Qortal/piratewallet-light-cli
3
0
Fork 0
mirror of https://github.com/Qortal/piratewallet-light-cli.git synced 2025-01-30 18:42:15 +00:00
Code Issues Projects Releases Wiki Activity

Switch GRPC to tonic

Browse Source
This commit is contained in:
Aditya Kulkarni 2020-02-04 10:20:53 -08:00
commit 14fe907cf6
11 changed files with 1646 additions and 1565 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2692
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

2
cli/Cargo.toml
View File

@ -10,7 +10,7 @@ log = "0.4"
log4rs = "0.8.3"
shellwords = "1.0.0"
json = "0.12.0"
http = "0.1"
http = "0.2"
byteorder = "1"
tiny-bip39 = "0.6.2"

2
cli/src/main.rs
View File

@ -44,7 +44,7 @@ pub fn main() {
let server = LightClientConfig::get_server_or_default(maybe_server);
// Test to make sure the server has all of scheme, host and port
if server.scheme_str().is_none() || server.host().is_none() || server.port_part().is_none() {
if server.scheme_str().is_none() || server.host().is_none() || server.port().is_none() {
eprintln!("Please provide the --server parameter as [scheme]://[host]:[port].\nYou provided: {}", server);
return;
}

28
lib/Cargo.toml
View File

@ -4,18 +4,11 @@ version = "0.1.0"
edition = "2018"
[dependencies]
tower-grpc = "0.1.1"
futures = "0.1"
bytes = "0.4"
base58 = "0.1.0"
log = "0.4"
log4rs = "0.8.3"
dirs = "2.0.2"
http = "0.1"
prost = "0.5"
tokio = "0.1"
tower-request-modifier = "0.1.0"
tower-util = "0.1"
http = "0.2"
hex = "0.3"
protobuf = "2"
byteorder = "1"
@ -24,17 +17,20 @@ tiny-bip39 = "0.6.2"
secp256k1 = "=0.15.0"
sha2 = "0.8.0"
ripemd160 = "0.8.0"
ring = "0.14.0"
lazy_static = "1.2.0"
tower-service = "0.2"
tokio-rustls = "0.10.0-alpha.3"
rustls = { version = "0.15.2", features = ["dangerous_configuration"] }
webpki = "0.19.1"
webpki-roots = "0.16.0"
tower-h2 = { git = "https://github.com/tower-rs/tower-h2", rev="0865040d699697bbaf1c3b77b3f256b72f98cdf4" }
rust-embed = { version = "5.1.0", features = ["debug-embed"] }
rand = "0.7.2"
sodiumoxide = "0.2.5"
ring = "0.16.9"
tonic = { version = "0.1.1", features = ["tls", "tls-roots"] }
bytes = "0.4"
prost = "0.6"
prost-types = "0.6"
tokio = { version = "0.2", features = ["rt-threaded", "time", "stream", "fs", "macros", "uds", "full"] }
tokio-rustls = { version = "0.12.1", features = ["dangerous_configuration"] }
webpki = "0.21.0"
webpki-roots = "0.18.0"
[dependencies.bellman]
git = "https://github.com/adityapk00/librustzcash.git"
@ -68,7 +64,7 @@ rev = "188537ea025fcb7fbdfc11266f307a084a5451e4"
features = ["ff_derive"]
[build-dependencies]
tower-grpc-build = { git = "https://github.com/tower-rs/tower-grpc", features = ["tower-hyper"] }
tonic-build = "0.1.1"
[dev-dependencies]
tempdir = "0.3.7"

17
lib/build.rs
View File

@ -1,12 +1,11 @@
fn main() {
// Build proto files
tower_grpc_build::Config::new()
.enable_server(false)
.enable_client(true)
.build(
fn main() -> Result<(), Box<dyn std::error::Error>> {
tonic_build::configure()
.build_server(false)
.compile(
&["proto/service.proto", "proto/compact_formats.proto"],
&["proto"],
)
.unwrap_or_else(|e| panic!("protobuf compilation failed: {}", e));
)?;
println!("cargo:rerun-if-changed=proto/service.proto");
}
Ok(())
}

