Support passphrases in keygen (#7134)
* Support passphrases in keygen * remove short * Update solana_keygen calls
This commit is contained in:
parent
9b3a1a99e5
commit
eaa3e87eb0
|
@ -324,7 +324,7 @@ while [[ $iteration -le $iterations ]]; do
|
||||||
(
|
(
|
||||||
set -x
|
set -x
|
||||||
client_keypair=/tmp/client-id.json-$$
|
client_keypair=/tmp/client-id.json-$$
|
||||||
$solana_keygen new -f -o $client_keypair || exit $?
|
$solana_keygen new --no-passphrase -fso $client_keypair || exit $?
|
||||||
$solana_gossip spy -n 127.0.0.1:8001 --num-nodes-exactly $numNodes || exit $?
|
$solana_gossip spy -n 127.0.0.1:8001 --num-nodes-exactly $numNodes || exit $?
|
||||||
rm -rf $client_keypair
|
rm -rf $client_keypair
|
||||||
) || flag_error
|
) || flag_error
|
||||||
|
|
|
@ -42,7 +42,7 @@ impl KeypairWithSource {
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Reads user input from stdin to retrieve a seed phrase and passphrase for keypair derivation
|
/// Reads user input from stdin to retrieve a seed phrase and passphrase for keypair derivation
|
||||||
pub(crate) fn keypair_from_seed_phrase(
|
pub fn keypair_from_seed_phrase(
|
||||||
keypair_name: &str,
|
keypair_name: &str,
|
||||||
skip_validation: bool,
|
skip_validation: bool,
|
||||||
) -> Result<Keypair, Box<dyn error::Error>> {
|
) -> Result<Keypair, Box<dyn error::Error>> {
|
||||||
|
|
|
@ -4,6 +4,7 @@ use clap::{
|
||||||
crate_description, crate_name, values_t_or_exit, App, AppSettings, Arg, ArgMatches, SubCommand,
|
crate_description, crate_name, values_t_or_exit, App, AppSettings, Arg, ArgMatches, SubCommand,
|
||||||
};
|
};
|
||||||
use num_cpus;
|
use num_cpus;
|
||||||
|
use solana_clap_utils::keypair::{keypair_from_seed_phrase, SKIP_SEED_PHRASE_VALIDATION_ARG};
|
||||||
use solana_sdk::{
|
use solana_sdk::{
|
||||||
pubkey::write_pubkey_file,
|
pubkey::write_pubkey_file,
|
||||||
signature::{
|
signature::{
|
||||||
|
@ -56,7 +57,7 @@ fn main() -> Result<(), Box<dyn error::Error>> {
|
||||||
.setting(AppSettings::SubcommandRequiredElseHelp)
|
.setting(AppSettings::SubcommandRequiredElseHelp)
|
||||||
.subcommand(
|
.subcommand(
|
||||||
SubCommand::with_name("new")
|
SubCommand::with_name("new")
|
||||||
.about("Generate new keypair file")
|
.about("Generate new keypair file from a passphrase and random seed phrase")
|
||||||
.setting(AppSettings::DisableVersion)
|
.setting(AppSettings::DisableVersion)
|
||||||
.arg(
|
.arg(
|
||||||
Arg::with_name("outfile")
|
Arg::with_name("outfile")
|
||||||
|
@ -72,11 +73,16 @@ fn main() -> Result<(), Box<dyn error::Error>> {
|
||||||
.long("force")
|
.long("force")
|
||||||
.help("Overwrite the output file if it exists"),
|
.help("Overwrite the output file if it exists"),
|
||||||
)
|
)
|
||||||
|
.arg(
|
||||||
|
Arg::with_name("no_passphrase")
|
||||||
|
.long("no-passphrase")
|
||||||
|
.help("Do not prompt for a passphrase"),
|
||||||
|
)
|
||||||
.arg(
|
.arg(
|
||||||
Arg::with_name("silent")
|
Arg::with_name("silent")
|
||||||
.short("s")
|
.short("s")
|
||||||
.long("silent")
|
.long("silent")
|
||||||
.help("Do not display mnemonic phrase. Useful when piping output to other programs that prompt for user input, like gpg"),
