relaycorp · gnarea · Aug 2, 2022 · Aug 1, 2022 · Aug 2, 2022 · Aug 2, 2022
diff --git a/package-lock.json b/package-lock.json
diff --git a/src/functional_tests/gcp.test.ts b/src/functional_tests/gcp.test.ts
@@ -68,28 +68,24 @@ describe('Private key store', () => {
   test('Generate identity key pair', async () => {
     const store = new GCPPrivateKeyStore(kmsClient, getDBConnection(), getKMSConfig());
 
-    const { privateKey, privateAddress } = await store.generateIdentityKeyPair();
+    const { privateKey, id } = await store.generateIdentityKeyPair();
 
-    const privateKeyRetrieved = await store.retrieveIdentityKey(privateAddress);
+    const privateKeyRetrieved = await store.retrieveIdentityKey(id);
 
     expect(privateKeyRetrieved?.kmsKeyVersionPath).toEqual(
       (privateKey as GcpKmsRsaPssPrivateKey).kmsKeyVersionPath,
     );
   });
 
   test('Save and retrieve session key', async () => {
-    const privateAddress = '0deadbeef';
-    const peerPrivateAddress = '0deadc0de';
+    const id = '0deadbeef';
+    const peerId = '0deadc0de';
     const store = new GCPPrivateKeyStore(kmsClient, getDBConnection(), getKMSConfig());
     const { privateKey, sessionKey } = await SessionKeyPair.generate();
 
-    await store.saveSessionKey(privateKey, sessionKey.keyId, privateAddress, peerPrivateAddress);
+    await store.saveSessionKey(privateKey, sessionKey.keyId, id, peerId);
 
-    const privateKeyRetrieved = await store.retrieveSessionKey(
-      sessionKey.keyId,
-      privateAddress,
-      peerPrivateAddress,
-    );
+    const privateKeyRetrieved = await store.retrieveSessionKey(sessionKey.keyId, id, peerId);
     await expect(derSerializePrivateKey(privateKeyRetrieved)).resolves.toEqual(
       await derSerializePrivateKey(privateKey),
     );

diff --git a/src/lib/gcp/GCPPrivateKeyStore.spec.ts b/src/lib/gcp/GCPPrivateKeyStore.spec.ts
@@ -5,7 +5,7 @@ import {
   derDeserializeRSAPublicKey,
   derSerializePrivateKey,
   derSerializePublicKey,
-  getPrivateAddressFromIdentityKey,
+  getIdFromIdentityKey,
   KeyStoreError,
   SessionKeyPair,
   UnknownKeyError,
@@ -77,7 +77,7 @@ describe('Identity keys', () => {
     beforeAll(async () => {
       stubPublicKey = await derDeserializeRSAPublicKey(STUB_KMS_PUBLIC_KEY);
       stubPublicKeySerialized = bufferToArrayBuffer(STUB_KMS_PUBLIC_KEY);
-      stubPrivateAddress = await getPrivateAddressFromIdentityKey(stubPublicKey);
+      stubPrivateAddress = await getIdFromIdentityKey(stubPublicKey);
     });
 
     const mockRetrieveKMSPublicKey = mockSpy(
@@ -200,26 +200,26 @@ describe('Identity keys', () => {
       test('Private address should be stored', async () => {
         const store = new GCPPrivateKeyStore(makeKmsClient(), getDBConnection(), KMS_CONFIG);
 
-        const { privateAddress } = await store.generateIdentityKeyPair();
+        const { id } = await store.generateIdentityKeyPair();
 
-        await expect(getDocument(privateAddress)).resolves.toBeTruthy();
+        await expect(getDocument(id)).resolves.toBeTruthy();
       });
 
       test('Public key should be stored', async () => {
         const store = new GCPPrivateKeyStore(makeKmsClient(), getDBConnection(), KMS_CONFIG);
 
-        const { privateAddress, publicKey } = await store.generateIdentityKeyPair();
+        const { id, publicKey } = await store.generateIdentityKeyPair();
 
-        const document = await getDocument(privateAddress);
+        const document = await getDocument(id);
         expect(document!.publicKey.equals(await derSerializePublicKey(publicKey))).toBeTrue();
       });
 
       test('KMS key should be stored', async () => {
         const store = new GCPPrivateKeyStore(makeKmsClient(), getDBConnection(), KMS_CONFIG);
 
-        const { privateAddress } = await store.generateIdentityKeyPair();
+        const { id } = await store.generateIdentityKeyPair();
 
-        const document = await getDocument(privateAddress);
+        const document = await getDocument(id);
         expect(document!.kmsKey).toEqual(KMS_CONFIG.identityKeyId);
       });
 
@@ -231,9 +231,9 @@ describe('Identity keys', () => {
           KMS_CONFIG,
         );
 
-        const { privateAddress } = await store.generateIdentityKeyPair();
+        const { id } = await store.generateIdentityKeyPair();
 
-        const document = await getDocument(privateAddress);
+        const document = await getDocument(id);
         expect(document?.kmsKeyVersion).toEqual(kmsKeyVersion);
       });
 
@@ -278,9 +278,9 @@ describe('Identity keys', () => {
       test('Private address should match public key', async () => {
         const store = new GCPPrivateKeyStore(makeKmsClient(), getDBConnection(), KMS_CONFIG);
 
-        const { privateAddress } = await store.generateIdentityKeyPair();
+        const { id } = await store.generateIdentityKeyPair();
 
-        expect(privateAddress).toEqual(stubPrivateAddress);
+        expect(id).toEqual(stubPrivateAddress);
       });
     });
 

diff --git a/src/lib/gcp/GCPPrivateKeyStore.ts b/src/lib/gcp/GCPPrivateKeyStore.ts
@@ -2,7 +2,7 @@ import { KeyManagementServiceClient } from '@google-cloud/kms';
 import {
   derDeserializeRSAPublicKey,
   derSerializePublicKey,
-  getPrivateAddressFromIdentityKey,
+  getIdFromIdentityKey,
   IdentityKeyPair,
   RSAKeyGenOptions,
   SessionPrivateKeyData,
@@ -67,11 +67,11 @@ export class GCPPrivateKeyStore extends CloudPrivateKeystore {
     const publicKeySerialized = await retrieveKMSPublicKey(kmsKeyVersionPath, this.kmsClient);
     const publicKey = await derDeserializeRSAPublicKey(publicKeySerialized);
     const privateKey = new GcpKmsRsaPssPrivateKey(kmsKeyVersionPath, publicKey, this.idKeyProvider);
-    const privateAddress = await getPrivateAddressFromIdentityKey(publicKey);
+    const id = await getIdFromIdentityKey(publicKey);
 
-    await this.linkKMSKeyVersion(kmsKeyVersionPath, privateAddress, publicKey);
+    await this.linkKMSKeyVersion(kmsKeyVersionPath, id, publicKey);
 
-    return { privateAddress, privateKey, publicKey };
+    return { id, privateKey, publicKey };
   }
 
   public async retrieveIdentityKey(privateAddress: string): Promise<GcpKmsRsaPssPrivateKey | null> {
@@ -129,7 +129,7 @@ export class GCPPrivateKeyStore extends CloudPrivateKeystore {
       privateAddress,
       peerPrivateAddress,
     );
-    return { keySerialized, peerPrivateAddress, privateAddress };
+    return { keySerialized, peerId: peerPrivateAddress, nodeId: privateAddress };
   }
 
   //region Identity key utilities

diff --git a/src/lib/vault/VaultPrivateKeyStore.spec.ts b/src/lib/vault/VaultPrivateKeyStore.spec.ts
@@ -1,7 +1,7 @@
 import {
   derSerializePrivateKey,
   generateRSAKeyPair,
-  getPrivateAddressFromIdentityKey,
+  getIdFromIdentityKey,
   KeyStoreError,
   SessionKeyPair,
   UnknownKeyError,
@@ -129,11 +129,11 @@ describe('VaultPrivateKeyStore', () => {
     test('Identity key should be generated', async () => {
       const store = new VaultPrivateKeyStore(stubVaultUrl, stubVaultToken, stubKvPath);
 
-      const { privateKey, privateAddress } = await store.generateIdentityKeyPair();
+      const { privateKey, id } = await store.generateIdentityKeyPair();
 
       expect(mockAxiosClient.post).toBeCalledTimes(1);
       const postCallArgs = mockAxiosClient.post.mock.calls[0];
-      expect(postCallArgs[0]).toEqual(`/i-${privateAddress}`);
+      expect(postCallArgs[0]).toEqual(`/i-${id}`);
       expect(postCallArgs[1]).toHaveProperty(
         'data.privateKey',
         base64Encode(await derSerializePrivateKey(privateKey)),
@@ -234,7 +234,7 @@ describe('VaultPrivateKeyStore', () => {
     test('Existing identity key should be returned', async () => {
       const senderKeyPair = await generateRSAKeyPair();
       const identityPrivateKey = senderKeyPair.privateKey;
-      const privateAddress = await getPrivateAddressFromIdentityKey(senderKeyPair.publicKey);
+      const nodeId = await getIdFromIdentityKey(senderKeyPair.publicKey);
       mockAxiosClient.get.mockResolvedValue(
         makeVaultGETResponse(
           {
@@ -245,11 +245,11 @@ describe('VaultPrivateKeyStore', () => {
       );
       const store = new VaultPrivateKeyStore(stubVaultUrl, stubVaultToken, stubKvPath);
 
-      const privateKey = await store.retrieveIdentityKey(privateAddress);
+      const privateKey = await store.retrieveIdentityKey(nodeId);
 
       expect(mockAxiosClient.get).toBeCalledTimes(1);
       const getCallArgs = mockAxiosClient.get.mock.calls[0];
-      expect(getCallArgs[0]).toEqual(`/i-${privateAddress}`);
+      expect(getCallArgs[0]).toEqual(`/i-${nodeId}`);
       await expect(derSerializePrivateKey(privateKey!)).resolves.toEqual(
         await derSerializePrivateKey(identityPrivateKey),
       );

diff --git a/src/lib/vault/VaultPrivateKeyStore.ts b/src/lib/vault/VaultPrivateKeyStore.ts
@@ -78,8 +78,8 @@ export class VaultPrivateKeyStore extends CloudPrivateKeystore {
     }
     return {
       keySerialized: keyData.privateKey,
-      peerPrivateAddress: (keyData as SessionKeyDataDecoded).peerPrivateAddress,
-      privateAddress: (keyData as SessionKeyDataDecoded).privateAddress,
+      peerId: (keyData as SessionKeyDataDecoded).peerPrivateAddress,
+      nodeId: (keyData as SessionKeyDataDecoded).privateAddress,
     };
   }