - let sk_to_locator sk = - Secret_key_locator.create - ~scheme ~location:[Signature.Secret_key.to_b58check sk] |> - Lwt.return +let sk_to_locator sk = + Secret_key_locator.create + ~scheme ~location:[Signature.Secret_key.to_b58check sk] |> + Lwt.return - let pk_to_locator pk = - Public_key_locator.create - ~scheme ~location:[Signature.Public_key.to_b58check pk] |> - Lwt.return +let pk_to_locator pk = + Public_key_locator.create + ~scheme ~location:[Signature.Public_key.to_b58check pk] |> + Lwt.return - let neuterize x = Lwt.return (Signature.Secret_key.to_public_key x) - let public_key x = return x - let public_key_hash x = return (Signature.Public_key.hash x) - let sign ?watermark t buf = return (Signature.sign ?watermark t buf) -end - -let () = - register_signer (module Encrypted_signer) +let neuterize x = Lwt.return (Signature.Secret_key.to_public_key x) +let public_key x = return x +let public_key_hash x = return (Signature.Public_key.hash x) +let sign ?watermark t buf = return (Signature.sign ?watermark t buf) diff --git a/src/lib_signer_backends/encrypted.mli b/src/lib_signer_backends/encrypted.mli new file mode 100644 index 000000000..ab4fbe3b2 --- /dev/null +++ b/src/lib_signer_backends/encrypted.mli @@ -0,0 +1,10 @@ +(**************************************************************************) +(* *) +(* Copyright (c) 2014 - 2017. *) +(* Dynamic Ledger Solutions, Inc. *) +(* *) +(* All rights reserved. No warranty, explicit or implicit, provided. *) +(* *) +(**************************************************************************) + +include Client_keys.SIGNER diff --git a/src/lib_signer_backends/jbuild b/src/lib_signer_backends/jbuild index 9944babab..b694ab211 100644 --- a/src/lib_signer_backends/jbuild +++ b/src/lib_signer_backends/jbuild @@ -15,7 +15,7 @@ -open Tezos_client_base -open Tezos_signer_services -open Tezos_rpc_http - -linkall -w -9)))) + -w -9)))) (alias ((name runtest_indent) diff --git a/src/lib_signer_backends/remote.ml b/src/lib_signer_backends/remote.ml index d43fcfd37..f33950345 100644 --- a/src/lib_signer_backends/remote.ml +++ b/src/lib_signer_backends/remote.ml @@ -166,5 +166,4 @@ module Remote_signer : SIGNER = struct end -let () = - register_signer (module Remote_signer) +include Remote_signer diff --git a/src/lib_signer_backends/remote.mli b/src/lib_signer_backends/remote.mli new file mode 100644 index 000000000..ab4fbe3b2 --- /dev/null +++ b/src/lib_signer_backends/remote.mli @@ -0,0 +1,10 @@ +(**************************************************************************) +(* *) +(* Copyright (c) 2014 - 2017. *) +(* Dynamic Ledger Solutions, Inc. *) +(* *) +(* All rights reserved. No warranty, explicit or implicit, provided. *) +(* *) +(**************************************************************************) + +include Client_keys.SIGNER diff --git a/src/lib_signer_backends/unencrypted.ml b/src/lib_signer_backends/unencrypted.ml index 3adfcafd4..43f6be584 100644 --- a/src/lib_signer_backends/unencrypted.ml +++ b/src/lib_signer_backends/unencrypted.ml @@ -9,65 +9,60 @@ open Client_keys -module Unencrypted_signer : SIGNER = struct - let scheme = "unencrypted" +let scheme = "unencrypted" - let title = - "Built-in signer using raw unencrypted keys." +let title = + "Built-in signer using raw unencrypted keys." - let description = - "Do not use this signer except for playing on the test chain.\n\ - The format for importing secret keys is either no argument (will \ - generate a key) or the raw Base58-encoded key (starting with \ - 'edsk').\n\ - The format for importing public keys is the raw Base58-encoded \ - key (starting with 'edpk')." +let description = + "Do not use this signer except for playing on the test chain.\n\ + The format for importing secret keys is either no argument (will \ + generate a key) or the raw Base58-encoded key (starting with \ + 'edsk').