diff --git a/CHANGELOG.adoc b/CHANGELOG.adoc index 69456ab42d..6b61863bc0 100644 --- a/CHANGELOG.adoc +++ b/CHANGELOG.adoc @@ -19,6 +19,18 @@ This commit also upgrades tokio and reqwest in order to work correctly. There ar Renamed the `project_name` in our own generated assets to `canister_name`, for things that are generated during canister build (and not project generation). +=== feat: add support for ECDSA on secp256k1 + +You can now a generate private key via OpenSSL or a simlar tool, import it into dfx, and use it to sign an ingress message. + +[source, bash] +---- +openssl ecparam -name secp256k1 -genkey -out identity.pem +dfx identity import identity.pem +dfx identity use +dfx canister call ... +---- + == Asset Canister === feat: The asset canister can now store assets that exceed the message ingress limit (2 MB) diff --git a/Cargo.lock b/Cargo.lock index 787cacc07b..d9be03e5f5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1907,7 +1907,7 @@ dependencies = [ [[package]] name = "ic-agent" version = "0.2.0" -source = "git+https://github.com/dfinity/agent-rs.git?branch=next#e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +source = "git+https://github.com/dfinity/agent-rs.git?branch=next#258ea302177856a21396fbf60ffcc712fc1f36fd" dependencies = [ "async-trait", "base32", @@ -1938,7 +1938,7 @@ dependencies = [ [[package]] name = "ic-identity-hsm" version = "0.2.0" -source = "git+https://github.com/dfinity/agent-rs.git?branch=next#e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +source = "git+https://github.com/dfinity/agent-rs.git?branch=next#258ea302177856a21396fbf60ffcc712fc1f36fd" dependencies = [ "hex", "ic-agent", @@ -1953,7 +1953,7 @@ dependencies = [ [[package]] name = "ic-types" version = "0.1.2" -source = "git+https://github.com/dfinity/agent-rs.git?branch=next#e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +source = "git+https://github.com/dfinity/agent-rs.git?branch=next#258ea302177856a21396fbf60ffcc712fc1f36fd" dependencies = [ "base32", "crc32fast", @@ -1965,7 +1965,7 @@ dependencies = [ [[package]] name = "ic-utils" version = "0.2.0" -source = "git+https://github.com/dfinity/agent-rs.git?branch=next#e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +source = "git+https://github.com/dfinity/agent-rs.git?branch=next#258ea302177856a21396fbf60ffcc712fc1f36fd" dependencies = [ "async-trait", "candid", diff --git a/Cargo.toml b/Cargo.toml index 0c02f892d0..32af5f6679 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -7,22 +7,22 @@ members = [ version = "0.2.0" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" [patch.crates-io.ic-identity-hsm] version = "0.2.0" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" [patch.crates-io.ic-types] version = "0.1.2" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" [patch.crates-io.ic-utils] version = "0.2.0" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" diff --git a/e2e/assets/whoami/Main.mo b/e2e/assets/whoami/Main.mo new file mode 100644 index 0000000000..903d76abb1 --- /dev/null +++ b/e2e/assets/whoami/Main.mo @@ -0,0 +1,5 @@ +actor WhoAmI { + public shared ({caller}) func whoami() : async Principal { + return caller; + }; +}; diff --git a/e2e/assets/whoami/dfx.json b/e2e/assets/whoami/dfx.json new file mode 100644 index 0000000000..20497aa2dc --- /dev/null +++ b/e2e/assets/whoami/dfx.json @@ -0,0 +1,7 @@ +{ + "canisters": { + "whoami": { + "main": "Main.mo" + } + } +} diff --git a/e2e/assets/whoami/patch.bash b/e2e/assets/whoami/patch.bash