9
lib/res/lightwalletd-zecwallet-co-chain.pem Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgIQTDeZq2Gop4DpbrFgHvOUDjANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMB4XDTIwMDIwNDAwMDAwMFoXDTIyMDIwMzIzNTk1OVowJDEiMCAGA1UEAxMZbGlnaHR3YWxsZXRkLnplY3dhbGxldC5jbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMltQjaf7N+T99fDtyvgGXUY5G6gnO+WBjvElQaZCuBSDGhuXHl1sPCDBUPAvQt0CrL7C1fJpA4INiPaHVGJ574770jwJ3xkQvxZFGM3sV6/kalh8APuIC/i2lxOadLR8j643OT3WC9TulBCMian8gZpBsuqYYlmhcOVEQfhQPEDTghdCtmpQsMiAvEZ609q4Ekf6SkoDuNXMlRZ0j6Q7czk/xipkZerhffhHAexplhZp09FUdILAMR1MtcV1ypuQPIDfBkSsXP32Z/F79RLmkOHAqm8WfWCDsVbD3k8l7cSrdK7aey2YdnD6VJNXY5FXy2utZ/7usVZVxodH8VbygMCAwEAAaOCAxswggMXMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBTM5WxCpup5VuYNsbZEBpp2/KYa0TAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wQwYDVR0RBDwwOoIZbGlnaHR3YWxsZXRkLnplY3dhbGxldC5jb4Idd3d3LmxpZ2h0d2FsbGV0ZC56ZWN3YWxsZXQuY28wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABcA6d4oEAAAQDAEgwRgIhAKkKQt7FNXEAZiINYexANoWTPZNlUduuW3xGbPi5aWeMAiEA5BkA06GhhNFnKAGd198YEzREZlspnfwGgCBd/zzJAtYAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXAOneJbAAAEAwBHMEUCIEg6F6i9eN56uCdRpx8v+wOffRn4W1U7Fpe+TFG/xCnKAiEAhPgkKmmeKDNCTmOVuhfvT18WDuVxhzJ06FHqPILNZ00AdgAiRUUHWVUkVpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXAOneJgAAAEAwBHMEUCIQDr3mTAQSwBSEgvhhIRUn9tdegpoT2aJaIyou2kblUW2gIgLC7nPFx+7q231Wt96PKlo+vmo+MNeLXa8MsCS147lv8wDQYJKoZIhvcNAQELBQADggEBAIl3QQ0u33gGzu7/kLoX7IeVzvxOY5gScaOzgr7gCSds4kWPW18jKs/N3r/pVn7hvMZi50tKyOUPBIz2y9mZQW3Kh3kmY9XU+LP1sknMu+lORPahXBrFlIqqk0m5TrUryR+FG8ccOHGVIgc7EU3I4QynYlNPlepT18iUMa405VegQ7kdDwkNftD6E98HkPdM6EwIRBk7d12lCmLbbWdW9Hzmat+bGZOSfKmln20E+/hRozkeaFK+bZONSHy5EfxracIhQACMHLACqpvg03V6chv3MzNwbfsxv21B7Mv0muf7R+ew8SK8x8Dru4+We0eOInfCVMDIVbYowlCE428L3Hs=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+NTQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkjeocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0EoKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBskHaswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotYuK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/HukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGiH19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUxRP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLvxvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyALl6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhYLcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkYtJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmTYo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97lc6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4eeUB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeEHg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPFUp/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KOVWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcRiQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYzeSf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZXHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRBVXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aBL6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfGjjxDah2nGN59PRbxYvnKkKj9
-----END CERTIFICATE-----

