Support for decryption in Signer (#2421)

* Adding some tests

* Implementing decrypt in queue

* Removing code duplication.

* Printing public key in ethstore

* Bump UI

* Normalizing dapps format for signer.

* Fixing tests compilation

* fix whitespace

[ci:skip]

ethcore/src/account_provider.rs

@@ -23,7 +23,7 @@ use std::time::{Instant, Duration};
 use util::{Mutex, RwLock};
 use ethstore::{SecretStore, Error as SSError, SafeAccount, EthStore};
 use ethstore::dir::{KeyDirectory};
-use ethstore::ethkey::{Address, Message, Secret, Random, Generator};
+use ethstore::ethkey::{Address, Message, Public, Secret, Random, Generator};
 use ethjson::misc::AccountMeta;
 pub use ethstore::ethkey::Signature;
 
@@ -182,9 +182,16 @@ impl AccountProvider {
 
 	/// Creates new random account.
 	pub fn new_account(&self, password: &str) -> Result<Address, Error> {
-		let secret = Random.generate().unwrap().secret().clone();
+		self.new_account_and_public(password).map(|d| d.0)
+	}
+
+	/// Creates new random account and returns address and public key
+	pub fn new_account_and_public(&self, password: &str) -> Result<(Address, Public), Error> {
+		let acc = Random.generate().unwrap();
+		let public = acc.public().clone();
+		let secret = acc.secret().clone();
 		let address = try!(self.sstore.insert_account(secret, password));
-		Ok(address)
+		Ok((address, public))
 	}
 
 	/// Inserts new account into underlying store.
@@ -280,6 +287,21 @@ impl AccountProvider {
 		Ok(())
 	}
 
+	fn password(&self, account: &Address) -> Result<String, Error> {
+		let mut unlocked = self.unlocked.lock();
+		let data = try!(unlocked.get(account).ok_or(Error::NotUnlocked)).clone();
+		if let Unlock::Temp = data.unlock {
+			unlocked.remove(account).expect("data exists: so key must exist: qed");
+		}
+		if let Unlock::Timed((ref start, ref duration)) = data.unlock {
+			if start.elapsed() > Duration::from_millis(*duration as u64) {
+				unlocked.remove(account).expect("data exists: so key must exist: qed");
+				return Err(Error::NotUnlocked);
+			}
+		}
+		Ok(data.password.clone())
+	}
+
 	/// Unlocks account permanently.
 	pub fn unlock_account_permanently(&self, account: Address, password: String) -> Result<(), Error> {
 		self.unlock_account(account, password, Unlock::Perm)
@@ -301,51 +323,16 @@ impl AccountProvider {
 		unlocked.get(&account).is_some()
 	}
 
-	/// Signs the message. Account must be unlocked.
-	pub fn sign(&self, account: Address, message: Message) -> Result<Signature, Error> {
-		let data = {
-			let mut unlocked = self.unlocked.lock();
-			let data = try!(unlocked.get(&account).ok_or(Error::NotUnlocked)).clone();
-			if let Unlock::Temp = data.unlock {
-				unlocked.remove(&account).expect("data exists: so key must exist: qed");
-			}
-			if let Unlock::Timed((ref start, ref duration)) = data.unlock {
-				if start.elapsed() > Duration::from_millis(*duration as u64) {
-					unlocked.remove(&account).expect("data exists: so key must exist: qed");
-					return Err(Error::NotUnlocked);
-				}
-			}
-			data
-		};
-
-		let signature = try!(self.sstore.sign(&account, &data.password, &message));
-		Ok(signature)
+	/// Signs the message. If password is not provided the account must be unlocked.
+	pub fn sign(&self, account: Address, password: Option<String>, message: Message) -> Result<Signature, Error> {
+		let password = try!(password.map(Ok).unwrap_or_else(|| self.password(&account)));
+		Ok(try!(self.sstore.sign(&account, &password, &message)))
 	}
 