new file mode 100644 index 0000000000..be830bd8c9 --- /dev/null +++ b/e2e/assets/whoami/patch.bash @@ -0,0 +1 @@ +# nothing to do diff --git a/e2e/tests-dfx/assetscanister.bash b/e2e/tests-dfx/assetscanister.bash index 9e2d2d2ab0..2cb35f5836 100644 --- a/e2e/tests-dfx/assetscanister.bash +++ b/e2e/tests-dfx/assetscanister.bash @@ -67,25 +67,22 @@ CHERRIES" "$stdout" [ "$USE_IC_REF" ] && skip "skip for ic-ref" # this takes too long for ic-ref's wasm interpreter install_asset assetscanister + dd if=/dev/urandom of=src/e2e_project_assets/assets/large-asset.bin bs=1000000 count=6 dfx_start - dfx canister create --all + dfx canister --no-wallet create --all dfx build - dfx canister install e2e_project_assets - - dd if=/dev/urandom of=src/e2e_project_assets/assets/large-asset.bin bs=1000000 count=6 - - dfx deploy + dfx canister --no-wallet install --memory-allocation 15mb e2e_project_assets - assert_command dfx canister call --query e2e_project_assets get '(record{key="/large-asset.bin";accept_encodings=vec{"identity"}})' + assert_command dfx canister --no-wallet call --query e2e_project_assets get '(record{key="/large-asset.bin";accept_encodings=vec{"identity"}})' assert_match 'total_length = 6_000_000' assert_match 'content_type = "application/octet-stream"' assert_match 'content_encoding = "identity"' - assert_command dfx canister call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=2})' + assert_command dfx canister --no-wallet call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=2})' - assert_command dfx canister call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=3})' - assert_command_fail dfx canister call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=4})' + assert_command dfx canister --no-wallet call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=3})' + assert_command_fail dfx canister --no-wallet call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=4})' } @test "list() and keys() return asset keys" { diff --git a/e2e/tests-dfx/secp256k1.bash b/e2e/tests-dfx/secp256k1.bash new file mode 100644 index 0000000000..84ef43a43f --- /dev/null +++ b/e2e/tests-dfx/secp256k1.bash @@ -0,0 +1,29 @@ +#!/usr/bin/env bats + +load ../utils/_ + +setup() { + # We want to work from a different temporary directory for every test. + x=$(mktemp -d -t dfx-identity-home-XXXXXXXX) + export TEMPORARY_HOME="$x" + export HOME="$TEMPORARY_HOME" + cd "$HOME" || exit +} + +teardown() { + dfx_stop + rm -rf "$TEMPORARY_HOME" +} + +@test "can call a canister using a secp256k1 identity" { + openssl ecparam -name secp256k1 -genkey -out identity.pem + assert_command dfx identity import secp256k1 identity.pem + dfx identity use secp256k1 + install_asset whoami + dfx_start + dfx canister create whoami + dfx build + dfx canister install whoami + assert_command dfx canister --no-wallet call whoami whoami + assert_match "$(dfx identity get-principal)" +} diff --git a/nix/sources.json b/nix/sources.json index 33f37dedee..21b315fe7a 100644 --- a/nix/sources.json +++ b/nix/sources.json @@ -6,10 +6,10 @@ "homepage": "https://rustsec.org", "owner": "RustSec", "repo": "advisory-db", - "rev": "f960a5036487fbcc93fa1e36c390804991e4c13c", - "sha256": "1fa6if919g4x09d3kaig28wn5s68q50534bn47q7dp98yqy90bwd", + "rev": "0283f676aca9ff9c925a38babb8df594ef20b580", + "sha256": "067d3pbrp20fvqy9znkkfkj9dpxipyx4fbpkhlpkq8v5hn1vhbl7", "type": "tarball", - "url": "https://github.com/RustSec/advisory-db/archive/f960a5036487fbcc93fa1e36c390804991e4c13c.tar.gz", + "url": "https://github.com/RustSec/advisory-db/archive/0283f676aca9ff9c925a38babb8df594ef20b580.tar.gz", "url_template": "https://github.com///archive/.tar.gz" }, "agent-js-monorepo": { @@ -38,21 +38,22 @@ "type": "git" }, "dfinity": { + "branch": "master", "repo": "ssh://git@github.com/dfinity-lab/dfinity", - "rev": "fc46573d03d0024b85eae4f93ce8dc823308fcfd", - "tag": "release-2020-11-26.RC01", + "rev": "a7d3a895e7c7f684a4c983f226adf5d41e29a64f", "type": "git" }, "ic-ref": { "branch": "release-0.15", "repo": "ssh://git@github.com/dfinity-lab/ic-ref", - "rev": "3716b934e8699aea3423535fc69c0f6b077ba842", + "rev": "f20ebb5282f27d4f23b485f713fd15809627c38d", "type": "git" }, "motoko": { "branch": "release", - "repo": "ssh://git@github.com/dfinity-lab/motoko", - "rev": "be50f210e439228baed13914b2093aa8e71ce2ed", + "repo": "ssh://git@github.com/dfinity/motoko", + "rev": "43f3547ccbf7d48e5d25e1bf5222f11df8df2940", + "tag": "0.5.10", "type": "git" }, "napalm": { diff --git a/src/dfx/Cargo.toml b/src/dfx/Cargo.toml index f647687d0d..aa99cc6e01 100644 --- a/src/dfx/Cargo.toml +++ b/src/dfx/Cargo.toml @@ -76,26 +76,26 @@ webpki-roots = "0.21.0" version = "0.2.0" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" features = ["reqwest"] [dependencies.ic-identity-hsm] version = "0.2.0" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" [dependencies.ic-types] version = "0.1.2" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" [dependencies.ic-utils] version = "0.2.0" git = "https://github.com/dfinity/agent-rs.git" branch = "next" -rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110" +rev = "258ea302177856a21396fbf60ffcc712fc1f36fd" [dev-dependencies] env_logger = "0.6" diff --git a/src/dfx/src/actors/replica.rs b/src/dfx/src/actors/replica.rs index 49aaa369ea..c92d1ff722 100644 --- a/src/dfx/src/actors/replica.rs +++ b/src/dfx/src/actors/replica.rs @@ -280,6 +280,8 @@ fn replica_start_thread( config.state_manager.state_root.to_str().unwrap_or_default(), "--create-funds-whitelist", "*", + "--consensus-pool-backend", + "rocksdb", ]); if let Some(port) = port { cmd.args(&["--http-port", &port.to_string()]); diff --git a/src/dfx/src/lib/identity/mod.rs b/src/dfx/src/lib/identity/mod.rs index 513a3c63aa..8a2ee05cdc 100644 --- a/src/dfx/src/lib/identity/mod.rs +++ b/src/dfx/src/lib/identity/mod.rs @@ -12,7 +12,7 @@ use crate::lib::waiter::waiter_with_timeout; use crate::util; use anyhow::{anyhow, bail, Context}; -use ic_agent::identity::BasicIdentity; +use ic_agent::identity::{BasicIdentity, Secp256k1Identity}; use ic_agent::Signature; use ic_identity_hsm::HardwareIdentity; use ic_types::Principal; @@ -118,6 +118,23 @@ impl Identity { }) } + fn load_secp256k1_identity(manager: &IdentityManager, name: &str) -> DfxResult { + let dir = manager.get_identity_dir_path(name); + let pem_path = dir.join(IDENTITY_PEM); + let inner = Box::new(Secp256k1Identity::from_pem_file(&pem_path).map_err(|e| { + DfxError::new(IdentityError::CannotReadIdentityFile( + pem_path.clone(), + Box::new(DfxError::new(e)), + )) + })?); + + Ok(Self { + name: name.to_string(), + inner, + dir: manager.get_identity_dir_path(name), + }) + } + fn load_hardware_identity( manager: &IdentityManager, name: &str, @@ -149,7 +166,8 @@ impl Identity { })?; Identity::load_hardware_identity(manager, name, hsm) } else { - Identity::load_basic_identity(manager, name) + Identity::load_secp256k1_identity(manager, name) + .or_else(|_| Identity::load_basic_identity(manager, name)) } }