This repository has been archived by the owner on Nov 15, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2.6k
Expand remote keystore interface to allow for hybrid mode #7628
Merged
Merged
Changes from 22 commits
Commits
Show all changes
23 commits
Select commit
Hold shift + click to select a range
66fb709
update to latest master
gnunicorn ea6abb0
updates on docs, license, meta
gnunicorn 790f00e
hide ssrs behind feature flag
gnunicorn 29a68ee
Merge remote-tracking branch 'origin/master' into ben-remote-signer
gnunicorn 1f292b5
implement remaining functions on the server
gnunicorn 7ad8521
sign server line length fix
gnunicorn d310105
fix tests
gnunicorn 2ec7541
fixup in-memory-keystore
gnunicorn fc9adfe
adding failsafe
gnunicorn ac8fb13
skipping ecdsa test for now
gnunicorn 95fb534
Merge remote-tracking branch 'origin/master' into ben-remote-signer
gnunicorn a9377a3
Merge remote-tracking branch 'origin/master' into ben-remote-signer
gnunicorn 610dce8
remote keystore param
gnunicorn 0d58447
remote sign urls made available
gnunicorn a8ca9ba
integrating keystore remotes features
gnunicorn 81f9356
don't forget the dependency
gnunicorn 418d893
remove old cruft
gnunicorn 24eede6
Merge remote-tracking branch 'origin/master' into ben-remote-signer
gnunicorn df50b0d
reset local keystore
gnunicorn 4651095
applying suggestions
gnunicorn 369a592
Switch to single remote, minor grumbles
gnunicorn 8361c7d
Merge remote-tracking branch 'origin/master' into ben-remote-keystore…
gnunicorn be2fbc6
minor grumbles, docs
gnunicorn File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -59,7 +59,7 @@ use sp_core::traits::{ | |
CodeExecutor, | ||
SpawnNamed, | ||
}; | ||
use sp_keystore::{CryptoStore, SyncCryptoStorePtr}; | ||
use sp_keystore::{CryptoStore, SyncCryptoStore, SyncCryptoStorePtr}; | ||
use sp_runtime::BuildStorage; | ||
use sc_client_api::{ | ||
BlockBackend, BlockchainEvents, | ||
|
@@ -205,12 +205,25 @@ pub type TLightClientWithBackend<TBl, TRtApi, TExecDisp, TBackend> = Client< | |
TRtApi, | ||
>; | ||
|
||
enum KeystoreContainerInner { | ||
Local(Arc<LocalKeystore>) | ||
trait AsCryptoStoreRef { | ||
fn keystore_ref(&self) -> Arc<dyn CryptoStore>; | ||
fn sync_keystore_ref(&self) -> Arc<dyn SyncCryptoStore>; | ||
} | ||
|
||
impl<T> AsCryptoStoreRef for Arc<T> where T: CryptoStore + SyncCryptoStore + 'static { | ||
fn keystore_ref(&self) -> Arc<dyn CryptoStore> { | ||
self.clone() | ||
} | ||
fn sync_keystore_ref(&self) -> Arc<dyn SyncCryptoStore> { | ||
self.clone() | ||
} | ||
} | ||
|
||
/// Construct and hold different layers of Keystore wrappers | ||
pub struct KeystoreContainer(KeystoreContainerInner); | ||
pub struct KeystoreContainer { | ||
remote: Option<Box<dyn AsCryptoStoreRef>>, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I keep pondering if there is any way to make this nicer. We know this will be an |
||
local: Arc<LocalKeystore>, | ||
} | ||
|
||
impl KeystoreContainer { | ||
/// Construct KeystoreContainer | ||
|
@@ -223,20 +236,35 @@ impl KeystoreContainer { | |
KeystoreConfig::InMemory => LocalKeystore::in_memory(), | ||
}); | ||
|
||
Ok(Self(KeystoreContainerInner::Local(keystore))) | ||
Ok(Self{remote: Default::default(), local: keystore}) | ||
} | ||
|
||
/// Set the remote keystore. | ||
/// Should be called right away at startup and not at runtime: | ||
/// even though this overrides any previously set remote store, it | ||
/// does not reset any references previously handed out - they will | ||
/// stick araound. | ||
pub fn set_remote_keystore<T>(&mut self, remote: Arc<T>) | ||
where T: CryptoStore + SyncCryptoStore + 'static | ||
{ | ||
self.remote = Some(Box::new(remote)) | ||
} | ||
|
||
/// Returns an adapter to the asynchronous keystore that implements `CryptoStore` | ||
pub fn keystore(&self) -> Arc<dyn CryptoStore> { | ||
match self.0 { | ||
KeystoreContainerInner::Local(ref keystore) => keystore.clone(), | ||
if let Some(c) = self.remote.as_ref() { | ||
c.keystore_ref() | ||
} else { | ||
self.local.clone() | ||
} | ||
} | ||
|
||
/// Returns the synchrnous keystore wrapper | ||
pub fn sync_keystore(&self) -> SyncCryptoStorePtr { | ||
match self.0 { | ||
KeystoreContainerInner::Local(ref keystore) => keystore.clone() as SyncCryptoStorePtr, | ||
if let Some(c) = self.remote.as_ref() { | ||
c.sync_keystore_ref() | ||
} else { | ||
self.local.clone() as SyncCryptoStorePtr | ||
} | ||
} | ||
|
||
|
@@ -249,9 +277,7 @@ impl KeystoreContainer { | |
/// Using the [`LocalKeystore`] will result in loosing the ability to use any other keystore implementation, like | ||
/// a remote keystore for example. Only use this if you a certain that you require it! | ||
pub fn local_keystore(&self) -> Option<Arc<LocalKeystore>> { | ||
match self.0 { | ||
KeystoreContainerInner::Local(ref keystore) => Some(keystore.clone()), | ||
} | ||
Some(self.local.clone()) | ||
} | ||
} | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How is a remote store going to return a concrete
LocalKeystore
? Shouldn't this beArc<dyn CryptoStore>
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We face the same
CryptoStore + SyncCryptoStore
interface problem here, so I can't quite make this adyn
unless I provide a similar wrapper. Which is quite the overkill as in reality this will always return a concrete type and thus the interface is unnecessary. In this example I just used the local-store as the concrete type (that, as you can see, is never returned)