holochain_keystore/
lib.rs

1#![deny(missing_docs)]
2#![allow(clippy::needless_doctest_main)]
3//! A Keystore is a secure repository of private keys. MetaLairClient is a
4//! reference to a Keystore. MetaLairClient allows async generation of keypairs,
5//! and usage of those keypairs, reference by the public AgentPubKey.
6//!
7//! # Examples
8//!
9//! ```
10//! use holo_hash::AgentPubKey;
11//! use holochain_keystore::*;
12//! use holochain_serialized_bytes::prelude::*;
13//!
14//! #[tokio::main(flavor = "multi_thread")]
15//! async fn main() {
16//!     tokio::task::spawn(async move {
17//!         let keystore = holochain_keystore::spawn_test_keystore().await.unwrap();
18//!         let agent_pubkey = AgentPubKey::new_random(&keystore).await.unwrap();
19//!
20//!         #[derive(Debug, serde::Serialize, serde::Deserialize, SerializedBytes)]
21//!         struct MyData(Vec<u8>);
22//!
23//!         let my_data_1 = MyData(b"signature test data 1".to_vec());
24//!
25//!         let signature = agent_pubkey.sign(&keystore, &my_data_1).await.unwrap();
26//!
27//!         assert!(agent_pubkey.verify_signature(&signature, &my_data_1).await.unwrap());
28//!     }).await.unwrap();
29//! }
30//! ```
31
32use holochain_serialized_bytes::prelude::*;
33
34mod error;
35pub use error::*;
36
37mod meta_lair_client;
38pub use meta_lair_client::*;
39
40mod agent_pubkey_ext;
41pub use agent_pubkey_ext::*;
42
43pub mod lair_keystore;
44
45pub mod paths;
46
47mod test_keystore;
48pub use test_keystore::*;
49
50#[cfg(feature = "test_utils")]
51pub mod crude_mock_keystore;
52
53/// Construct a simple in-memory in-process keystore.
54pub async fn spawn_mem_keystore() -> LairResult<MetaLairClient> {
55    use kitsune_p2p_types::dependencies::lair_keystore_api;
56    use lair_keystore_api::prelude::*;
57    use std::sync::Arc;
58
59    // in-memory secure random passphrase
60    let passphrase = sodoken::BufWrite::new_mem_locked(32)?;
61    sodoken::random::bytes_buf(passphrase.clone()).await?;
62
63    // in-mem / in-proc config
64    let config = Arc::new(
65        PwHashLimits::Minimum
66            .with_exec(|| {
67                lair_keystore_api::config::LairServerConfigInner::new("/", passphrase.to_read())
68            })
69            .await?,
70    );
71
72    // the keystore
73    let keystore = lair_keystore_api::in_proc_keystore::InProcKeystore::new(
74        config,
75        lair_keystore_api::mem_store::create_mem_store_factory(),
76        passphrase.to_read(),
77    )
78    .await?;
79
80    // return the client
81    let client = keystore.new_client().await?;
82    let (s, _) = tokio::sync::mpsc::unbounded_channel();
83    Ok(MetaLairClient(Arc::new(parking_lot::Mutex::new(client)), s))
84}