fix tests and cli to send signed registration requests

Author: yanliu38

cli/src/main.rs

@@ -174,11 +174,13 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
                     let ic_auth = dcc_to_ic_auth(&dcc_ident);
 
                     info!("Registering principal: {} as {}", np_desc, dcc_ident);
+                    let pubkey_bytes = dcc_ident.to_bytes_verifying();
+                    let pubkey_signature = dcc_ident.sign(pubkey_bytes.as_ref())?;
                     let result = ledger_canister(ic_auth)
                         .await?
                         .node_provider_register(
-                            &dcc_ident.to_bytes_verifying(),
-                            dcc_ident.verifying_key().as_ref(),
+                            &pubkey_bytes,
+                            pubkey_signature.to_bytes().as_slice(),
                         )
                         .await?;
                     println!("Register: {}", result);
@@ -219,7 +221,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
                         .map_err(|e| format!("Check-in failed: {}", e))?;
                     info!("Check-in success: {}", result);
                 } else {
-                    panic!("You must specify an identity to register");
+                    panic!("You must specify an identity");
                 }
             } else if arg_matches.contains_id("update-profile") {
                 if let Some(values) = arg_matches.get_many::<String>("update-profile") {
@@ -243,7 +245,7 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
                         .map_err(|e| format!("Update profile failed: {}", e))?;
                     info!("Profile update response: {}", result);
                 } else {
-                    panic!("You must specify an identity of the node provider");
+                    panic!("You must specify an identity");
                 }
             } else if arg_matches.contains_id("update-offering") {
                 let values = arg_matches.get_many::<String>("update-offering").unwrap();
@@ -276,13 +278,12 @@ async fn main() -> Result<(), Box<dyn std::error::Error>> {
             } else if arg_matches.contains_id("register") {
                 match arg_matches.get_one::<String>("register") {
                     Some(np_desc) => {
-                        let dcc_ident = DccIdentity::load_from_dir(&PathBuf::from(np_desc))?;
-                        let ic_auth = dcc_to_ic_auth(&dcc_ident);
+                        let dcc_id = DccIdentity::load_from_dir(&PathBuf::from(np_desc))?;
+                        let ic_auth = dcc_to_ic_auth(&dcc_id);
                         let canister = ledger_canister(ic_auth).await?;
-                        let args = Encode!(
-                            &dcc_ident.to_bytes_verifying(),
-                            &dcc_ident.verifying_key().as_ref()
-                        )?;
+                        let pubkey_bytes = dcc_id.to_bytes_verifying();
+                        let pubkey_signature = dcc_id.sign(&pubkey_bytes)?;
+                        let args = Encode!(&pubkey_bytes, &pubkey_signature.to_bytes())?;
                         let result = canister.call_update("user_register", &args).await?;
                         let response =
                             Decode!(&result, Result<String, String>).map_err(|e| e.to_string())?;

common/src/registration.rs

@@ -60,7 +60,7 @@ pub fn do_account_register(
 
     // Store the pubkey in the ledger
     ledger
-        .upsert(label, pubkey_bytes, vec![])
+        .upsert(label, pubkey_bytes, signature_bytes)
         .map(|_| {
             format!(
                 "Registration complete! Thank you. You have been charged {} tokens",

common/src/renting.rs

@@ -1,56 +1,98 @@
+use borsh::{BorshDeserialize, BorshSerialize};
+use serde::{Deserialize, Serialize};
+
 use crate::{
-    amount_as_string, charge_fees_to_account_no_bump_reputation, info, reward_e9s_per_block, warn,
-    Balance, DccIdentity, ED25519_SIGNATURE_LENGTH, LABEL_NP_OFFERING, MAX_NP_OFFERING_BYTES,
-    MAX_PUBKEY_BYTES,
+    // amount_as_string, charge_fees_to_account_no_bump_reputation, info, reward_e9s_per_block, warn,
+    // Balance, DccIdentity, ED25519_SIGNATURE_LENGTH, LABEL_NP_OFFERING, MAX_NP_OFFERING_BYTES,
+    // MAX_PUBKEY_BYTES,
+    DccIdentity,
 };
 
-pub struct OfferingRequestPayloadV1 {
-    requester_pubkey_bytes: Vec<u8>,
-    requester_ssh_pubkey: String,
-    requester_contact: String,
-    provider_pubkey_bytes: Vec<u8>,
-    offering_id: String,
-    instance_id: Option<String>,
-    instance_config: Option<String>,
-    payment_amount: u64,
-    rent_period_seconds: u64,
-    rent_start_timestamp: Option<u64>,
-    request_memo: String,
-    signature: Vec<u8>,
+// Main struct for Offering Request
+#[derive(Debug, Serialize, Deserialize, BorshSerialize, BorshDeserialize)]
+pub enum OfferingRequest {
+    V1(OfferingRequestV1),
 }
 
