hc_deepkey_types/
key_registration.rs

1use hdi::prelude::*;
2
3use crate::{Authorization, KeyAnchor};
4
5#[derive(Debug, Clone, Serialize, Deserialize)]
6pub struct KeyGeneration {
7    pub new_key: AgentPubKey,
8
9    // The private key has signed the deepkey agent key to prove ownership
10    pub new_key_signing_of_author: Signature,
11    // TODO
12    // generator: ActionHash, // This is the key authorized to generate new keys on this chain
13    // generator_signature: Signature, // The generator key signing the new key
14}
15
16impl KeyGeneration {
17    pub fn new(key: AgentPubKey, signature: Signature) -> Self {
18        Self {
19            new_key: key,
20            new_key_signing_of_author: signature,
21        }
22    }
23}
24
25impl From<(AgentPubKey, Signature)> for KeyGeneration {
26    fn from((key, signature): (AgentPubKey, Signature)) -> Self {
27        Self::new(key, signature)
28    }
29}
30
31impl From<(&AgentPubKey, &Signature)> for KeyGeneration {
32    fn from((key, signature): (&AgentPubKey, &Signature)) -> Self {
33        (key.to_owned(), signature.to_owned()).into()
34    }
35}
36
37#[derive(Debug, Clone, Serialize, Deserialize)]
38pub struct KeyRevocation {
39    pub prior_key_registration: ActionHash,
40    pub revocation_authorization: Vec<Authorization>,
41}
42
43impl KeyRevocation {
44    pub fn new(prior_key: ActionHash, authorizations: Vec<Authorization>) -> Self {
45        Self {
46            prior_key_registration: prior_key,
47            revocation_authorization: authorizations,
48        }
49    }
50}
51
52impl From<(ActionHash, Vec<Authorization>)> for KeyRevocation {
53    fn from((prior_key, authorizations): (ActionHash, Vec<Authorization>)) -> Self {
54        Self::new(prior_key, authorizations)
55    }
56}
57
58impl From<(&ActionHash, &Vec<Authorization>)> for KeyRevocation {
59    fn from((prior_key, authorizations): (&ActionHash, &Vec<Authorization>)) -> Self {
60        (prior_key.to_owned(), authorizations.to_owned()).into()
61    }
62}
63
64/// Registration information used to validate operations on a `KeyAnchor`
65///
66/// This enum supports 4 variants:
67///
68/// - `Create` - *for a new key under the management of a KSR*
69/// - `CreateOnly` - *for a new key that cannot be updated*
70/// - `Update` - *for replacing a managed key*
71/// - `Delete` - *for permanently ending the management of this registration*
72#[hdk_entry_helper]
73#[derive(Clone)]
74pub enum KeyRegistration {
75    // Creates a key under management of current KSR on this chain
76    Create(KeyGeneration),
77
78    // Unmanaged key. Keys for hosted web users may be of this type, cannot replace/revoke
79    CreateOnly(KeyGeneration),
80
81    // Revokes a key and replaces it with a newly generated one
82    Update(KeyRevocation, KeyGeneration),
83
84    // Permanently revokes a key (Note: still uses an update action.)
85    Delete(KeyRevocation),
86}
87
88impl KeyRegistration {
89    pub fn key_anchor(&self) -> ExternResult<KeyAnchor> {
90        match self {
91            KeyRegistration::Create(key_gen) => key_gen.new_key.to_owned(),
92            KeyRegistration::CreateOnly(key_gen) => key_gen.new_key.to_owned(),
93            KeyRegistration::Update(_, key_gen) => key_gen.new_key.to_owned(),
94            KeyRegistration::Delete(_) => Err(wasm_error!(WasmErrorInner::Guest(
95                "Cannot derive KeyAnchor from a KeyRegistration::Delete".to_string()
96            )))?,
97        }
98        .try_into()
99    }
100
101    pub fn key_anchor_hash(&self) -> ExternResult<EntryHash> {
102        hash_entry(self.key_anchor()?)
103    }
104}