Skip to content

Commit

Permalink
Correct the robonode key generation and usage
Browse files Browse the repository at this point in the history
  • Loading branch information
MOZGIII committed May 6, 2024
1 parent 0e1c519 commit c7fdb4d
Show file tree
Hide file tree
Showing 7 changed files with 28 additions and 27 deletions.
20 changes: 10 additions & 10 deletions crates/devutil-auth-ticket/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@

pub use hex::{decode, encode};
pub use primitives_auth_ticket::{AuthTicket, OpaqueAuthTicket};
use robonode_crypto::{ed25519_dalek::Signer, Keypair};
use robonode_crypto::ed25519_dalek::Signer;

/// The input required to generate an auth ticket.
pub struct Input {
/// The robonode keypair to use for authticket reponse signing.
pub robonode_keypair: Vec<u8>,
/// The robonode secret key to use for authticket reponse signing.
pub robonode_secret_key: Vec<u8>,
/// The auth ticket to sign.
pub auth_ticket: AuthTicket,
}
Expand All @@ -26,21 +26,21 @@ pub struct Output {
pub fn make(input: Input) -> Result<Output, anyhow::Error> {
let Input {
auth_ticket,
robonode_keypair,
robonode_secret_key,
} = input;

let mut robonode_keypair_buf = [0u8; 64];
robonode_keypair_buf.copy_from_slice(&robonode_keypair);
let mut robonode_secret_key_buf = robonode_crypto::SecretKey::default();
robonode_secret_key_buf.copy_from_slice(&robonode_secret_key);

let robonode_keypair = Keypair::from_keypair_bytes(&robonode_keypair_buf)?;
let robonode_singing_key = robonode_crypto::SigningKey::from_bytes(&robonode_secret_key_buf);

let opaque_auth_ticket = OpaqueAuthTicket::from(&auth_ticket);

let robonode_signature = robonode_keypair
let robonode_signature = robonode_singing_key
.sign(opaque_auth_ticket.as_ref())
.to_bytes();

assert!(robonode_keypair
assert!(robonode_singing_key
.verify(
opaque_auth_ticket.as_ref(),
&robonode_crypto::Signature::try_from(&robonode_signature[..]).unwrap()
Expand All @@ -50,6 +50,6 @@ pub fn make(input: Input) -> Result<Output, anyhow::Error> {
Ok(Output {
auth_ticket: opaque_auth_ticket.into(),
robonode_signature: robonode_signature.into(),
robonode_public_key: robonode_keypair.as_ref().as_bytes()[..].into(),
robonode_public_key: robonode_singing_key.verifying_key().as_bytes().to_vec(),
})
}
4 changes: 2 additions & 2 deletions crates/devutil-auth-ticket/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ fn read_hex_env(key: &'static str) -> Vec<u8> {
}

fn main() {
let robonode_keypair = read_hex_env("ROBONODE_KEYPAIR");
let robonode_secret_key = read_hex_env("ROBONODE_SECRET_KEY");
let public_key = read_hex_env("AUTH_TICKET_PUBLIC_KEY");
let authentication_nonce = read_hex_env("AUTH_TICKET_AUTHENTICATION_NONCE");

Expand All @@ -19,7 +19,7 @@ fn main() {
};

let output = make(Input {
robonode_keypair,
robonode_secret_key,
auth_ticket,
})
.unwrap();
Expand Down
4 changes: 2 additions & 2 deletions crates/robonode-crypto/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,8 +4,8 @@

pub use ed25519_dalek::{self, Signer, Verifier};

/// Robonode keypair.
pub type Keypair = ed25519_dalek::SigningKey;
/// Robonode signing key.
pub type SigningKey = ed25519_dalek::SigningKey;

/// Robonode signature.
pub type Signature = ed25519_dalek::Signature;
Expand Down
4 changes: 2 additions & 2 deletions crates/robonode-keygen/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,5 @@ publish = false
[dependencies]
robonode-crypto = { path = "../robonode-crypto" }

hex = { workspace = true }
rand = { workspace = true }
hex = { workspace = true, features = ["alloc"] }
rand = { workspace = true, features = ["std", "getrandom"] }
4 changes: 2 additions & 2 deletions crates/robonode-keygen/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,6 @@ use rand::rngs::OsRng;

fn main() {
let mut csprng = OsRng {};
let keypair = robonode_crypto::Keypair::generate(&mut csprng);
println!("{}", hex::encode(keypair.to_bytes()));
let signing_key = robonode_crypto::SigningKey::generate(&mut csprng);
println!("{}", hex::encode(signing_key.to_bytes()));
}
8 changes: 4 additions & 4 deletions crates/robonode-server/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,14 @@ pub fn init(
execution_id: uuid::Uuid,
facetec_api_client: facetec_api_client::Client<LoggingInspector>,
facetec_device_sdk_params: FacetecDeviceSdkParams,
robonode_keypair: robonode_crypto::Keypair,
robonode_signing_key: robonode_crypto::SigningKey,
) -> impl Filter<Extract = (impl warp::Reply,), Error = std::convert::Infallible> + Clone {
let logic = logic::Logic {
locked: Mutex::new(logic::Locked {
sequence: sequence::Sequence::new(0),
execution_id,
facetec: facetec_api_client,
signer: robonode_keypair,
signer: robonode_signing_key,
public_key_type: PhantomData::<validator_key::SubstratePublic<sp_core::sr25519::Public>>,
}),
facetec_device_sdk_params,
Expand All @@ -40,7 +40,7 @@ pub fn init(
}

#[async_trait::async_trait]
impl logic::Signer<Vec<u8>> for robonode_crypto::Keypair {
impl logic::Signer<Vec<u8>> for robonode_crypto::SigningKey {
type Error = Infallible;

async fn sign<'a, D>(&self, data: D) -> Result<Vec<u8>, Self::Error>
Expand All @@ -54,7 +54,7 @@ impl logic::Signer<Vec<u8>> for robonode_crypto::Keypair {
}

#[async_trait::async_trait]
impl logic::PublicKeyProvider for robonode_crypto::Keypair {
impl logic::PublicKeyProvider for robonode_crypto::SigningKey {
fn public_key(&self) -> &[u8] {
self.as_ref().as_ref()
}
Expand Down
11 changes: 6 additions & 5 deletions crates/robonode-server/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,10 +15,11 @@ async fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
let facetec_device_key_identifier: String = env("FACETEC_DEVICE_KEY_IDENTIFIER")?;
let facetec_public_face_map_encryption_key = env("FACETEC_PUBLIC_FACE_MAP_ENCRYPTION_KEY")?;
let facetec_production_key: Option<String> = maybe_env("FACETEC_PRODUCTION_KEY")?;
let robonode_keypair_string: String = env("ROBONODE_KEYPAIR")?;
let mut robonode_keypair_bytes: [u8; 64] = [0; 64];
hex::decode_to_slice(robonode_keypair_string, &mut robonode_keypair_bytes)?;
let robonode_keypair = robonode_crypto::Keypair::from_keypair_bytes(&robonode_keypair_bytes)?;
let robonode_secret_key_string: String = env("ROBONODE_SECRET_KEY")?;

let mut robonode_secret_key_bytes = robonode_crypto::SecretKey::default();
hex::decode_to_slice(robonode_secret_key_string, &mut robonode_secret_key_bytes)?;
let robonode_signing_key = robonode_crypto::SigningKey::from_bytes(&robonode_secret_key_bytes);

let facetec_api_client = facetec_api_client::Client {
base_url: facetec_server_url,
Expand All @@ -39,7 +40,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error + Send + Sync>> {
execution_id,
facetec_api_client,
face_tec_device_sdk_params,
robonode_keypair,
robonode_signing_key,
);
let (addr, server) =
warp::serve(root_filter).bind_with_graceful_shutdown(addr, shutdown_signal());
Expand Down

0 comments on commit c7fdb4d

Please sign in to comment.