-pub enum OfferingRequestPayload {
-    V1(OfferingRequestPayloadV1),
+// Struct for Offering Request version 1, other versions can be added below
+#[derive(Debug, Serialize, Deserialize, BorshSerialize, BorshDeserialize)]
+pub struct OfferingRequestV1 {
+    #[serde(skip, default)]
+    #[borsh(skip)]
+    requester_dcc_id: DccIdentity, // Who is making this rent request?
+    requester_ssh_pubkey: String, // The ssh key that will be given access to the instance, preferably in ed25519 key format https://en.wikipedia.org/wiki/Ssh-keygen
+    requester_contact: String,    // Where can the requester be contacted by the provider, if needed
+    provider_pubkey_bytes: Vec<u8>, // To which provider is this targeted?
+    offering_id: String,          // Requester would like to rent this particular offering id
+    instance_id: Option<String>, // Optional instance id that can be provided to alter the particular instance a requester already controls
+    instance_config: Option<String>, // Optional configuration for the rented instance, e.g. cloud-init
+    payment_amount: u64, // How much is the requester offering to pay for renting the resource
+    rent_period_seconds: u64, // For how many SECONDS would the requester like to rent the resource; 1 hour = 3600 seconds, 1 day = 86400 seconds
+    rent_start_timestamp: Option<u64>, // Optionally, only start renting at this unix time (in seconds) UTC. This can be in the future.
+    request_memo: String, // Reference to this particular request; arbitrary text. Can be used e.g. for administrative purposes
 }
 
-impl OfferingRequestPayload {
-    fn new(
-        requester_pubkey_bytes: Vec<u8>,
+impl OfferingRequest {
+    pub fn new(
+        requester_dcc_id: DccIdentity,
         requester_ssh_pubkey: String,
         requester_contact: String,
-        provider_pubkey_bytes: Vec<u8>,
+        provider_pubkey_bytes: &[u8],
         offering_id: String,
         instance_id: Option<String>,
         instance_config: Option<String>,
         payment_amount: u64,
         rent_period_seconds: u64,
         rent_start_timestamp: Option<u64>,
         request_memo: String,
-        signature: Vec<u8>,
     ) -> Self {
-        OfferingRequestPayload::V1(OfferingRequestPayloadV1 {
-            requester_pubkey_bytes,
+        OfferingRequest::V1(OfferingRequestV1 {
+            requester_dcc_id,
             requester_ssh_pubkey,
             requester_contact,
-            provider_pubkey_bytes,
+            provider_pubkey_bytes: provider_pubkey_bytes.to_vec(),
             offering_id,
             instance_id,
             instance_config,
             payment_amount,
             rent_period_seconds,
             rent_start_timestamp,
             request_memo,
-            signature,
+        })
+    }
+
+    pub fn to_payload_signed(&self) -> OfferingRequestPayload {
+        OfferingRequestPayload::new(self)
+    }
+
+    pub fn requester_dcc_id(&self) -> &DccIdentity {
+        match self {
+            OfferingRequest::V1(request) => &request.requester_dcc_id,
+        }
+    }
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct OfferingRequestPayloadV1 {
+    offering_request_bytes: Vec<u8>,
+    signature: Vec<u8>,
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub enum OfferingRequestPayload {
+    V1(OfferingRequestPayloadV1),
+}
+
+impl OfferingRequestPayload {
+    pub fn new(offering_request: &OfferingRequest) -> Self {
+        let offering_request_bytes = borsh::to_vec(&offering_request).unwrap();
+        OfferingRequestPayload::V1(OfferingRequestPayloadV1 {
+            offering_request_bytes: offering_request_bytes.clone(),
+            signature: offering_request
+                .requester_dcc_id()
+                .sign(&offering_request_bytes)
+                .unwrap()
+                .to_vec(),
         })
     }
 }

ic-canister/decent_cloud.did

@@ -354,21 +354,6 @@ type OfferingEntry = record {
     offering_compressed: vec nat8;
 };
 
