From 5db6d54825dd35c7be67be76272e665bea008d39 Mon Sep 17 00:00:00 2001 From: Alessio Treglia Date: Fri, 27 Mar 2020 10:24:19 +0100 Subject: [PATCH 01/10] merge crypto/keys/mintkey into crypto/ (#5880) crypto/keys/mintkey provides only armoring functions. It makes very little sense to keep it standalone and under a name which does not really seem consistent with the features it provides. --- CHANGELOG.md | 1 + crypto/{keys/mintkey/mintkey.go => armor.go} | 2 +- .../mintkey/mintkey_test.go => armor_test.go} | 67 ++++++++++++------- .../mintkey/README.md => bcrypt_readme.md} | 0 crypto/keyring/db_keybase.go | 24 +++---- crypto/keyring/keybase_test.go | 65 +++++++++--------- crypto/keyring/keyring.go | 14 ++-- crypto/keys/mintkey/mintkey_bench_test.go | 26 ------- 8 files changed, 94 insertions(+), 105 deletions(-) rename crypto/{keys/mintkey/mintkey.go => armor.go} (99%) rename crypto/{keys/mintkey/mintkey_test.go => armor_test.go} (66%) rename crypto/{keys/mintkey/README.md => bcrypt_readme.md} (100%) delete mode 100644 crypto/keys/mintkey/mintkey_bench_test.go diff --git a/CHANGELOG.md b/CHANGELOG.md index 3e1327fc95..1505a53da4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -75,6 +75,7 @@ to now accept a `codec.JSONMarshaler` for modular serialization of genesis state * (baseapp) [\#5837](https://github.com/cosmos/cosmos-sdk/issues/5837) Transaction simulation now returns a `SimulationResponse` which contains the `GasInfo` and `Result` from the execution. * (crypto/keys) [\#5866](https://github.com/cosmos/cosmos-sdk/pull/5866) Move `Keyring` and `Keybase` implementations and their associated types from `crypto/keys/` to `crypto/keybase/`. +* (crypto) [\#5880](https://github.com/cosmos/cosmos-sdk/pull/5880) Merge `crypto/keys/mintkey` into `crypto`. ### Features diff --git a/crypto/keys/mintkey/mintkey.go b/crypto/armor.go similarity index 99% rename from crypto/keys/mintkey/mintkey.go rename to crypto/armor.go index 988c54d406..934e2cfe7d 100644 --- a/crypto/keys/mintkey/mintkey.go +++ b/crypto/armor.go @@ -1,4 +1,4 @@ -package mintkey +package crypto import ( "encoding/hex" diff --git a/crypto/keys/mintkey/mintkey_test.go b/crypto/armor_test.go similarity index 66% rename from crypto/keys/mintkey/mintkey_test.go rename to crypto/armor_test.go index 5b0db5cba1..29aeb6af64 100644 --- a/crypto/keys/mintkey/mintkey_test.go +++ b/crypto/armor_test.go @@ -1,4 +1,4 @@ -package mintkey_test +package crypto_test import ( "bytes" @@ -9,45 +9,45 @@ import ( "github.com/stretchr/testify/require" "github.com/tendermint/crypto/bcrypt" - "github.com/tendermint/tendermint/crypto" + tmcrypto "github.com/tendermint/tendermint/crypto" "github.com/tendermint/tendermint/crypto/armor" cryptoAmino "github.com/tendermint/tendermint/crypto/encoding/amino" "github.com/tendermint/tendermint/crypto/secp256k1" "github.com/tendermint/tendermint/crypto/xsalsa20symmetric" + "github.com/cosmos/cosmos-sdk/crypto" "github.com/cosmos/cosmos-sdk/crypto/keyring" - "github.com/cosmos/cosmos-sdk/crypto/keys/mintkey" ) func TestArmorUnarmorPrivKey(t *testing.T) { priv := secp256k1.GenPrivKey() - armored := mintkey.EncryptArmorPrivKey(priv, "passphrase", "") - _, _, err := mintkey.UnarmorDecryptPrivKey(armored, "wrongpassphrase") + armored := crypto.EncryptArmorPrivKey(priv, "passphrase", "") + _, _, err := crypto.UnarmorDecryptPrivKey(armored, "wrongpassphrase") require.Error(t, err) - decrypted, algo, err := mintkey.UnarmorDecryptPrivKey(armored, "passphrase") + decrypted, algo, err := crypto.UnarmorDecryptPrivKey(armored, "passphrase") require.NoError(t, err) require.Equal(t, string(keyring.Secp256k1), algo) require.True(t, priv.Equals(decrypted)) // empty string - decrypted, algo, err = mintkey.UnarmorDecryptPrivKey("", "passphrase") + decrypted, algo, err = crypto.UnarmorDecryptPrivKey("", "passphrase") require.Error(t, err) require.True(t, errors.Is(io.EOF, err)) require.Nil(t, decrypted) require.Empty(t, algo) // wrong key type - armored = mintkey.ArmorPubKeyBytes(priv.PubKey().Bytes(), "") - _, _, err = mintkey.UnarmorDecryptPrivKey(armored, "passphrase") + armored = crypto.ArmorPubKeyBytes(priv.PubKey().Bytes(), "") + _, _, err = crypto.UnarmorDecryptPrivKey(armored, "passphrase") require.Error(t, err) require.Contains(t, err.Error(), "unrecognized armor type") // armor key manually - encryptPrivKeyFn := func(privKey crypto.PrivKey, passphrase string) (saltBytes []byte, encBytes []byte) { - saltBytes = crypto.CRandBytes(16) - key, err := bcrypt.GenerateFromPassword(saltBytes, []byte(passphrase), mintkey.BcryptSecurityParameter) + encryptPrivKeyFn := func(privKey tmcrypto.PrivKey, passphrase string) (saltBytes []byte, encBytes []byte) { + saltBytes = tmcrypto.CRandBytes(16) + key, err := bcrypt.GenerateFromPassword(saltBytes, []byte(passphrase), crypto.BcryptSecurityParameter) require.NoError(t, err) - key = crypto.Sha256(key) // get 32 bytes + key = tmcrypto.Sha256(key) // get 32 bytes privKeyBytes := privKey.Bytes() return saltBytes, xsalsa20symmetric.EncryptSymmetric(privKeyBytes, key) } @@ -60,7 +60,7 @@ func TestArmorUnarmorPrivKey(t *testing.T) { "type": "secp256k", } armored = armor.EncodeArmor("TENDERMINT PRIVATE KEY", headerWrongKdf, encBytes) - _, _, err = mintkey.UnarmorDecryptPrivKey(armored, "passphrase") + _, _, err = crypto.UnarmorDecryptPrivKey(armored, "passphrase") require.Error(t, err) require.Equal(t, "unrecognized KDF type: wrong", err.Error()) } @@ -72,16 +72,16 @@ func TestArmorUnarmorPubKey(t *testing.T) { // Add keys and see they return in alphabetical order info, _, err := cstore.CreateMnemonic("Bob", keyring.English, "passphrase", keyring.Secp256k1) require.NoError(t, err) - armored := mintkey.ArmorPubKeyBytes(info.GetPubKey().Bytes(), "") - pubBytes, algo, err := mintkey.UnarmorPubKeyBytes(armored) + armored := crypto.ArmorPubKeyBytes(info.GetPubKey().Bytes(), "") + pubBytes, algo, err := crypto.UnarmorPubKeyBytes(armored) require.NoError(t, err) pub, err := cryptoAmino.PubKeyFromBytes(pubBytes) require.NoError(t, err) require.Equal(t, string(keyring.Secp256k1), algo) require.True(t, pub.Equals(info.GetPubKey())) - armored = mintkey.ArmorPubKeyBytes(info.GetPubKey().Bytes(), "unknown") - pubBytes, algo, err = mintkey.UnarmorPubKeyBytes(armored) + armored = crypto.ArmorPubKeyBytes(info.GetPubKey().Bytes(), "unknown") + pubBytes, algo, err = crypto.UnarmorPubKeyBytes(armored) require.NoError(t, err) pub, err = cryptoAmino.PubKeyFromBytes(pubBytes) require.NoError(t, err) @@ -90,7 +90,7 @@ func TestArmorUnarmorPubKey(t *testing.T) { armored, err = cstore.ExportPrivKey("Bob", "passphrase", "alessio") require.NoError(t, err) - _, _, err = mintkey.UnarmorPubKeyBytes(armored) + _, _, err = crypto.UnarmorPubKeyBytes(armored) require.Error(t, err) require.Equal(t, `couldn't unarmor bytes: unrecognized armor type "TENDERMINT PRIVATE KEY", expected: "TENDERMINT PUBLIC KEY"`, err.Error()) @@ -100,7 +100,7 @@ func TestArmorUnarmorPubKey(t *testing.T) { "type": "unknown", } armored = armor.EncodeArmor("TENDERMINT PUBLIC KEY", header, pubBytes) - _, algo, err = mintkey.UnarmorPubKeyBytes(armored) + _, algo, err = crypto.UnarmorPubKeyBytes(armored) require.NoError(t, err) // return secp256k1 if version is 0.0.0 require.Equal(t, "secp256k1", algo) @@ -110,7 +110,7 @@ func TestArmorUnarmorPubKey(t *testing.T) { "type": "unknown", } armored = armor.EncodeArmor("TENDERMINT PUBLIC KEY", header, pubBytes) - bz, algo, err := mintkey.UnarmorPubKeyBytes(armored) + bz, algo, err := crypto.UnarmorPubKeyBytes(armored) require.Nil(t, bz) require.Empty(t, algo) require.Error(t, err) @@ -122,7 +122,7 @@ func TestArmorUnarmorPubKey(t *testing.T) { "version": "unknown", } armored = armor.EncodeArmor("TENDERMINT PUBLIC KEY", header, pubBytes) - bz, algo, err = mintkey.UnarmorPubKeyBytes(armored) + bz, algo, err = crypto.UnarmorPubKeyBytes(armored) require.Nil(t, bz) require.Empty(t, algo) require.Error(t, err) @@ -131,14 +131,14 @@ func TestArmorUnarmorPubKey(t *testing.T) { func TestArmorInfoBytes(t *testing.T) { bs := []byte("test") - armoredString := mintkey.ArmorInfoBytes(bs) - unarmoredBytes, err := mintkey.UnarmorInfoBytes(armoredString) + armoredString := crypto.ArmorInfoBytes(bs) + unarmoredBytes, err := crypto.UnarmorInfoBytes(armoredString) require.NoError(t, err) require.True(t, bytes.Equal(bs, unarmoredBytes)) } func TestUnarmorInfoBytesErrors(t *testing.T) { - unarmoredBytes, err := mintkey.UnarmorInfoBytes("") + unarmoredBytes, err := crypto.UnarmorInfoBytes("") require.Error(t, err) require.True(t, errors.Is(io.EOF, err)) require.Nil(t, unarmoredBytes) @@ -147,9 +147,24 @@ func TestUnarmorInfoBytesErrors(t *testing.T) { "type": "Info", "version": "0.0.1", } - unarmoredBytes, err = mintkey.UnarmorInfoBytes(armor.EncodeArmor( + unarmoredBytes, err = crypto.UnarmorInfoBytes(armor.EncodeArmor( "TENDERMINT KEY INFO", header, []byte("plain-text"))) require.Error(t, err) require.Equal(t, "unrecognized version: 0.0.1", err.Error()) require.Nil(t, unarmoredBytes) } + +func BenchmarkBcryptGenerateFromPassword(b *testing.B) { + passphrase := []byte("passphrase") + for securityParam := 9; securityParam < 16; securityParam++ { + param := securityParam + b.Run(fmt.Sprintf("benchmark-security-param-%d", param), func(b *testing.B) { + saltBytes := tmcrypto.CRandBytes(16) + b.ResetTimer() + for i := 0; i < b.N; i++ { + _, err := bcrypt.GenerateFromPassword(saltBytes, passphrase, param) + require.Nil(b, err) + } + }) + } +} diff --git a/crypto/keys/mintkey/README.md b/crypto/bcrypt_readme.md similarity index 100% rename from crypto/keys/mintkey/README.md rename to crypto/bcrypt_readme.md diff --git a/crypto/keyring/db_keybase.go b/crypto/keyring/db_keybase.go index e1513b38e0..4a09cc4afb 100644 --- a/crypto/keyring/db_keybase.go +++ b/crypto/keyring/db_keybase.go @@ -10,7 +10,7 @@ import ( cryptoAmino "github.com/tendermint/tendermint/crypto/encoding/amino" dbm "github.com/tendermint/tm-db" - "github.com/cosmos/cosmos-sdk/crypto/keys/mintkey" + "github.com/cosmos/cosmos-sdk/crypto" "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" ) @@ -160,7 +160,7 @@ func (kb dbKeybase) Sign(name, passphrase string, msg []byte) (sig []byte, pub t return } - priv, _, err = mintkey.UnarmorDecryptPrivKey(i.PrivKeyArmor, passphrase) + priv, _, err = crypto.UnarmorDecryptPrivKey(i.PrivKeyArmor, passphrase) if err != nil { return nil, nil, err } @@ -199,7 +199,7 @@ func (kb dbKeybase) ExportPrivateKeyObject(name string, passphrase string) (tmcr return nil, err } - priv, _, err = mintkey.UnarmorDecryptPrivKey(linfo.PrivKeyArmor, passphrase) + priv, _, err = crypto.UnarmorDecryptPrivKey(linfo.PrivKeyArmor, passphrase) if err != nil { return nil, err } @@ -221,7 +221,7 @@ func (kb dbKeybase) Export(name string) (armor string, err error) { return "", fmt.Errorf("no key to export with name %s", name) } - return mintkey.ArmorInfoBytes(bz), nil + return crypto.ArmorInfoBytes(bz), nil } // ExportPubKey returns public keys in ASCII armored format. It retrieves a Info @@ -241,7 +241,7 @@ func (kb dbKeybase) ExportPubKey(name string) (armor string, err error) { return } - return mintkey.ArmorPubKeyBytes(info.GetPubKey().Bytes(), string(info.GetAlgo())), nil + return crypto.ArmorPubKeyBytes(info.GetPubKey().Bytes(), string(info.GetAlgo())), nil } // ExportPrivKey returns a private key in ASCII armored format. @@ -259,7 +259,7 @@ func (kb dbKeybase) ExportPrivKey(name string, decryptPassphrase string, return "", err } - return mintkey.EncryptArmorPrivKey(priv, encryptPassphrase, string(info.GetAlgo())), nil + return crypto.EncryptArmorPrivKey(priv, encryptPassphrase, string(info.GetAlgo())), nil } // ImportPrivKey imports a private key in ASCII armor format. It returns an @@ -270,7 +270,7 @@ func (kb dbKeybase) ImportPrivKey(name string, armor string, passphrase string) return errors.New("Cannot overwrite key " + name) } - privKey, algo, err := mintkey.UnarmorDecryptPrivKey(armor, passphrase) + privKey, algo, err := crypto.UnarmorDecryptPrivKey(armor, passphrase) if err != nil { return errors.Wrap(err, "couldn't import private key") } @@ -289,7 +289,7 @@ func (kb dbKeybase) Import(name string, armor string) (err error) { return errors.New("cannot overwrite data for name " + name) } - infoBytes, err := mintkey.UnarmorInfoBytes(armor) + infoBytes, err := crypto.UnarmorInfoBytes(armor) if err != nil { return } @@ -310,7 +310,7 @@ func (kb dbKeybase) ImportPubKey(name string, armor string) (err error) { return errors.New("cannot overwrite data for name " + name) } - pubBytes, algo, err := mintkey.UnarmorPubKeyBytes(armor) + pubBytes, algo, err := crypto.UnarmorPubKeyBytes(armor) if err != nil { return } @@ -336,7 +336,7 @@ func (kb dbKeybase) Delete(name, passphrase string, skipPass bool) error { } if linfo, ok := info.(localInfo); ok && !skipPass { - if _, _, err = mintkey.UnarmorDecryptPrivKey(linfo.PrivKeyArmor, passphrase); err != nil { + if _, _, err = crypto.UnarmorDecryptPrivKey(linfo.PrivKeyArmor, passphrase); err != nil { return err } } @@ -366,7 +366,7 @@ func (kb dbKeybase) Update(name, oldpass string, getNewpass func() (string, erro case localInfo: linfo := i - key, _, err := mintkey.UnarmorDecryptPrivKey(linfo.PrivKeyArmor, oldpass) + key, _, err := crypto.UnarmorDecryptPrivKey(linfo.PrivKeyArmor, oldpass) if err != nil { return err } @@ -396,7 +396,7 @@ func (kb dbKeybase) SupportedAlgosLedger() []SigningAlgo { func (kb dbKeybase) writeLocalKey(name string, priv tmcrypto.PrivKey, passphrase string, algo SigningAlgo) Info { // encrypt private key using passphrase - privArmor := mintkey.EncryptArmorPrivKey(priv, passphrase, string(algo)) + privArmor := crypto.EncryptArmorPrivKey(priv, passphrase, string(algo)) // make Info pub := priv.PubKey() diff --git a/crypto/keyring/keybase_test.go b/crypto/keyring/keybase_test.go index cc96a7c37a..e55995db9d 100644 --- a/crypto/keyring/keybase_test.go +++ b/crypto/keyring/keybase_test.go @@ -4,20 +4,19 @@ import ( "fmt" "testing" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "github.com/tendermint/tendermint/crypto" + tmcrypto "github.com/tendermint/tendermint/crypto" "github.com/tendermint/tendermint/crypto/ed25519" "github.com/tendermint/tendermint/crypto/secp256k1" + "github.com/cosmos/cosmos-sdk/crypto" "github.com/cosmos/cosmos-sdk/crypto/keys/hd" - "github.com/cosmos/cosmos-sdk/crypto/keys/mintkey" sdk "github.com/cosmos/cosmos-sdk/types" ) func init() { - mintkey.BcryptSecurityParameter = 1 + crypto.BcryptSecurityParameter = 1 } const ( @@ -28,8 +27,8 @@ const ( func TestLanguage(t *testing.T) { kb := NewInMemory() _, _, err := kb.CreateMnemonic("something", Japanese, "no_pass", Secp256k1) - assert.Error(t, err) - assert.Equal(t, "unsupported language: only english is supported", err.Error()) + require.Error(t, err) + require.Equal(t, "unsupported language: only english is supported", err.Error()) } func TestCreateAccountInvalidMnemonic(t *testing.T) { @@ -38,8 +37,8 @@ func TestCreateAccountInvalidMnemonic(t *testing.T) { "some_account", "malarkey pair crucial catch public canyon evil outer stage ten gym tornado", "", "", CreateHDPath(0, 0).String(), Secp256k1) - assert.Error(t, err) - assert.Equal(t, "Invalid mnemonic", err.Error()) + require.Error(t, err) + require.Equal(t, "Invalid mnemonic", err.Error()) } func TestCreateLedgerUnsupportedAlgo(t *testing.T) { @@ -48,13 +47,13 @@ func TestCreateLedgerUnsupportedAlgo(t *testing.T) { supportedLedgerAlgos := kb.SupportedAlgosLedger() for _, supportedAlgo := range supportedLedgerAlgos { if Ed25519 == supportedAlgo { - assert.FailNow(t, "Was not an unsupported algorithm") + require.FailNow(t, "Was not an unsupported algorithm") } } _, err := kb.CreateLedger("some_account", Ed25519, "cosmos", 0, 1) - assert.Error(t, err) - assert.Equal(t, "unsupported signing algo", err.Error()) + require.Error(t, err) + require.Equal(t, "unsupported signing algo", err.Error()) } func TestCreateLedger(t *testing.T) { @@ -71,15 +70,15 @@ func TestCreateLedger(t *testing.T) { secpSupported = secpSupported || (supportedAlgo == Secp256k1) edSupported = edSupported || (supportedAlgo == Ed25519) } - assert.True(t, secpSupported) - assert.True(t, edSupported) + require.True(t, secpSupported) + require.True(t, edSupported) ledger, err := kb.CreateLedger("some_account", Secp256k1, "cosmos", 3, 1) if err != nil { - assert.Error(t, err) - assert.Equal(t, "ledger nano S: support for ledger devices is not available in this executable", err.Error()) - assert.Nil(t, ledger) + require.Error(t, err) + require.Equal(t, "ledger nano S: support for ledger devices is not available in this executable", err.Error()) + require.Nil(t, ledger) t.Skip("ledger nano S: support for ledger devices is not available in this executable") return } @@ -87,23 +86,23 @@ func TestCreateLedger(t *testing.T) { // The mock is available, check that the address is correct pubKey := ledger.GetPubKey() pk, err := sdk.Bech32ifyPubKey(sdk.Bech32PubKeyTypeAccPub, pubKey) - assert.NoError(t, err) - assert.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk) + require.NoError(t, err) + require.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk) // Check that restoring the key gets the same results restoredKey, err := kb.Get("some_account") - assert.NoError(t, err) - assert.NotNil(t, restoredKey) - assert.Equal(t, "some_account", restoredKey.GetName()) - assert.Equal(t, TypeLedger, restoredKey.GetType()) + require.NoError(t, err) + require.NotNil(t, restoredKey) + require.Equal(t, "some_account", restoredKey.GetName()) + require.Equal(t, TypeLedger, restoredKey.GetType()) pubKey = restoredKey.GetPubKey() pk, err = sdk.Bech32ifyPubKey(sdk.Bech32PubKeyTypeAccPub, pubKey) - assert.NoError(t, err) - assert.