#5293

Committed 24 Sep 2024 03:23PM UTC coverage: 47.14% (+0.04%) from 47.097%

Build # #5293

Build Type

push

Committed by

Commit Message

Merge pull request #5863 from oasisprotocol/peternose/internal/fetch-key-shares-concurrently

keymanager/src/client: Fetch churp key shares concurrently

Run Details

20 of 62 new or added lines in 5 files covered. (32.26%)

5 existing lines in 2 files now uncovered.

4352 of 9232 relevant lines covered (47.14%)

1.07 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/keymanager/src/client/interface.rs

//! Key manager client.
use std::sync::Arc;

use async_trait::async_trait;

use oasis_core_runtime::{
    common::{crypto::signature::PublicKey, namespace::Namespace},
    consensus::beacon::EpochTime,
};

use crate::{
    api::KeyManagerError,
    churp::EncodedVerifiableSecretShare,
    crypto::{KeyPair, KeyPairId, Secret, SignedPublicKey, StateKey, VerifiableSecret},
};

/// Key manager client interface.
#[async_trait]
pub trait KeyManagerClient: Send + Sync {
    /// Key manager runtime identifier this client is connected to. It may be `None` in case the
    /// identifier is not known yet (e.g. the client has not yet been initialized).
    fn runtime_id(&self) -> Option<Namespace>;

    /// Key manager runtime signing key used to sign messages from the key manager.
    fn runtime_signing_key(&self) -> Option<PublicKey>;

    /// Clear local key cache.
    ///
    /// This will make the client re-fetch the keys from the key manager.
    fn clear_cache(&self);

    /// Get or create named long-term key pair.
    ///
    /// If the key does not yet exist, the key manager will generate one. If
    /// the key has already been cached locally, it will be retrieved from
    /// cache.
    async fn get_or_create_keys(
        &self,
        key_pair_id: KeyPairId,
        generation: u64,
    ) -> Result<KeyPair, KeyManagerError>;

    /// Get long-term public key for a key pair id.
    async fn get_public_key(
        &self,
        key_pair_id: KeyPairId,
        generation: u64,
    ) -> Result<SignedPublicKey, KeyManagerError>;

    /// Get or create named ephemeral key pair for given epoch.
    ///
    /// If the key does not yet exist, the key manager will generate one. If
    /// the key has already been cached locally, it will be retrieved from
    /// cache.
    async fn get_or_create_ephemeral_keys(
        &self,
        key_pair_id: KeyPairId,
        epoch: EpochTime,
    ) -> Result<KeyPair, KeyManagerError>;

    /// Get ephemeral public key for an epoch and a key pair id.
    async fn get_public_ephemeral_key(
        &self,
        key_pair_id: KeyPairId,
        epoch: EpochTime,
    ) -> Result<SignedPublicKey, KeyManagerError>;

    /// Get a copy of the master secret for replication.
    async fn replicate_master_secret(
        &self,
        generation: u64,
        nodes: Vec<PublicKey>,
    ) -> Result<VerifiableSecret, KeyManagerError>;

    /// Get a copy of the ephemeral secret for replication.
    async fn replicate_ephemeral_secret(
        &self,
        epoch: EpochTime,
        nodes: Vec<PublicKey>,
    ) -> Result<Secret, KeyManagerError>;

    /// Returns the verification matrix for the given handoff.
    async fn churp_verification_matrix(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        nodes: Vec<PublicKey>,
    ) -> Result<Vec<u8>, KeyManagerError>;

    /// Returns a switch point for the share reduction phase
    /// of the given handoff.
    async fn churp_share_reduction_point(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        node_id: PublicKey,
        nodes: Vec<PublicKey>,
    ) -> Result<Vec<u8>, KeyManagerError>;

    /// Returns a switch point for the share distribution phase
    /// of the given handoff.
    async fn churp_share_distribution_point(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        node_id: PublicKey,
        nodes: Vec<PublicKey>,
    ) -> Result<Vec<u8>, KeyManagerError>;

    /// Returns a bivariate share for the given handoff.
    async fn churp_bivariate_share(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        node_id: PublicKey,
        nodes: Vec<PublicKey>,
    ) -> Result<EncodedVerifiableSecretShare, KeyManagerError>;