415
lib/src/grpcconnector.rs
View File

@ -1,30 +1,18 @@
use log::{error};
use std::sync::{Arc};
use std::net::ToSocketAddrs;
use std::net::SocketAddr;
use futures::{Future};
use futures::stream::Stream;
use tower_h2;
use tower_util::MakeService;
use tower_grpc::Request;
use tokio_rustls::client::TlsStream;
use tokio_rustls::{rustls::ClientConfig, TlsConnector};
use tokio::executor::DefaultExecutor;
use tokio::net::tcp::TcpStream;
use std::sync::Arc;
use zcash_primitives::transaction::{TxId};
use crate::grpc_client::{ChainSpec, BlockId, BlockRange, RawTransaction,
TransparentAddressBlockFilter, TxFilter, Empty, LightdInfo};
use crate::grpc_client::client::CompactTxStreamer;
use tonic::transport::{Channel, ClientTlsConfig};
use tokio_rustls::{rustls::ClientConfig};
use tonic::{Request};
use crate::PubCertificate;
use crate::grpc_client::compact_tx_streamer_client::CompactTxStreamerClient;
mod danger {
use rustls;
use tokio_rustls::rustls;
use webpki;
pub struct NoCertificateVerification {}
@ -40,278 +28,221 @@ mod danger {
}
}
/// A Secure (https) grpc destination.
struct Dst {
addr: SocketAddr,
host: String,
no_cert: bool,
}
impl tower_service::Service<()> for Dst {
type Response = TlsStream<TcpStream>;
type Error = ::std::io::Error;
type Future = Box<dyn Future<Item = TlsStream<TcpStream>, Error = ::std::io::Error> + Send>;
fn poll_ready(&mut self) -> futures::Poll<(), Self::Error> {
Ok(().into())
}
fn call(&mut self, _: ()) -> Self::Future {
async fn get_client(uri: &http::Uri, no_cert: bool) -> Result<CompactTxStreamerClient<Channel>, Box<dyn std::error::Error>> {
let channel = if uri.scheme_str() == Some("http") {
//println!("http");
Channel::builder(uri.clone()).connect().await?
} else {
//println!("https");
let mut config = ClientConfig::new();
config.alpn_protocols.push(b"h2".to_vec());
config.root_store.add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS);
config.root_store.add_pem_file(
&mut PubCertificate::get("lightwalletd-zecwallet-co-chain.pem").unwrap().as_ref()).unwrap();
if self.no_cert {
if no_cert {
config.dangerous()
.set_certificate_verifier(Arc::new(danger::NoCertificateVerification {}));
}
let config = Arc::new(config);
let tls_connector = TlsConnector::from(config);
let tls = ClientTlsConfig::new()
.rustls_client_config(config)
.domain_name(uri.host().unwrap());
Channel::builder(uri.clone())
.tls_config(tls)
.connect()
.await?
};
let addr_string_local = self.host.clone();
let domain = match webpki::DNSNameRef::try_from_ascii_str(&addr_string_local) {
Ok(d) => d,
Err(_) => webpki::DNSNameRef::try_from_ascii_str("localhost").unwrap()
};
let domain_local = domain.to_owned();
let stream = TcpStream::connect(&self.addr).and_then(move |sock| {
sock.set_nodelay(true).unwrap();
tls_connector.connect(domain_local.as_ref(), sock)
})
.map(move |tcp| tcp);
Box::new(stream)
}
Ok(CompactTxStreamerClient::new(channel))
}
// Same implementation but without TLS. Should make it straightforward to run without TLS
// when testing on local machine
//
// impl tower_service::Service<()> for Dst {
// type Response = TcpStream;
// type Error = ::std::io::Error;
// type Future = Box<dyn Future<Item = TcpStream, Error = ::std::io::Error> + Send>;
//
// fn poll_ready(&mut self) -> futures::Poll<(), Self::Error> {
// Ok(().into())
// }
//
// fn call(&mut self, _: ()) -> Self::Future {
// let mut config = ClientConfig::new();
// config.alpn_protocols.push(b"h2".to_vec());
// config.root_store.add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS);
//
// let stream = TcpStream::connect(&self.addr)
// .and_then(move |sock| {
// sock.set_nodelay(true).unwrap();
// Ok(sock)
// });
// Box::new(stream)
// }
// }
macro_rules! make_grpc_client {
($protocol:expr, $host:expr, $port:expr, $nocert:expr) => {{
let uri: http::Uri = format!("{}://{}", $protocol, $host).parse().unwrap();
let addr = format!("{}:{}", $host, $port)
.to_socket_addrs()
.unwrap()
.next()
.unwrap();
let h2_settings = Default::default();
let mut make_client = tower_h2::client::Connect::new(Dst {addr, host: $host.to_string(), no_cert: $nocert}, h2_settings, DefaultExecutor::current());
make_client
.make_service(())
.map_err(|e| { format!("HTTP/2 connection failed; err={:?}.\nIf you're connecting to a local server, please pass --dangerous to trust the server without checking its TLS certificate", e) })
.and_then(move |conn| {
let conn = tower_request_modifier::Builder::new()
.set_origin(uri)
.build(conn)
.unwrap();
CompactTxStreamer::new(conn)
// Wait until the client is ready...
.ready()
.map_err(|e| { format!("client closed: {:?}", e) })
})
}};
}
// ==============
// GRPC code
// ==============
async fn get_lightd_info(uri: &http::Uri, no_cert: bool) -> Result<LightdInfo, Box<dyn std::error::Error>> {
let mut client = get_client(uri, no_cert).await?;
pub fn get_info(uri: http::Uri, no_cert: bool) -> Result<LightdInfo, String> {
let runner = make_grpc_client!(uri.scheme_str().unwrap(), uri.host().unwrap(), uri.port_part().unwrap(), no_cert)
.and_then(move |mut client| {
client.get_lightd_info(Request::new(Empty{}))
.map_err(|e| {
format!("ERR = {:?}", e)
})
.and_then(move |response| {
Ok(response.into_inner())
})
.map_err(|e| {
format!("ERR = {:?}", e)
})
});
let request = Request::new(Empty {});
tokio::runtime::current_thread::Runtime::new().unwrap().block_on(runner)
let response = client.get_lightd_info(request).await?;
Ok(response.into_inner())
}
pub fn get_info(uri: &http::Uri, no_cert: bool) -> Result<LightdInfo, String> {
let mut rt = tokio::runtime::Runtime::new().map_err(|e| e.to_string())?;
rt.block_on(get_lightd_info(uri, no_cert)).map_err( |e| e.to_string())
}
pub fn fetch_blocks<F : 'static + std::marker::Send>(uri: &http::Uri, start_height: u64, end_height: u64, no_cert: bool, mut c: F)
async fn get_block_range<F : 'static + std::marker::Send>(uri: &http::Uri, start_height: u64, end_height: u64, no_cert: bool, mut c: F)
-> Result<(), Box<dyn std::error::Error>>
where F : FnMut(&[u8], u64) {
let mut client = get_client(uri, no_cert).await?;
let bs = BlockId{ height: start_height, hash: vec!()};
let be = BlockId{ height: end_height, hash: vec!()};
let request = Request::new(BlockRange{ start: Some(bs), end: Some(be) });
let mut response = client.get_block_range(request).await?.into_inner();
//println!("{:?}", response);
while let Some(block) = response.message().await? {
use prost::Message;
let mut encoded_buf = vec![];
block.encode(&mut encoded_buf).unwrap();
c(&encoded_buf, block.height);
}
Ok(())
}
pub fn fetch_blocks<F : 'static + std::marker::Send>(uri: &http::Uri, start_height: u64, end_height: u64, no_cert: bool, c: F)
where F : FnMut(&[u8], u64) {
let runner = make_grpc_client!(uri.scheme_str().unwrap(), uri.host().unwrap(), uri.port_part().unwrap(), no_cert)
.and_then(move |mut client| {
let bs = BlockId{ height: start_height, hash: vec!()};
let be = BlockId{ height: end_height, hash: vec!()};
let br = Request::new(BlockRange{ start: Some(bs), end: Some(be)});
client
.get_block_range(br)
.map_err(|e| {
format!("RouteChat request failed; err={:?}", e)
})
.and_then(move |response| {
let inbound = response.into_inner();
inbound.for_each(move |b| {
use prost::Message;
let mut encoded_buf = vec![];
b.encode(&mut encoded_buf).unwrap();
c(&encoded_buf, b.height);
Ok(())
})
.map_err(|e| format!("gRPC inbound stream error: {:?}", e))
})
});
match tokio::runtime::current_thread::Runtime::new().unwrap().block_on(runner) {
Ok(_) => {}, // The result is processed in callbacks, so nothing to do here
let mut rt = match tokio::runtime::Runtime::new() {
Ok(r) => r,
Err(e) => {
error!("Error while executing fetch_blocks: {}", e);
error!("Error fetching blocks {}", e.to_string());
eprintln!("{}", e);
return;
}
};
rt.block_on(get_block_range(uri, start_height, end_height, no_cert, c)).unwrap();
}
// get_address_txids GRPC call
async fn get_address_txids<F : 'static + std::marker::Send>(uri: &http::Uri, address: String,
start_height: u64, end_height: u64, no_cert: bool, c: F) -> Result<(), Box<dyn std::error::Error>>
where F : Fn(&[u8], u64) {
let mut client = get_client(uri, no_cert).await?;
let start = Some(BlockId{ height: start_height, hash: vec!()});
let end = Some(BlockId{ height: end_height, hash: vec!()});
let request = Request::new(TransparentAddressBlockFilter{ address, range: Some(BlockRange{start, end}) });
let maybe_response = client.get_address_txids(request).await?;
let mut response = maybe_response.into_inner();
while let Some(tx) = response.message().await? {
c(&tx.data, tx.height);
}
Ok(())
}
pub fn fetch_transparent_txids<F : 'static + std::marker::Send>(uri: &http::Uri, address: String,
start_height: u64, end_height: u64, no_cert: bool, c: F)
where F : Fn(&[u8], u64) {
let runner = make_grpc_client!(uri.scheme_str().unwrap(), uri.host().unwrap(), uri.port_part().unwrap(), no_cert)
.and_then(move |mut client| {
let start = Some(BlockId{ height: start_height, hash: vec!()});
let end = Some(BlockId{ height: end_height, hash: vec!()});
let br = Request::new(TransparentAddressBlockFilter{ address, range: Some(BlockRange{start, end}) });
client
.get_address_txids(br)
.map_err(|e| {
format!("RouteChat request failed; err={:?}", e)
})
.and_then(move |response| {
let inbound = response.into_inner();
inbound.for_each(move |tx| {
//let tx = Transaction::read(&tx.into_inner().data[..]).unwrap();
c(&tx.data, tx.height);
Ok(())
})
.map_err(|e| format!("gRPC inbound stream error: {:?}", e))
})
});
match tokio::runtime::current_thread::Runtime::new().unwrap().block_on(runner) {
Ok(_) => {}, // The result is processed in callbacks, so nothing to do here
