-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: gen-cli generates device-bundle on-demand with tests and refactoring #132
base: develop
Are you sure you want to change the base?
Conversation
a6dab1e
to
19b3c59
Compare
580c1b9
to
25545cb
Compare
assert_eq!(revocation_pub_key, revocation_pub_key); | ||
assert_eq!(holoport_id, holoport_id); | ||
assert_eq!(registration_code, registration_code); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these assertions don't give any signal as the identical binding is passed twice.
the other assertions are also questionable. in the file where i moved these tests to i added a comment as a reminder to double-check these.
async fn convert_v3_to_v2() { | ||
let (config, _) = generate_test_hpos_config().await.unwrap(); | ||
|
||
// ensure we start with a v3 config |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this could be ensured via a matching let binding instead of an identical conversion
25545cb
to
f3b8730
Compare
3d0b535
to
b82bebd
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some remaining questions and needs a cleanup before it can be merged
core/src/utils.rs
Outdated
pub async fn get_seed_from_locked_device_bundle( | ||
locked_device_bundle: &[u8], | ||
passphrase: &str, | ||
) -> Result<Seed, failure::Error> { | ||
let passphrase = sodoken::BufRead::from(passphrase.as_bytes()); | ||
let unlocked_bundle = | ||
match hc_seed_bundle::UnlockedSeedBundle::from_locked(locked_device_bundle) | ||
.await? | ||
.remove(0) | ||
{ | ||
hc_seed_bundle::LockedSeedCipher::PwHash(cipher) => cipher.unlock(passphrase).await, | ||
oth => bail!("unexpected cipher: {:?}", oth), | ||
}?; | ||
|
||
let seed = get_seed_from_bundle(&unlocked_bundle)?; | ||
|
||
Ok(seed) | ||
} | ||
|
||
/// unlock seed_bundles to access the pub-key and seed | ||
pub async fn unlock(device_bundle: &str, passphrase: &str) -> SeedExplorerResult<SigningKey> { | ||
if device_bundle.is_empty() { | ||
return Err(SeedExplorerError::Generic( | ||
"called with device_bundle".into(), | ||
)); | ||
} | ||
|
||
let cipher = base64::decode_config(device_bundle, base64::URL_SAFE_NO_PAD)?; | ||
match UnlockedSeedBundle::from_locked(&cipher).await?.remove(0) { | ||
LockedSeedCipher::PwHash(cipher) => { | ||
let passphrase = sodoken::BufRead::from(passphrase.as_bytes().to_vec()); | ||
let seed = cipher.unlock(passphrase).await?; | ||
|
||
let seed_bytes: [u8; 32] = match (&*seed.get_seed().read_lock())[0..32].try_into() { | ||
Ok(b) => b, | ||
Err(_) => { | ||
return Err(SeedExplorerError::Generic( | ||
"Seed buffer is not 32 bytes long".into(), | ||
)) | ||
} | ||
}; | ||
|
||
Ok(SigningKey::from_bytes(&seed_bytes)) | ||
} | ||
_ => Err(SeedExplorerError::UnsupportedCipher), | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAIU these two are almost equivalent with two exceptions
- different return type
unlock
assumes a base64 encoded bundle
// TODO: what should this be? | ||
pub const DEFAULT_DERIVATION_PATH_V3: u32 = 3; | ||
|
||
pub fn get_seed_from_bundle(device_bundle: &UnlockedSeedBundle) -> Result<Seed, failure::Error> { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i think there's no use-case for this considering fn unlock
also gets the seed from the locked bundle
…-cli this works for v2 configs for now as that's what is still used on holoports as of now. even though that's about to change in the short-term, it might come in handy to generate v2 configs to test the tranisitioning to v3 configs.
9facd79
to
a9cba70
Compare
ConfigDiscriminants::V1 => 2, | ||
ConfigDiscriminants::V2 => 2, | ||
ConfigDiscriminants::V3 => 2, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
includes #133