    /// Returns state key.
    async fn churp_state_key(
        &self,
        churp_id: u8,
        key_id: KeyPairId,
    ) -> Result<StateKey, KeyManagerError>;
}

#[async_trait]
impl<T: ?Sized + KeyManagerClient> KeyManagerClient for Arc<T> {
    fn runtime_id(&self) -> Option<Namespace> {
        KeyManagerClient::runtime_id(&**self)
    }

    fn runtime_signing_key(&self) -> Option<PublicKey> {
        KeyManagerClient::runtime_signing_key(&**self)
    }

    fn clear_cache(&self) {
        KeyManagerClient::clear_cache(&**self)
    }

    async fn get_or_create_keys(
        &self,
        key_pair_id: KeyPairId,
        generation: u64,
    ) -> Result<KeyPair, KeyManagerError> {
        KeyManagerClient::get_or_create_keys(&**self, key_pair_id, generation).await
    }

    async fn get_public_key(
        &self,
        key_pair_id: KeyPairId,
        generation: u64,
    ) -> Result<SignedPublicKey, KeyManagerError> {
        KeyManagerClient::get_public_key(&**self, key_pair_id, generation).await
    }

    async fn get_or_create_ephemeral_keys(
        &self,
        key_pair_id: KeyPairId,
        epoch: EpochTime,
    ) -> Result<KeyPair, KeyManagerError> {
        KeyManagerClient::get_or_create_ephemeral_keys(&**self, key_pair_id, epoch).await
    }

    async fn get_public_ephemeral_key(
        &self,
        key_pair_id: KeyPairId,
        epoch: EpochTime,
    ) -> Result<SignedPublicKey, KeyManagerError> {
        KeyManagerClient::get_public_ephemeral_key(&**self, key_pair_id, epoch).await
    }

    async fn replicate_master_secret(
        &self,
        generation: u64,
        nodes: Vec<PublicKey>,
    ) -> Result<VerifiableSecret, KeyManagerError> {
        KeyManagerClient::replicate_master_secret(&**self, generation, nodes).await
    }

    async fn replicate_ephemeral_secret(
        &self,
        epoch: EpochTime,
        nodes: Vec<PublicKey>,
    ) -> Result<Secret, KeyManagerError> {
        KeyManagerClient::replicate_ephemeral_secret(&**self, epoch, nodes).await
    }

    async fn churp_verification_matrix(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        nodes: Vec<PublicKey>,
    ) -> Result<Vec<u8>, KeyManagerError> {
        KeyManagerClient::churp_verification_matrix(&**self, churp_id, epoch, nodes).await
    }

    async fn churp_share_reduction_point(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        node_id: PublicKey,
        nodes: Vec<PublicKey>,
    ) -> Result<Vec<u8>, KeyManagerError> {
        KeyManagerClient::churp_share_reduction_point(&**self, churp_id, epoch, node_id, nodes)
            .await
    }

    async fn churp_share_distribution_point(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        node_id: PublicKey,
        nodes: Vec<PublicKey>,
    ) -> Result<Vec<u8>, KeyManagerError> {
        KeyManagerClient::churp_share_distribution_point(&**self, churp_id, epoch, node_id, nodes)
            .await
    }

    async fn churp_bivariate_share(
        &self,
        churp_id: u8,
        epoch: EpochTime,
        node_id: PublicKey,
        nodes: Vec<PublicKey>,
    ) -> Result<EncodedVerifiableSecretShare, KeyManagerError> {
        KeyManagerClient::churp_bivariate_share(&**self, churp_id, epoch, node_id, nodes).await
    }

    async fn churp_state_key(
        &self,
        churp_id: u8,
        key_id: KeyPairId,
    ) -> Result<StateKey, KeyManagerError> {
        KeyManagerClient::churp_state_key(&**self, churp_id, key_id).await
    }
}

