soroban_cli/signer/
secure_store.rs

1use sep5::SeedPhrase;
2use stellar_strkey::ed25519::PublicKey;
3
4use crate::print::Print;
5
6#[cfg(feature = "additional-libs")]
7use crate::signer::keyring::{self, StellarEntry};
8
9pub(crate) const ENTRY_PREFIX: &str = "secure_store:";
10
11pub use secure_store_impl::*;
12
13#[derive(thiserror::Error, Debug)]
14pub enum Error {
15    #[cfg(feature = "additional-libs")]
16    #[error(transparent)]
17    Keyring(#[from] keyring::Error),
18
19    #[error("Storing an existing private key in Secure Store is not supported")]
20    DoesNotSupportPrivateKey,
21
22    #[error(transparent)]
23    SeedPhrase(#[from] sep5::Error),
24
25    #[error("Secure Store keys are not allowed: additional-libs feature must be enabled")]
26    FeatureNotEnabled,
27}
28
29#[cfg(feature = "additional-libs")]
30mod secure_store_impl {
31    use super::{Error, Print, PublicKey, SeedPhrase, StellarEntry, ENTRY_PREFIX};
32    const ENTRY_SERVICE: &str = "org.stellar.cli";
33
34    pub fn get_public_key(entry_name: &str, index: Option<usize>) -> Result<PublicKey, Error> {
35        let entry = StellarEntry::new(entry_name)?;
36        Ok(entry.get_public_key(index)?)
37    }
38
39    pub fn delete_secret(print: &Print, entry_name: &str) -> Result<(), Error> {
40        let entry = StellarEntry::new(entry_name)?;
41        Ok(entry.delete_seed_phrase(print)?)
42    }
43
44    pub fn save_secret(
45        print: &Print,
46        entry_name: &str,
47        seed_phrase: &SeedPhrase,
48    ) -> Result<String, Error> {
49        // secure_store:org.stellar.cli:<key name>
50        let entry_name_with_prefix = format!("{ENTRY_PREFIX}{ENTRY_SERVICE}-{entry_name}");
51
52        let entry = StellarEntry::new(&entry_name_with_prefix)?;
53        entry.write(seed_phrase.clone(), print)?;
54
55        Ok(entry_name_with_prefix)
56    }
57
58    pub fn sign_tx_data(
59        entry_name: &str,
60        hd_path: Option<usize>,
61        data: &[u8],
62    ) -> Result<Vec<u8>, Error> {
63        let entry = StellarEntry::new(entry_name)?;
64        Ok(entry.sign_data(data, hd_path)?)
65    }
66}
67
68#[cfg(not(feature = "additional-libs"))]
69mod secure_store_impl {
70    use super::{Error, Print, PublicKey, SeedPhrase};
71
72    pub fn get_public_key(_entry_name: &str, _index: Option<usize>) -> Result<PublicKey, Error> {
73        Err(Error::FeatureNotEnabled)
74    }
75
76    pub fn delete_secret(_print: &Print, _entry_name: &str) -> Result<(), Error> {
77        Err(Error::FeatureNotEnabled)
78    }
79
80    pub fn save_secret(
81        _print: &Print,
82        _entry_name: &str,
83        _seed_phrase: &SeedPhrase,
84    ) -> Result<String, Error> {
85        Err(Error::FeatureNotEnabled)
86    }
87
88    pub fn sign_tx_data(
89        _entry_name: &str,
90        _hd_path: Option<usize>,
91        _data: &[u8],
92    ) -> Result<Vec<u8>, Error> {
93        Err(Error::FeatureNotEnabled)
94    }
95}