balsoft/ligo
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Client: add an option to encrypt faucet accounts and imported keys

Browse Source
This commit is contained in:
Grégoire Henry 2018-05-26 13:38:07 +02:00
parent f69d4a5186
commit 57663a95e9
5 changed files with 65 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/lib_client_commands/client_keys_commands.ml
View File

@ -13,6 +13,17 @@ let group =
{ Clic.name = "keys" ; { Clic.name = "keys" ;
title = "Commands for managing the wallet of cryptographic keys" } title = "Commands for managing the wallet of cryptographic keys" }
let encrypted_switch () =
if List.exists
(fun (_, (module Signer : Client_keys.SIGNER)) ->
Signer.scheme = Tezos_signer_backends.Unencrypted.scheme)
(Client_keys.registered_signers ()) then
Clic.switch
~long:"encrypted"
~doc:("Encrypt the key on-disk") ()
else
Clic.constant true
let sig_algo_arg = let sig_algo_arg =
Clic.default_arg Clic.default_arg
~doc:"use custom signature algorithm" ~doc:"use custom signature algorithm"
@ -23,7 +34,7 @@ let sig_algo_arg =
(Signature.algo_param ()) (Signature.algo_param ())
let gen_keys_containing let gen_keys_containing
?(prefix=false) ?(force=false) ?(encrypted = false) ?(prefix=false) ?(force=false)
~containing ~name (cctxt : #Client_context.io_wallet) = ~containing ~name (cctxt : #Client_context.io_wallet) =
let unrepresentable = let unrepresentable =
List.filter (fun s -> not @@ Base58.Alphabet.all_in_alphabet Base58.Alphabet.bitcoin s) containing in List.filter (fun s -> not @@ Base58.Alphabet.all_in_alphabet Base58.Alphabet.bitcoin s) containing in
@ -65,7 +76,12 @@ let gen_keys_containing
if matches hash if matches hash
then then
let pk_uri = Tezos_signer_backends.Unencrypted.make_pk public_key in let pk_uri = Tezos_signer_backends.Unencrypted.make_pk public_key in
let sk_uri = Tezos_signer_backends.Unencrypted.make_sk secret_key in begin
if encrypted then
Tezos_signer_backends.Encrypted.encrypt cctxt secret_key
else
return (Tezos_signer_backends.Unencrypted.make_sk secret_key)
end >>=? fun sk_uri ->
register_key cctxt ~force register_key cctxt ~force
(public_key_hash, pk_uri, sk_uri) name >>=? fun () -> (public_key_hash, pk_uri, sk_uri) name >>=? fun () ->
return hash return hash
@ -111,33 +127,39 @@ let commands () : Client_context.io_wallet Clic.command list =
n S.title Format.pp_print_text S.description) n S.title Format.pp_print_text S.description)
signers >>= return) ; signers >>= return) ;
command ~group ~desc: "Generate a pair of (unencrypted) keys." command ~group ~desc: "Generate a pair of keys."
(args2 (Secret_key.force_switch ()) sig_algo_arg) (args3 (Secret_key.force_switch ()) sig_algo_arg (encrypted_switch ()))
(prefixes [ "gen" ; "keys" ] (prefixes [ "gen" ; "keys" ]
@@ Secret_key.fresh_alias_param @@ Secret_key.fresh_alias_param
@@ stop) @@ stop)
(fun (force, algo) name (cctxt : #Client_context.io_wallet) -> (fun (force, algo, encrypted) name (cctxt : Client_context.io_wallet) ->
Secret_key.of_fresh cctxt force name >>=? fun name -> Secret_key.of_fresh cctxt force name >>=? fun name ->
let (pkh, pk, sk) = Signature.generate_key ~algo () in let (pkh, pk, sk) = Signature.generate_key ~algo () in
let pk_uri = Tezos_signer_backends.Unencrypted.make_pk pk in let pk_uri = Tezos_signer_backends.Unencrypted.make_pk pk in
let sk_uri = Tezos_signer_backends.Unencrypted.make_sk sk in begin
if encrypted then
Tezos_signer_backends.Encrypted.encrypt cctxt sk
else
return (Tezos_signer_backends.Unencrypted.make_sk sk)
end >>=? fun sk_uri ->
register_key cctxt ~force (pkh, pk_uri, sk_uri) name) ; register_key cctxt ~force (pkh, pk_uri, sk_uri) name) ;
command ~group ~desc: "Generate (unencrypted) keys including the given string." command ~group ~desc: "Generate keys including the given string."
(args2 (args3
(switch (switch
~long:"prefix" ~long:"prefix"
~short:'P' ~short:'P'
~doc:"the key must begin with tz1[word]" ~doc:"the key must begin with tz1[word]"
()) ())
(force_switch ())) (force_switch ())
(encrypted_switch ()))
(prefixes [ "gen" ; "vanity" ; "keys" ] (prefixes [ "gen" ; "vanity" ; "keys" ]
@@ Public_key_hash.fresh_alias_param @@ Public_key_hash.fresh_alias_param
@@ prefix "matching" @@ prefix "matching"
@@ (seq_of_param @@ string ~name:"words" ~desc:"string key must contain one of these words")) @@ (seq_of_param @@ string ~name:"words" ~desc:"string key must contain one of these words"))
(fun (prefix, force) name containing (cctxt : #Client_context.io_wallet) -> (fun (prefix, force, encrypted) name containing (cctxt : Client_context.io_wallet) ->
Public_key_hash.of_fresh cctxt force name >>=? fun name -> Public_key_hash.of_fresh cctxt force name >>=? fun name ->
gen_keys_containing ~force ~prefix ~containing ~name cctxt) ; gen_keys_containing ~encrypted ~force ~prefix ~containing ~name cctxt) ;
command ~group ~desc: "Add a secret key to the wallet." command ~group ~desc: "Add a secret key to the wallet."
(args1 (Secret_key.force_switch ())) (args1 (Secret_key.force_switch ()))

