Client: more caching of public keys

This commit is contained in:
Benjamin Canou 2018-06-17 00:07:58 +02:00
parent 66c9caedd6
commit 2976353636
9 changed files with 23 additions and 11 deletions

View File

@ -53,7 +53,7 @@ let sign
end >>=? fun () -> end >>=? fun () ->
Client_keys.get_key cctxt pkh >>=? fun (name, _pkh, sk_uri) -> Client_keys.get_key cctxt pkh >>=? fun (name, _pkh, sk_uri) ->
log "Signing data for key %s" name >>= fun () -> log "Signing data for key %s" name >>= fun () ->
Client_keys.sign sk_uri data >>=? fun signature -> Client_keys.sign cctxt sk_uri data >>=? fun signature ->
return signature return signature
let public_key (cctxt : #Client_context.wallet) pkh = let public_key (cctxt : #Client_context.wallet) pkh =

View File

@ -176,20 +176,30 @@ let public_key_hash pk_uri =
public_key pk_uri >>=? fun pk -> public_key pk_uri >>=? fun pk ->
return (Signature.Public_key.hash pk, Some pk) return (Signature.Public_key.hash pk, Some pk)
let sign ?watermark sk_uri buf = let sign cctxt ?watermark sk_uri buf =
let scheme = Option.unopt ~default:"" (Uri.scheme sk_uri) in let scheme = Option.unopt ~default:"" (Uri.scheme sk_uri) in
find_signer_for_key ~scheme >>=? fun signer -> find_signer_for_key ~scheme >>=? fun signer ->
let module Signer = (val signer : SIGNER) in let module Signer = (val signer : SIGNER) in
Signer.sign ?watermark sk_uri buf >>=? fun signature -> Signer.sign ?watermark sk_uri buf >>=? fun signature ->
Signer.neuterize sk_uri >>=? fun pk_uri -> Signer.neuterize sk_uri >>=? fun pk_uri ->
public_key pk_uri >>=? fun pubkey -> Secret_key.rev_find cctxt sk_uri >>=? begin function
| None ->
public_key pk_uri
| Some name ->
Public_key.find cctxt name >>=? function
| (_, None) ->
public_key pk_uri >>=? fun pk ->
Public_key.update cctxt name (pk_uri, Some pk) >>=? fun () ->
return pk
| (_, Some pubkey) -> return pubkey
end >>=? fun pubkey ->
fail_unless fail_unless
(Signature.check ?watermark pubkey signature buf) (Signature.check ?watermark pubkey signature buf)
(Signature_mismatch sk_uri) >>=? fun () -> (Signature_mismatch sk_uri) >>=? fun () ->
return signature return signature
let append ?watermark loc buf = let append cctxt ?watermark loc buf =
sign ?watermark loc buf >>|? fun signature -> sign cctxt ?watermark loc buf >>|? fun signature ->
Signature.concat buf signature Signature.concat buf signature
let check ?watermark pk_uri signature buf = let check ?watermark pk_uri signature buf =

View File

@ -76,10 +76,12 @@ val public_key_hash : pk_uri -> (Signature.Public_key_hash.t * Signature.Public_
val neuterize : sk_uri -> pk_uri tzresult Lwt.t val neuterize : sk_uri -> pk_uri tzresult Lwt.t
val sign : val sign :
#Client_context.wallet ->
?watermark:Signature.watermark -> ?watermark:Signature.watermark ->
sk_uri -> MBytes.t -> Signature.t tzresult Lwt.t sk_uri -> MBytes.t -> Signature.t tzresult Lwt.t
val append : val append :
#Client_context.wallet ->
?watermark:Signature.watermark -> ?watermark:Signature.watermark ->
sk_uri -> MBytes.t -> MBytes.t tzresult Lwt.t sk_uri -> MBytes.t -> MBytes.t tzresult Lwt.t

View File

@ -121,7 +121,7 @@ let main select_commands =
| _ -> None) | _ -> None)
keys with keys with
| sk_uri :: _ -> | sk_uri :: _ ->
Client_keys.sign sk_uri payload Client_keys.sign client_config sk_uri payload
| [] -> failwith | [] -> failwith
"remote signer expects authentication signature, \ "remote signer expects authentication signature, \
but no authorized key was found in the wallet" but no authorized key was found in the wallet"

View File

@ -103,7 +103,7 @@ let inject_endorsement
~level:level ~level:level
~slots ~slots
() >>=? fun bytes -> () >>=? fun bytes ->
Client_keys.append Client_keys.append cctxt
src_sk ~watermark:Endorsement bytes >>=? fun signed_bytes -> src_sk ~watermark:Endorsement bytes >>=? fun signed_bytes ->
Shell_services.Injection.operation cctxt ?async ~chain signed_bytes >>=? fun oph -> Shell_services.Injection.operation cctxt ?async ~chain signed_bytes >>=? fun oph ->
iter_s iter_s

View File

@ -37,7 +37,7 @@ let forge_block_header
Data_encoding.Binary.to_bytes_exn Data_encoding.Binary.to_bytes_exn
Alpha_context.Block_header.unsigned_encoding Alpha_context.Block_header.unsigned_encoding
(shell, contents) in (shell, contents) in
Client_keys.append delegate_sk ~watermark:Block_header unsigned_header Client_keys.append cctxt delegate_sk ~watermark:Block_header unsigned_header
else else
loop () in loop () in
loop () loop ()

View File

@ -125,7 +125,7 @@ let hash_and_sign
sk = sk =
Alpha_services.Helpers.Scripts.hash_data Alpha_services.Helpers.Scripts.hash_data
cctxt (chain, block) (data.expanded, typ.expanded, gas) >>=? fun (hash, gas) -> cctxt (chain, block) (data.expanded, typ.expanded, gas) >>=? fun (hash, gas) ->
Client_keys.sign sk (MBytes.of_string hash) >>=? fun signature -> Client_keys.sign cctxt sk (MBytes.of_string hash) >>=? fun signature ->
return (hash, Signature.to_b58check signature, gas) return (hash, Signature.to_b58check signature, gas)
let typecheck_data let typecheck_data

View File

@ -48,7 +48,7 @@ let preapply (type t)
match src_sk with match src_sk with
| None -> return None | None -> return None
| Some src_sk -> | Some src_sk ->
Client_keys.sign Client_keys.sign cctxt
~watermark src_sk bytes >>=? fun signature -> ~watermark src_sk bytes >>=? fun signature ->
return (Some signature) return (Some signature)
end >>=? fun signature -> end >>=? fun signature ->

View File

@ -19,7 +19,7 @@ let bake cctxt ?(timestamp = Time.now ()) block command sk =
cctxt ~block ~timestamp ~protocol_data cctxt ~block ~timestamp ~protocol_data
[] >>=? fun (shell_header, _) -> [] >>=? fun (shell_header, _) ->
let blk = Data.Command.forge shell_header command in let blk = Data.Command.forge shell_header command in
Client_keys.append sk blk >>=? fun signed_blk -> Client_keys.append cctxt sk blk >>=? fun signed_blk ->
Shell_services.Injection.block cctxt signed_blk [] Shell_services.Injection.block cctxt signed_blk []
let int64_parameter = let int64_parameter =