feat: add wallet migration to askar

Signed-off-by: Ondrej Prazak <ondrej.prazak@absa.africa>
hyperledger · Mar 15, 2024 · 0cb5fc3 · 0cb5fc3
1 parent a3c5a99
commit 0cb5fc3
Show file tree

Hide file tree

Showing 35 changed files with 1,134 additions and 1,047 deletions.
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -115,7 +115,7 @@ jobs:
           sudo apt-get update -y
           sudo apt-get install -y libsodium-dev libssl-dev libzmq3-dev
           sudo snap install --edge --classic just
-      - name: "Verify clippy across the entire workspace with default features"
+      - name: "Verify clippy across the entire workspace"
         run: just clippy-workspace ${{ matrix.wallet }}
 
   aries_vcx_clippy:
@@ -277,6 +277,23 @@ jobs:
       - name: "Run workspace unit tests"
         run: just test-unit
 
+  test-wallet-migrator:
+    needs: workflow-setup
+    runs-on: ubuntu-20.04
+    steps:
+      - name: "Git checkout"
+        uses: actions/checkout@v3
+      - name: "Setup rust testing environment"
+        uses: ./.github/actions/setup-testing-rust
+        with:
+          rust-toolchain-version: ${{ env.RUST_TOOLCHAIN_VERSION }}
+          default: true
+          skip-docker-setup: true
+      - name: "Install just"
+        run: sudo snap install --edge --classic just
+      - name: "Run wallet migration tests"
+        run: just test-wallet-migrator
+
   test-intergation-aries-vcx-core:
     needs: workflow-setup
     runs-on: ubuntu-20.04

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/aries/aries_vcx_core/Cargo.toml b/aries/aries_vcx_core/Cargo.toml
@@ -13,11 +13,11 @@ vdr_proxy_ledger = ["credx", "dep:indy-vdr-proxy-client"]
 # Feature flag to allow legacy proof verification
 legacy_proof = []
 
-askar_wallet = ["dep:aries-askar", "dep:bs58"]
+askar_wallet = ["dep:aries-askar"]
 
 [dependencies]
 aries-askar = { version = "=0.3.0", optional = true }
-bs58 = { version = "0.5", optional = true }
+bs58 = { version = "0.5" }
 indy-vdr = { git = "https://github.com/hyperledger/indy-vdr.git", rev = "c143268", default-features = false, features = ["log"] }
 indy-credx = { git = "https://github.com/hyperledger/indy-shared-rs", tag = "v1.1.0", optional = true }
 # anoncreds = { git = "https://github.com/hyperledger/anoncreds-rs", tag = "v0.2.0-dev.5", optional = true }

diff --git a/aries/aries_vcx_core/src/wallet/askar/askar_did_wallet.rs b/aries/aries_vcx_core/src/wallet/askar/askar_did_wallet.rs
@@ -18,7 +18,6 @@ use crate::{
     wallet::{
         base_wallet::{did_data::DidData, did_wallet::DidWallet, record_category::RecordCategory},
         structs_io::UnpackMessageOutput,
-        utils::did_from_key,
     },
 };
 
@@ -112,8 +111,7 @@ impl DidWallet for AskarWallet {
         let mut tx = self.transaction().await?;
         if let Some(did_value) = self.find_did(&mut tx, did, RecordCategory::TmpDid).await? {
             tx.remove(&RecordCategory::TmpDid.to_string(), did).await?;
-            tx.remove_key(&did_from_key(did_value.verkey().clone()))
-                .await?;
+            tx.remove_key(&did_value.verkey().base58()).await?;
             self.update_did(
                 &mut tx,
                 did,
@@ -136,7 +134,7 @@ impl DidWallet for AskarWallet {
         if let Some(key) = self
             .session()
             .await?
-            .fetch_key(&did_from_key(key.to_owned()), false)
+            .fetch_key(&key.base58(), false)
             .await?
         {
             let local_key = key.load_local_key()?;
@@ -154,7 +152,7 @@ impl DidWallet for AskarWallet {
         if let Some(key) = self
             .session()
             .await?
-            .fetch_key(&did_from_key(key.to_owned()), false)
+            .fetch_key(&key.base58(), false)
             .await?
         {
             let local_key = key.load_local_key()?;
@@ -183,7 +181,7 @@ impl DidWallet for AskarWallet {
                 let mut session = self.session().await?;
 
                 let my_key = self
-                    .fetch_local_key(&mut session, &did_from_key(sender_verkey))
+                    .fetch_local_key(&mut session, &sender_verkey.base58())
                     .await?;
                 enc_key.pack_authcrypt(recipient_keys, my_key)?
             } else {

diff --git a/aries/aries_vcx_core/src/wallet/askar/askar_utils.rs b/aries/aries_vcx_core/src/wallet/askar/askar_utils.rs
@@ -7,20 +7,17 @@ use serde::Deserialize;
 
 use crate::{
     errors::error::{AriesVcxCoreErrorKind, VcxCoreResult},
-    wallet::{askar::AriesVcxCoreError, utils::random_seed},
+    wallet::{
+        askar::AriesVcxCoreError, base_wallet::base58_string::Base58String, utils::random_seed,
+    },
 };
 