-	/// Decrypts a message. Account must be unlocked.
-	pub fn decrypt(&self, account: Address, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error> {
-		let data = {
-			let mut unlocked = self.unlocked.lock();
-			let data = try!(unlocked.get(&account).ok_or(Error::NotUnlocked)).clone();
-			if let Unlock::Temp = data.unlock {
-				unlocked.remove(&account).expect("data exists: so key must exist: qed");
-			}
-			if let Unlock::Timed((ref start, ref duration)) = data.unlock {
-				if start.elapsed() > Duration::from_millis(*duration as u64) {
-					unlocked.remove(&account).expect("data exists: so key must exist: qed");
-					return Err(Error::NotUnlocked);
-				}
-			}
-			data
-		};
-
-		Ok(try!(self.sstore.decrypt(&account, &data.password, shared_mac, message)))
-	}
-
-	/// Unlocks an account, signs the message, and locks it again.
-	pub fn sign_with_password(&self, account: Address, password: String, message: Message) -> Result<Signature, Error> {
-		let signature = try!(self.sstore.sign(&account, &password, &message));
-		Ok(signature)
+	/// Decrypts a message. If password is not provided the account must be unlocked.
+	pub fn decrypt(&self, account: Address, password: Option<String>, shared_mac: &[u8], message: &[u8]) -> Result<Vec<u8>, Error> {
+		let password = try!(password.map(Ok).unwrap_or_else(|| self.password(&account)));
+		Ok(try!(self.sstore.decrypt(&account, &password, shared_mac, message)))
 	}
 
 	/// Returns the underlying `SecretStore` reference if one exists.
@@ -386,8 +373,8 @@ mod tests {
 		assert!(ap.insert_account(kp.secret().clone(), "test").is_ok());
 		assert!(ap.unlock_account_temporarily(kp.address(), "test1".into()).is_err());
 		assert!(ap.unlock_account_temporarily(kp.address(), "test".into()).is_ok());
-		assert!(ap.sign(kp.address(), Default::default()).is_ok());
-		assert!(ap.sign(kp.address(), Default::default()).is_err());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_err());
 	}
 
 	#[test]
@@ -397,11 +384,11 @@ mod tests {
 		assert!(ap.insert_account(kp.secret().clone(), "test").is_ok());
 		assert!(ap.unlock_account_permanently(kp.address(), "test1".into()).is_err());
 		assert!(ap.unlock_account_permanently(kp.address(), "test".into()).is_ok());
-		assert!(ap.sign(kp.address(), Default::default()).is_ok());
-		assert!(ap.sign(kp.address(), Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
 		assert!(ap.unlock_account_temporarily(kp.address(), "test".into()).is_ok());
-		assert!(ap.sign(kp.address(), Default::default()).is_ok());
-		assert!(ap.sign(kp.address(), Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
 	}
 
 	#[test]
@@ -411,8 +398,8 @@ mod tests {
 		assert!(ap.insert_account(kp.secret().clone(), "test").is_ok());
 		assert!(ap.unlock_account_timed(kp.address(), "test1".into(), 2000).is_err());
 		assert!(ap.unlock_account_timed(kp.address(), "test".into(), 2000).is_ok());
-		assert!(ap.sign(kp.address(), Default::default()).is_ok());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_ok());
 		::std::thread::sleep(Duration::from_millis(2000));
-		assert!(ap.sign(kp.address(), Default::default()).is_err());
+		assert!(ap.sign(kp.address(), None, Default::default()).is_err());
 	}
 }

ethcore/src/engines/basic_authority.rs

@@ -112,7 +112,7 @@ impl Engine for BasicAuthority {
 			let header = block.header();
 			let message = header.bare_hash();
 			// account should be pernamently unlocked, otherwise sealing will fail
-			if let Ok(signature) = ap.sign(*block.header().author(), message) {
+			if let Ok(signature) = ap.sign(*block.header().author(), None, message) {
 				return Some(vec![::rlp::encode(&(&*signature as &[u8])).to_vec()]);
 			} else {
 				trace!(target: "basicauthority", "generate_seal: FAIL: accounts secret key unavailable");