Skip to content

feat: Secp256k1 #1445

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
enzoh merged 74 commits into from
Mar 18, 2021
Merged

feat: Secp256k1 #1445

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
74 commits
Select commit Hold shift + click to select a range
ea4187b
Implement identity import command
enzoh Feb 22, 2021
eb2ef69
Implement validation step
enzoh Feb 23, 2021
427ca24
Add end-to-end test
enzoh Feb 23, 2021
9389781
Resolve script check warning
enzoh Feb 23, 2021
a995978
Merge branch 'master' into enzoh/import
enzoh Feb 23, 2021
b27972d
Merge branch 'master' into enzoh/secp256k1
enzoh Feb 26, 2021
a0f2372
Load secp256k1 identity from file
enzoh Feb 26, 2021
28254a7
Resolve linter warning
enzoh Feb 26, 2021
1678a42
Resolve merge conflicts
enzoh Mar 4, 2021
f51d27f
Upgrade to secp256k1 compatible replica
enzoh Mar 5, 2021
2e6da46
Merge branch 'master' into enzoh/secp256k1
enzoh Mar 5, 2021
271229b
feat: add http request support to DFX
hansl Mar 4, 2021
3bcbe0a
.
hansl Mar 5, 2021
9603098
.
hansl Mar 8, 2021
b8f582a
TRRY
hansl Mar 9, 2021
778be79
.d.f.sf.
hansl Mar 9, 2021
58d770c
.
hansl Mar 9, 2021
00cb5a2
.
hansl Mar 9, 2021
0766823
.
hansl Mar 9, 2021
62ea6da
.
hansl Mar 9, 2021
5cf85b8
.
hansl Mar 9, 2021
2caf3de
.
hansl Mar 9, 2021
05f492c
.
hansl Mar 9, 2021
250d7f2
.
hansl Mar 9, 2021
edccc38
.
hansl Mar 9, 2021
e089401
.
hansl Mar 9, 2021
436e65b
.
hansl Mar 9, 2021
1e49b36
.
hansl Mar 9, 2021
d33ac64
.
hansl Mar 9, 2021
6bb539f
.
hansl Mar 9, 2021
4e13256
.
hansl Mar 9, 2021
b2c8db2
.
hansl Mar 9, 2021
3f857db
.
hansl Mar 9, 2021
be53ad8
.
hansl Mar 9, 2021
4d7d342
.
hansl Mar 9, 2021
ff62ff2
.
hansl Mar 9, 2021
e57df51
.
hansl Mar 9, 2021
b4778b3
.
hansl Mar 9, 2021
3a30334
pkgsstatic
hansl Mar 9, 2021
30e947f
fix e2e tests
hansl Mar 9, 2021
f4130d2
fix e2e tests
hansl Mar 9, 2021
a509699
fix e2e tests
hansl Mar 9, 2021
a1f83e0
change uri in asset storage
hansl Mar 9, 2021
4d09330
Bug fix
enzoh Mar 9, 2021
69f6b45
Resolve merge conflicts
enzoh Mar 9, 2021
aa8f574
Disable shellcheck warning
enzoh Mar 9, 2021
fc2f832
Explicitly match against stdout
enzoh Mar 9, 2021
1d17e91
Resolve merge conflicts
enzoh Mar 9, 2021
a85bbae
Resolve merge conflicts
enzoh Mar 9, 2021
8875d5e
Add e2e test for secp256k1 identities
enzoh Mar 9, 2021
7c8d8ba
Upgrade to latest replica version
enzoh Mar 9, 2021
95aa88c
Move into temporary directory during setup
enzoh Mar 9, 2021
f7ed7b6
Fix up secp256k1 signature encoding
enzoh Mar 9, 2021
82ed0d3
Resolve shellcheck warning
enzoh Mar 9, 2021
53ef591
Resolve shellcheck warning
enzoh Mar 9, 2021
3fb72f9
Upgrade to latest agent
enzoh Mar 9, 2021
79b27d0
Upgrade to latest agent
enzoh Mar 9, 2021
621f563
fix missing subcommand
enzoh Mar 9, 2021
8d4dfca
Upgrade to latest agent
enzoh Mar 9, 2021
e123131
Resolve merge conflicts
enzoh Mar 12, 2021
878f0c6
Add --no-wallet flag
enzoh Mar 12, 2021
e025d28
Update CHANGELOG file
enzoh Mar 12, 2021
d6e3c1f
update to replica and ic-starter with rocksdb as default consensus db
Mar 16, 2021
3775c2f
Update sources.json
p-shahi Mar 16, 2021
a335ac7
Comment out redundant deploy command
enzoh Mar 16, 2021
8b524a7
Use reinstall flag
enzoh Mar 16, 2021
ff4df4c
e2e large asset test: create large asset with rest of project assets,…
Mar 16, 2021
631ae7c
no wallet, and increase asset canister memory allocation from 10mb to…
Mar 16, 2021
d2445d1
Resolve merge conflicts
enzoh Mar 16, 2021
6ae2e5e
Use latest replica from master
enzoh Mar 17, 2021
b537e6e
Resolve merge conflicts
enzoh Mar 17, 2021
b74fe31
Add clarification to release notes
enzoh Mar 18, 2021
649a67e
Fix typo
enzoh Mar 18, 2021
1f23e6d
Merge branch 'master' into enzoh/secp256k1
enzoh Mar 18, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions CHANGELOG.adoc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,18 @@ This commit also upgrades tokio and reqwest in order to work correctly. There ar

