Skip to content

Commit

Permalink
Distribute public keys
Browse files Browse the repository at this point in the history
  • Loading branch information
ThetaSinner committed Feb 16, 2024
1 parent 8d8f182 commit 6180c8f
Show file tree
Hide file tree
Showing 15 changed files with 244 additions and 134 deletions.
2 changes: 2 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -10,3 +10,5 @@
.hc*
.hc
.running
.gnupg
*.asc
12 changes: 11 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
Enter the nix shell by running this in the root folder of the repository:

```bash
nix-shell
nix develop
npm install
```

Expand Down Expand Up @@ -57,3 +57,13 @@ This repository is using these tools:
- [@holochain/tryorama](https://www.npmjs.com/package/@holochain/tryorama): test framework.
- [@holochain/client](https://www.npmjs.com/package/@holochain/client): client library to connect to Holochain from the UI.
- [@holochain-playground/cli](https://www.npmjs.com/package/@holochain-playground/cli): introspection tooling to understand what's going on in the Holochain nodes.

## Keys

Create a GPG key for testing

```
gpg --quick-generate-key tester
gpg --export --armor tester > tester_key.asc
```

Original file line number Diff line number Diff line change
@@ -1,8 +1,17 @@
use hdk::prelude::*;
use trusted_integrity::*;
use trusted_integrity::prelude::*;

#[derive(Serialize, Deserialize, Debug, Clone, SerializedBytes)]
pub struct DistributeGpgKeyRequest {
pub public_key: String,
}

#[hdk_extern]
pub fn create_gpg_key(gpg_key: GpgKey) -> ExternResult<Record> {
let gpg_key_hash = create_entry(&EntryTypes::GpgKey(gpg_key.clone()))?;
pub fn distribute_gpg_key(gpg_key: DistributeGpgKeyRequest) -> ExternResult<Record> {
let gpg_key_hash = create_entry(&EntryTypes::GpgKeyDist(GpgKeyDist {
public_key: gpg_key.public_key,
fingerprint: "TODO".to_string(),
}))?;
let record = get(gpg_key_hash.clone(), GetOptions::default())?
.ok_or(
wasm_error!(
Expand All @@ -11,8 +20,9 @@ pub fn create_gpg_key(gpg_key: GpgKey) -> ExternResult<Record> {
)?;
Ok(record)
}

#[hdk_extern]
pub fn get_gpg_key(gpg_key_hash: ActionHash) -> ExternResult<Option<Record>> {
pub fn get_gpg_key_dist(gpg_key_hash: ActionHash) -> ExternResult<Option<Record>> {
let Some(details) = get_details(gpg_key_hash, GetOptions::default())? else {
return Ok(None);
};
Expand Down
8 changes: 6 additions & 2 deletions dnas/trusted/zomes/coordinator/trusted/src/lib.rs
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
pub mod gpg_key;
pub mod gpg_key_dist;
use hdk::prelude::*;
use trusted_integrity::*;
// Called the first time a zome call is made to the cell containing this zome

#[hdk_extern]
pub fn init(_: ()) -> ExternResult<InitCallbackResult> {
Ok(InitCallbackResult::Pass)
}

// Don't modify this enum if you want the scaffolding tool to generate appropriate signals for your entries and links
#[derive(Serialize, Deserialize, Debug)]
#[serde(tag = "type")]
Expand All @@ -18,6 +19,7 @@ pub enum Signal {
},
EntryDeleted { action: SignedActionHashed, original_app_entry: EntryTypes },
}

// Whenever an action is committed, we emit a signal to the UI elements to reactively update them
#[hdk_extern(infallible)]
pub fn post_commit(committed_actions: Vec<SignedActionHashed>) {
Expand All @@ -28,6 +30,7 @@ pub fn post_commit(committed_actions: Vec<SignedActionHashed>) {
}
}
}