start_height: u64, end_height: u64, no_cert: bool, c: F)
where F : Fn(&[u8], u64) {
let mut rt = match tokio::runtime::Runtime::new() {
Ok(r) => r,
Err(e) => {
error!("Error while executing fetch_transparent_txids: {}", e);
error!("Error creating runtime {}", e.to_string());
eprintln!("{}", e);
return;
}
};
rt.block_on(get_address_txids(uri, address, start_height, end_height, no_cert, c)).unwrap();
}
// get_transaction GRPC call
async fn get_transaction(uri: &http::Uri, txid: TxId, no_cert: bool)
-> Result<RawTransaction, Box<dyn std::error::Error>> {
let mut client = get_client(uri, no_cert).await?;
let request = Request::new(TxFilter { block: None, index: 0, hash: txid.0.to_vec() });
let response = client.get_transaction(request).await?;
Ok(response.into_inner())
}
pub fn fetch_full_tx<F : 'static + std::marker::Send>(uri: &http::Uri, txid: TxId, no_cert: bool, c: F)
where F : Fn(&[u8]) {
let runner = make_grpc_client!(uri.scheme_str().unwrap(), uri.host().unwrap(), uri.port_part().unwrap(), no_cert)
.and_then(move |mut client| {
let txfilter = TxFilter { block: None, index: 0, hash: txid.0.to_vec() };
client.get_transaction(Request::new(txfilter))
.map_err(|e| {
format!("RouteChat request failed; err={:?}", e)
})
.and_then(move |response| {
c(&response.into_inner().data);
Ok(())
})
.map_err(|e| { format!("ERR = {:?}", e) })
});
match tokio::runtime::current_thread::Runtime::new().unwrap().block_on(runner) {
Ok(_) => {}, // The result is processed in callbacks, so nothing to do here
let mut rt = match tokio::runtime::Runtime::new() {
Ok(r) => r,
Err(e) => {
error!("Error while executing fetch_full_tx: {}", e);
error!("Error creating runtime {}", e.to_string());
eprintln!("{}", e);
return;
}
};
match rt.block_on(get_transaction(uri, txid, no_cert)) {
Ok(rawtx) => c(&rawtx.data),
Err(e) => {
error!("Error in get_transaction runtime {}", e.to_string());
eprintln!("{}", e);
}
}
}
// send_transaction GRPC call
async fn send_transaction(uri: &http::Uri, no_cert: bool, tx_bytes: Box<[u8]>) -> Result<String, Box<dyn std::error::Error>> {
let mut client = get_client(uri, no_cert).await?;
let request = Request::new(RawTransaction {data: tx_bytes.to_vec(), height: 0});
let response = client.send_transaction(request).await?;
let sendresponse = response.into_inner();
if sendresponse.error_code == 0 {
let mut txid = sendresponse.error_message;
if txid.starts_with("\"") && txid.ends_with("\"") {
txid = txid[1..txid.len()-1].to_string();
}
Ok(txid)
} else {
Err(Box::from(format!("Error: {:?}", sendresponse)))
}
}
pub fn broadcast_raw_tx(uri: &http::Uri, no_cert: bool, tx_bytes: Box<[u8]>) -> Result<String, String> {
let runner = make_grpc_client!(uri.scheme_str().unwrap(), uri.host().unwrap(), uri.port_part().unwrap(), no_cert)
.and_then(move |mut client| {
client.send_transaction(Request::new(RawTransaction {data: tx_bytes.to_vec(), height: 0}))
.map_err(|e| {
format!("ERR = {:?}", e)
})
.and_then(move |response| {
let sendresponse = response.into_inner();
if sendresponse.error_code == 0 {
let mut txid = sendresponse.error_message;
if txid.starts_with("\"") && txid.ends_with("\"") {
txid = txid[1..txid.len()-1].to_string();
}
let mut rt = tokio::runtime::Runtime::new().map_err(|e| e.to_string())?;
Ok(txid)
} else {
Err(format!("Error: {:?}", sendresponse))
}
})
.map_err(|e| { format!("ERR = {:?}", e) })
});
rt.block_on(send_transaction(uri, no_cert, tx_bytes)).map_err( |e| e.to_string())
}
tokio::runtime::current_thread::Runtime::new().unwrap().block_on(runner)
// get_latest_block GRPC call
async fn get_latest_block(uri: &http::Uri, no_cert: bool) -> Result<BlockId, Box<dyn std::error::Error>> {
let mut client = get_client(uri, no_cert).await?;
let request = Request::new(ChainSpec {});
let response = client.get_latest_block(request).await?;
Ok(response.into_inner())
}
pub fn fetch_latest_block<F : 'static + std::marker::Send>(uri: &http::Uri, no_cert: bool, mut c : F)
where F : FnMut(BlockId) {
let runner = make_grpc_client!(uri.scheme_str().unwrap(), uri.host().unwrap(), uri.port_part().unwrap(), no_cert)
.and_then(|mut client| {
client.get_latest_block(Request::new(ChainSpec {}))
.map_err(|e| { format!("ERR = {:?}", e) })
.and_then(move |response| {
c(response.into_inner());
Ok(())
})
.map_err(|e| { format!("ERR = {:?}", e) })
});
match tokio::runtime::current_thread::Runtime::new().unwrap().block_on(runner) {
Ok(_) => {}, // The result is processed in callbacks, so nothing to do here
let mut rt = match tokio::runtime::Runtime::new() {
Ok(r) => r,
Err(e) => {
error!("Error while executing fetch_latest_block: {}", e);
error!("Error creating runtime {}", e.to_string());
eprintln!("{}", e);
return;
}
};
match rt.block_on(get_latest_block(uri, no_cert)) {
Ok(b) => c(b),
Err(e) => {
error!("Error getting latest block {}", e.to_string());
eprintln!("{}", e);
}
};