Renamed the `project_name` in our own generated assets to `canister_name`, for things that are generated during canister build (and not project generation).

=== feat: add support for ECDSA on secp256k1

You can now a generate private key via OpenSSL or a simlar tool, import it into dfx, and use it to sign an ingress message.

[source, bash]
----
openssl ecparam -name secp256k1 -genkey -out identity.pem
dfx identity import <name> identity.pem
dfx identity use <name>
dfx canister call ...
----

== Asset Canister

=== feat: The asset canister can now store assets that exceed the message ingress limit (2 MB)
Expand Down
8 changes: 4 additions & 4 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 4 additions & 4 deletions Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,22 +7,22 @@ members = [
version = "0.2.0"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"

[patch.crates-io.ic-identity-hsm]
version = "0.2.0"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"

[patch.crates-io.ic-types]
version = "0.1.2"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"

[patch.crates-io.ic-utils]
version = "0.2.0"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "8b8699d5ba757f9a9952a3a6ded9956df6b129b0"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"
5 changes: 5 additions & 0 deletions e2e/assets/whoami/Main.mo
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
actor WhoAmI {
public shared ({caller}) func whoami() : async Principal {
return caller;
};
};
7 changes: 7 additions & 0 deletions e2e/assets/whoami/dfx.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
{
"canisters": {
"whoami": {
"main": "Main.mo"
}
}
}
1 change: 1 addition & 0 deletions e2e/assets/whoami/patch.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
# nothing to do
17 changes: 7 additions & 10 deletions e2e/tests-dfx/assetscanister.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,25 +67,22 @@ CHERRIES" "$stdout"
[ "$USE_IC_REF" ] && skip "skip for ic-ref" # this takes too long for ic-ref's wasm interpreter

install_asset assetscanister
dd if=/dev/urandom of=src/e2e_project_assets/assets/large-asset.bin bs=1000000 count=6

dfx_start
dfx canister create --all
dfx canister --no-wallet create --all
dfx build
dfx canister install e2e_project_assets

dd if=/dev/urandom of=src/e2e_project_assets/assets/large-asset.bin bs=1000000 count=6

dfx deploy
dfx canister --no-wallet install --memory-allocation 15mb e2e_project_assets

assert_command dfx canister call --query e2e_project_assets get '(record{key="/large-asset.bin";accept_encodings=vec{"identity"}})'
assert_command dfx canister --no-wallet call --query e2e_project_assets get '(record{key="/large-asset.bin";accept_encodings=vec{"identity"}})'
assert_match 'total_length = 6_000_000'
assert_match 'content_type = "application/octet-stream"'
assert_match 'content_encoding = "identity"'

assert_command dfx canister call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=2})'
assert_command dfx canister --no-wallet call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=2})'

assert_command dfx canister call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=3})'
assert_command_fail dfx canister call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=4})'
assert_command dfx canister --no-wallet call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=3})'
assert_command_fail dfx canister --no-wallet call --query e2e_project_assets get_chunk '(record{key="/large-asset.bin";content_encoding="identity";index=4})'
}

@test "list() and keys() return asset keys" {
Expand Down
29 changes: 29 additions & 0 deletions e2e/tests-dfx/secp256k1.bash
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
#!/usr/bin/env bats

load ../utils/_

setup() {
# We want to work from a different temporary directory for every test.
x=$(mktemp -d -t dfx-identity-home-XXXXXXXX)
export TEMPORARY_HOME="$x"
export HOME="$TEMPORARY_HOME"
cd "$HOME" || exit
}