|
.help("Do not display seed phrase. Useful when piping output to other programs that prompt for user input, like gpg"),
|
||||||
)
|
)
|
||||||
)
|
)
|
||||||
.subcommand(
|
.subcommand(
|
||||||
|
@ -143,7 +149,7 @@ fn main() -> Result<(), Box<dyn error::Error>> {
|
||||||
)
|
)
|
||||||
.subcommand(
|
.subcommand(
|
||||||
SubCommand::with_name("recover")
|
SubCommand::with_name("recover")
|
||||||
.about("Recover keypair from mnemonic phrase")
|
.about("Recover keypair from seed phrase and passphrase")
|
||||||
.setting(AppSettings::DisableVersion)
|
.setting(AppSettings::DisableVersion)
|
||||||
.arg(
|
.arg(
|
||||||
Arg::with_name("outfile")
|
Arg::with_name("outfile")
|
||||||
|
@ -158,7 +164,13 @@ fn main() -> Result<(), Box<dyn error::Error>> {
|
||||||
.short("f")
|
.short("f")
|
||||||
.long("force")
|
.long("force")
|
||||||
.help("Overwrite the output file if it exists"),
|
.help("Overwrite the output file if it exists"),
|
||||||
|
)
|
||||||
|
.arg(
|
||||||
|
Arg::with_name(SKIP_SEED_PHRASE_VALIDATION_ARG.name)
|
||||||
|
.long(SKIP_SEED_PHRASE_VALIDATION_ARG.long)
|
||||||
|
.help(SKIP_SEED_PHRASE_VALIDATION_ARG.help),
|
||||||
),
|
),
|
||||||
|
|
||||||
)
|
)
|
||||||
.get_matches();
|
.get_matches();
|
||||||
|
|
||||||
|
@ -200,7 +212,15 @@ fn main() -> Result<(), Box<dyn error::Error>> {
|
||||||
}
|
}
|
||||||
|
|
||||||
let mnemonic = Mnemonic::new(MnemonicType::Words12, Language::English);
|
let mnemonic = Mnemonic::new(MnemonicType::Words12, Language::English);
|
||||||
let seed = Seed::new(&mnemonic, NO_PASSPHRASE);
|
let passphrase = if matches.is_present("no_passphrase") {
|
||||||
|
NO_PASSPHRASE.to_string()
|
||||||
|
} else {
|
||||||
|
eprintln!("Generating a new keypair");
|
||||||
|
rpassword::prompt_password_stderr(
|
||||||
|
"For added security, enter a passphrase (empty for no passphrase):",
|
||||||
|
)?
|
||||||
|
};
|
||||||
|
let seed = Seed::new(&mnemonic, &passphrase);
|
||||||
let keypair = keypair_from_seed(seed.as_bytes())?;
|
let keypair = keypair_from_seed(seed.as_bytes())?;
|
||||||
|
|
||||||
output_keypair(&keypair, &outfile, "new")?;
|
output_keypair(&keypair, &outfile, "new")?;
|
||||||
|
@ -210,7 +230,7 @@ fn main() -> Result<(), Box<dyn error::Error>> {
|
||||||
let phrase: &str = mnemonic.phrase();
|
let phrase: &str = mnemonic.phrase();
|
||||||
let divider = String::from_utf8(vec![b'='; phrase.len()]).unwrap();
|
let divider = String::from_utf8(vec![b'='; phrase.len()]).unwrap();
|
||||||
eprintln!(
|
eprintln!(
|
||||||
"{}\npubkey: {}\n{}\nSave this mnemonic phrase to recover your new keypair:\n{}\n{}",
|
"{}\npubkey: {}\n{}\nSave this seed phrase to recover your new keypair:\n{}\n{}",
|
||||||
÷r, keypair.pubkey(), ÷r, phrase, ÷r
|
÷r, keypair.pubkey(), ÷r, phrase, ÷r
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -228,11 +248,8 @@ fn main() -> Result<(), Box<dyn error::Error>> {
|
||||||
check_for_overwrite(&outfile, &matches);
|
check_for_overwrite(&outfile, &matches);
|
||||||
}
|
}
|
||||||
|
|
||||||
let phrase = rpassword::prompt_password_stderr("Mnemonic recovery phrase: ").unwrap();
|
let skip_validation = matches.is_present(SKIP_SEED_PHRASE_VALIDATION_ARG.name);
