Bump deps (signatory/stdtx/k256/tendermint/yubihsm)

Cargo.toml

@@ -16,45 +16,43 @@ abscissa_tokio = { version = "0.5", optional = true }
 bytes = "0.5"
 chacha20poly1305 = "0.5"
 chrono = "0.4"
+ed25519-dalek = "1"
 getrandom = "0.1"
 gumdrop = "0.7"
 hkd32 = { version = "0.4", default-features = false, features = ["mnemonic"] }
 hkdf = "0.9"
 hyper = { version = "0.13", optional = true }
-k256 = "0.3"
+k256 = { version = "0.5", features = ["ecdsa", "sha256"] }
 merlin = "2"
 once_cell = "1.4"
 prost-amino = "0.6"
 prost-amino-derive = "0.6"
-rand = "0.7"
+rand_core = { version = "0.5", features = ["std"] }
 rpassword = { version = "5", optional = true }
 serde = { version = "1", features = ["serde_derive"] }
 serde_json = "1"
 sha2 = "0.9"
-secp256k1 = { version = "0.17", optional = true }
-signatory = { version = "0.20", features = ["ecdsa", "ed25519", "encoding"] }
-signatory-dalek = "0.20"
-signatory-secp256k1 = { version = "0.20", optional = true }
-signatory-ledger-tm = { version = "0.20", optional = true }
-stdtx = { version = "0.2.4", optional = true }
+signatory = { version = "0.22", features = ["ecdsa", "ed25519", "encoding"] }
+signatory-ledger-tm = { version = "0.22", optional = true }
+stdtx = { version = "0.3", optional = true }
 subtle = "2"
 subtle-encoding = { version = "0.5", features = ["bech32-preview"] }
 tempfile = "3"
-tendermint = { version = "0.15.0", features = ["secp256k1"] }
-tendermint-rpc = { version = "0.15.0", optional = true, features = ["client"] }
+tendermint = { version = "0.16.0", features = ["secp256k1"] }
+tendermint-rpc = { version = "0.16.0", optional = true, features = ["client"] }
 thiserror = "1"
 wait-timeout = "0.2"
 x25519-dalek = "1.1"
-yubihsm = { version = "0.34", features = ["secp256k1", "setup", "usb"], optional = true }
+yubihsm = { version = "=0.35.0-rc", features = ["secp256k1", "setup", "usb"], optional = true }
 zeroize = "1"
 
-[dev-dependencies.abscissa_core]
-version = "0.5"
-features = ["testing"]
+[dev-dependencies]
+abscissa_core = { version = "0.5", features = ["testing"] }
+rand = "0.7"
 
 [features]
 ledgertm = ["signatory-ledger-tm"]
-softsign = ["secp256k1", "signatory-secp256k1"]
+softsign = []
 tx-signer = ["abscissa_tokio", "hyper", "stdtx", "tendermint-rpc"]
 yubihsm-mock = ["yubihsm/mockhsm"]
 yubihsm-server = ["yubihsm/http-server", "rpassword"]

src/commands/softsign/import.rs

@@ -1,8 +1,7 @@
 //! `tmkms softsign import` command
 
-use crate::{config::provider::softsign::KeyFormat, keyring::SecretKeyEncoding, prelude::*};
+use crate::{config::provider::softsign::KeyFormat, key_utils, prelude::*};
 use abscissa_core::{Command, Options, Runnable};
-use signatory::{ed25519, encoding::Encode};
 use std::{path::PathBuf, process};
 use tendermint::{config::PrivValidatorKey, PrivateKey};
 
@@ -43,33 +42,29 @@ impl Runnable for ImportCommand {
             })
             .unwrap_or(KeyFormat::Json);
 
-        let seed = match format {
-            KeyFormat::Json => {
-                let private_key = PrivValidatorKey::load_json_file(input_path)
-                    .unwrap_or_else(|e| {
-                        status_err!("couldn't load {}: {}", input_path.display(), e);
-                        process::exit(1);
-                    })
-                    .priv_key;
-
-                match private_key {
-                    PrivateKey::Ed25519(pk) => {
-                        // TODO(tarcieri): upgrade Signatory version
-                        ed25519::Seed::from_bytes(pk.to_seed().as_secret_slice()).unwrap()
-                    }
-                }
-            }
-            KeyFormat::Base64 => {
-                status_err!("invalid format: baes64 (must be 'json' or 'raw')");
-                process::exit(1);
-            }
-        };
+        if format != KeyFormat::Json {
+            status_err!("invalid format: {:?} (must be 'json')", format);
+            process::exit(1);
+        }
 
