From f1e64878d8a66e3343112605ad19e48306b77273 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Federico=20Kunze=20K=C3=BCllmer?= <31522760+fedekunze@users.noreply.github.com> Date: Wed, 28 Jul 2021 06:14:40 -0400 Subject: [PATCH] fix: hardcoded ledger algo on `keys add` (#9766) ## Description Closes: #9734 cc: @jleni --- ### Author Checklist *All items are required. Please add a note to the item if the item is not applicable and please add links to any relevant follow up issues.* I have... - [x] included the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [x] added `!` to the type prefix if API or client breaking change - [x] targeted the correct branch (see [PR Targeting](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#pr-targeting)) - [x] provided a link to the relevant issue or specification - [x] followed the guidelines for [building modules](https://github.com/cosmos/cosmos-sdk/blob/master/docs/building-modules) - [x] included the necessary unit and integration [tests](https://github.com/cosmos/cosmos-sdk/blob/master/CONTRIBUTING.md#testing) - [x] added a changelog entry to `CHANGELOG.md` - [x] included comments for [documenting Go code](https://blog.golang.org/godoc) - [x] updated the relevant documentation or specification - [x] reviewed "Files changed" and left comments if necessary - [x] confirmed all CI checks have passed ### Reviewers Checklist *All items are required. Please add a note if the item is not applicable and please add your handle next to the items reviewed if you only reviewed selected items.* I have... - [x] confirmed the correct [type prefix](https://github.com/commitizen/conventional-commit-types/blob/v3.0.0/index.json) in the PR title - [x] confirmed `!` in the type prefix if API or client breaking change - [ ] confirmed all author checklist items have been addressed - [ ] reviewed state machine logic - [ ] reviewed API design and naming - [ ] reviewed documentation is accurate - [x] reviewed tests and test coverage - [ ] manually tested (if applicable) --- CHANGELOG.md | 1 + client/keys/add.go | 2 +- crypto/keyring/keyring.go | 7 +++++-- crypto/keyring/keyring_ledger_test.go | 4 +++- crypto/ledger/ledger_secp256k1.go | 6 +++--- 5 files changed, 13 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d448876e7dbd..274654745386 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -79,6 +79,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ ### Bug Fixes +* [\#9766](https://github.com/cosmos/cosmos-sdk/pull/9766) Fix hardcoded ledger signing algorithm on `keys add` command. * [\#9720](https://github.com/cosmos/cosmos-sdk/pull/9720) Feegrant grant cli granter now accepts key name as well as address in general and accepts only address in --generate-only mode * [\#9651](https://github.com/cosmos/cosmos-sdk/pull/9651) Change inconsistent limit of `0` to `MaxUint64` on InfiniteGasMeter and add GasRemaining func to GasMeter. * [\#9639](https://github.com/cosmos/cosmos-sdk/pull/9639) Check store keys length before accessing them by making sure that `key` is of length `m+1` (for `key[n:m]`) diff --git a/client/keys/add.go b/client/keys/add.go index 2e915925d8c3..4b2a1a0a55a8 100644 --- a/client/keys/add.go +++ b/client/keys/add.go @@ -203,8 +203,8 @@ func runAddCmd(ctx client.Context, cmd *cobra.Command, args []string, inBuf *buf // If we're using ledger, only thing we need is the path and the bech32 prefix. if useLedger { bech32PrefixAccAddr := sdk.GetConfig().GetBech32AccountAddrPrefix() - info, err := kb.SaveLedgerKey(name, hd.Secp256k1, bech32PrefixAccAddr, coinType, account, index) + info, err := kb.SaveLedgerKey(name, algo, bech32PrefixAccAddr, coinType, account, index) if err != nil { return err } diff --git a/crypto/keyring/keyring.go b/crypto/keyring/keyring.go index 717f589fa789..8619c9f48482 100644 --- a/crypto/keyring/keyring.go +++ b/crypto/keyring/keyring.go @@ -390,14 +390,17 @@ func (ks keystore) SignByAddress(address sdk.Address, msg []byte) ([]byte, types func (ks keystore) SaveLedgerKey(uid string, algo SignatureAlgo, hrp string, coinType, account, index uint32) (Info, error) { if !ks.options.SupportedAlgosLedger.Contains(algo) { - return nil, ErrUnsupportedSigningAlgo + return nil, fmt.Errorf( + "%w: signature algo %s is not defined in the keyring options", + ErrUnsupportedSigningAlgo, algo.Name(), + ) } hdPath := hd.NewFundraiserParams(account, coinType, index) priv, _, err := ledger.NewPrivKeySecp256k1(*hdPath, hrp) if err != nil { - return nil, err + return nil, fmt.Errorf("failed to generate ledger key: %w", err) } return ks.writeLedgerKey(uid, priv.PubKey(), *hdPath, algo.Name()) diff --git a/crypto/keyring/keyring_ledger_test.go b/crypto/keyring/keyring_ledger_test.go index 34f94548fab3..cccfa20452bc 100644 --- a/crypto/keyring/keyring_ledger_test.go +++ b/crypto/keyring/keyring_ledger_test.go @@ -91,7 +91,8 @@ func TestAltKeyring_SaveLedgerKey(t *testing.T) { // Test unsupported Algo _, err = keyring.SaveLedgerKey("key", notSupportedAlgo{}, "cosmos", 118, 0, 0) - require.EqualError(t, err, ErrUnsupportedSigningAlgo.Error()) + require.Error(t, err) + require.Contains(t, err.Error(), ErrUnsupportedSigningAlgo.Error()) ledger, err := keyring.SaveLedgerKey("some_account", hd.Secp256k1, "cosmos", 118, 3, 1) if err != nil { @@ -99,6 +100,7 @@ func TestAltKeyring_SaveLedgerKey(t *testing.T) { t.Skip("ledger nano S: support for ledger devices is not available in this executable") return } + // The mock is available, check that the address is correct require.Equal(t, "some_account", ledger.GetName()) pubKey := ledger.GetPubKey() diff --git a/crypto/ledger/ledger_secp256k1.go b/crypto/ledger/ledger_secp256k1.go index b57cba9dbf4c..db09ba2e8d3a 100644 --- a/crypto/ledger/ledger_secp256k1.go +++ b/crypto/ledger/ledger_secp256k1.go @@ -73,13 +73,13 @@ func NewPrivKeySecp256k1Unsafe(path hd.BIP44Params) (types.LedgerPrivKey, error) func NewPrivKeySecp256k1(path hd.BIP44Params, hrp string) (types.LedgerPrivKey, string, error) { device, err := getDevice() if err != nil { - return nil, "", err + return nil, "", fmt.Errorf("failed to retrieve device: %w", err) } defer warnIfErrors(device.Close) pubKey, addr, err := getPubKeyAddrSafe(device, path, hrp) if err != nil { - return nil, "", err + return nil, "", fmt.Errorf("failed to recover pubkey: %w", err) } return PrivKeyLedgerSecp256k1{pubKey, path}, addr, nil @@ -261,7 +261,7 @@ func getPubKeyUnsafe(device SECP256K1, path hd.BIP44Params) (types.PubKey, error func getPubKeyAddrSafe(device SECP256K1, path hd.BIP44Params, hrp string) (types.PubKey, string, error) { publicKey, addr, err := device.GetAddressPubKeySECP256K1(path.DerivationPath(), hrp) if err != nil { - return nil, "", fmt.Errorf("address %s rejected", addr) + return nil, "", fmt.Errorf("%w: address rejected for path %s", err, path.String()) } // re-serialize in the 33-byte compressed format