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk) + require.NoError(t, err) + require.Equal(t, "cosmospub1addwnpepqdszcr95mrqqs8lw099aa9h8h906zmet22pmwe9vquzcgvnm93eqygufdlv", pk) path, err := restoredKey.GetPath() - assert.NoError(t, err) - assert.Equal(t, "44'/118'/3'/0/1", path.String()) + require.NoError(t, err) + require.Equal(t, "44'/118'/3'/0/1", path.String()) } // TestKeyManagement makes sure we can manipulate these keys well @@ -121,9 +120,9 @@ func TestKeyManagement(t *testing.T) { edSupported = edSupported || (supportedAlgo == Ed25519) srSupported = srSupported || (supportedAlgo == Sr25519) } - assert.True(t, secpSupported) - assert.False(t, edSupported) - assert.True(t, srSupported) + require.True(t, secpSupported) + require.False(t, edSupported) + require.True(t, srSupported) algo := Secp256k1 n1, n2, n3 := "personal", "business", "other" @@ -132,7 +131,7 @@ func TestKeyManagement(t *testing.T) { // Check empty state l, err := cstore.List() require.Nil(t, err) - assert.Empty(t, l) + require.Empty(t, l) _, _, err = cstore.CreateMnemonic(n1, English, p1, Ed25519) require.Error(t, err, "ed25519 keys are currently not supported by keybase") @@ -254,7 +253,7 @@ func TestSignVerify(t *testing.T) { // let's try to validate and make sure it only works when everything is proper cases := []struct { - key crypto.PubKey + key tmcrypto.PubKey data []byte sig []byte valid bool @@ -418,7 +417,7 @@ func TestSeedPhrase(t *testing.T) { info, mnemonic, err := cstore.CreateMnemonic(n1, English, p1, algo) require.Nil(t, err, "%+v", err) require.Equal(t, n1, info.GetName()) - assert.NotEmpty(t, mnemonic) + require.NotEmpty(t, mnemonic) // now, let us delete this key err = cstore.Delete(n1, p1, false) @@ -438,7 +437,7 @@ func TestSeedPhrase(t *testing.T) { func ExampleNew() { // Select the encryption and storage for your cryptostore - customKeyGenFunc := func(bz []byte, algo SigningAlgo) (crypto.PrivKey, error) { + customKeyGenFunc := func(bz []byte, algo SigningAlgo) (tmcrypto.PrivKey, error) { var bzArr [32]byte copy(bzArr[:], bz) return secp256k1.PrivKeySecp256k1(bzArr), nil diff --git a/crypto/keyring/keyring.go b/crypto/keyring/keyring.go index 3db8c3d433..1752c099ba 100644 --- a/crypto/keyring/keyring.go +++ b/crypto/keyring/keyring.go @@ -18,7 +18,7 @@ import ( cryptoAmino "github.com/tendermint/tendermint/crypto/encoding/amino" "github.com/cosmos/cosmos-sdk/client/input" - "github.com/cosmos/cosmos-sdk/crypto/keys/mintkey" + "github.com/cosmos/cosmos-sdk/crypto" "github.com/cosmos/cosmos-sdk/types" sdkerrors "github.com/cosmos/cosmos-sdk/types/errors" ) @@ -270,7 +270,7 @@ func (kb keyringKeybase) Export(name string) (armor string, err error) { return "", fmt.Errorf("no key to export with name: %s", name) } - return mintkey.ArmorInfoBytes(bz.Data), nil + return crypto.ArmorInfoBytes(bz.Data), nil } // ExportPubKey returns public keys in ASCII armored format. It retrieves an Info @@ -285,7 +285,7 @@ func (kb keyringKeybase) ExportPubKey(name string) (armor string, err error) { return "", fmt.Errorf("no key to export with name: %s", name) } - return mintkey.ArmorPubKeyBytes(bz.GetPubKey().Bytes(), string(bz.GetAlgo())), nil + return crypto.ArmorPubKeyBytes(bz.GetPubKey().Bytes(), string(bz.GetAlgo())), nil } // Import imports armored private key. @@ -300,7 +300,7 @@ func (kb keyringKeybase) Import(name string, armor string) error { } } - infoBytes, err := mintkey.UnarmorInfoBytes(armor) + infoBytes, err := crypto.UnarmorInfoBytes(armor) if err != nil { return err } @@ -336,7 +336,7 @@ func (kb keyringKeybase) ExportPrivKey(name, decryptPassphrase, encryptPassphras return "", err } - return mintkey.EncryptArmorPrivKey(priv, encryptPassphrase, string(info.GetAlgo())), nil + return crypto.EncryptArmorPrivKey(priv, encryptPassphrase, string(info.GetAlgo())), nil } // ImportPrivKey imports a private key in ASCII armor format. An error is returned @@ -347,7 +347,7 @@ func (kb keyringKeybase) ImportPrivKey(name, armor, passphrase string) error { return fmt.Errorf("cannot overwrite key: %s", name) } - privKey, algo, err := mintkey.UnarmorDecryptPrivKey(armor, passphrase) + privKey, algo, err := crypto.UnarmorDecryptPrivKey(armor, passphrase) if err != nil { return errors.Wrap(err, "failed to decrypt private key") } @@ -376,7 +376,7 @@ func (kb keyringKeybase) ImportPubKey(name string, armor string) error { } } - pubBytes, algo, err := mintkey.UnarmorPubKeyBytes(armor) + pubBytes, algo, err := crypto.UnarmorPubKeyBytes(armor) if err != nil { return err } diff --git a/crypto/keys/mintkey/mintkey_bench_test.go b/crypto/keys/mintkey/mintkey_bench_test.go deleted file mode 100644 index 1dd0b36cb3..0000000000 --- a/crypto/keys/mintkey/mintkey_bench_test.go +++ /dev/null @@ -1,26 +0,0 @@ -package mintkey - -import ( - "fmt" - "testing" - - "github.com/stretchr/testify/require" - "github.com/tendermint/crypto/bcrypt" - - "github.com/tendermint/tendermint/crypto" -) - -func BenchmarkBcryptGenerateFromPassword(b *testing.B) { - passphrase := []byte("passphrase") - for securityParam := 9; securityParam < 16; securityParam++ { - param := securityParam - b.Run(fmt.Sprintf("benchmark-security-param-%d", param), func(b *testing.B) { - saltBytes := crypto.CRandBytes(16) - b.ResetTimer() - for i := 0; i < b.N; i++ { - _, err := bcrypt.GenerateFromPassword(saltBytes, passphrase, param) - require.Nil(b, err) - } - }) - } -} From 702c44ff6bbf27288b41fdb8e54dbbf82fa003b8 Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:34:16 +0100 Subject: [PATCH 02/10] move some sims to github actions --- .circleci/config.yml | 47 --------------- .github/workflows/sims.yml | 117 +++++++++++++++++++++++++++++++++++++ 2 files changed, 117 insertions(+), 47 deletions(-) create mode 100644 .github/workflows/sims.yml diff --git a/.circleci/config.yml b/.circleci/config.yml index 18d519cf9a..d684e5bcd4 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -86,41 +86,6 @@ jobs: target: proto-gen proto-lint proto-check-breaking description: "Lint and verify Protocol Buffer definitions" - test-sim-nondeterminism: - executor: golang - steps: - - make: - target: test-sim-nondeterminism - description: "Test individual module simulations" - - test-sim-import-export: - executor: golang - steps: - - make: - target: test-sim-import-export - description: "Test application import/export simulation" - - test-sim-after-import: - executor: golang - steps: - - make: - target: test-sim-after-import - description: "Test simulation after import" - - test-sim-multi-seed-long: - executor: golang - steps: - - make: - target: test-sim-multi-seed-long - description: "Test multi-seed simulation (long)" - - test-sim-multi-seed-short: - executor: golang - steps: - - make: - target: test-sim-multi-seed-short - description: "Test multi-seed simulation (short)" - test-cover: executor: golang parallelism: 4 @@ -197,18 +162,6 @@ workflows: only: - /^v.*/ - proto: - requires: - - setup-dependencies - - test-sim-nondeterminism: - requires: - - setup-dependencies - - test-sim-import-export: - requires: - - setup-dependencies - - test-sim-after-import: - requires: - - setup-dependencies - - test-sim-multi-seed-short: requires: - setup-dependencies - test-sim-multi-seed-long: diff --git a/.github/workflows/sims.yml b/.github/workflows/sims.yml new file mode 100644 index 0000000000..73f3de53a7 --- /dev/null +++ b/.github/workflows/sims.yml @@ -0,0 +1,117 @@ +name: Sims +on: [pull_request] +jobs: + build: + runs-on: ubuntu-latest + if: "!contains(github.event.head_commit.message, 'skip-sims')" + steps: + - uses: actions/setup-go@v1 + id: go + with: + go-version: 1.14 + - name: Setup env for GO + # this is only used until the setup-go action is updated + run: | + echo "::set-env name=GOPATH::$(go env GOPATH)" + echo "::add-path::$(go env GOPATH)/bin" + echo "::set-env name=GO111MODULE::"on"" + shell: bash + - name: install runsim + run: | + go get github.com/cosmos/tools/cmd/runsim@v1.0.0 + - uses: actions/cache@v1 + with: + path: ~/go/bin + key: ${{ runner.os }}-go-runsim-binary + + test-sim-nondeterminism: + runs-on: ubuntu-latest + needs: Build + steps: + - uses: actions/setup-go@v1 + id: go + with: + go-version: 1.14 + - name: Setup env for GO + # this is only used until the setup-go action is updated + run: | + echo "::set-env name=GOPATH::$(go env GOPATH)" + echo "::add-path::$(go env GOPATH)/bin" + shell: bash + - uses: actions/checkout@v2 + - uses: actions/cache@v1 + with: + path: ~/go/bin + key: ${{ runner.os }}-go-runsim-binary + - name: test nondeterminism + run: | + make test-sim-nondeterminism + + test-sim-import-export: + runs-on: ubuntu-latest + needs: Build + steps: + - uses: actions/setup-go@v1 + id: go + with: + go-version: 1.14 + - name: Setup env for GO + # this is only used until the setup-go action is updated + run: | + echo "::set-env name=GOPATH::$(go env GOPATH)" + echo "::add-path::$(go env GOPATH)/bin" + shell: bash + - uses: actions/checkout@v2 + - uses: actions/cache@v1 + with: + path: ~/go/bin + key: ${{ runner.os }}-go-runsim-binary + - name: test-sim-import-export + run: | + make test-sim-import-export + + test-sim-after-import: + runs-on: ubuntu-latest + needs: Build + steps: + - uses: actions/setup-go@v1 + id: go + with: + go-version: 1.14 + - name: Setup env for GO + # this is only used until the setup-go action is updated + run: | + echo "::set-env name=GOPATH::$(go env GOPATH)" + echo "::add-path::$(go env GOPATH)/bin" + shell: bash + - uses: actions/checkout@v2 + - uses: actions/cache@v1 + with: + path: ~/go/bin + key: ${{ runner.os }}-go-runsim-binary + - name: test after import + run: | + make test-sim-import-export + + test-sim-multi-seed-short: + runs-on: ubuntu-latest + needs: Build + steps: + - uses: actions/setup-go@v1 + id: go + with: + go-version: 1.14 + - name: Setup env for GO + # this is only used until the setup-go action is updated + run: | + echo "::set-env name=GOPATH::$(go env GOPATH)" + echo "::add-path::$(go env GOPATH)/bin" + shell: bash + - uses: actions/checkout@v2 + - uses: actions/cache@v1 + with: + path: ~/go/bin + key: ${{ runner.os }}-go-runsim-binary + - name: test-sim-multi-seed-short + run: | + make test-sim-multi-seed-short From f7f8543dcbbdaf97d2cfc6061da479b182018eae Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:37:23 +0100 Subject: [PATCH 03/10] add back multi seed long --- .circleci/config.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.circleci/config.yml b/.circleci/config.yml index d684e5bcd4..7acc251827 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -86,6 +86,13 @@ jobs: target: proto-gen proto-lint proto-check-breaking description: "Lint and verify Protocol Buffer definitions" + test-sim-multi-seed-long: + executor: golang + steps: + - make: + target: test-sim-multi-seed-long + description: "Test multi-seed simulation (long)" + test-cover: executor: golang parallelism: 4 From 2be5378d2a8260b44b69d2f9ada85bc9434709c8 Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:38:55 +0100 Subject: [PATCH 04/10] cleanup redundant ci --- .circleci/config.yml | 5 +---- .github/workflows/sims.yml | 8 ++++++++ 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 7acc251827..6e65eff6ab 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,7 +11,7 @@ executors: AWS_REGION: us-east-1 protoc: docker: - - image: tendermintdev/docker-protoc + - image: bufbuild/buf commands: make: @@ -79,9 +79,6 @@ jobs: proto: executor: protoc steps: - - make: - target: protoc-gen-gocosmos - description: "Generate go plugin for protoc" - make: target: proto-gen proto-lint proto-check-breaking description: "Lint and verify Protocol Buffer definitions" diff --git a/.github/workflows/sims.yml b/.github/workflows/sims.yml index 73f3de53a7..d0b4b0fe7f 100644 --- a/.github/workflows/sims.yml +++ b/.github/workflows/sims.yml @@ -1,6 +1,14 @@ name: Sims on: [pull_request] jobs: + cleanup-runs: + runs-on: ubuntu-latest + steps: + - uses: rokroskar/workflow-run-cleanup-action@master + env: + GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + if: "!startsWith(github.ref, 'refs/tags/') && github.ref != 'refs/heads/master'" + build: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip-sims')" From 72ceb5cc6c86557f8b103210442e8bc229aaa7ef Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:42:27 +0100 Subject: [PATCH 05/10] remove make from proto --- .circleci/config.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 6e65eff6ab..1d67adbdb1 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -79,8 +79,10 @@ jobs: proto: executor: protoc steps: - - make: - target: proto-gen proto-lint proto-check-breaking + - checkout + - run: + name: proto check + command: make proto-lint && make proto-check-breaking description: "Lint and verify Protocol Buffer definitions" test-sim-multi-seed-long: @@ -165,9 +167,7 @@ workflows: tags: only: - /^v.*/ - - proto: - requires: - - setup-dependencies + - proto - test-sim-multi-seed-long: requires: - setup-dependencies From bb0922d56474ac3dffe26e6b1456dc8f454b8a0d Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:43:01 +0100 Subject: [PATCH 06/10] fix circle --- .circleci/config.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index 1d67adbdb1..72223908da 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -83,7 +83,6 @@ jobs: - run: name: proto check command: make proto-lint && make proto-check-breaking - description: "Lint and verify Protocol Buffer definitions" test-sim-multi-seed-long: executor: golang From a4efd33488a4985f1ba3646de5f30c42726cba5e Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:46:24 +0100 Subject: [PATCH 07/10] move proto to github actions --- .circleci/config.yml | 8 -------- .github/workflows/proto.yml | 12 ++++++++++++ 2 files changed, 12 insertions(+), 8 deletions(-) create mode 100644 .github/workflows/proto.yml diff --git a/.circleci/config.yml b/.circleci/config.yml index 72223908da..6a1cce30bc 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -76,13 +76,6 @@ jobs: key: go-src-v1-{{ .Revision }} paths: - ".git" - proto: - executor: protoc - steps: - - checkout - - run: - name: proto check - command: make proto-lint && make proto-check-breaking test-sim-multi-seed-long: executor: golang @@ -166,7 +159,6 @@ workflows: tags: only: - /^v.