// Don't modify this function if you want the scaffolding tool to generate appropriate signals for your entries and links
fn signal_action(action: SignedActionHashed) -> ExternResult<()> {
match action.hashed.content.clone() {
Expand Down Expand Up @@ -68,6 +71,7 @@ fn signal_action(action: SignedActionHashed) -> ExternResult<()> {
_ => Ok(()),
}
}

fn get_entry_for_action(action_hash: &ActionHash) -> ExternResult<Option<EntryTypes>> {
let record = match get_details(action_hash.clone(), GetOptions::default())? {
Some(Details::Record(record_details)) => record_details.record,
Expand Down
28 changes: 0 additions & 28 deletions dnas/trusted/zomes/integrity/trusted/src/gpg_key.rs

This file was deleted.

31 changes: 31 additions & 0 deletions dnas/trusted/zomes/integrity/trusted/src/gpg_key_dist.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
use hdi::prelude::*;
#[hdk_entry_helper]
#[derive(Clone, PartialEq)]
pub struct GpgKeyDist {
pub public_key: String,
pub fingerprint: String,
}

pub fn validate_create_gpg_key_dist(
_action: EntryCreationAction,
_gpg_key: GpgKeyDist,
) -> ExternResult<ValidateCallbackResult> {
Ok(ValidateCallbackResult::Valid)
}

pub fn validate_update_gpg_key_dist(
_action: Update,
_gpg_key: GpgKeyDist,
_original_action: EntryCreationAction,
_original_gpg_key: GpgKeyDist,
) -> ExternResult<ValidateCallbackResult> {
Ok(ValidateCallbackResult::Invalid(String::from("Gpg key distributions cannot be updated")))
}

pub fn validate_delete_gpg_key_dist(
_action: Delete,
_original_action: EntryCreationAction,
_original_gpg_key: GpgKeyDist,
) -> ExternResult<ValidateCallbackResult> {
Ok(ValidateCallbackResult::Invalid(String::from("Gpg key distributions cannot be deleted")))
}
49 changes: 29 additions & 20 deletions dnas/trusted/zomes/integrity/trusted/src/lib.rs
Original file line number Diff line number Diff line change
@@ -1,13 +1,20 @@
pub mod gpg_key;
pub use gpg_key::*;
mod gpg_key_dist;

use hdi::prelude::*;

pub mod prelude {
pub use crate::gpg_key_dist::*;
pub use crate::EntryTypes;
}

#[derive(Serialize, Deserialize)]
#[serde(tag = "type")]
#[hdk_entry_types]
#[unit_enum(UnitEntryTypes)]
pub enum EntryTypes {
GpgKey(GpgKey),
GpgKeyDist(gpg_key_dist::GpgKeyDist),
}

// Validation you perform during the genesis process. Nobody else on the network performs it, only you.
// There *is no* access to network calls in this callback
#[hdk_extern]
Expand All @@ -16,6 +23,7 @@ pub fn genesis_self_check(
) -> ExternResult<ValidateCallbackResult> {
Ok(ValidateCallbackResult::Valid)
}

// Validation the network performs when you try to join, you can't perform this validation yourself as you are not a member yet.
// There *is* access to network calls in this function
pub fn validate_agent_joining(
Expand All @@ -24,6 +32,7 @@ pub fn validate_agent_joining(
) -> ExternResult<ValidateCallbackResult> {
Ok(ValidateCallbackResult::Valid)
}