-pub fn local_key_to_bs58_name(local_key: &LocalKey) -> VcxCoreResult<String> {
-    let res = local_key_to_bs58_public_key(local_key)?;
-    Ok(res[0..16].to_string())
+pub fn local_key_to_bs58_public_key(local_key: &LocalKey) -> VcxCoreResult<Base58String> {
+    Ok(Base58String::from_bytes(&local_key.to_public_bytes()?))
 }
 
-pub fn local_key_to_bs58_public_key(local_key: &LocalKey) -> VcxCoreResult<String> {
-    Ok(bs58::encode(local_key.to_public_bytes()?).into_string())
-}
-
-pub fn local_key_to_bs58_private_key(local_key: &LocalKey) -> VcxCoreResult<String> {
-    Ok(bs58::encode(local_key.to_secret_bytes()?).into_string())
+pub fn local_key_to_bs58_private_key(local_key: &LocalKey) -> VcxCoreResult<Base58String> {
+    Ok(Base58String::from_bytes(&local_key.to_secret_bytes()?))
 }
 
 pub fn local_key_to_public_key(local_key: &LocalKey) -> VcxCoreResult<Key> {
@@ -46,21 +43,6 @@ pub fn from_json_str<T: for<'a> Deserialize<'a>>(json: &str) -> VcxCoreResult<T>
         .map_err(|err| AriesVcxCoreError::from_msg(AriesVcxCoreErrorKind::InvalidJson, err))
 }
 
-pub fn bytes_to_bs58(bytes: &[u8]) -> String {
-    bs58::encode(bytes).into_string()
-}
-
-pub fn bs58_to_bytes(key: &[u8]) -> VcxCoreResult<Vec<u8>> {
-    bs58::decode(key)
-        .into_vec()
-        .map_err(|err| AriesVcxCoreError::from_msg(AriesVcxCoreErrorKind::WalletError, err))
-}
-
-pub fn bytes_to_string(vec: Vec<u8>) -> VcxCoreResult<String> {
-    String::from_utf8(vec)
-        .map_err(|err| AriesVcxCoreError::from_msg(AriesVcxCoreErrorKind::InvalidInput, err))
-}
-
 pub fn value_from_entry(entry: Entry) -> VcxCoreResult<String> {
     Ok(std::str::from_utf8(&entry.value)
         .map_err(|err| AriesVcxCoreError::from_msg(AriesVcxCoreErrorKind::WalletError, err))?

diff --git a/aries/aries_vcx_core/src/wallet/askar/key_value.rs b/aries/aries_vcx_core/src/wallet/askar/key_value.rs
diff --git a/aries/aries_vcx_core/src/wallet/askar/mod.rs b/aries/aries_vcx_core/src/wallet/askar/mod.rs
@@ -7,10 +7,15 @@ use async_trait::async_trait;
 use public_key::Key;
 
 use self::{
-    askar_utils::local_key_to_bs58_name, askar_wallet_config::AskarWalletConfig,
+    askar_utils::local_key_to_bs58_public_key, askar_wallet_config::AskarWalletConfig,
     rng_method::RngMethod,
 };
-use super::base_wallet::{did_value::DidValue, record_category::RecordCategory, BaseWallet};
+use super::{
+    base_wallet::{
+        did_value::DidValue, key_value::KeyValue, record_category::RecordCategory, BaseWallet,
+    },
+    record_tags::RecordTags,
+};
 use crate::errors::error::{AriesVcxCoreError, AriesVcxCoreErrorKind, VcxCoreResult};
 
 mod all_askar_records;
@@ -22,7 +27,6 @@ pub mod askar_wallet_config;
 mod entry;
 mod entry_tags;
 pub mod key_method;
-mod key_value;
 mod pack;
 mod packing_types;
 mod partial_record;
@@ -45,6 +49,20 @@ impl BaseWallet for AskarWallet {
     async fn close_wallet(&self) -> VcxCoreResult<()> {
         todo!()
     }
+
+    async fn create_key(
+        &self,
+        name: &str,
+        value: KeyValue,
+        tags: &RecordTags,
+    ) -> VcxCoreResult<()> {
+        let mut session = self.session().await?;
+        let tg: Vec<_> = tags.clone().into();
+        let key = LocalKey::from_secret_bytes(KeyAlg::Ed25519, &value.signkey().decode()?[0..32])?;
+        Ok(session
+            .insert_key(name, &key, None, Some(&tg), None)
+            .await?)
+    }
 }
 
