Fix latest merge

src/commands/claim_neurons.rs

@@ -1,28 +1,32 @@
 use crate::lib::{
     genesis_token_canister_id,
     signing::{sign_ingress_with_request_status_query, IngressWithRequestId},
-    AnyhowResult,
+    AnyhowResult, AuthInfo,
 };
 use candid::Encode;
 use openssl::bn::BigNumContext;
 use openssl::ec::{EcKey, PointConversionForm};
 
-pub fn exec(pem: &str) -> AnyhowResult<Vec<IngressWithRequestId>> {
-    let private_key = EcKey::private_key_from_pem(pem.as_bytes())?;
-    let group = private_key.group();
-    let public_key = EcKey::from_public_key(group, private_key.public_key())?;
-    let mut context = BigNumContext::new()?;
-    let bytes = public_key.public_key().to_bytes(
-        public_key.group(),
-        PointConversionForm::UNCOMPRESSED,
-        &mut context,
-    )?;
-    let sig = Encode!(&hex::encode(&bytes))?;
+pub fn exec(auth: &AuthInfo) -> AnyhowResult<Vec<IngressWithRequestId>> {
+    if let AuthInfo::PemFile(pem) = auth {
+        let private_key = EcKey::private_key_from_pem(pem.as_bytes())?;
+        let group = private_key.group();
+        let public_key = EcKey::from_public_key(group, private_key.public_key())?;
+        let mut context = BigNumContext::new()?;
+        let bytes = public_key.public_key().to_bytes(
+            public_key.group(),
+            PointConversionForm::UNCOMPRESSED,
+            &mut context,
+        )?;
+        let sig = Encode!(&hex::encode(&bytes))?;
 
-    Ok(vec![sign_ingress_with_request_status_query(
-        pem,
-        genesis_token_canister_id(),
-        "claim_neurons",
-        sig,
-    )?])
+        Ok(vec![sign_ingress_with_request_status_query(
+            auth,
+            genesis_token_canister_id(),
+            "claim_neurons",
+            sig,
+        )?])
+    } else {
+        panic!("claim-neurons command requires a --pem-file to be specified");
+    }
 }

src/commands/mod.rs

@@ -1,6 +1,6 @@
 //! This module implements the command-line API.
 
-use crate::lib::{require_pem, AnyhowResult, AuthInfo};
+use crate::lib::{AnyhowResult, AuthInfo};
 use clap::Parser;
 use std::io::{self, Write};
 use tokio::runtime::Runtime;
@@ -41,11 +41,11 @@ pub fn exec(auth: &AuthInfo, cmd: Command) -> AnyhowResult {
     let runtime = Runtime::new().expect("Unable to create a runtime");
     match cmd {
         Command::PublicIds(opts) => public::exec(auth, opts),
-        Command::Transfer(opts) => transfer::exec(&auth, opts).and_then(|out| print(&out)),
-        Command::NeuronStake(opts) => neuron_stake::exec(&auth, opts).and_then(|out| print(&out)),
-        Command::NeuronManage(opts) => neuron_manage::exec(&auth, opts).and_then(|out| print(&out)),
-        Command::ListNeurons(opts) => list_neurons::exec(&auth, opts).and_then(|out| print(&out)),
-        Command::ClaimNeurons => claim_neurons::exec(&auth).and_then(|out| print(&out)),
+        Command::Transfer(opts) => transfer::exec(auth, opts).and_then(|out| print(&out)),
+        Command::NeuronStake(opts) => neuron_stake::exec(auth, opts).and_then(|out| print(&out)),
+        Command::NeuronManage(opts) => neuron_manage::exec(auth, opts).and_then(|out| print(&out)),
+        Command::ListNeurons(opts) => list_neurons::exec(auth, opts).and_then(|out| print(&out)),
+        Command::ClaimNeurons => claim_neurons::exec(auth).and_then(|out| print(&out)),
         Command::ListProposals(opts) => {
             runtime.block_on(async { list_proposals::exec(opts).await })
         }

src/commands/request_status.rs

@@ -11,7 +11,7 @@ pub async fn submit(req: &RequestStatus, method_name: Option<String>) -> AnyhowR
     let canister_id = Principal::from_text(&req.canister_id).expect("Couldn't parse canister id");
     let request_id =
         RequestId::from_str(&req.request_id).context("Invalid argument: request_id")?;
-    let mut agent = get_agent(&AuthInfo::PemFile(""))?;
+    let mut agent = get_agent(&AuthInfo::NoAuth)?;
     agent.set_transport(ProxySignReplicaV2Transport {
         req: req.clone(),
         http_transport: Arc::new(

src/commands/send.rs

@@ -79,7 +79,7 @@ pub async fn submit_unsigned_ingress(
     args: Vec<u8>,
     dry_run: bool,
 ) -> AnyhowResult {
-    let msg = crate::lib::signing::sign("", canister_id, method_name, args)?;
+    let msg = crate::lib::signing::sign(&AuthInfo::NoAuth, canister_id, method_name, args)?;
     let ingress = msg.message;
     send(
         &ingress,

src/lib/mod.rs

@@ -151,35 +151,29 @@ pub fn get_agent(auth: &AuthInfo) -> AnyhowResult<Agent> {
         )
         .with_ingress_expiry(Some(timeout));
 
-    match auth {
-        AuthInfo::NoAuth => builder,
-        _ => builder.with_boxed_identity(get_identity(auth)),
-    }
-    .build()
-    .map_err(|err| anyhow!(err))
+    builder
+        .with_boxed_identity(get_identity(auth))
+        .build()
+        .map_err(|err| anyhow!(err))
 }
 