-        seed.encode_to_file(output_path, &SecretKeyEncoding::default())
+        let private_key = PrivValidatorKey::load_json_file(input_path)
             .unwrap_or_else(|e| {
-                status_err!("couldn't write to {}: {}", output_path.display(), e);
+                status_err!("couldn't load {}: {}", input_path.display(), e);
                 process::exit(1);
-            });
+            })
+            .priv_key;
+
+        match private_key {
+            PrivateKey::Ed25519(pk) => {
+                key_utils::write_base64_secret(output_path, pk.secret.as_bytes()).unwrap_or_else(
+                    |e| {
+                        status_err!("{}", e);
+                        process::exit(1);
+                    },
+                );
+            }
+            _ => unreachable!("unsupported priv_validator.json algorithm"),
+        }
 
         info!("Imported Ed25519 private key to {}", output_path.display());
     }

src/commands/softsign/keygen.rs

@@ -1,12 +1,11 @@
 //! `tmkms softsign keygen` subcommand
 
-use crate::{keyring::SecretKeyEncoding, prelude::*};
+use crate::{key_utils, keyring::SecretKeyEncoding, prelude::*};
 use abscissa_core::{Command, Options, Runnable};
-use rand::{rngs::OsRng, RngCore};
+use k256::ecdsa;
+use rand_core::OsRng;
 use signatory::{ed25519, encoding::Encode};
-use std::{fs::OpenOptions, io::Write, os::unix::fs::OpenOptionsExt};
 use std::{path::PathBuf, process};
-use zeroize::Zeroize;
 
 /// Default type of key to generate
 pub const DEFAULT_KEY_TYPE: &str = "consensus";
@@ -56,39 +55,13 @@ impl Runnable for KeygenCommand {
 
 /// Randomly generate a Base64-encoded secp256k1 key and store it at the given path
 fn generate_secp256k1_key(output_path: &PathBuf) {
-    // This method may look gross but it is in fact the same method
-    // used by the upstream `secp256k1` crate's `rand` feature.
-    // We don't use that because it's using the outdated `rand` v0.6
-    let mut bytes = [0u8; 32];
+    let signing_key = ecdsa::SigningKey::random(&mut OsRng);
 
-    loop {
-        OsRng.fill_bytes(&mut bytes);
-        if secp256k1::key::SecretKey::from_slice(&bytes).is_ok() {
-            break;
-        }
-    }
-
-    let mut file = OpenOptions::new()
-        .create(true)
-        .write(true)
-        .truncate(true)
-        .mode(0o600)
-        .open(output_path)
-        .unwrap_or_else(|e| {
-            status_err!("couldn't open `{}`: {}", output_path.display(), e);
-            process::exit(1);
-        });
-
-    let mut encoded = subtle_encoding::base64::encode(&bytes);
-    bytes.zeroize();
-
-    file.write_all(&encoded).unwrap_or_else(|e| {
-        status_err!("couldn't write to `{}`: {}", output_path.display(), e);
+    key_utils::write_base64_secret(output_path, &signing_key.to_bytes()).unwrap_or_else(|e| {
+        status_err!("{}", e);
         process::exit(1);
     });
 
-    encoded.zeroize();
-
     status_ok!(
         "Generated",
         "account (secp256k1) private key at: {}",

src/commands/yubihsm/keys/export.rs

@@ -1,10 +1,9 @@
 //! Create encrypted backups of YubiHSM2 keys
 
 use super::*;
-use crate::prelude::*;
+use crate::{key_utils, prelude::*};
 use abscissa_core::{Command, Options, Runnable};
-use std::{fs::OpenOptions, io::Write, os::unix::fs::OpenOptionsExt, path::PathBuf, process};
-use subtle_encoding::base64;
+use std::{path::PathBuf, process};
 
 /// The `yubihsm keys export` subcommand: create encrypted backups of keys
 #[derive(Command, Debug, Default, Options)]
@@ -50,23 +49,10 @@ impl Runnable for ExportCommand {
                 process::exit(1);
             });
 
-        let mut export_file = OpenOptions::new()
-            .create(true)
-            .write(true)
-            .truncate(true)
-            .mode(0o600)
-            .open(&self.path)
-            .unwrap_or_else(|e| {
-                status_err!("couldn't export to {} ({})", &self.path.display(), e);
-                process::exit(1);
-            });
-
-        export_file
-            .write_all(&base64::encode(&wrapped_bytes.into_vec()))
-            .unwrap_or_else(|e| {
-                status_err!("error exporting {}: {}", &self.path.display(), e);
-                process::exit(1);
-            });
+        key_utils::write_base64_secret(&self.path, &wrapped_bytes.into_vec()).unwrap_or_else(|e| {
+            status_err!("{}", e);
+            process::exit(1);
+        });
 
         status_ok!(
             "Exported",

src/commands/yubihsm/keys/generate.rs

@@ -1,17 +1,13 @@
 //! Generate a new key within the YubiHSM2
 
 use super::*;
-use crate::{config::provider::KeyType, prelude::*};
+use crate::{config::provider::KeyType, key_utils, prelude::*};
 use abscissa_core::{Command, Options, Runnable};
 use chrono::{SecondsFormat, Utc};
 use std::{
-    fs::OpenOptions,
-    io::Write,
-    os::unix::fs::OpenOptionsExt,
     path::{Path, PathBuf},
     process,
 };
-use subtle_encoding::base64;
 use tendermint::PublicKey;
 