teardown() {
dfx_stop
rm -rf "$TEMPORARY_HOME"
}

@test "can call a canister using a secp256k1 identity" {
openssl ecparam -name secp256k1 -genkey -out identity.pem
assert_command dfx identity import secp256k1 identity.pem
dfx identity use secp256k1
install_asset whoami
dfx_start
dfx canister create whoami
dfx build
dfx canister install whoami
assert_command dfx canister --no-wallet call whoami whoami
assert_match "$(dfx identity get-principal)"
}
17 changes: 9 additions & 8 deletions nix/sources.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,10 @@
"homepage": "https://rustsec.org",
"owner": "RustSec",
"repo": "advisory-db",
"rev": "f960a5036487fbcc93fa1e36c390804991e4c13c",
"sha256": "1fa6if919g4x09d3kaig28wn5s68q50534bn47q7dp98yqy90bwd",
"rev": "0283f676aca9ff9c925a38babb8df594ef20b580",
"sha256": "067d3pbrp20fvqy9znkkfkj9dpxipyx4fbpkhlpkq8v5hn1vhbl7",
"type": "tarball",
"url": "https://github.com/RustSec/advisory-db/archive/f960a5036487fbcc93fa1e36c390804991e4c13c.tar.gz",
"url": "https://github.com/RustSec/advisory-db/archive/0283f676aca9ff9c925a38babb8df594ef20b580.tar.gz",
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
},
"agent-js-monorepo": {
Expand Down Expand Up @@ -38,21 +38,22 @@
"type": "git"
},
"dfinity": {
"branch": "master",
"repo": "ssh://[email protected]/dfinity-lab/dfinity",
"rev": "fc46573d03d0024b85eae4f93ce8dc823308fcfd",
"tag": "release-2020-11-26.RC01",
"rev": "a7d3a895e7c7f684a4c983f226adf5d41e29a64f",
"type": "git"
},
"ic-ref": {
"branch": "release-0.15",
"repo": "ssh://[email protected]/dfinity-lab/ic-ref",
"rev": "3716b934e8699aea3423535fc69c0f6b077ba842",
"rev": "f20ebb5282f27d4f23b485f713fd15809627c38d",
"type": "git"
},
"motoko": {
"branch": "release",
"repo": "ssh://[email protected]/dfinity-lab/motoko",
"rev": "be50f210e439228baed13914b2093aa8e71ce2ed",
"repo": "ssh://[email protected]/dfinity/motoko",
"rev": "43f3547ccbf7d48e5d25e1bf5222f11df8df2940",
"tag": "0.5.10",
"type": "git"
},
"napalm": {
Expand Down
8 changes: 4 additions & 4 deletions src/dfx/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,26 +76,26 @@ webpki-roots = "0.21.0"
version = "0.2.0"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"
features = ["reqwest"]

[dependencies.ic-identity-hsm]
version = "0.2.0"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"

[dependencies.ic-types]
version = "0.1.2"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"

[dependencies.ic-utils]
version = "0.2.0"
git = "https://github.com/dfinity/agent-rs.git"
branch = "next"
rev = "e77bcd2aa8e173b0d7a5b9fae8f9e42211b85110"
rev = "258ea302177856a21396fbf60ffcc712fc1f36fd"

[dev-dependencies]
env_logger = "0.6"
Expand Down
2 changes: 2 additions & 0 deletions src/dfx/src/actors/replica.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -280,6 +280,8 @@ fn replica_start_thread(
config.state_manager.state_root.to_str().unwrap_or_default(),
"--create-funds-whitelist",
"*",
"--consensus-pool-backend",
"rocksdb",
]);
if let Some(port) = port {
cmd.args(&["--http-port", &port.to_string()]);
Expand Down
22 changes: 20 additions & 2 deletions src/dfx/src/lib/identity/mod.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ use crate::lib::waiter::waiter_with_timeout;
use crate::util;

use anyhow::{anyhow, bail, Context};
use ic_agent::identity::BasicIdentity;
use ic_agent::identity::{BasicIdentity, Secp256k1Identity};
use ic_agent::Signature;
use ic_identity_hsm::HardwareIdentity;
use ic_types::Principal;
Expand Down Expand Up @@ -118,6 +118,23 @@ impl Identity {
})
}

fn load_secp256k1_identity(manager: &IdentityManager, name: &str) -> DfxResult<Self> {
let dir = manager.get_identity_dir_path(name);
let pem_path = dir.join(IDENTITY_PEM);
let inner = Box::new(Secp256k1Identity::from_pem_file(&pem_path).map_err(|e| {
DfxError::new(IdentityError::CannotReadIdentityFile(
pem_path.clone(),
Box::new(DfxError::new(e)),
))
})?);

Ok(Self {
name: name.to_string(),
inner,
dir: manager.get_identity_dir_path(name),
})
}

fn load_hardware_identity(
manager: &IdentityManager,
name: &str,
Expand Down Expand Up @@ -149,7 +166,8 @@ impl Identity {
})?;
Identity::load_hardware_identity(manager, name, hsm)
} else {
Identity::load_basic_identity(manager, name)
Identity::load_secp256k1_identity(manager, name)
.or_else(|_| Identity::load_basic_identity(manager, name))
}
}

Expand Down