 /// Returns an identity derived from the private key.
 pub fn get_identity(auth: &AuthInfo) -> Box<dyn Identity + Sync + Send> {
     match auth {
-        AuthInfo::PemFile(pem) => {
-            if pem.is_empty() {
-                return Box::new(AnonymousIdentity);
-            }
-            match Secp256k1Identity::from_pem(pem.as_bytes()) {
+        AuthInfo::NoAuth => Box::new(AnonymousIdentity),
+        AuthInfo::PemFile(pem) => match Secp256k1Identity::from_pem(pem.as_bytes()) {
+            Ok(identity) => Box::new(identity),
+            Err(_) => match BasicIdentity::from_pem(pem.as_bytes()) {
                 Ok(identity) => Box::new(identity),
                 Err(_) => match BasicIdentity::from_pem(pem.as_bytes()) {
                     Ok(identity) => Box::new(identity),
-                    Err(_) => match BasicIdentity::from_pem(pem.as_bytes()) {
-                        Ok(identity) => Box::new(identity),
-                        Err(_) => {
-                            eprintln!("Couldn't load identity from PEM file");
-                            std::process::exit(1);
-                        }
-                    },
+                    Err(_) => {
+                        eprintln!("Couldn't load identity from PEM file");
+                        std::process::exit(1);
+                    }
                 },
-            }
-        }
+            },
+        },
         AuthInfo::NitroHsm(info) => Box::new(
             hsm::HardwareIdentity::new(&info.libpath, info.slot, &info.ident, || {
                 let pin = info.pin.borrow().clone();
@@ -198,16 +192,6 @@ pub fn get_identity(auth: &AuthInfo) -> Box<dyn Identity + Sync + Send> {
             })
             .unwrap(),
         ),
-        AuthInfo::NoAuth => panic!("AuthInfo::NoAuth has no identity"),
-    }
-}
-
-pub fn require_pem(pem: &Option<String>) -> AnyhowResult<String> {
-    match pem {
-        None => Err(anyhow!(
-            "Cannot use anonymous principal, did you forget --pem-file <pem-file> ?"
-        )),
-        Some(val) => Ok(val.clone()),
     }
 }
 

src/lib/signing.rs

@@ -1,6 +1,6 @@
 use crate::lib::get_idl_string;
-use crate::lib::AnyhowResult;
 use crate::lib::{get_candid_type, get_local_candid};
+use crate::lib::{AnyhowResult, AuthInfo};
 use anyhow::anyhow;
 use ic_agent::agent::QueryBuilder;
 use ic_agent::agent::UpdateBuilder;
@@ -86,11 +86,11 @@ impl Ingress {
 }
 
 pub fn request_status_sign(
-    pem: &str,
+    auth: &AuthInfo,
     request_id: RequestId,
     canister_id: Principal,
 ) -> AnyhowResult<RequestStatus> {
-    let agent = get_agent(pem)?;
+    let agent = get_agent(auth)?;
     let val = agent.sign_request_status(canister_id, request_id)?;
     Ok(RequestStatus {
         canister_id: canister_id.to_string(),
@@ -100,7 +100,7 @@ pub fn request_status_sign(
 }
 
 pub fn sign(
-    pem: &str,
+    auth: &AuthInfo,
     canister_id: Principal,
     method_name: &str,
     args: Vec<u8>,
@@ -115,15 +115,15 @@ pub fn sign(
     let ingress_expiry = Duration::from_secs(5 * 60);
 
     let (content, request_id) = if is_query {
-        let bytes = QueryBuilder::new(&get_agent(pem)?, canister_id, method_name.to_string())
+        let bytes = QueryBuilder::new(&get_agent(auth)?, canister_id, method_name.to_string())
             .with_arg(args)
             .expire_after(ingress_expiry)
             .sign()?
             .signed_query;
         (hex::encode(bytes), None)
     } else {
         let signed_update =
-            UpdateBuilder::new(&get_agent(pem)?, canister_id, method_name.to_string())
+            UpdateBuilder::new(&get_agent(auth)?, canister_id, method_name.to_string())
                 .with_arg(args)
                 .expire_after(ingress_expiry)
                 .sign()?;
@@ -146,16 +146,16 @@ pub fn sign(
 
 /// Generates a bundle of signed messages (ingress + request status query).
 pub fn sign_ingress_with_request_status_query(
-    pem: &str,
+    auth: &AuthInfo,
     canister_id: Principal,
     method_name: &str,
     args: Vec<u8>,
 ) -> AnyhowResult<IngressWithRequestId> {
-    let msg_with_req_id = sign(pem, canister_id, method_name, args)?;
+    let msg_with_req_id = sign(auth, canister_id, method_name, args)?;
     let request_id = msg_with_req_id
         .request_id
         .expect("No request id for transfer call found");
-    let request_status = request_status_sign(pem, request_id, canister_id)?;
+    let request_status = request_status_sign(auth, request_id, canister_id)?;
     let message = IngressWithRequestId {
         ingress: msg_with_req_id.message,
         request_status,
@@ -165,11 +165,11 @@ pub fn sign_ingress_with_request_status_query(
 
 /// Generates a signed ingress message.
 pub fn sign_ingress(
-    pem: &str,
+    auth: &AuthInfo,
     canister_id: Principal,
     method_name: &str,
     args: Vec<u8>,
 ) -> AnyhowResult<Ingress> {
-    let msg = sign(pem, canister_id, method_name, args)?;
+    let msg = sign(auth, canister_id, method_name, args)?;
     Ok(msg.message)
 }