Adding Deactivate and Activate identity in the cli (#2624)

litentry · Mar 29, 2024 · 3560fb5 · 3560fb5
1 parent 33e2765
commit 3560fb5
Show file tree

Hide file tree

Showing 4 changed files with 164 additions and 1 deletion.
diff --git a/tee-worker/cli/src/base_cli/commands/litentry/activate_identity.rs b/tee-worker/cli/src/base_cli/commands/litentry/activate_identity.rs
@@ -0,0 +1,74 @@
+// Copyright 2020-2024 Trust Computing GmbH.
+// This file is part of Litentry.
+//
+// Litentry is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Litentry is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
+
+use super::IMP;
+use crate::{
+	command_utils::{get_chain_api, *},
+	Cli, CliResult, CliResultOk,
+};
+use codec::{Decode, Encode};
+use itc_rpc_client::direct_client::DirectApi;
+use itp_sgx_crypto::ShieldingCryptoEncrypt;
+use itp_stf_primitives::types::ShardIdentifier;
+use litentry_primitives::Identity;
+use log::*;
+use sp_core::sr25519 as sr25519_core;
+use substrate_api_client::{ac_compose_macros::compose_extrinsic, SubmitAndWatch, XtStatus};
+
+#[derive(Parser)]
+pub struct ActivateIdentityCommand {
+	/// AccountId in ss58check format
+	account: String,
+	/// Identity to be created, in did form
+	did: String,
+	/// Delegate signer for the account
+	#[clap(short = 'd')]
+	delegate: Option<String>,
+}
+
+impl ActivateIdentityCommand {
+	pub(crate) fn run(&self, cli: &Cli) -> CliResult {
+		let mut chain_api = get_chain_api(cli);
+
+		let direct_api = get_worker_api_direct(cli);
+		let mrenclave = direct_api.get_state_mrenclave().unwrap();
+		let shard = ShardIdentifier::decode(&mut &mrenclave[..]).unwrap();
+		let signer = self.get_signer();
+
+		chain_api.set_signer(signer.into());
+
+		let (_, encrypted_identity) = self.encrypt_identity(cli);
+
+		let xt = compose_extrinsic!(chain_api, IMP, "activate_identity", shard, encrypted_identity);
+
+		let tx_hash = chain_api.submit_and_watch_extrinsic_until(xt, XtStatus::Finalized).unwrap();
+		println!("[+] ActivateIdentityCommand got finalized. Hash: {:?}", tx_hash);
+
+		Ok(CliResultOk::None)
+	}
+
+	fn get_signer(&self) -> sr25519_core::Pair {
+		let account = self.delegate.as_ref().unwrap_or(&self.account);
+		get_pair_from_str(account).into()
+	}
+
+	fn encrypt_identity(&self, cli: &Cli) -> (Identity, Vec<u8>) {
+		let identity = Identity::from_did(&self.did).unwrap();
+		let tee_shielding_key = get_shielding_key(cli).unwrap();
+		let encrypted_identity = tee_shielding_key.encrypt(&identity.encode()).unwrap();
+		(identity, encrypted_identity)
+	}
+}
diff --git a/tee-worker/cli/src/base_cli/commands/litentry/deactivate_identity.rs b/tee-worker/cli/src/base_cli/commands/litentry/deactivate_identity.rs
@@ -0,0 +1,75 @@
+// Copyright 2020-2024 Trust Computing GmbH.
+// This file is part of Litentry.
+//
+// Litentry is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// Litentry is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
+
+use super::IMP;
+use crate::{
+	command_utils::{get_chain_api, *},
+	Cli, CliResult, CliResultOk,
+};
+use codec::{Decode, Encode};
+use itc_rpc_client::direct_client::DirectApi;
+use itp_sgx_crypto::ShieldingCryptoEncrypt;
+use itp_stf_primitives::types::ShardIdentifier;
+use litentry_primitives::Identity;
+use log::*;
+use sp_core::sr25519 as sr25519_core;
+use substrate_api_client::{ac_compose_macros::compose_extrinsic, SubmitAndWatch, XtStatus};
+
+#[derive(Parser)]
+pub struct DeactivateIdentityCommand {
+	/// AccountId in ss58check format
+	account: String,
+	/// Identity to be created, in did form
+	did: String,
+	/// Delegate signer for the account
+	#[clap(short = 'd')]
+	delegate: Option<String>,
+}
+
+impl DeactivateIdentityCommand {
+	pub(crate) fn run(&self, cli: &Cli) -> CliResult {
+		let mut chain_api = get_chain_api(cli);
+
+		let direct_api = get_worker_api_direct(cli);
+		let mrenclave = direct_api.get_state_mrenclave().unwrap();
+		let shard = ShardIdentifier::decode(&mut &mrenclave[..]).unwrap();
+		let signer = self.get_signer();
+
+		chain_api.set_signer(signer.into());
+
+		let (_, encrypted_identity) = self.encrypt_identity(cli);
+
+		let xt =
+			compose_extrinsic!(chain_api, IMP, "deactivate_identity", shard, encrypted_identity);
+
+		let tx_hash = chain_api.submit_and_watch_extrinsic_until(xt, XtStatus::Finalized).unwrap();
+		println!("[+] DeactivateIdentityCommand got finalized. Hash: {:?}", tx_hash);
+
+		Ok(CliResultOk::None)
+	}
+
+	fn get_signer(&self) -> sr25519_core::Pair {
+		let account = self.delegate.as_ref().unwrap_or(&self.account);
+		get_pair_from_str(account).into()
+	}
+
+	fn encrypt_identity(&self, cli: &Cli) -> (Identity, Vec<u8>) {
+		let identity = Identity::from_did(&self.did).unwrap();
+		let tee_shielding_key = get_shielding_key(cli).unwrap();
+		let encrypted_identity = tee_shielding_key.encrypt(&identity.encode()).unwrap();
+		(identity, encrypted_identity)
+	}
+}
diff --git a/tee-worker/cli/src/base_cli/commands/litentry/mod.rs b/tee-worker/cli/src/base_cli/commands/litentry/mod.rs
@@ -14,6 +14,8 @@
 // You should have received a copy of the GNU General Public License
 // along with Litentry.  If not, see <https://www.gnu.org/licenses/>.
 
