chore: use ic_auth_types

Author: zensh

Cargo.lock

@@ -15,7 +15,7 @@ strip = true
 opt-level = 's'
 
 [workspace.package]
-version = "0.6.11"
+version = "0.6.12"
 edition = "2021"
 repository = "https://github.com/ldclabs/ic-cose"
 keywords = ["config", "cbor", "canister", "icp", "encryption"]
@@ -46,6 +46,7 @@ icrc-ledger-types = "0.1"
 ic-certification = "3.0"
 ic-canister-sig-creation = "1.2"
 ic-agent = "0.39"
+ic_auth_types = "0.1"
 ic_auth_verifier = { version = "0.1" }
 getrandom = { version = "0.2", features = ["custom"] }
 rand = "0.8"

Cargo.toml

@@ -16,4 +16,5 @@ serde_bytes = { workspace = true }
 rand = { workspace = true }
 ic-agent = { workspace = true }
 x25519-dalek = { workspace = true }
+ic_auth_types = { workspace = true }
 ic_cose_types = { path = "../ic_cose_types", version = "0.6" }

src/ic_cose/Cargo.toml

@@ -4,6 +4,7 @@ use candid::{
     CandidType, Decode, Principal,
 };
 use ic_agent::Agent;
+use ic_auth_types::{SignInResponse, SignedDelegation};
 use ic_cose_types::{
     cose::{
         ecdh::ecdh_x25519, encrypt0::cose_decrypt0, get_cose_key_secret, CborSerializable, CoseKey,
@@ -13,8 +14,7 @@ use ic_cose_types::{
     types::setting::*,
     types::{
         state::StateInfo, ECDHInput, ECDHOutput, PublicKeyInput, PublicKeyOutput, SchnorrAlgorithm,
-        SettingPath, SignDelegationInput, SignDelegationOutput, SignIdentityInput, SignInput,
-        SignedDelegation,
+        SettingPath, SignDelegationInput, SignIdentityInput, SignInput,
     },
     BoxError, CanisterCaller,
 };
@@ -306,7 +306,7 @@ pub trait CoseSDK: CanisterCaller + Sized {
     async fn namespace_sign_delegation(
         &self,
         input: &SignDelegationInput,
-    ) -> Result<SignDelegationOutput, String> {
+    ) -> Result<SignInResponse, String> {
         self.canister_update(self.canister(), "namespace_sign_delegation", (input,))
             .await
             .map_err(format_error)?

src/ic_cose/src/client.rs

@@ -28,5 +28,6 @@ ic-secp256k1 = { workspace = true }
 ic-ed25519 = { workspace = true }
 ic-canister-sig-creation = { workspace = true }
 ic-certification = { workspace = true }
+ic_auth_types = { workspace = true }
 ic_auth_verifier = { workspace = true }
 getrandom = { version = "0.2", features = ["custom"] }

src/ic_cose_canister/Cargo.toml

@@ -64,7 +64,7 @@ type PublicKeyOutput = record { public_key : blob; chain_code : blob };
 type Result = variant { Ok; Err : text };
 type Result_1 = variant { Ok : NamespaceInfo; Err : text };
 type Result_10 = variant { Ok : vec record { principal; blob }; Err : text };
-type Result_11 = variant { Ok : SignDelegationOutput; Err : text };
+type Result_11 = variant { Ok : SignInResponse; Err : text };
 type Result_12 = variant { Ok : nat; Err : text };
 type Result_13 = variant { Ok : CreateSettingOutput; Err : text };
 type Result_14 = variant { Ok : SettingInfo; Err : text };
@@ -113,12 +113,12 @@ type SignDelegationInput = record {
   name : text;
   pubkey : blob;
 };
-type SignDelegationOutput = record {
+type SignIdentityInput = record { ns : text; audience : text };
+type SignInResponse = record {
   user_key : blob;
   seed : blob;
   expiration : nat64;
 };
-type SignIdentityInput = record { ns : text; audience : text };
 type SignInput = record {
   ns : text;
   derivation_path : vec blob;

src/ic_cose_canister/ic_cose_canister.did

@@ -1,12 +1,10 @@
 use candid::Principal;
 use ciborium::into_writer;
+use ic_auth_types::{Delegation, SignInResponse, SignedDelegation};
 use ic_auth_verifier::{user_public_key_from_der, verify_basic_sig};
 use ic_canister_sig_creation::{delegation_signature_msg, CanisterSigPublicKey};
 use ic_cose_types::{
-    types::{
-        namespace::NamespaceDelegatorsInput, Delegation, SignDelegationInput, SignDelegationOutput,
-        SignedDelegation,
-    },
+    types::{namespace::NamespaceDelegatorsInput, SignDelegationInput},
     MILLISECONDS,
 };
 use serde_bytes::ByteBuf;
@@ -81,7 +79,7 @@ fn namespace_remove_delegator(input: NamespaceDelegatorsInput) -> Result<(), Str
 }
 