1	//! Key manager client.
2	use std::sync::Arc;
3
4	use async_trait::async_trait;
5
6	use oasis_core_runtime::{
7	common::{crypto::signature::PublicKey, namespace::Namespace},
8	consensus::beacon::EpochTime,
9	};
10
11	use crate::{
12	api::KeyManagerError,
13	churp::EncodedVerifiableSecretShare,
14	crypto::{KeyPair, KeyPairId, Secret, SignedPublicKey, StateKey, VerifiableSecret},
15	};
16
17	/// Key manager client interface.
18	#[async_trait]
19	pub trait KeyManagerClient: Send + Sync {
20	/// Key manager runtime identifier this client is connected to. It may be `None` in case the
21	/// identifier is not known yet (e.g. the client has not yet been initialized).
22	fn runtime_id(&self) -> Option<Namespace>;
23
24	/// Key manager runtime signing key used to sign messages from the key manager.
25	fn runtime_signing_key(&self) -> Option<PublicKey>;
26
27	/// Clear local key cache.
28	///
29	/// This will make the client re-fetch the keys from the key manager.
30	fn clear_cache(&self);
31
32	/// Get or create named long-term key pair.
33	///
34	/// If the key does not yet exist, the key manager will generate one. If
35	/// the key has already been cached locally, it will be retrieved from
36	/// cache.
37	async fn get_or_create_keys(
38	&self,
39	key_pair_id: KeyPairId,
40	generation: u64,
41	) -> Result<KeyPair, KeyManagerError>;
42
43	/// Get long-term public key for a key pair id.
44	async fn get_public_key(
45	&self,
46	key_pair_id: KeyPairId,
47	generation: u64,
48	) -> Result<SignedPublicKey, KeyManagerError>;
49
50	/// Get or create named ephemeral key pair for given epoch.
51	///
52	/// If the key does not yet exist, the key manager will generate one. If
53	/// the key has already been cached locally, it will be retrieved from
54	/// cache.
55	async fn get_or_create_ephemeral_keys(
56	&self,
57	key_pair_id: KeyPairId,
58	epoch: EpochTime,
59	) -> Result<KeyPair, KeyManagerError>;
60
61	/// Get ephemeral public key for an epoch and a key pair id.
62	async fn get_public_ephemeral_key(
63	&self,
64	key_pair_id: KeyPairId,
65	epoch: EpochTime,
66	) -> Result<SignedPublicKey, KeyManagerError>;
67
68	/// Get a copy of the master secret for replication.
69	async fn replicate_master_secret(
70	&self,
71	generation: u64,
72	nodes: Vec<PublicKey>,
73	) -> Result<VerifiableSecret, KeyManagerError>;
74
75	/// Get a copy of the ephemeral secret for replication.
76	async fn replicate_ephemeral_secret(
77	&self,
78	epoch: EpochTime,
79	nodes: Vec<PublicKey>,
80	) -> Result<Secret, KeyManagerError>;
81
82	/// Returns the verification matrix for the given handoff.
83	async fn churp_verification_matrix(
84	&self,
85	churp_id: u8,
86	epoch: EpochTime,
87	nodes: Vec<PublicKey>,
88	) -> Result<Vec<u8>, KeyManagerError>;
89
90	/// Returns a switch point for the share reduction phase
91	/// of the given handoff.
92	async fn churp_share_reduction_point(
93	&self,
94	churp_id: u8,
95	epoch: EpochTime,
96	node_id: PublicKey,
97	nodes: Vec<PublicKey>,
98	) -> Result<Vec<u8>, KeyManagerError>;
99
100	/// Returns a switch point for the share distribution phase
101	/// of the given handoff.
102	async fn churp_share_distribution_point(
103	&self,
104	churp_id: u8,
105	epoch: EpochTime,
106	node_id: PublicKey,
107	nodes: Vec<PublicKey>,
108	) -> Result<Vec<u8>, KeyManagerError>;
109
110	/// Returns a bivariate share for the given handoff.
111	async fn churp_bivariate_share(
112	&self,
113	churp_id: u8,
114	epoch: EpochTime,
115	node_id: PublicKey,
116	nodes: Vec<PublicKey>,
117	) -> Result<EncodedVerifiableSecretShare, KeyManagerError>;
