[ARCH-337] Core keystore impl for backwards compatibility (#1686)

Author: connorwstein

keystore/core_keystore.go

@@ -0,0 +1,51 @@
+package keystore
+
+import (
+	"context"
+)
+
+// CoreKeystore implements the core.Keystore interface for backwards compatibility with the old keystore
+// https://github.com/smartcontractkit/chainlink-common/blob/main/pkg/types/core/keystore.go#L23
+// We don't add a dependency directly to chainlink-common here to avoid circular dependencies.
+type CoreKeystore struct {
+	ks Keystore
+}
+
+func NewCoreKeystore(ks Keystore) *CoreKeystore {
+	return &CoreKeystore{ks: ks}
+}
+
+func (c *CoreKeystore) Accounts(ctx context.Context) ([]string, error) {
+	// List all the keys in the keystore.
+	keys, err := c.ks.GetKeys(ctx, GetKeysRequest{})
+	if err != nil {
+		return nil, err
+	}
+	accounts := make([]string, 0, len(keys.Keys))
+	for _, key := range keys.Keys {
+		accounts = append(accounts, key.KeyInfo.Name)
+	}
+	return accounts, nil
+}
+
+func (c *CoreKeystore) Sign(ctx context.Context, account string, data []byte) ([]byte, error) {
+	resp, err := c.ks.Sign(ctx, SignRequest{
+		KeyName: account,
+		Data:    data,
+	})
+	if err != nil {
+		return nil, err
+	}
+	return resp.Signature, nil
+}
+
+func (c *CoreKeystore) Decrypt(ctx context.Context, account string, data []byte) ([]byte, error) {
+	resp, err := c.ks.Decrypt(ctx, DecryptRequest{
+		KeyName:       account,
+		EncryptedData: data,
+	})
+	if err != nil {
+		return nil, err
+	}
+	return resp.Data, nil
+}

keystore/core_keystore_test.go

@@ -0,0 +1,55 @@
+package keystore_test
+
+import (
+	"testing"
+
+	"github.com/ethereum/go-ethereum/crypto"
+	"github.com/stretchr/testify/require"
+
+	"github.com/smartcontractkit/chainlink-common/keystore"
+)
+
+func TestCoreKeystore(t *testing.T) {
+	ctx := t.Context()
+
+	ks, err := keystore.LoadKeystore(t.Context(), keystore.NewMemoryStorage(), "test-password", keystore.WithScryptParams(keystore.FastScryptParams))
+	require.NoError(t, err)
+	coreKs := keystore.NewCoreKeystore(ks)
+
+	keysResp, err := ks.CreateKeys(ctx, keystore.CreateKeysRequest{
+		Keys: []keystore.CreateKeyRequest{
+			{KeyName: "encrypt", KeyType: keystore.X25519},
+			{KeyName: "sign", KeyType: keystore.ECDSA_S256},
+		},
+	})
+	require.NoError(t, err)
+	require.Equal(t, 2, len(keysResp.Keys))
+
+	accounts, err := coreKs.Accounts(ctx)
+	require.NoError(t, err)
+	require.Equal(t, []string{"encrypt", "sign"}, accounts)
+
+	signature, err := coreKs.Sign(ctx, "sign", crypto.Keccak256([]byte("test-data-to-sign")))
+	require.NoError(t, err)
+	require.NotEmpty(t, signature)
+	verifyResp, err := ks.Verify(ctx, keystore.VerifyRequest{
+		KeyType:   keysResp.Keys[1].KeyInfo.KeyType,
+		PublicKey: keysResp.Keys[1].KeyInfo.PublicKey,
+		Data:      crypto.Keccak256([]byte("test-data-to-sign")),
+		Signature: signature,
+	})
+	require.NoError(t, err)
+	require.True(t, verifyResp.Valid)
+
+	encryptedData, err := ks.Encrypt(ctx, keystore.EncryptRequest{
+		RemoteKeyType: keysResp.Keys[0].KeyInfo.KeyType,
+		RemotePubKey:  keysResp.Keys[0].KeyInfo.PublicKey,
+		Data:          []byte("test-data-to-encrypt"),
+	})
+	require.NoError(t, err)
+	require.NotEmpty(t, encryptedData)
+
+	decryptedData, err := coreKs.Decrypt(ctx, "encrypt", encryptedData.EncryptedData)
+	require.NoError(t, err)
+	require.Equal(t, []byte("test-data-to-encrypt"), decryptedData)
+}

keystore/keystore.go

@@ -52,17 +52,17 @@ const (
 	// ECDH_P256:
 	// - ECDH on P-256
 	// - Encryption with AES-GCM and HKDF-SHA256
-	ECDH_P256 KeyType = "ecdh-p256"
+	ECDH_P256 KeyType = "ECDH_P256"
 
 	// Digital signature key types.
 	// Ed25519:
 	// - Ed25519 for digital signatures.
 	// - Supports arbitrary messages sizes, no hashing required.
-	Ed25519 KeyType = "ed25519"
+	Ed25519 KeyType = "Ed25519"
 	// ECDSA_S256:
 	// - ECDSA on secp256k1 for digital signatures.
 	// - Only signs 32 byte digests. Caller must hash the data before signing.
-	ECDSA_S256 KeyType = "ecdsa-secp256k1"
+	ECDSA_S256 KeyType = "ECDSA_S256"
 )
 
 var AllKeyTypes = []KeyType{X25519, ECDH_P256, Ed25519, ECDSA_S256}