|
||||||
let mnemonic = Mnemonic::from_phrase(phrase.trim(), Language::English)?;
|
let keypair = keypair_from_seed_phrase("recover", skip_validation)?;
|
||||||
let seed = Seed::new(&mnemonic, NO_PASSPHRASE);
|
|
||||||
let keypair = keypair_from_seed(seed.as_bytes())?;
|
|
||||||
|
|
||||||
output_keypair(&keypair, &outfile, "recovered")?;
|
output_keypair(&keypair, &outfile, "recovered")?;
|
||||||
}
|
}
|
||||||
("grind", Some(matches)) => {
|
("grind", Some(matches)) => {
|
||||||
|
|
|
@ -59,7 +59,7 @@ ledger="$SOLANA_ROOT"/farf/archiver-ledger"$label"
|
||||||
rpc_url=$($solana_gossip get-rpc-url --entrypoint "$entrypoint")
|
rpc_url=$($solana_gossip get-rpc-url --entrypoint "$entrypoint")
|
||||||
|
|
||||||
if [[ ! -r $identity_keypair ]]; then
|
if [[ ! -r $identity_keypair ]]; then
|
||||||
$solana_keygen new -o "$identity_keypair"
|
$solana_keygen new --no-passphrase -so "$identity_keypair"
|
||||||
|
|
||||||
# See https://github.com/solana-labs/solana/issues/4344
|
# See https://github.com/solana-labs/solana/issues/4344
|
||||||
$solana_cli --keypair "$identity_keypair" --url "$rpc_url" airdrop 1
|
$solana_cli --keypair "$identity_keypair" --url "$rpc_url" airdrop 1
|
||||||
|
@ -67,7 +67,7 @@ fi
|
||||||
identity_pubkey=$($solana_keygen pubkey "$identity_keypair")
|
identity_pubkey=$($solana_keygen pubkey "$identity_keypair")
|
||||||
|
|
||||||
if [[ ! -r $storage_keypair ]]; then
|
if [[ ! -r $storage_keypair ]]; then
|
||||||
$solana_keygen new -o "$storage_keypair"
|
$solana_keygen new --no-passphrase -so "$storage_keypair"
|
||||||
|
|
||||||
$solana_cli --keypair "$identity_keypair" --url "$rpc_url" \
|
$solana_cli --keypair "$identity_keypair" --url "$rpc_url" \
|
||||||
create-archiver-storage-account "$identity_pubkey" "$storage_keypair"
|
create-archiver-storage-account "$identity_pubkey" "$storage_keypair"
|
||||||
|
|
|
@ -96,7 +96,7 @@ if ((airdrops_enabled)); then
|
||||||
$solana_cli "${common_args[@]}" airdrop "$stake_lamports" lamports
|
$solana_cli "${common_args[@]}" airdrop "$stake_lamports" lamports
|
||||||
fi
|
fi
|
||||||
|
|
||||||
$solana_keygen new -o "$stake_keypair_path"
|
$solana_keygen new --no-passphrase -so "$stake_keypair_path"
|
||||||
|
|
||||||
set -x
|
set -x
|
||||||
$solana_cli "${common_args[@]}" \
|
$solana_cli "${common_args[@]}" \
|
||||||
|
|
|
@ -13,18 +13,18 @@ mkdir -p "$SOLANA_CONFIG_DIR"/bootstrap-leader
|
||||||
if [[ -r $FAUCET_KEYPAIR ]]; then
|
if [[ -r $FAUCET_KEYPAIR ]]; then
|
||||||
cp -f "$FAUCET_KEYPAIR" "$SOLANA_CONFIG_DIR"/faucet-keypair.json
|
cp -f "$FAUCET_KEYPAIR" "$SOLANA_CONFIG_DIR"/faucet-keypair.json
|
||||||
else
|
else
|
||||||
$solana_keygen new -f -o "$SOLANA_CONFIG_DIR"/faucet-keypair.json
|
$solana_keygen new --no-passphrase -fso "$SOLANA_CONFIG_DIR"/faucet-keypair.json
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -f $BOOTSTRAP_LEADER_IDENTITY_KEYPAIR ]]; then
|
if [[ -f $BOOTSTRAP_LEADER_IDENTITY_KEYPAIR ]]; then
|
||||||
cp -f "$BOOTSTRAP_LEADER_IDENTITY_KEYPAIR" "$SOLANA_CONFIG_DIR"/bootstrap-leader/identity-keypair.json
|
cp -f "$BOOTSTRAP_LEADER_IDENTITY_KEYPAIR" "$SOLANA_CONFIG_DIR"/bootstrap-leader/identity-keypair.json
|
||||||
else