8
lib/src/lib.rs
View File

@ -11,9 +11,13 @@ pub mod commands;
#[folder = "zcash-params/"]
pub struct SaplingParams;
#[derive(RustEmbed)]
#[folder = "res/"]
pub struct PubCertificate;
pub const ANCHOR_OFFSET: u32 = 4;
pub mod grpc_client {
include!(concat!(env!("OUT_DIR"), "/cash.z.wallet.sdk.rpc.rs"));
tonic::include_proto!("cash.z.wallet.sdk.rpc");
}

10
lib/src/lightclient.rs
View File

@ -37,7 +37,7 @@ use crate::ANCHOR_OFFSET;
mod checkpoints;
pub const DEFAULT_SERVER: &str = "https://lightd-main.zecwallet.co:443";
pub const DEFAULT_SERVER: &str = "https://lightwalletd.zecwallet.co:1443";
pub const WALLET_NAME: &str = "zecwallet-light-wallet.dat";
pub const LOGFILE_NAME: &str = "zecwallet-light-wallet.debug.log";
@ -87,13 +87,13 @@ impl LightClientConfig {
pub fn create(server: http::Uri, dangerous: bool) -> io::Result<(LightClientConfig, u64)> {
use std::net::ToSocketAddrs;
// Test for a connection first
format!("{}:{}", server.host().unwrap(), server.port_part().unwrap())
format!("{}:{}", server.host().unwrap(), server.port().unwrap())
.to_socket_addrs()?
.next()
.ok_or(std::io::Error::new(ErrorKind::ConnectionRefused, "Couldn't resolve server!"))?;
// Do a getinfo first, before opening the wallet
let info = grpcconnector::get_info(server.clone(), dangerous)
let info = grpcconnector::get_info(&server, dangerous)
.map_err(|e| std::io::Error::new(ErrorKind::ConnectionRefused, e))?;
// Create a Light Client Config
@ -199,7 +199,7 @@ impl LightClientConfig {
Some(s) => {
let mut s = if s.starts_with("http") {s} else { "http://".to_string() + &s};
let uri: http::Uri = s.parse().unwrap();
if uri.port_part().is_none() {
if uri.port().is_none() {
s = s + ":443";
}
s
@ -583,7 +583,7 @@ impl LightClient {
}
pub fn do_info(&self) -> String {
match get_info(self.get_server_uri(), self.config.no_cert_verification) {
match get_info(&self.get_server_uri(), self.config.no_cert_verification) {
Ok(i) => {
let o = object!{
"version" => i.version,

19
lib/src/lightwallet/extended_key.rs
View File

@ -1,6 +1,5 @@
use ring::{
digest,
hmac::{SigningContext, SigningKey},
hmac::{self, Context, Key},
};
use lazy_static::lazy_static;
use secp256k1::{PublicKey, Secp256k1, SecretKey, SignOnly, VerifyOnly, Error};
@ -74,8 +73,8 @@ impl ExtendedPrivKey {
/// Generate an ExtendedPrivKey from seed
pub fn with_seed(seed: &[u8]) -> Result<ExtendedPrivKey, Error> {
let signature = {
let signing_key = SigningKey::new(&digest::SHA512, b"Bitcoin seed");
let mut h = SigningContext::with_key(&signing_key);
let signing_key = Key::new(hmac::HMAC_SHA512, b"Bitcoin seed");
let mut h = Context::with_key(&signing_key);
h.update(&seed);
h.sign()
};
@ -88,18 +87,18 @@ impl ExtendedPrivKey {
})
}
fn sign_hardended_key(&self, index: u32) -> ring::hmac::Signature {
let signing_key = SigningKey::new(&digest::SHA512, &self.chain_code);
let mut h = SigningContext::with_key(&signing_key);
fn sign_hardended_key(&self, index: u32) -> ring::hmac::Tag {
let signing_key = Key::new(hmac::HMAC_SHA512, &self.chain_code);
let mut h = Context::with_key(&signing_key);
h.update(&[0x00]);
h.update(&self.private_key[..]);
h.update(&index.to_be_bytes());
h.sign()
}
fn sign_normal_key(&self, index: u32) -> ring::hmac::Signature {
let signing_key = SigningKey::new(&digest::SHA512, &self.chain_code);
let mut h = SigningContext::with_key(&signing_key);
fn sign_normal_key(&self, index: u32) -> ring::hmac::Tag {
let signing_key = Key::new(hmac::HMAC_SHA512, &self.chain_code);
let mut h = Context::with_key(&signing_key);
let public_key = PublicKey::from_secret_key(&SECP256K1_SIGN_ONLY, &self.private_key);
h.update(&public_key.serialize());
h.update(&index.to_be_bytes());

