From 75a375b6c6b9f97a444aab24aa2d77c1df9bc964 Mon Sep 17 00:00:00 2001 From: Alessio Treglia Date: Fri, 20 Mar 2020 16:00:12 +0100 Subject: [PATCH] crypto/keys: remove DecodeSignature from baseKeybase (#5844) Keybase implementations should return errors when signature generation is attempted with offline/multisig keys since theyr lack private keys. This is a change in Keyring/Keybase.Sign() methods semantics that have been broken for long time. --- CHANGELOG.md | 3 +++ crypto/keys/keybase.go | 2 +- crypto/keys/keybase_base.go | 31 ------------------------------- crypto/keys/keybase_test.go | 5 ++--- crypto/keys/keyring.go | 2 +- crypto/keys/keyring_test.go | 3 ++- 6 files changed, 9 insertions(+), 37 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4f008aaec1d9..18f1b0f79ceb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -50,6 +50,7 @@ are now replaced by human-readable expressions. This change can potentially brea that parse log messages. * (client) [\#5799](https://github.com/cosmos/cosmos-sdk/pull/5799) The `tx encode/decode` commands, due to change on encoding break compatibility with older clients. +* (x/auth) [\#5844](https://github.com/cosmos/cosmos-sdk/pull/5844) `tx sign` command now returns an error when signing is attempted with offline/multisig keys. ### API Breaking Changes @@ -87,6 +88,8 @@ resulted in a panic when the tx execution mode was `CheckTx`. * (modules) [\#5569](https://github.com/cosmos/cosmos-sdk/issues/5569) `InitGenesis`, for the relevant modules, now ensures module accounts exist. * (crypto/keys/mintkey) [\#5823](https://github.com/cosmos/cosmos-sdk/pull/5823) fix errors handling in UnarmorPubKeyBytes (underlying armoring function's return error was not being checked). +* (crypto/keys) [\#5844](https://github.com/cosmos/cosmos-sdk/pull/5844) Keybase/Keyring `Sign()` methods no longer decode amino signatures +when method receivers are offline/multisig keys. ### State Machine Breaking diff --git a/crypto/keys/keybase.go b/crypto/keys/keybase.go index 2d7e79710f5b..c273e288b765 100644 --- a/crypto/keys/keybase.go +++ b/crypto/keys/keybase.go @@ -215,7 +215,7 @@ func (kb dbKeybase) Sign(name, passphrase string, msg []byte) (sig []byte, pub t return SignWithLedger(info, msg) case offlineInfo, multiInfo: - return kb.base.DecodeSignature(info, msg) + return nil, info.GetPubKey(), errors.New("cannot sign with offline keys") } sig, err = priv.Sign(msg) diff --git a/crypto/keys/keybase_base.go b/crypto/keys/keybase_base.go index 47c7e60d729a..2947949e273b 100644 --- a/crypto/keys/keybase_base.go +++ b/crypto/keys/keybase_base.go @@ -1,10 +1,6 @@ package keys import ( - "bufio" - "fmt" - "os" - "github.com/cosmos/go-bip39" "github.com/pkg/errors" tmcrypto "github.com/tendermint/tendermint/crypto" @@ -104,33 +100,6 @@ func SecpPrivKeyGen(bz []byte) tmcrypto.PrivKey { return secp256k1.PrivKeySecp256k1(bzArr) } -// DecodeSignature decodes a an length-prefixed binary signature from standard input -// and return it as a byte slice. -func (kb baseKeybase) DecodeSignature(info Info, msg []byte) (sig []byte, pub tmcrypto.PubKey, err error) { - _, err = fmt.Fprintf(os.Stderr, "Message to sign:\n\n%s\n", msg) - if err != nil { - return nil, nil, err - } - - buf := bufio.NewReader(os.Stdin) - _, err = fmt.Fprintf(os.Stderr, "\nEnter Amino-encoded signature:\n") - if err != nil { - return nil, nil, err - } - - // will block until user inputs the signature - signed, err := buf.ReadString('\n') - if err != nil { - return nil, nil, err - } - - if err := CryptoCdc.UnmarshalBinaryLengthPrefixed([]byte(signed), sig); err != nil { - return nil, nil, errors.Wrap(err, "failed to decode signature") - } - - return sig, info.GetPubKey(), nil -} - // CreateAccount creates an account Info object. func (kb baseKeybase) CreateAccount( keyWriter keyWriter, name, mnemonic, bip39Passphrase, encryptPasswd, hdPath string, algo SigningAlgo, diff --git a/crypto/keys/keybase_test.go b/crypto/keys/keybase_test.go index cbd212a755db..a669a83deba2 100644 --- a/crypto/keys/keybase_test.go +++ b/crypto/keys/keybase_test.go @@ -2,9 +2,7 @@ package keys import ( - "errors" "fmt" - "io" "testing" "github.com/stretchr/testify/assert" @@ -280,7 +278,8 @@ func TestSignVerify(t *testing.T) { // Now try to sign data with a secret-less key _, _, err = cstore.Sign(n3, p3, d3) - require.True(t, errors.Is(io.EOF, err)) + require.Error(t, err) + require.Equal(t, "cannot sign with offline keys", err.Error()) } func assertPassword(t *testing.T, cstore Keybase, name, pass, badpass string) { diff --git a/crypto/keys/keyring.go b/crypto/keys/keyring.go index 726b44e781f2..e664b1d2d13b 100644 --- a/crypto/keys/keyring.go +++ b/crypto/keys/keyring.go @@ -219,7 +219,7 @@ func (kb keyringKeybase) Sign(name, passphrase string, msg []byte) (sig []byte, return SignWithLedger(info, msg) case offlineInfo, multiInfo: - return kb.base.DecodeSignature(info, msg) + return nil, info.GetPubKey(), errors.New("cannot sign with offline keys") } sig, err = priv.Sign(msg) diff --git a/crypto/keys/keyring_test.go b/crypto/keys/keyring_test.go index afa726321de0..0415236be971 100644 --- a/crypto/keys/keyring_test.go +++ b/crypto/keys/keyring_test.go @@ -208,7 +208,8 @@ func TestLazySignVerifyKeyRing(t *testing.T) { // Now try to sign data with a secret-less key _, _, err = kb.Sign(n3, p3, d3) - require.NotNil(t, err) + require.Error(t, err) + require.Equal(t, "cannot sign with offline keys", err.Error()) } func TestLazyExportImportKeyRing(t *testing.T) {