|
else
|
||||||
$solana_keygen new -o "$SOLANA_CONFIG_DIR"/bootstrap-leader/identity-keypair.json
|
$solana_keygen new --no-passphrase -so "$SOLANA_CONFIG_DIR"/bootstrap-leader/identity-keypair.json
|
||||||
fi
|
fi
|
||||||
|
|
||||||
$solana_keygen new -o "$SOLANA_CONFIG_DIR"/bootstrap-leader/vote-keypair.json
|
$solana_keygen new --no-passphrase -so "$SOLANA_CONFIG_DIR"/bootstrap-leader/vote-keypair.json
|
||||||
$solana_keygen new -o "$SOLANA_CONFIG_DIR"/bootstrap-leader/stake-keypair.json
|
$solana_keygen new --no-passphrase -so "$SOLANA_CONFIG_DIR"/bootstrap-leader/stake-keypair.json
|
||||||
$solana_keygen new -o "$SOLANA_CONFIG_DIR"/bootstrap-leader/storage-keypair.json
|
$solana_keygen new --no-passphrase -so "$SOLANA_CONFIG_DIR"/bootstrap-leader/storage-keypair.json
|
||||||
|
|
||||||
args=("$@")
|
args=("$@")
|
||||||
default_arg --bootstrap-leader-pubkey "$SOLANA_CONFIG_DIR"/bootstrap-leader/identity-keypair.json
|
default_arg --bootstrap-leader-pubkey "$SOLANA_CONFIG_DIR"/bootstrap-leader/identity-keypair.json
|
||||||
|
|
|
@ -280,9 +280,9 @@ setup_validator_accounts() {
|
||||||
|
|
||||||
rpc_url=$($solana_gossip get-rpc-url --entrypoint "$gossip_entrypoint")
|
rpc_url=$($solana_gossip get-rpc-url --entrypoint "$gossip_entrypoint")
|
||||||
|
|
||||||
[[ -r "$identity_keypair_path" ]] || $solana_keygen new -o "$identity_keypair_path"
|
[[ -r "$identity_keypair_path" ]] || $solana_keygen new --no-passphrase -so "$identity_keypair_path"
|
||||||
[[ -r "$voting_keypair_path" ]] || $solana_keygen new -o "$voting_keypair_path"
|
[[ -r "$voting_keypair_path" ]] || $solana_keygen new --no-passphrase -so "$voting_keypair_path"
|
||||||
[[ -r "$storage_keypair_path" ]] || $solana_keygen new -o "$storage_keypair_path"
|
[[ -r "$storage_keypair_path" ]] || $solana_keygen new --no-passphrase -so "$storage_keypair_path"
|
||||||
|
|
||||||
setup_validator_accounts "$node_lamports"
|
setup_validator_accounts "$node_lamports"
|
||||||
|
|
||||||
|
|
|
@ -58,7 +58,7 @@ solana-bench-tps)
|
||||||
"
|
"
|
||||||
;;
|
;;
|
||||||
solana-bench-exchange)
|
solana-bench-exchange)
|
||||||
solana-keygen new -f -o bench.keypair
|
solana-keygen new --no-passphrase -fso bench.keypair
|
||||||
net/scripts/rsync-retry.sh -vPrc \
|
net/scripts/rsync-retry.sh -vPrc \
|
||||||
"$entrypointIp":~/solana/config/bench-exchange"$clientIndex".yml ./client-accounts.yml
|
"$entrypointIp":~/solana/config/bench-exchange"$clientIndex".yml ./client-accounts.yml
|
||||||
clientCommand="\
|
clientCommand="\
|
||||||
|
|
|
@ -166,7 +166,7 @@ EOF
|
||||||
if [[ -f net/keypairs/"$name".json ]]; then
|
if [[ -f net/keypairs/"$name".json ]]; then
|
||||||
cp net/keypairs/"$name".json config/"$name".json
|
cp net/keypairs/"$name".json config/"$name".json
|
||||||
else
|
else
|
||||||
solana-keygen new -o config/"$name".json
|
solana-keygen new --no-passphrase -so config/"$name".json
|
||||||
fi
|
fi
|
||||||
if [[ -n $internalNodesLamports ]]; then
|
if [[ -n $internalNodesLamports ]]; then
|
||||||
declare pubkey
|
declare pubkey
|
||||||
|
@ -302,7 +302,7 @@ EOF
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ ! -f config/validator-identity.json ]]; then
|