2
src/lib_client_commands/client_keys_commands.mli
View File

@ -8,3 +8,5 @@
(**************************************************************************) (**************************************************************************)
val commands: unit -> Client_context.io_wallet Clic.command list val commands: unit -> Client_context.io_wallet Clic.command list
val encrypted_switch: unit -> (bool, 'a) Clic.arg

9
src/proto_alpha/lib_client/client_proto_context.ml
View File

@ -330,7 +330,7 @@ let read_key key =
return (pkh, pk, sk) return (pkh, pk, sk)
let claim_commitment (cctxt : #Proto_alpha.full) let claim_commitment (cctxt : #Proto_alpha.full)
?confirmations ?force block key name = ?(encrypted = false) ?confirmations ?force block key name =
read_key key >>=? fun (pkh, pk, sk) -> read_key key >>=? fun (pkh, pk, sk) ->
fail_unless (Signature.Public_key_hash.equal pkh (Ed25519 key.pkh)) fail_unless (Signature.Public_key_hash.equal pkh (Ed25519 key.pkh))
(failure "@[<v 2>Inconsistent activation key:@ \ (failure "@[<v 2>Inconsistent activation key:@ \
@ -346,7 +346,12 @@ let claim_commitment (cctxt : #Proto_alpha.full)
cctxt ~chain_id:bi.chain_id bytes >>=? fun oph -> cctxt ~chain_id:bi.chain_id bytes >>=? fun oph ->
operation_submitted_message cctxt oph >>=? fun () -> operation_submitted_message cctxt oph >>=? fun () ->
let pk_uri = Tezos_signer_backends.Unencrypted.make_pk pk in let pk_uri = Tezos_signer_backends.Unencrypted.make_pk pk in
let sk_uri = Tezos_signer_backends.Unencrypted.make_sk sk in begin
if encrypted then
Tezos_signer_backends.Encrypted.encrypt cctxt sk
else
return (Tezos_signer_backends.Unencrypted.make_sk sk)
end >>=? fun sk_uri ->
begin begin
match confirmations with match confirmations with
| None -> | None ->

1
src/proto_alpha/lib_client/client_proto_context.mli
View File

@ -155,6 +155,7 @@ val activation_key_encoding: activation_key Data_encoding.t
val claim_commitment: val claim_commitment:
#Proto_alpha.full -> #Proto_alpha.full ->
?encrypted:bool ->
?confirmations:int -> ?confirmations:int ->
?force:bool -> ?force:bool ->
Block_services.block -> Block_services.block ->

38
src/proto_alpha/lib_client_commands/client_proto_context_commands.ml
View File

@ -261,7 +261,10 @@ let commands () =
end; end;
command ~group ~desc:"Register and activate a predefined account using the provided activation key." command ~group ~desc:"Register and activate a predefined account using the provided activation key."
(args2 (Secret_key.force_switch ()) (Client_proto_args.no_confirmation)) (args3
(Secret_key.force_switch ())
(Client_proto_args.no_confirmation)
(Client_keys_commands.encrypted_switch ()))
(prefixes [ "activate" ; "account" ] (prefixes [ "activate" ; "account" ]
@@ Secret_key.fresh_alias_param @@ Secret_key.fresh_alias_param
@@ prefixes [ "with" ] @@ prefixes [ "with" ]
@ -269,21 +272,24 @@ let commands () =
~desc:"Activation key (as JSON file) obtained from the Tezos foundation (or the Alphanet faucet)." ~desc:"Activation key (as JSON file) obtained from the Tezos foundation (or the Alphanet faucet)."
file_parameter file_parameter
@@ stop) @@ stop)
(fun (force, no_confirmation) name activation_key_file cctxt -> (fun
Secret_key.of_fresh cctxt force name >>=? fun name -> (force, no_confirmation, encrypted)
Lwt_utils_unix.Json.read_file activation_key_file >>=? fun json -> name activation_key_file cctxt ->
match Data_encoding.Json.destruct Secret_key.of_fresh cctxt force name >>=? fun name ->
Client_proto_context.activation_key_encoding Lwt_utils_unix.Json.read_file activation_key_file >>=? fun json ->
json with match Data_encoding.Json.destruct
| exception (Data_encoding.Json.Cannot_destruct _ as exn) -> Client_proto_context.activation_key_encoding
Format.kasprintf (fun s -> failwith "%s" s) json with
"Invalid activation file: %a %a" | exception (Data_encoding.Json.Cannot_destruct _ as exn) ->
(fun ppf -> Data_encoding.Json.print_error ppf) exn Format.kasprintf (fun s -> failwith "%s" s)
Data_encoding.Json.pp json "Invalid activation file: %a %a"
| key -> (fun ppf -> Data_encoding.Json.print_error ppf) exn
let confirmations = Data_encoding.Json.pp json
if no_confirmation then None else Some 0 in | key ->
claim_commitment cctxt cctxt#block ?confirmations ~force key name let confirmations =
if no_confirmation then None else Some 0 in
claim_commitment cctxt cctxt#block
~encrypted ?confirmations ~force key name
); );
command ~group:alphanet ~desc: "Activate a protocol (Alphanet dictator only)." command ~group:alphanet ~desc: "Activate a protocol (Alphanet dictator only)."