// This is the unified validation callback for all entries and link types in this integrity zome
// Below is a match template for all of the variants of `DHT Ops` and entry and link types
//
Expand Down Expand Up @@ -51,8 +60,8 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
match store_entry {
OpEntry::CreateEntry { app_entry, action } => {
match app_entry {
EntryTypes::GpgKey(gpg_key) => {
validate_create_gpg_key(
EntryTypes::GpgKeyDist(gpg_key) => {
gpg_key_dist::validate_create_gpg_key_dist(
EntryCreationAction::Create(action),
gpg_key,
)
Expand All @@ -61,8 +70,8 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
}
OpEntry::UpdateEntry { app_entry, action, .. } => {
match app_entry {
EntryTypes::GpgKey(gpg_key) => {
validate_create_gpg_key(
EntryTypes::GpgKeyDist(gpg_key) => {
gpg_key_dist::validate_create_gpg_key_dist(
EntryCreationAction::Update(action),
gpg_key,
)
Expand All @@ -82,10 +91,10 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
} => {
match (app_entry, original_app_entry) {
(
EntryTypes::GpgKey(gpg_key),
EntryTypes::GpgKey(original_gpg_key),
EntryTypes::GpgKeyDist(gpg_key),
EntryTypes::GpgKeyDist(original_gpg_key),
) => {
validate_update_gpg_key(
gpg_key_dist::validate_update_gpg_key_dist(
action,
gpg_key,
original_action,
Expand All @@ -109,8 +118,8 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
match delete_entry {
OpDelete::Entry { original_action, original_app_entry, action } => {
match original_app_entry {
EntryTypes::GpgKey(gpg_key) => {
validate_delete_gpg_key(action, original_action, gpg_key)
EntryTypes::GpgKeyDist(gpg_key) => {
gpg_key_dist::validate_delete_gpg_key_dist(action, original_action, gpg_key)
}
}
}
Expand Down Expand Up @@ -151,8 +160,8 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
// Notice that doing so will cause `must_get_valid_record` for this record to return a valid record even if the `StoreEntry` validation failed
OpRecord::CreateEntry { app_entry, action } => {
match app_entry {
EntryTypes::GpgKey(gpg_key) => {
validate_create_gpg_key(
EntryTypes::GpgKeyDist(gpg_key) => {
gpg_key_dist::validate_create_gpg_key_dist(
EntryCreationAction::Create(action),
gpg_key,
)
Expand Down Expand Up @@ -183,13 +192,13 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
}
};
match app_entry {
EntryTypes::GpgKey(gpg_key) => {
let result = validate_create_gpg_key(
EntryTypes::GpgKeyDist(gpg_key) => {
let result = gpg_key_dist::validate_create_gpg_key_dist(
EntryCreationAction::Update(action.clone()),
gpg_key.clone(),
)?;
if let ValidateCallbackResult::Valid = result {
let original_gpg_key: Option<GpgKey> = original_record
let original_gpg_key: Option<gpg_key_dist::GpgKeyDist> = original_record
.entry()
.to_app_option()
.map_err(|e| wasm_error!(e))?;
Expand All @@ -204,7 +213,7 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
);
}
};
validate_update_gpg_key(
gpg_key_dist::validate_update_gpg_key_dist(
action,
gpg_key,
original_action,
Expand Down Expand Up @@ -271,8 +280,8 @@ pub fn validate(op: Op) -> ExternResult<ValidateCallbackResult> {
}
};
match original_app_entry {
EntryTypes::GpgKey(original_gpg_key) => {
validate_delete_gpg_key(
EntryTypes::GpgKeyDist(original_gpg_key) => {
gpg_key_dist::validate_delete_gpg_key_dist(
action,
original_action,
original_gpg_key,
Expand Down
13 changes: 13 additions & 0 deletions flake.nix
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,20 @@
packages = [
pkgs.nodejs_20
pkgs.gnupg
pkgs.pinentry
];

shellHook = ''
export GNUPGHOME=$(pwd)/.gnupg
if [[ ! -d $GNUPGHOME ]]; then
gpg --list-keys --no-keyring 2>&1 > /dev/null
rm $GNUPGHOME/common.conf
echo "pinentry-program $(which pinentry)" > $GNUPGHOME/gpg-agent.conf
pkill gpg-agent
gpg-agent --daemon
fi
'';
};
};
};
Expand Down
38 changes: 38 additions & 0 deletions package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 6180c8f

Please sign in to comment.