*/ - - proto - test-sim-multi-seed-long: requires: - setup-dependencies diff --git a/.github/workflows/proto.yml b/.github/workflows/proto.yml new file mode 100644 index 0000000000..20615373f7 --- /dev/null +++ b/.github/workflows/proto.yml @@ -0,0 +1,12 @@ +name: Proto check +on: [pull_request] +jobs: + proto-checks: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - uses: docker-practice/actions-setup-docker@master + - name: lint + run: docker run -v $(shell pwd):/workspace --workdir /workspace bufbuild/buf check lint --error-format=json + - name: check-breakage + run: docker run -v $(shell pwd):/workspace --workdir /workspace bufbuild/buf --against-input .git#branch=master From 2d459350487563253e695c39f817e5757bf214b7 Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:48:30 +0100 Subject: [PATCH 08/10] remove shell --- .github/workflows/proto.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/proto.yml b/.github/workflows/proto.yml index 20615373f7..9048c16072 100644 --- a/.github/workflows/proto.yml +++ b/.github/workflows/proto.yml @@ -7,6 +7,6 @@ jobs: - uses: actions/checkout@master - uses: docker-practice/actions-setup-docker@master - name: lint - run: docker run -v $(shell pwd):/workspace --workdir /workspace bufbuild/buf check lint --error-format=json + run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf check lint --error-format=json - name: check-breakage - run: docker run -v $(shell pwd):/workspace --workdir /workspace bufbuild/buf --against-input .git#branch=master + run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf --against-input .git#branch=master From db39408c447a2b67f3ffd2aca12da4154fc6df9c Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 15:51:04 +0100 Subject: [PATCH 09/10] test pwd --- .github/workflows/proto.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/proto.yml b/.github/workflows/proto.yml index 9048c16072..3a8abb6328 100644 --- a/.github/workflows/proto.yml +++ b/.github/workflows/proto.yml @@ -6,7 +6,8 @@ jobs: steps: - uses: actions/checkout@master - uses: docker-practice/actions-setup-docker@master - - name: lint - run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf check lint --error-format=json - - name: check-breakage - run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf --against-input .git#branch=master + - run: pwd + # - name: lint + # run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf check lint --error-format=json + # - name: check-breakage + # run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf --against-input .git#branch=master From a495e7daee90acb3eb9487fd13ead1e17f13d1de Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Fri, 27 Mar 2020 16:04:55 +0100 Subject: [PATCH 10/10] revert proto changes --- .circleci/config.yml | 15 ++++++++++++++- .github/workflows/proto.yml | 13 ------------- 2 files changed, 14 insertions(+), 14 deletions(-) delete mode 100644 .github/workflows/proto.yml diff --git a/.circleci/config.yml b/.circleci/config.yml index 6a1cce30bc..82ed61fb95 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -11,7 +11,7 @@ executors: AWS_REGION: us-east-1 protoc: docker: - - image: bufbuild/buf + - image: tendermintdev/docker-protoc commands: make: @@ -77,6 +77,16 @@ jobs: paths: - ".git" + proto: + executor: protoc + steps: + - make: + target: protoc-gen-gocosmos + description: "Generate go plugin for protoc" + - make: + target: proto-gen proto-lint proto-check-breaking + description: "Lint and verify Protocol Buffer definitions" + test-sim-multi-seed-long: executor: golang steps: @@ -172,6 +182,9 @@ workflows: - test-cover: requires: - setup-dependencies + - proto: + requires: + - setup-dependencies - upload-coverage: requires: - test-cover diff --git a/.github/workflows/proto.yml b/.github/workflows/proto.yml deleted file mode 100644 index 3a8abb6328..0000000000 --- a/.github/workflows/proto.yml +++ /dev/null @@ -1,13 +0,0 @@ -name: Proto check -on: [pull_request] -jobs: - proto-checks: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@master - - uses: docker-practice/actions-setup-docker@master - - run: pwd - # - name: lint - # run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf check lint --error-format=json - # - name: check-breakage - # run: docker run -v pwd:/workspace --workdir /workspace bufbuild/buf --against-input .git#branch=master