\n\ + The format for importing public keys is the raw Base58-encoded \ + key (starting with 'edpk')." - type secret_key = Signature.Secret_key.t - type public_key = Signature.Public_key.t +type secret_key = Signature.Secret_key.t +type public_key = Signature.Public_key.t - let init _wallet = return () +let init _wallet = return () - let sk_locator_of_human_input _cctxt = function - | sk :: _ -> - return (Secret_key_locator.create ~scheme ~location:[sk]) - | [] -> - let _, _, sk = Ed25519.generate_key () in - return (Secret_key_locator.create ~scheme - ~location:[Ed25519.Secret_key.to_b58check sk]) +let sk_locator_of_human_input _cctxt = function + | sk :: _ -> + return (Secret_key_locator.create ~scheme ~location:[sk]) + | [] -> + let _, _, sk = Ed25519.generate_key () in + return (Secret_key_locator.create ~scheme + ~location:[Ed25519.Secret_key.to_b58check sk]) - let pk_locator_of_human_input _cctxt = function - | [] -> failwith "Missing public key argument" - | pk :: _ -> return (Public_key_locator.create ~scheme ~location:[pk]) +let pk_locator_of_human_input _cctxt = function + | [] -> failwith "Missing public key argument" + | pk :: _ -> return (Public_key_locator.create ~scheme ~location:[pk]) - let sk_of_locator = function - |(Sk_locator { location = ( location :: _ ) }) -> - Lwt.return (Signature.Secret_key.of_b58check location) - |(Sk_locator { location = _ }) -> - failwith "Wrong type of location" +let sk_of_locator = function + |(Sk_locator { location = ( location :: _ ) }) -> + Lwt.return (Signature.Secret_key.of_b58check location) + |(Sk_locator { location = _ }) -> + failwith "Wrong type of location" - let pk_of_locator = function - |(Pk_locator { location = ( location :: _ ) }) -> - Lwt.return (Signature.Public_key.of_b58check location) - |(Pk_locator { location = _ }) -> - failwith "Wrong type of location" +let pk_of_locator = function + |(Pk_locator { location = ( location :: _ ) }) -> + Lwt.return (Signature.Public_key.of_b58check location) + |(Pk_locator { location = _ }) -> + failwith "Wrong type of location" - let sk_to_locator sk = - Secret_key_locator.create - ~scheme ~location:[Signature.Secret_key.to_b58check sk] |> - Lwt.return +let sk_to_locator sk = + Secret_key_locator.create + ~scheme ~location:[Signature.Secret_key.to_b58check sk] |> + Lwt.return - let pk_to_locator pk = - Public_key_locator.create - ~scheme ~location:[Signature.Public_key.to_b58check pk] |> - Lwt.return +let pk_to_locator pk = + Public_key_locator.create + ~scheme ~location:[Signature.Public_key.to_b58check pk] |> + Lwt.return - let neuterize x = Lwt.return (Signature.Secret_key.to_public_key x) - let public_key x = return x - let public_key_hash x = return (Signature.Public_key.hash x) - let sign ?watermark t buf = return (Signature.sign ?watermark t buf) -end - -let () = - register_signer (module Unencrypted_signer) +let neuterize x = Lwt.return (Signature.Secret_key.to_public_key x) +let public_key x = return x +let public_key_hash x = return (Signature.Public_key.hash x) +let sign ?watermark t buf = return (Signature.sign ?watermark t buf) diff --git a/src/lib_signer_backends/unencrypted.mli b/src/lib_signer_backends/unencrypted.mli new file mode 100644 index 000000000..ab4fbe3b2 --- /dev/null +++ b/src/lib_signer_backends/unencrypted.mli @@ -0,0 +1,10 @@ +(**************************************************************************) +(* *) +(* Copyright (c) 2014 - 2017. *) +(* Dynamic Ledger Solutions, Inc. *) +(* *) +(* All rights reserved. No warranty, explicit or implicit, provided. *) +(* *) +(**************************************************************************) + +include Client_keys.SIGNER diff --git a/src/proto_alpha/lib_baking/test/proto_alpha_helpers.ml b/src/proto_alpha/lib_baking/test/proto_alpha_helpers.ml index d2642d592..fa59bed2c 100644 --- a/src/proto_alpha/lib_baking/test/proto_alpha_helpers.ml +++ b/src/proto_alpha/lib_baking/test/proto_alpha_helpers.ml @@ -616,3 +616,7 @@ let display_level block = let endorsement_security_deposit block = Constants_services.endorsement_security_deposit !rpc_ctxt block + +let () = + Client_keys.register_signer + (module Tezos_signer_backends.Unencrypted)