118
119	/// Returns state key.
120	async fn churp_state_key(
121	&self,
122	churp_id: u8,
123	key_id: KeyPairId,
124	) -> Result<StateKey, KeyManagerError>;
125	}
126
127	#[async_trait]
128	impl<T: ?Sized + KeyManagerClient> KeyManagerClient for Arc<T> {
129	fn runtime_id(&self) -> Option<Namespace> {	×
130	KeyManagerClient::runtime_id(&**self)	×
131	}
132
133	fn runtime_signing_key(&self) -> Option<PublicKey> {	×
134	KeyManagerClient::runtime_signing_key(&**self)	×
135	}
136
137	fn clear_cache(&self) {	×
138	KeyManagerClient::clear_cache(&**self)	×
139	}
140
141	async fn get_or_create_keys(
142	&self,
143	key_pair_id: KeyPairId,
144	generation: u64,
145	) -> Result<KeyPair, KeyManagerError> {
146	KeyManagerClient::get_or_create_keys(&**self, key_pair_id, generation).await	×
147	}
148
149	async fn get_public_key(
150	&self,
151	key_pair_id: KeyPairId,
152	generation: u64,
153	) -> Result<SignedPublicKey, KeyManagerError> {
154	KeyManagerClient::get_public_key(&**self, key_pair_id, generation).await	×
155	}
156
157	async fn get_or_create_ephemeral_keys(
158	&self,
159	key_pair_id: KeyPairId,
160	epoch: EpochTime,
161	) -> Result<KeyPair, KeyManagerError> {
162	KeyManagerClient::get_or_create_ephemeral_keys(&**self, key_pair_id, epoch).await	×
163	}
164
165	async fn get_public_ephemeral_key(
166	&self,
167	key_pair_id: KeyPairId,
168	epoch: EpochTime,
169	) -> Result<SignedPublicKey, KeyManagerError> {
170	KeyManagerClient::get_public_ephemeral_key(&**self, key_pair_id, epoch).await	×
171	}
172
173	async fn replicate_master_secret(
174	&self,
175	generation: u64,
176	nodes: Vec<PublicKey>,
177	) -> Result<VerifiableSecret, KeyManagerError> {
NEW 178	KeyManagerClient::replicate_master_secret(&**self, generation, nodes).await	×
179	}
180
181	async fn replicate_ephemeral_secret(
182	&self,
183	epoch: EpochTime,
184	nodes: Vec<PublicKey>,
185	) -> Result<Secret, KeyManagerError> {
NEW 186	KeyManagerClient::replicate_ephemeral_secret(&**self, epoch, nodes).await	×
187	}
188
189	async fn churp_verification_matrix(
190	&self,
191	churp_id: u8,
192	epoch: EpochTime,
193	nodes: Vec<PublicKey>,
194	) -> Result<Vec<u8>, KeyManagerError> {
NEW 195	KeyManagerClient::churp_verification_matrix(&**self, churp_id, epoch, nodes).await	×
196	}
197
198	async fn churp_share_reduction_point(
199	&self,
200	churp_id: u8,
201	epoch: EpochTime,
202	node_id: PublicKey,
203	nodes: Vec<PublicKey>,
204	) -> Result<Vec<u8>, KeyManagerError> {
NEW 205	KeyManagerClient::churp_share_reduction_point(&**self, churp_id, epoch, node_id, nodes)	×
NEW 206	.await	×
207	}
208
209	async fn churp_share_distribution_point(
210	&self,
211	churp_id: u8,
212	epoch: EpochTime,
213	node_id: PublicKey,
214	nodes: Vec<PublicKey>,
215	) -> Result<Vec<u8>, KeyManagerError> {
NEW 216	KeyManagerClient::churp_share_distribution_point(&**self, churp_id, epoch, node_id, nodes)	×
NEW 217	.await	×
218	}
219
220	async fn churp_bivariate_share(
221	&self,
222	churp_id: u8,
223	epoch: EpochTime,
224	node_id: PublicKey,
225	nodes: Vec<PublicKey>,
226	) -> Result<EncodedVerifiableSecretShare, KeyManagerError> {
NEW 227	KeyManagerClient::churp_bivariate_share(&**self, churp_id, epoch, node_id, nodes).await	×
228	}
229
230	async fn churp_state_key(
231	&self,
232	churp_id: u8,
233	key_id: KeyPairId,
234	) -> Result<StateKey, KeyManagerError> {
235	KeyManagerClient::churp_state_key(&**self, churp_id, key_id).await	×
236	}
237	}

oasisprotocol / oasis-core / #5293

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous