Skip to content

Commit

Permalink
keymanager: Expose runtime ID and RSK in the key manager client
Browse files Browse the repository at this point in the history
  • Loading branch information
kostko committed Sep 24, 2024
1 parent b0e6bc8 commit ad403a1
Show file tree
Hide file tree
Showing 4 changed files with 44 additions and 2 deletions.
1 change: 1 addition & 0 deletions .changelog/5865.internal.md
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
keymanager: Expose runtime ID and RSK in the key manager client
20 changes: 19 additions & 1 deletion keymanager/src/client/interface.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,10 @@ use std::sync::Arc;

use async_trait::async_trait;

use oasis_core_runtime::{common::crypto::signature::PublicKey, consensus::beacon::EpochTime};
use oasis_core_runtime::{
common::{crypto::signature::PublicKey, namespace::Namespace},
consensus::beacon::EpochTime,
};

use crate::{
api::KeyManagerError,
Expand All @@ -14,6 +17,13 @@ use crate::{
/// Key manager client interface.
#[async_trait]
pub trait KeyManagerClient: Send + Sync {
/// Key manager runtime identifier this client is connected to. It may be `None` in case the
/// identifier is not known yet (e.g. the client has not yet been initialized).
fn runtime_id(&self) -> Option<Namespace>;

/// Key manager runtime signing key used to sign messages from the key manager.
fn runtime_signing_key(&self) -> Option<PublicKey>;

/// Clear local key cache.
///
/// This will make the client re-fetch the keys from the key manager.
Expand Down Expand Up @@ -108,6 +118,14 @@ pub trait KeyManagerClient: Send + Sync {

#[async_trait]
impl<T: ?Sized + KeyManagerClient> KeyManagerClient for Arc<T> {
fn runtime_id(&self) -> Option<Namespace> {
KeyManagerClient::runtime_id(&**self)
}

fn runtime_signing_key(&self) -> Option<PublicKey> {
KeyManagerClient::runtime_signing_key(&**self)
}

fn clear_cache(&self) {
KeyManagerClient::clear_cache(&**self)
}
Expand Down
13 changes: 12 additions & 1 deletion keymanager/src/client/mock.rs
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,10 @@ use std::{collections::HashMap, sync::Mutex};
use async_trait::async_trait;

use oasis_core_runtime::{
common::crypto::signature::{PublicKey, Signature},
common::{
crypto::signature::{PublicKey, Signature},
namespace::Namespace,
},
consensus::beacon::EpochTime,
};

Expand Down Expand Up @@ -35,6 +38,14 @@ impl MockClient {

#[async_trait]
impl KeyManagerClient for MockClient {
fn runtime_id(&self) -> Option<Namespace> {
Some(Namespace::default())
}

fn runtime_signing_key(&self) -> Option<PublicKey> {
None
}

fn clear_cache(&self) {}

async fn get_or_create_keys(
Expand Down
12 changes: 12 additions & 0 deletions keymanager/src/client/remote.rs
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,8 @@ pub struct RemoteClient {
ephemeral_public_keys: RwLock<LruCache<(KeyPairId, EpochTime), SignedPublicKey>>,
/// Local cache for the state keys.
state_keys: RwLock<LruCache<(KeyPairId, u8), StateKey>>,
/// Key manager runtime ID.
key_manager_id: RwLock<Option<Namespace>>,
/// Key manager's runtime signing key.
rsk: RwLock<Option<PublicKey>>,
}
Expand All @@ -104,6 +106,7 @@ impl RemoteClient {
ephemeral_private_keys: RwLock::new(LruCache::new(cap)),
ephemeral_public_keys: RwLock::new(LruCache::new(cap)),
state_keys: RwLock::new(LruCache::new(cap)),
key_manager_id: RwLock::new(None),
rsk: RwLock::new(None),
}
}
Expand Down Expand Up @@ -196,6 +199,7 @@ impl RemoteClient {
}

// Set key manager runtime ID.
*self.key_manager_id.write().unwrap() = Some(status.id);
self.rpc_client.update_runtime_id(Some(status.id));

// Verify and apply the policy, if set.
Expand Down Expand Up @@ -322,6 +326,14 @@ impl RemoteClient {

#[async_trait]
impl KeyManagerClient for RemoteClient {
fn runtime_id(&self) -> Option<Namespace> {
*self.key_manager_id.read().unwrap()
}

fn runtime_signing_key(&self) -> Option<PublicKey> {
*self.rsk.read().unwrap()
}

fn clear_cache(&self) {
// We explicitly only take one lock at a time.

Expand Down

0 comments on commit ad403a1

Please sign in to comment.