-type OfferingRentRequest = record {
-    requester_pubkey_bytes: vec nat8; // Who is making this rent request?
-    requester_ssh_pubkey: text;       // The ssh key that will be given access to the instance, preferably in ed25519 key format https://en.wikipedia.org/wiki/Ssh-keygen
-    requester_contact: text;          // Where can the requester be contacted by the provided, if needed
-    provider_pubkey_bytes: vec nat8;  // To which provider is this targeted?
-    offering_id: text;                // Requester would like to rent this particular offering id
-    instance_id: opt text;            // optional instance id that can be provided to alter the particular instance a requester already controls
-    instance_config: opt text;        // optional configuration for the rented instance, e.g. cloud-init
-    payment_amount: nat;              // How much is the requester offering to pay for renting the resource
-    rent_period_seconds: nat;         // For how many SECONDS would the requester like to rent the resource; 1 hour = 3600 seconds, 1 day = 86400 seconds
-    rent_start_timestamp: opt nat;    // Optionally, only start renting at this unix time (in seconds) UTC. This can be in the future.
-    request_memo: text;               // Reference to this particular request; arbitrary text. Can be used e.g. for administrative purposes
-    signature: vec nat8;              // The whole request needs to be signed by the requester's private key
-};
-
 type OfferingRentReply = record {
     requester_pubkey_bytes: vec nat8; // Public key of the original requester
     request_memo: text;               // Memo field of the original request

ic-canister/src/canister_backend/generic.rs

@@ -142,7 +142,7 @@ pub(crate) fn _get_registration_fee() -> Balance {
     account_registration_fee_e9s()
 }
 
-pub(crate) fn _node_provider_register(
+pub(crate) fn _np_register(
     pubkey_bytes: Vec<u8>,
     signature_bytes: Vec<u8>,
 ) -> Result<String, String> {

ic-canister/src/canister_endpoints/generic.rs

@@ -27,12 +27,12 @@ fn get_registration_fee() -> Balance {
 
 #[ic_cdk::update]
 fn node_provider_register(pubkey_bytes: Vec<u8>, signature: Vec<u8>) -> Result<String, String> {
-    _node_provider_register(pubkey_bytes, signature)
+    _np_register(pubkey_bytes, signature)
 }
 
 #[ic_cdk::update]
-fn user_register(pubkey_bytes: Vec<u8>, _: Vec<u8>) -> Result<String, String> {
-    _user_register(pubkey_bytes)
+fn user_register(pubkey_bytes: Vec<u8>, signature: Vec<u8>) -> Result<String, String> {
+    _user_register(pubkey_bytes, signature)
 }
 
 #[ic_cdk::update]

ic-canister/tests/test_canister.rs

@@ -278,12 +278,14 @@ fn np_register(
             initial_funds,
         );
     }
+    let pubkey_bytes = dcc_identity.to_bytes_verifying();
+    let pubkey_signature = dcc_identity.sign(&pubkey_bytes).unwrap();
     let result = update_check_and_decode!(
         pic,
         can,
         dcc_identity.to_ic_principal(),
         "node_provider_register",
-        Encode!(&dcc_identity.to_bytes_verifying(), &Vec::<u8>::new()).unwrap(),
+        Encode!(&pubkey_bytes, &pubkey_signature.to_bytes()).unwrap(),
         Result<String, String>
     );
     (dcc_identity, result)
@@ -304,12 +306,14 @@ fn user_register(
             initial_funds,
         );
     }
+    let pubkey_bytes = dcc_identity.to_bytes_verifying();
+    let pubkey_signature = dcc_identity.sign(&pubkey_bytes).unwrap();
     let result = update_check_and_decode!(
         pic,
         can,
         dcc_identity.to_ic_principal(),
         "user_register",
-        Encode!(&dcc_identity.to_bytes_verifying(), &Vec::<u8>::new()).unwrap(),
+        Encode!(&pubkey_bytes, &pubkey_signature.to_bytes()).unwrap(),
         Result<String, String>
     );
     (dcc_identity, result)
@@ -621,10 +625,32 @@ fn offering_search<T: AsRef<str> + candid::CandidType + ?Sized>(
 // fn offering_request(
 //     pic: &PocketIc,
 //     can: Principal,
-//     dcc_id: &DccIdentity,
+//     requester_dcc_id: DccIdentity,
+//     provider_pubkey_bytes: &[u8],
 //     offering_id: &str,
 // ) -> Result<String, String> {
-
+//     let payload = OfferingRequest::new(
+//         requester_dcc_id,
+//         "fake ssh key".to_string(),
+//         "fake contact info".to_string(),
+//         provider_pubkey_bytes,
+//         offering_id.to_string(),
+//         None,
+//         None,
+//         100,
+//         3600,
+//         None,
+//         "memo".to_string(),
+//     );
+//     let payload_bytes = payload.to_payload_signed();
+//     update_check_and_decode!(
+//         pic,
+//         can,
+//         requester_dcc_id.to_ic_principal(),
+//         "offering_request",
+//         Encode!(&payload_bytes).unwrap(),
+//         Result<String, String>
+//     )
 // }
 
 #[test]