if [[ ! -f config/validator-identity.json ]]; then
|
||||||
solana-keygen new -o config/validator-identity.json
|
solana-keygen new --no-passphrase -so config/validator-identity.json
|
||||||
fi
|
fi
|
||||||
args+=(--identity-keypair config/validator-identity.json)
|
args+=(--identity-keypair config/validator-identity.json)
|
||||||
|
|
||||||
|
|
10
run.sh
10
run.sh
|
@ -50,31 +50,31 @@ leader_keypair="$dataDir/leader-keypair.json"
|
||||||
if [[ -e $leader_keypair ]]; then
|
if [[ -e $leader_keypair ]]; then
|
||||||
echo "Use existing leader keypair"
|
echo "Use existing leader keypair"
|
||||||
else
|
else
|
||||||
solana-keygen new -o "$leader_keypair"
|
solana-keygen new --no-passphrase -so "$leader_keypair"
|
||||||
fi
|
fi
|
||||||
leader_vote_account_keypair="$dataDir/leader-vote-account-keypair.json"
|
leader_vote_account_keypair="$dataDir/leader-vote-account-keypair.json"
|
||||||
if [[ -e $leader_vote_account_keypair ]]; then
|
if [[ -e $leader_vote_account_keypair ]]; then
|
||||||
echo "Use existing leader vote account keypair"
|
echo "Use existing leader vote account keypair"
|
||||||
else
|
else
|
||||||
solana-keygen new -o "$leader_vote_account_keypair"
|
solana-keygen new --no-passphrase -so "$leader_vote_account_keypair"
|
||||||
fi
|
fi
|
||||||
leader_stake_account_keypair="$dataDir/leader-stake-account-keypair.json"
|
leader_stake_account_keypair="$dataDir/leader-stake-account-keypair.json"
|
||||||
if [[ -e $leader_stake_account_keypair ]]; then
|
if [[ -e $leader_stake_account_keypair ]]; then
|
||||||
echo "Use existing leader stake account keypair"
|
echo "Use existing leader stake account keypair"
|
||||||
else
|
else
|
||||||
solana-keygen new -o "$leader_stake_account_keypair"
|
solana-keygen new --no-passphrase -so "$leader_stake_account_keypair"
|
||||||
fi
|
fi
|
||||||
faucet_keypair="$dataDir"/faucet-keypair.json
|
faucet_keypair="$dataDir"/faucet-keypair.json
|
||||||
if [[ -e $faucet_keypair ]]; then
|
if [[ -e $faucet_keypair ]]; then
|
||||||
echo "Use existing faucet keypair"
|
echo "Use existing faucet keypair"
|
||||||
else
|
else
|
||||||
solana-keygen new -f -o "$faucet_keypair"
|
solana-keygen new --no-passphrase -fso "$faucet_keypair"
|
||||||
fi
|
fi
|
||||||
leader_storage_account_keypair="$dataDir"/leader-storage-account-keypair.json
|
leader_storage_account_keypair="$dataDir"/leader-storage-account-keypair.json
|
||||||
if [[ -e $leader_storage_account_keypair ]]; then
|
if [[ -e $leader_storage_account_keypair ]]; then
|
||||||
echo "Use existing leader storage account keypair"
|
echo "Use existing leader storage account keypair"
|
||||||
else
|
else
|
||||||
solana-keygen new -f -o "$leader_storage_account_keypair"
|
solana-keygen new --no-passphrase -fso "$leader_storage_account_keypair"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
solana-genesis \
|
solana-genesis \
|
||||||
|
|
|
@ -15,7 +15,7 @@ else
|
||||||
args=("$@")
|
args=("$@")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
$solana_keygen new -f
|
$solana_keygen new --no-passphrase -sf
|
||||||
|
|
||||||
node_readiness=false
|
node_readiness=false
|
||||||
timeout=60
|
timeout=60
|
||||||
|
|
Loading…
Reference in New Issue