feat: adds secp256k1 keypair type to ipfs key gen command

core/commands/keystore.go

@@ -83,7 +83,7 @@ var keyGenCmd = &cmds.Command{
 		Tagline: "Create a new keypair",
 	},
 	Options: []cmds.Option{
-		cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519").WithDefault(keyStoreAlgorithmDefault),
+		cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519, secp256k1").WithDefault(keyStoreAlgorithmDefault),
 		cmds.IntOption(keyStoreSizeOptionName, "s", "size of the key to generate"),
 		ke.OptionIPNSBase,
 	},
@@ -398,7 +398,7 @@ The PEM format allows for key generation outside of the IPFS node:
 		allowAnyKeyType, _ := req.Options[keyAllowAnyTypeOptionName].(bool)
 		if !allowAnyKeyType {
 			switch t := sk.(type) {
-			case *crypto.RsaPrivateKey, *crypto.Ed25519PrivateKey:
+			case *crypto.RsaPrivateKey, *crypto.Ed25519PrivateKey, *crypto.Secp256k1PrivateKey:
 			default:
 				return fmt.Errorf("key type %T is not allowed to be imported, only RSA or Ed25519;"+
 					" use flag --%s if you are sure of what you're doing",
@@ -604,7 +604,7 @@ environment variable:
 	Arguments: []cmds.Argument{},
 	Options: []cmds.Option{
 		cmds.StringOption(oldKeyOptionName, "o", "Keystore name to use for backing up your existing identity"),
-		cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519").WithDefault(keyStoreAlgorithmDefault),
+		cmds.StringOption(keyStoreTypeOptionName, "t", "type of the key to create: rsa, ed25519, secp256k1").WithDefault(keyStoreAlgorithmDefault),
 		cmds.IntOption(keyStoreSizeOptionName, "s", "size of the key to generate"),
 	},
 	NoRemote: true,

core/coreapi/key.go

@@ -82,6 +82,14 @@ func (api *KeyAPI) Generate(ctx context.Context, name string, opts ...caopts.Key
 			return nil, err
 		}
 
+		sk = priv
+		pk = pub
+	case "secp256k1":
+		priv, pub, err := crypto.GenerateSecp256k1Key(rand.Reader)
+		if err != nil {
+			return nil, err
+		}
+
 		sk = priv
 		pk = pub
 	default:

test/sharness/lib/test-lib.sh

@@ -486,6 +486,14 @@ test_check_ed25519_b58mh_peerid() {
   }
 }
 
+test_check_secp256k1_b58mh_peerid() {
+  peeridlen=$(echo "$1" | tr -dC "[:alnum:]" | wc -c | tr -d " ") &&
+  test "$peeridlen" = "53" || {
+    echo "Bad SECP256K1 B58MH peerid '$1' with len '$peeridlen'"
+    return 1
+  }
+}
+
 test_check_rsa2048_base36_peerid() {
   peeridlen=$(echo "$1" | tr -dC "[:alnum:]" | wc -c | tr -d " ") &&
   test "$peeridlen" = "56" || {
@@ -502,6 +510,14 @@ test_check_ed25519_base36_peerid() {
   }
 }
 
+test_check_secp256k1_base36_peerid() {
+  peeridlen=$(echo "$1" | tr -dC "[:alnum:]" | wc -c | tr -d " ") &&
+  test "$peeridlen" = "63" || {
+    echo "Bad SECP256K1 B36CID peerid '$1' with len '$peeridlen'"
+    return 1
+  }
+}
+
 convert_tcp_maddr() {
   echo $1 | awk -F'/' '{ printf "%s:%s", $3, $5 }'
 }

test/sharness/t0027-rotate.sh

@@ -87,12 +87,19 @@ test_rotate() {
 }
 test_rotate 'rsa' ''
 test_rotate 'ed25519' ''
+test_rotate 'secp256k1' ''
 test_rotate '' ''
 test_rotate 'rsa' 'rsa'
 test_rotate 'ed25519' 'rsa'
+test_rotate 'secp256k1' 'rsa'
 test_rotate '' 'rsa'
 test_rotate 'rsa' 'ed25519'
 test_rotate 'ed25519' 'ed25519'
+test_rotate 'secp256k1' 'ed25519'
 test_rotate '' 'ed25519'
+test_rotate 'rsa' 'secp256k1'
+test_rotate 'ed25519' 'secp256k1'
+test_rotate 'secp256k1' 'secp256k1'
+test_rotate '' 'secp256k1'
 
 test_done

test/sharness/t0165-keystore.sh

@@ -55,6 +55,29 @@ PEERID=$(ipfs key list --ipns-base=base36 -l | grep key_ed25519 | head -n 1 | cu
 test_check_ed25519_base36_peerid $PEERID &&
 ipfs key rm key_ed25519
 '
+
+test_expect_success "create an SECP256k1 key and test B58MH/B36CID output formats" '
+PEERID=$(ipfs key gen --ipns-base=b58mh --type=secp256k1 key_secp256k1) &&
+test_check_secp256k1_b58mh_peerid $PEERID &&
+ipfs key rm key_secp256k1 &&
+PEERID=$(ipfs key gen --ipns-base=base36 --type=secp256k1 key_secp256k1) &&
+test_check_secp256k1_base36_peerid $PEERID
+'
+
+test_expect_success "test SECP256k1 key sk export format" '
+ipfs key export key_secp256k1 &&
+test_check_ed25519_sk key_secp256k1.key &&
+rm key_secp256k1.key
+'
+
+test_expect_success "test SECP256k1 key B58MH/B36CID multihash format" '
+PEERID=$(ipfs key list --ipns-base=b58mh -l | grep key_secp256k1 | head -n 1 | cut -d " " -f1) &&
+test_check_secp256k1_b58mh_peerid $PEERID &&
+PEERID=$(ipfs key list --ipns-base=base36 -l | grep key_secp256k1 | head -n 1 | cut -d " " -f1) &&
+test_check_secp256k1_base36_peerid $PEERID &&
+ipfs key rm key_secp256k1
+'
+
 # end of format test
 
 
@@ -72,6 +95,11 @@ ipfs key rm key_ed25519
 
   test_key_import_export_all_formats ed25519_key
 
+  test_expect_success "create a new secp256k1 key" '
+    k1hash=$(ipfs key gen generated_secp256k1_key --type=secp256k1)
+    echo $k1hash > secp256k1_key_id
+  '
+
   test_openssl_compatibility_all_types
 
   INVALID_KEY=../t0165-keystore-data/openssl_secp384r1.pem
@@ -116,6 +144,7 @@ ipfs key rm key_ed25519
   test_expect_success "all keys show up in list output" '
     echo generated_ed25519_key > list_exp &&
     echo generated_rsa_key >> list_exp &&
+    echo generated_secp256k1_key >> list_exp &&
     echo quxel >> list_exp &&
     echo self >> list_exp
     ipfs key list > list_out &&
@@ -135,6 +164,7 @@ ipfs key rm key_ed25519
   test_expect_success "key rm remove a key" '
     ipfs key rm generated_rsa_key
     echo generated_ed25519_key > list_exp &&
+    echo generated_secp256k1_key >> list_exp &&
     echo quxel >> list_exp &&
     echo self >> list_exp
     ipfs key list > list_out &&
@@ -149,6 +179,7 @@ ipfs key rm key_ed25519
   test_expect_success "key rename rename a key" '
     ipfs key rename generated_ed25519_key fooed
     echo fooed > list_exp &&
+    echo generated_secp256k1_key >> list_exp &&
     echo quxel >> list_exp &&
     echo self >> list_exp
     ipfs key list > list_out &&