+pub mod activate_identity;
+pub mod deactivate_identity;
 pub mod id_graph_hash;
 pub mod link_identity;
 

diff --git a/tee-worker/cli/src/base_cli/mod.rs b/tee-worker/cli/src/base_cli/mod.rs
@@ -20,7 +20,11 @@ use crate::{
 		balance::BalanceCommand,
 		faucet::FaucetCommand,
 		listen::ListenCommand,
-		litentry::{id_graph_hash::IDGraphHashCommand, link_identity::LinkIdentityCommand},
+		litentry::{
+			activate_identity::ActivateIdentityCommand,
+			deactivate_identity::DeactivateIdentityCommand, id_graph_hash::IDGraphHashCommand,
+			link_identity::LinkIdentityCommand,
+		},
 		register_tcb_info::RegisterTcbInfoCommand,
 		transfer::TransferCommand,
 	},
@@ -86,6 +90,12 @@ pub enum BaseCommand {
 
 	/// get the IDGraph hash of the given identity
 	IDGraphHash(IDGraphHashCommand),
+
+	/// Deactivate Identity
+	DeactivateIdentity(DeactivateIdentityCommand),
+
+	/// Activate identity
+	ActivateIdentity(ActivateIdentityCommand),
 }
 
 impl BaseCommand {
@@ -105,6 +115,8 @@ impl BaseCommand {
 			BaseCommand::PrintSgxMetadataRaw => print_sgx_metadata_raw(cli),
 			BaseCommand::LinkIdentity(cmd) => cmd.run(cli),
 			BaseCommand::IDGraphHash(cmd) => cmd.run(cli),
+			BaseCommand::DeactivateIdentity(cmd) => cmd.run(cli),
+			BaseCommand::ActivateIdentity(cmd) => cmd.run(cli),
 		}
 	}
 }