 /// The `yubihsm keys generate` subcommand
@@ -203,27 +199,12 @@ fn create_encrypted_backup(
             process::exit(1);
         });
 
-    let mut backup_file = OpenOptions::new()
-        .create(true)
-        .write(true)
-        .truncate(true)
-        .mode(0o600)
-        .open(backup_file_path)
-        .unwrap_or_else(|e| {
-            status_err!(
-                "couldn't create backup file: {} ({})",
-                backup_file_path.display(),
-                e
-            );
-            process::exit(1);
-        });
-
-    backup_file
-        .write_all(&base64::encode(&wrapped_bytes.into_vec()))
-        .unwrap_or_else(|e| {
-            status_err!("error writing backup: {}", e);
+    key_utils::write_base64_secret(backup_file_path, &wrapped_bytes.into_vec()).unwrap_or_else(
+        |e| {
+            status_err!("{}", e);
             process::exit(1);
-        });
+        },
+    );
 
     status_ok!(
         "Wrote",

src/commands/yubihsm/keys/import.rs

@@ -171,7 +171,8 @@ impl ImportCommand {
             .priv_key;
 
         let seed = match private_key {
-            PrivateKey::Ed25519(pk) => pk.to_seed(),
+            PrivateKey::Ed25519(pk) => pk.secret,
+            _ => unreachable!(),
         };
 
         let label =
@@ -183,7 +184,7 @@ impl ImportCommand {
             DEFAULT_DOMAINS,
             DEFAULT_CAPABILITIES | yubihsm::Capability::EXPORTABLE_UNDER_WRAP,
             yubihsm::asymmetric::Algorithm::Ed25519,
-            seed.as_secret_slice(),
+            seed.as_bytes().as_ref(),
         ) {
             status_err!("couldn't import key #{}: {}", self.key_id.unwrap(), e);
             process::exit(1);

src/commands/yubihsm/keys/list.rs

@@ -121,16 +121,14 @@ fn display_key_info(
         yubihsm::asymmetric::Algorithm::EcK256 => {
             // The YubiHSM2 returns the uncompressed public key, so for
             // compatibility with Tendermint, we have to compress it first
-            let uncompressed_pubkey =
-                k256::PublicKey::from_untagged_point(GenericArray::from_slice(public_key.as_ref()));
-
-            let compressed_point = k256::arithmetic::AffinePoint::from_pubkey(&uncompressed_pubkey)
-                .unwrap()
-                .to_compressed_pubkey();
-
-            let compressed_pubkey =
-                PublicKey::from_raw_secp256k1(compressed_point.as_bytes()).unwrap();
-            TendermintKey::AccountKey(compressed_pubkey)
+            let compressed_pubkey = k256::EncodedPoint::from_untagged_bytes(
+                GenericArray::from_slice(public_key.as_ref()),
+            )
+            .compress();
+
+            TendermintKey::AccountKey(
+                PublicKey::from_raw_secp256k1(compressed_pubkey.as_ref()).unwrap(),
+            )
         }
         yubihsm::asymmetric::Algorithm::Ed25519 => {
             let pk = PublicKey::from_raw_ed25519(public_key.as_ref()).unwrap();

src/config/validator.rs

@@ -1,13 +1,6 @@
 //! Validator configuration
 
-use crate::{
-    connection::secret_connection,
-    error::{Error, ErrorKind::*},
-    keyring::SecretKeyEncoding,
-    prelude::*,
-};
 use serde::{Deserialize, Serialize};
-use signatory::{ed25519, encoding::Decode};
 use std::path::PathBuf;
 use tendermint::{chain, net};
 
@@ -51,35 +44,6 @@ pub enum TendermintVersion {
     V0_33,
 }
 
-impl ValidatorConfig {
-    /// Load the configured secret key from disk
-    pub fn load_secret_key(&self) -> Result<ed25519::Seed, Error> {
-        let secret_key_path = self.secret_key.as_ref().ok_or_else(|| {
-            format_err!(
-                VerificationError,
-                "config error: no `secret_key` for validator {}",
-                &self.addr
-            )
-        })?;
-
-        if !secret_key_path.exists() {
-            secret_connection::generate_key(&secret_key_path)?;
-        }
-
-        ed25519::Seed::decode_from_file(secret_key_path, &SecretKeyEncoding::default()).map_err(
-            |e| {
-                format_err!(
-                    ConfigError,
-                    "error loading Secret Connection key from {}: {}",
-                    secret_key_path.display(),
-                    e
-                )
-                .into()
-            },
-        )
-    }
-}
-
 /// Default value for the `ValidatorConfig` reconnect field
 fn reconnect_default() -> bool {
     true