 impl AskarWallet {
@@ -112,7 +130,7 @@ impl AskarWallet {
         rng_method: RngMethod,
     ) -> Result<(String, LocalKey), AriesVcxCoreError> {
         let key = LocalKey::from_seed(alg, seed, rng_method.into())?;
-        let key_name = local_key_to_bs58_name(&key)?;
+        let key_name = local_key_to_bs58_public_key(&key)?.into_inner();
         session
             .insert_key(&key_name, &key, None, None, None)
             .await?;

diff --git a/aries/aries_vcx_core/src/wallet/askar/pack.rs b/aries/aries_vcx_core/src/wallet/askar/pack.rs
@@ -4,12 +4,18 @@ use aries_askar::kms::{
 use public_key::Key;
 
 use super::{
-    askar_utils::{bs58_to_bytes, bytes_to_bs58, ed25519_to_x25519},
+    askar_utils::ed25519_to_x25519,
     packing_types::{
-        Base64String, Jwe, JweAlg, ProtectedData, ProtectedHeaderEnc, ProtectedHeaderTyp, Recipient,
+        Jwe, JweAlg, ProtectedData, ProtectedHeaderEnc, ProtectedHeaderTyp, Recipient,
+    },
+};
+use crate::{
+    errors::error::{AriesVcxCoreError, AriesVcxCoreErrorKind, VcxCoreResult},
+    wallet::{
+        base_wallet::base64_string::Base64String,
+        utils::{bs58_to_bytes, bytes_to_bs58},
     },
 };
-use crate::errors::error::{AriesVcxCoreError, AriesVcxCoreErrorKind, VcxCoreResult};
 
 fn check_supported_key_alg(key: &LocalKey) -> VcxCoreResult<()> {
     let supported_algs = vec![Ed25519];

diff --git a/aries/aries_vcx_core/src/wallet/askar/packing_types.rs b/aries/aries_vcx_core/src/wallet/askar/packing_types.rs
@@ -1,10 +1,6 @@
-use indy_vdr::utils::base64::{decode_urlsafe, encode_urlsafe};
 use serde::{de::Unexpected, Deserialize, Serialize};
 
-use crate::{
-    errors::error::{AriesVcxCoreError, AriesVcxCoreErrorKind, VcxCoreResult},
-    wallet::askar::askar_utils::bytes_to_string,
-};
+use crate::wallet::base_wallet::base64_string::Base64String;
 
 pub const PROTECTED_HEADER_ENC: &str = "xchacha20poly1305_ietf";
 pub const PROTECTED_HEADER_TYP: &str = "JWM/1.0";
@@ -75,29 +71,6 @@ impl<'de> Deserialize<'de> for ProtectedHeaderTyp {
     }
 }
 
-#[derive(Serialize, Deserialize, Debug)]
-#[serde(transparent)]
-pub struct Base64String(String);
-
-impl Base64String {
-    pub fn from_bytes(content: &[u8]) -> Self {
-        Self(encode_urlsafe(content))
-    }
-
-    pub fn decode(&self) -> VcxCoreResult<Vec<u8>> {
-        decode_urlsafe(&self.0)
-            .map_err(|e| AriesVcxCoreError::from_msg(AriesVcxCoreErrorKind::InvalidJson, e))
-    }
-
-    pub fn decode_to_string(&self) -> VcxCoreResult<String> {
-        bytes_to_string(self.decode()?)
-    }
-
-    pub fn as_bytes(&self) -> Vec<u8> {
-        self.0.as_bytes().into()
-    }
-}
-
 #[derive(Serialize, Deserialize, Debug)]
 pub struct Jwe {
     pub protected: Base64String,
@@ -157,10 +130,6 @@ impl Recipient {
             Self::Authcrypt(inner) => &inner.header.kid,
         }
     }
-
-    pub fn key_name(&self) -> &str {
-        &self.unwrap_kid()[0..16]
-    }
 }
 
 #[derive(Serialize, Deserialize, Debug)]

diff --git a/aries/aries_vcx_core/src/wallet/askar/partial_record.rs b/aries/aries_vcx_core/src/wallet/askar/partial_record.rs
@@ -1,9 +1,11 @@
-use super::{askar_utils::value_from_entry, key_value::KeyValue};
+use super::askar_utils::value_from_entry;
 use crate::{
     errors::error::VcxCoreResult,
     wallet::{
         askar::askar_utils::{local_key_to_bs58_private_key, local_key_to_bs58_public_key},
-        base_wallet::{record::PartialRecord, record_category::RecordCategory},
+        base_wallet::{
+            key_value::KeyValue, record::PartialRecord, record_category::RecordCategory,
+        },
     },
 };