From 28736a2ca3e6d054e1b00c95b576004f8769697d Mon Sep 17 00:00:00 2001
From: Jernej Kos <jernej@kos.mx>
Date: Fri, 13 Sep 2024 10:57:58 +0200
Subject: [PATCH] keymanager: Add mock trusted signers for debug mock SGX
 builds

---
 .changelog/5852.internal.md      |  1 +
 keymanager/src/policy/signers.rs | 34 +++++++++++++++++++++++++++++++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 .changelog/5852.internal.md

diff --git a/.changelog/5852.internal.md b/.changelog/5852.internal.md
new file mode 100644
index 00000000000..73bb9268d2c
--- /dev/null
+++ b/.changelog/5852.internal.md
@@ -0,0 +1 @@
+keymanager: Add mock trusted signers for debug mock SGX builds
diff --git a/keymanager/src/policy/signers.rs b/keymanager/src/policy/signers.rs
index 0e0592ae4d7..e8977627e30 100644
--- a/keymanager/src/policy/signers.rs
+++ b/keymanager/src/policy/signers.rs
@@ -18,6 +18,38 @@ pub struct TrustedSigners {
     pub threshold: u64,
 }
 
+#[cfg(feature = "debug-mock-sgx")]
+impl TrustedSigners {
+    /// An UNSAFE set of trusted signers using well-known debug keys.
+    pub fn unsafe_mock() -> Self {
+        use oasis_core_runtime::{
+            common::crypto::signature::PrivateKey as OasisPrivateKey, BUILD_INFO,
+        };
+
+        // Do a runtime check to ensure that this is only ever called in debug builds to avoid any
+        // use of this set in production. Note that this is implied by debug-mock-sgx feature.
+        assert!(!BUILD_INFO.is_secure);
+
+        Self {
+            signers: {
+                let mut set = HashSet::new();
+                for seed in [
+                    "ekiden key manager test multisig key 0",
+                    "ekiden key manager test multisig key 1",
+                    "ekiden key manager test multisig key 2",
+                ]
+                .iter()
+                {
+                    let private_key = OasisPrivateKey::from_test_seed(seed.to_string());
+                    set.insert(private_key.public_key());
+                }
+                set
+            },
+            threshold: 2,
+        }
+    }
+}
+
 impl Default for TrustedSigners {
     fn default() -> Self {
         Self {
@@ -29,7 +61,7 @@ impl Default for TrustedSigners {
 
 impl TrustedSigners {
     /// Verifies that signed data has valid signatures and that enough of them
-    // are from trusted signers.
+    /// are from trusted signers.
     pub fn verify<'a, P>(&self, signed_data: &'a impl SignedData<P>) -> Result<&'a P> {
         let data = signed_data.verify()?;
         self.verify_trusted_signers(signed_data)?;