 #[ic_cdk::update]
-fn namespace_sign_delegation(input: SignDelegationInput) -> Result<SignDelegationOutput, String> {
+fn namespace_sign_delegation(input: SignDelegationInput) -> Result<SignInResponse, String> {
     store::state::allowed_api("namespace_sign_delegation")?;
     let caller = ic_cdk::caller();
     let now_ms = ic_cdk::api::time() / MILLISECONDS;
@@ -112,7 +110,7 @@ fn namespace_sign_delegation(input: SignDelegationInput) -> Result<SignDelegatio
     let delegation_hash = delegation_signature_msg(input.pubkey.as_slice(), expiration, None);
     store::state::add_signature(user_key.seed.as_slice(), delegation_hash.as_slice());
 
-    Ok(SignDelegationOutput {
+    Ok(SignInResponse {
         expiration,
         user_key: user_key.to_der().into(),
         seed: user_key.seed.into(),

src/ic_cose_canister/src/api_identity.rs

@@ -1,4 +1,5 @@
 use candid::Principal;
+use ic_auth_types::*;
 use ic_cose_types::{
     format_error, types::namespace::*, types::setting::*, types::state::StateInfo, types::*,
     ANONYMOUS,

src/ic_cose_canister/src/lib.rs

@@ -469,11 +469,7 @@ pub mod state {
     }
 
     pub fn is_controller(caller: &Principal) -> bool {
-        STATE.with_borrow(|s| {
-            s.governance_canister
-                .as_ref()
-                .map_or(false, |p| p == caller)
-        })
+        STATE.with_borrow(|s| s.governance_canister.as_ref() == Some(caller))
     }
 
     pub fn is_manager(caller: &Principal) -> bool {
@@ -720,7 +716,7 @@ pub mod ns {
             }
 
             let setting = SETTINGS_STORE.with_borrow(|m| m.get(&spk.v0()));
-            Ok(setting.map_or(false, |s| s.readers.contains(caller)))
+            Ok(setting.is_some_and(|s| s.readers.contains(caller)))
         })
         .unwrap_or(false)
     }

src/ic_cose_canister/src/store.rs

@@ -1,4 +1,4 @@
-use candid::{CandidType, Principal};
+use candid::CandidType;
 use serde::{Deserialize, Serialize};
 use serde_bytes::{ByteArray, ByteBuf};
 use std::collections::BTreeMap;
@@ -51,34 +51,10 @@ pub struct ECDHOutput<T> {
     pub public_key: ByteArray<32>, // server side ECDH public key
 }
 
-#[derive(CandidType, Clone, Debug, Deserialize, Serialize, PartialEq, Eq)]
-pub struct Delegation {
-    pub pubkey: ByteBuf,
-    pub expiration: u64,
-    pub targets: Option<Vec<Principal>>,
-}
-
-#[derive(CandidType, Clone, Debug, Deserialize, Serialize, PartialEq, Eq)]
-pub struct SignedDelegation {
-    pub delegation: Delegation,
-    pub signature: ByteBuf,
-}
-
 #[derive(CandidType, Clone, Debug, Deserialize, Serialize, PartialEq, Eq)]
 pub struct SignDelegationInput {
     pub ns: String,
     pub name: String,
     pub pubkey: ByteBuf,
     pub sig: ByteBuf,
 }
-
-#[derive(CandidType, Clone, Debug, Deserialize, Serialize, PartialEq, Eq)]
-pub struct SignDelegationOutput {
-    /// The session expiration time in nanoseconds since the UNIX epoch. This is the time at which
-    /// the delegation will no longer be valid.
-    pub expiration: u64,
-    /// The user canister public key. This key is used to derive the user principal.
-    pub user_key: ByteBuf,
-    /// seed is a part of the user_key
-    pub seed: ByteBuf,
-}