9
res/lightwalletd-zecwallet-co-chain.pem Normal file
View File

@ -0,0 +1,9 @@
-----BEGIN CERTIFICATE-----
MIIGWzCCBUOgAwIBAgIQTDeZq2Gop4DpbrFgHvOUDjANBgkqhkiG9w0BAQsFADCBjzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMB4XDTIwMDIwNDAwMDAwMFoXDTIyMDIwMzIzNTk1OVowJDEiMCAGA1UEAxMZbGlnaHR3YWxsZXRkLnplY3dhbGxldC5jbzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMltQjaf7N+T99fDtyvgGXUY5G6gnO+WBjvElQaZCuBSDGhuXHl1sPCDBUPAvQt0CrL7C1fJpA4INiPaHVGJ574770jwJ3xkQvxZFGM3sV6/kalh8APuIC/i2lxOadLR8j643OT3WC9TulBCMian8gZpBsuqYYlmhcOVEQfhQPEDTghdCtmpQsMiAvEZ609q4Ekf6SkoDuNXMlRZ0j6Q7czk/xipkZerhffhHAexplhZp09FUdILAMR1MtcV1ypuQPIDfBkSsXP32Z/F79RLmkOHAqm8WfWCDsVbD3k8l7cSrdK7aey2YdnD6VJNXY5FXy2utZ/7usVZVxodH8VbygMCAwEAAaOCAxswggMXMB8GA1UdIwQYMBaAFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMB0GA1UdDgQWBBTM5WxCpup5VuYNsbZEBpp2/KYa0TAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwSQYDVR0gBEIwQDA0BgsrBgEEAbIxAQICBzAlMCMGCCsGAQUFBwIBFhdodHRwczovL3NlY3RpZ28uY29tL0NQUzAIBgZngQwBAgEwgYQGCCsGAQUFBwEBBHgwdjBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5zZWN0aWdvLmNvbS9TZWN0aWdvUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAjBggrBgEFBQcwAYYXaHR0cDovL29jc3Auc2VjdGlnby5jb20wQwYDVR0RBDwwOoIZbGlnaHR3YWxsZXRkLnplY3dhbGxldC5jb4Idd3d3LmxpZ2h0d2FsbGV0ZC56ZWN3YWxsZXQuY28wggF/BgorBgEEAdZ5AgQCBIIBbwSCAWsBaQB3AEalVet1+pEgMLWiiWn0830RLEF0vv1JuIWr8vxw/m1HAAABcA6d4oEAAAQDAEgwRgIhAKkKQt7FNXEAZiINYexANoWTPZNlUduuW3xGbPi5aWeMAiEA5BkA06GhhNFnKAGd198YEzREZlspnfwGgCBd/zzJAtYAdgBvU3asMfAxGdiZAKRRFf93FRwR2QLBACkGjbIImjfZEwAAAXAOneJbAAAEAwBHMEUCIEg6F6i9eN56uCdRpx8v+wOffRn4W1U7Fpe+TFG/xCnKAiEAhPgkKmmeKDNCTmOVuhfvT18WDuVxhzJ06FHqPILNZ00AdgAiRUUHWVUkVpY/oS/x922G4CMmY63AS39dxoNcbuIPAgAAAXAOneJgAAAEAwBHMEUCIQDr3mTAQSwBSEgvhhIRUn9tdegpoT2aJaIyou2kblUW2gIgLC7nPFx+7q231Wt96PKlo+vmo+MNeLXa8MsCS147lv8wDQYJKoZIhvcNAQELBQADggEBAIl3QQ0u33gGzu7/kLoX7IeVzvxOY5gScaOzgr7gCSds4kWPW18jKs/N3r/pVn7hvMZi50tKyOUPBIz2y9mZQW3Kh3kmY9XU+LP1sknMu+lORPahXBrFlIqqk0m5TrUryR+FG8ccOHGVIgc7EU3I4QynYlNPlepT18iUMa405VegQ7kdDwkNftD6E98HkPdM6EwIRBk7d12lCmLbbWdW9Hzmat+bGZOSfKmln20E+/hRozkeaFK+bZONSHy5EfxracIhQACMHLACqpvg03V6chv3MzNwbfsxv21B7Mv0muf7R+ew8SK8x8Dru4+We0eOInfCVMDIVbYowlCE428L3Hs=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIGEzCCA/ugAwIBAgIQfVtRJrR2uhHbdBYLvFMNpzANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTgxMTAyMDAwMDAwWhcNMzAxMjMxMjM1OTU5WjCBjzELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEYMBYGA1UEChMPU2VjdGlnbyBMaW1pdGVkMTcwNQYDVQQDEy5TZWN0aWdvIFJTQSBEb21haW4gVmFsaWRhdGlvbiBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1nMz1tc8INAA0hdFuNY+B6I/x0HuMjDJsGz99J/LEpgPLT+NTQEMgg8Xf2Iu6bhIefsWg06t1zIlk7cHv7lQP6lMw0Aq6Tn/2YHKHxYyQdqAJrkjeocgHuP/IJo8lURvh3UGkEC0MpMWCRAIIz7S3YcPb11RFGoKacVPAXJpz9OTTG0EoKMbgn6xmrntxZ7FN3ifmgg0+1YuWMQJDgZkW7w33PGfKGioVrCSo1yfu4iYCBskHaswha6vsC6eep3BwEIc4gLw6uBK0u+QDrTBQBbwb4VCSmT3pDCg/r8uoydajotYuK3DGReEY+1vVv2Dy2A0xHS+5p3b4eTlygxfFQIDAQABo4IBbjCCAWowHwYDVR0jBBgwFoAUU3m/WqorSs9UgOHYm8Cd8rIDZsswHQYDVR0OBBYEFI2MXsRUrYrhd+mb+ZsF4bgBjWHhMA4GA1UdDwEB/wQEAwIBhjASBgNVHRMBAf8ECDAGAQH/AgEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHSAEFDASMAYGBFUdIAAwCAYGZ4EMAQIBMFAGA1UdHwRJMEcwRaBDoEGGP2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDB2BggrBgEFBQcBAQRqMGgwPwYIKwYBBQUHMAKGM2h0dHA6Ly9jcnQudXNlcnRydXN0LmNvbS9VU0VSVHJ1c3RSU0FBZGRUcnVzdENBLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL29jc3AudXNlcnRydXN0LmNvbTANBgkqhkiG9w0BAQwFAAOCAgEAMr9hvQ5Iw0/HukdN+Jx4GQHcEx2Ab/zDcLRSmjEzmldS+zGea6TvVKqJjUAXaPgREHzSyrHxVYbH7rM2kYb2OVG/Rr8PoLq0935JxCo2F57kaDl6r5ROVm+yezu/Coa9zcV3HAO4OLGiH19+24rcRki2aArPsrW04jTkZ6k4Zgle0rj8nSg6F0AnwnJOKf0hPHzPE/uWLMUxRP0T7dWbqWlod3zu4f+k+TY4CFM5ooQ0nBnzvg6s1SQ36yOoeNDT5++SR2RiOSLvxvcRviKFxmZEJCaOEDKNyJOuB56DPi/Z+fVGjmO+wea03KbNIaiGCpXZLoUmGv38sbZXQm2V0TP2ORQGgkE49Y9Y3IBbpNV9lXj9p5v//cWoaasm56ekBYdbqbe4oyALl6lFhd2zi+WJN44pDfwGF/Y4QA5C5BIG+3vzxhFoYt/jmPQT2BVPi7Fp2RBgvGQq6jG35LWjOhSbJuMLe/0CjraZwTiXWTb2qHSihrZe68Zk6s+go/lunrotEbaGmAhYLcmsJWTyXnW0OMGuf1pGg+pRyrbxmRE1a6Vqe8YAsOf4vmSyrcjC8azjUeqkk+B5yOGBQMkKW+ESPMFgKuOXwIlCypTPRpgSabuY0MLTDXJLR27lk8QyKGOHQ+SwMj4K00u/I5sUKUErmgQfky3xxzlIPK1aEn8=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIF3jCCA8agAwIBAgIQAf1tMPyjylGoG7xkDjUDLTANBgkqhkiG9w0BAQwFADCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTAwMjAxMDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBiDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCk5ldyBKZXJzZXkxFDASBgNVBAcTC0plcnNleSBDaXR5MR4wHAYDVQQKExVUaGUgVVNFUlRSVVNUIE5ldHdvcmsxLjAsBgNVBAMTJVVTRVJUcnVzdCBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCAEmUXNg7D2wiz0KxXDXbtzSfTTK1Qg2HiqiBNCS1kCdzOiZ/MPans9s/B3PHTsdZ7NygRK0faOca8Ohm0X6a9fZ2jY0K2dvKpOyuR+OJv0OwWIJAJPuLodMkYtJHUYmTbf6MG8YgYapAiPLz+E/CHFHv25B+O1ORRxhFnRghRy4YUVD+8M/5+bJz/Fp0YvVGONaanZshyZ9shZrHUm3gDwFA66Mzw3LyeTP6vBZY1H1dat//O+T23LLb2VN3I5xI6Ta5MirdcmrS3ID3KfyI0rn47aGYBROcBTkZTmzNg95S+UzeQc0PzMsNT79uq/nROacdrjGCT3sTHDN/hMq7MkztReJVni+49Vv4M0GkPGw/zJSZrM233bkf6c0Plfg6lZrEpfDKEY1WJxA3Bk1QwGROs0303p+tdOmw1XNtB1xLaqUkL39iAigmTYo61Zs8liM2EuLE/pDkP2QKe6xJMlXzzawWpXhaDzLhn4ugTncxbgtNMs+1b/97lc6wjOy0AvzVVdAlJ2ElYGn+SNuZRkg7zJn0cTRe8yexDJtC/QV9AqURE9JnnV4eeUB9XVKg+/XRjL7FQZQnmWEIuQxpMtPAlR1n6BB6T1CZGSlCBst6+eLf8ZxXhyVeEHg9j1uliutZfVS7qXMYoCAQlObgOK6nyTJccBz8NUvXt7y+CDwIDAQABo0IwQDAdBgNVHQ4EFgQUU3m/WqorSs9UgOHYm8Cd8rIDZsswDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEMBQADggIBAFzUfA3P9wF9QZllDHPFUp/L+M+ZBn8b2kMVn54CVVeWFPFSPCeHlCjtHzoBN6J2/FNQwISbxmtOuowhT6KOVWKR82kV2LyI48SqC/3vqOlLVSoGIG1VeCkZ7l8wXEskEVX/JJpuXior7gtNn3/3ATiUFJVDBwn7YKnuHKsSjKCaXqeYalltiz8I+8jRRa8YFWSQEg9zKC7F4iRO/Fjs8PRF/iKz6y+O0tlFYQXBl2+odnKPi4w2r78NBc5xjeambx9spnFixdjQg3IM8WcRiQycE0xyNN+81XHfqnHd4blsjDwSXWXavVcStkNr/+XeTWYRUc+ZruwXtuhxkYzeSf7dNXGiFSeUHM9h4ya7b6NnJSFd5t0dCy5oGzuCr+yDZ4XUmFF0sbmZgIn/f3gZXHlKYC6SQK5MNyosycdiyA5d9zZbyuAlJQG03RoHnHcAP9Dc1ew91Pq7P8yF1m9/qS3fuQL39ZeatTXaw2ewh0qpKJ4jjv9cJ2vhsE/zB+4ALtRZh8tSQZXq9EfX7mRBVXyNWQKV3WKdwrnuWih0hKWbt5DHDAff9Yk2dDLWKMGwsAvgnEzDHNb842m1R0aBL6KCq9NjRHDEjf8tM7qtj3u1cIiuPhnPQCjY/MiQu12ZIvVS5ljFH4gxQ+6IHdfGjjxDah2nGN59PRbxYvnKkKj9
-----END CERTIFICATE-----