Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Audit crypto folder #11932

Merged
merged 21 commits into from
May 15, 2022
Merged

chore: Audit crypto folder #11932

merged 21 commits into from
May 15, 2022

Conversation

amaury1093
Copy link
Contributor

@amaury1093 amaury1093 commented May 11, 2022

Description

ref: #11362

I did NOT review the following folders, as they contain cryptography which I don't think I'm competent enough to give a useful review:

  • crypto/xsalsa20symmetric (new in v046, ported from TM i think)
  • crypto/keys/secp256k1 (some new stuff in v046 too)

Also performed some manual tests as part of #11939:


Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • included the correct type prefix in the PR title
  • added ! to the type prefix if API or client breaking change
  • targeted the correct branch (see PR Targeting)
  • provided a link to the relevant issue or specification
  • followed the guidelines for building modules
  • included the necessary unit and integration tests
  • added a changelog entry to CHANGELOG.md
  • included comments for documenting Go code
  • updated the relevant documentation or specification
  • reviewed "Files changed" and left comments if necessary
  • confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

  • confirmed the correct type prefix in the PR title
  • confirmed ! in the type prefix if API or client breaking change
  • confirmed all author checklist items have been addressed
  • reviewed state machine logic
  • reviewed API design and naming
  • reviewed documentation is accurate
  • reviewed tests and test coverage
  • manually tested (if applicable)

@@ -100,13 +100,6 @@ type Keyring interface {
Migrator
}

// UnsafeKeyring exposes unsafe operations such as unsafe unarmored export in
// addition to those that are made available by the Keyring interface.
type UnsafeKeyring interface {
Copy link
Contributor Author

@amaury1093 amaury1093 May 11, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The keyring has a lot of Unsafe* stuff. They are only used for exporting the private key. This is why I moved all Unsafe* types into client/keys/export.go, as private names

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you think callers won't need these, then this is fine 👍

Copy link
Contributor Author

@amaury1093 amaury1093 May 12, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that's the idea. If they wanted, they could still access them, via interface casting. But it's some more hurdles on purpose to access Unsafe methods.

I added a changelog entry

Offline offline = 6;
}

// Item is a keyring item stored in a keyring backend.
// Local item
message Local {
google.protobuf.Any priv_key = 1;
string priv_key_type = 2;
Copy link
Contributor Author

@amaury1093 amaury1093 May 11, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed this 2nd field. For me it's redundant, as the Any field already contains the type, e.g. in JSON:

"@type": "cosmos.crypto.secp256k1.PrivKey"

@amaury1093 amaury1093 marked this pull request as ready for review May 12, 2022 13:58
@amaury1093 amaury1093 requested a review from a team as a code owner May 12, 2022 13:58
@@ -100,13 +100,6 @@ type Keyring interface {
Migrator
}

// UnsafeKeyring exposes unsafe operations such as unsafe unarmored export in
// addition to those that are made available by the Keyring interface.
type UnsafeKeyring interface {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you think callers won't need these, then this is fine 👍

@blushi blushi self-assigned this May 12, 2022
@tac0turtle
Copy link
Member

crypto/xsalsa20symmetric

copy from tendermint you can skip

crypto/keys/secp256k1

the changes come from a fork of Geth so we can skip, they are already on main nets

crypto/keyring/keyring.go Outdated Show resolved Hide resolved
Copy link
Contributor

@blushi blushi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM just a few nits

crypto/keyring/keyring.go Outdated Show resolved Hide resolved
client/keys/migrate_test.go Outdated Show resolved Hide resolved
@tac0turtle tac0turtle added the A:automerge Automatically merge PR once all prerequisites pass. label May 15, 2022
@codecov
Copy link

codecov bot commented May 15, 2022

Codecov Report

Merging #11932 (0cd9d60) into main (4f31162) will decrease coverage by 0.00%.
The diff coverage is 73.80%.

Impacted file tree graph

@@            Coverage Diff             @@
##             main   #11932      +/-   ##
==========================================
- Coverage   65.98%   65.97%   -0.01%     
==========================================
  Files         677      677              
  Lines       71329    71324       -5     
==========================================
- Hits        47063    47056       -7     
- Misses      21582    21583       +1     
- Partials     2684     2685       +1     
Impacted Files Coverage Δ
client/keys/migrate.go 79.31% <50.00%> (ø)
client/keys/export.go 62.90% <57.14%> (-1.39%) ⬇️
crypto/keyring/keyring.go 61.69% <78.12%> (-0.71%) ⬇️
crypto/keyring/record.go 67.94% <100.00%> (ø)
crypto/keys/internal/ecdsa/privkey.go 84.21% <0.00%> (+1.75%) ⬆️

@mergify mergify bot merged commit b2b29d4 into main May 15, 2022
@mergify mergify bot deleted the am/crypto-audit branch May 15, 2022 13:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A:automerge Automatically merge PR once all prerequisites pass. C:CLI C:Keys Keybase, KMS and HSMs
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants