feat: adds secp256k1 keypair type to key gen command, adds test cases

This commit is contained in:
imthe1 2023-04-20 20:54:43 +05:30 committed by Jorropo
parent 99fdaa1b4d
commit 67e1a173fc
5 changed files with 65 additions and 3 deletions

View File

@ -83,7 +83,7 @@ var keyGenCmd = &cmds.Command{
Tagline: "Create a new keypair",
},
Options: []cmds.Option{
cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519").WithDefault(keyStoreAlgorithmDefault),
cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519, secp256k1").WithDefault(keyStoreAlgorithmDefault),
cmds.IntOption(keyStoreSizeOptionName, "s", "size of the key to generate"),
ke.OptionIPNSBase,
},
@ -398,7 +398,7 @@ The PEM format allows for key generation outside of the IPFS node:
allowAnyKeyType, _ := req.Options[keyAllowAnyTypeOptionName].(bool)
if !allowAnyKeyType {
switch t := sk.(type) {
case *crypto.RsaPrivateKey, *crypto.Ed25519PrivateKey:
case *crypto.RsaPrivateKey, *crypto.Ed25519PrivateKey, *crypto.Secp256k1PrivateKey:
default:
return fmt.Errorf("key type %T is not allowed to be imported, only RSA or Ed25519;"+
" use flag --%s if you are sure of what you're doing",
@ -604,7 +604,7 @@ environment variable:
Arguments: []cmds.Argument{},
Options: []cmds.Option{
cmds.StringOption(oldKeyOptionName, "o", "Keystore name to use for backing up your existing identity"),
cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519").WithDefault(keyStoreAlgorithmDefault),
cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519, secp256k1").WithDefault(keyStoreAlgorithmDefault),
cmds.IntOption(keyStoreSizeOptionName, "s", "size of the key to generate"),
},
NoRemote: true,

View File

@ -82,6 +82,14 @@ func (api *KeyAPI) Generate(ctx context.Context, name string, opts ...caopts.Key
return nil, err
}
sk = priv
pk = pub
case "secp256k1":
priv, pub, err := crypto.GenerateSecp256k1Key(rand.Reader)
if err != nil {
return nil, err
}
sk = priv
pk = pub
default:

View File

@ -486,6 +486,14 @@ test_check_ed25519_b58mh_peerid() {
}
}
test_check_secp256k1_b58mh_peerid() {
peeridlen=$(echo "$1" | tr -dC "[:alnum:]" | wc -c | tr -d " ") &&
test "$peeridlen" = "53" || {
echo "Bad SECP256K1 B58MH peerid '$1' with len '$peeridlen'"
return 1
}
}
test_check_rsa2048_base36_peerid() {
peeridlen=$(echo "$1" | tr -dC "[:alnum:]" | wc -c | tr -d " ") &&
test "$peeridlen" = "56" || {
@ -502,6 +510,14 @@ test_check_ed25519_base36_peerid() {
}
}
test_check_secp256k1_base36_peerid() {
peeridlen=$(echo "$1" | tr -dC "[:alnum:]" | wc -c | tr -d " ") &&
test "$peeridlen" = "63" || {
echo "Bad SECP256K1 B36CID peerid '$1' with len '$peeridlen'"
return 1
}
}
convert_tcp_maddr() {
echo $1 | awk -F'/' '{ printf "%s:%s", $3, $5 }'
}

View File

@ -87,12 +87,19 @@ test_rotate() {
}
test_rotate 'rsa' ''
test_rotate 'ed25519' ''
test_rotate 'secp256k1' ''
test_rotate '' ''
test_rotate 'rsa' 'rsa'
test_rotate 'ed25519' 'rsa'
test_rotate 'secp256k1' 'rsa'
test_rotate '' 'rsa'
test_rotate 'rsa' 'ed25519'
test_rotate 'ed25519' 'ed25519'
test_rotate 'secp256k1' 'ed25519'
test_rotate '' 'ed25519'
test_rotate 'rsa' 'secp256k1'
test_rotate 'ed25519' 'secp256k1'
test_rotate 'secp256k1' 'secp256k1'
test_rotate '' 'secp256k1'
test_done

View File

@ -55,6 +55,29 @@ PEERID=$(ipfs key list --ipns-base=base36 -l | grep key_ed25519 | head -n 1 | cu
test_check_ed25519_base36_peerid $PEERID &&
ipfs key rm key_ed25519
'
test_expect_success "create an SECP256k1 key and test B58MH/B36CID output formats" '
PEERID=$(ipfs key gen --ipns-base=b58mh --type=secp256k1 key_secp256k1) &&
test_check_secp256k1_b58mh_peerid $PEERID &&
ipfs key rm key_secp256k1 &&
PEERID=$(ipfs key gen --ipns-base=base36 --type=secp256k1 key_secp256k1) &&
test_check_secp256k1_base36_peerid $PEERID
'
test_expect_success "test SECP256k1 key sk export format" '
ipfs key export key_secp256k1 &&
test_check_ed25519_sk key_secp256k1.key &&
rm key_secp256k1.key
'
test_expect_success "test SECP256k1 key B58MH/B36CID multihash format" '
PEERID=$(ipfs key list --ipns-base=b58mh -l | grep key_secp256k1 | head -n 1 | cut -d " " -f1) &&
test_check_secp256k1_b58mh_peerid $PEERID &&
PEERID=$(ipfs key list --ipns-base=base36 -l | grep key_secp256k1 | head -n 1 | cut -d " " -f1) &&
test_check_secp256k1_base36_peerid $PEERID &&
ipfs key rm key_secp256k1
'
# end of format test
@ -72,6 +95,11 @@ ipfs key rm key_ed25519
test_key_import_export_all_formats ed25519_key
test_expect_success "create a new secp256k1 key" '
k1hash=$(ipfs key gen generated_secp256k1_key --type=secp256k1)
echo $k1hash > secp256k1_key_id
'
test_openssl_compatibility_all_types
INVALID_KEY=../t0165-keystore-data/openssl_secp384r1.pem
@ -116,6 +144,7 @@ ipfs key rm key_ed25519
test_expect_success "all keys show up in list output" '
echo generated_ed25519_key > list_exp &&
echo generated_rsa_key >> list_exp &&
echo generated_secp256k1_key >> list_exp &&
echo quxel >> list_exp &&
echo self >> list_exp
ipfs key list > list_out &&
@ -135,6 +164,7 @@ ipfs key rm key_ed25519
test_expect_success "key rm remove a key" '
ipfs key rm generated_rsa_key
echo generated_ed25519_key > list_exp &&
echo generated_secp256k1_key >> list_exp &&
echo quxel >> list_exp &&
echo self >> list_exp
ipfs key list > list_out &&
@ -149,6 +179,7 @@ ipfs key rm key_ed25519
test_expect_success "key rename rename a key" '
ipfs key rename generated_ed25519_key fooed
echo fooed > list_exp &&
echo generated_secp256k1_key >> list_exp &&
echo quxel >> list_exp &&
echo self >> list_exp
ipfs key list > list_out &&