Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor: update crypto/ledger to btcec/v2 #14123

Merged
merged 8 commits into from
Dec 5, 2022
Merged

Conversation

julienrbrt
Copy link
Member

@julienrbrt julienrbrt commented Dec 1, 2022

Description

ref: #13513 (comment)
kindly pinging @elias-orijtech

cd crypto/ledger
go test ./... -tags='ledger,test_ledger_mock'
ok      github.com/cosmos/cosmos-sdk/crypto/ledger      0.118s

Author Checklist

All items are required. Please add a note to the item if the item is not applicable and
please add links to any relevant follow up issues.

I have...

  • included the correct type prefix in the PR title
  • added ! to the type prefix if API or client breaking change
  • targeted the correct branch (see PR Targeting)
  • provided a link to the relevant issue or specification
  • followed the guidelines for building modules
  • included the necessary unit and integration tests
  • added a changelog entry to CHANGELOG.md
  • included comments for documenting Go code
  • updated the relevant documentation or specification
  • reviewed "Files changed" and left comments if necessary
  • confirmed all CI checks have passed

Reviewers Checklist

All items are required. Please add a note if the item is not applicable and please add
your handle next to the items reviewed if you only reviewed selected items.

I have...

  • confirmed the correct type prefix in the PR title
  • confirmed ! in the type prefix if API or client breaking change
  • confirmed all author checklist items have been addressed
  • reviewed state machine logic
  • reviewed API design and naming
  • reviewed documentation is accurate
  • reviewed tests and test coverage
  • manually tested (if applicable)

@julienrbrt julienrbrt marked this pull request as ready for review December 1, 2022 18:17
@julienrbrt julienrbrt requested a review from a team as a code owner December 1, 2022 18:17
@julienrbrt julienrbrt marked this pull request as draft December 1, 2022 18:18
@julienrbrt julienrbrt mentioned this pull request Dec 1, 2022
19 tasks
@julienrbrt julienrbrt changed the title chore(crypto): update crypto/ledger to v2 chore(crypto): update crypto/ledger to btcec/v2 Dec 1, 2022
@julienrbrt julienrbrt changed the title chore(crypto): update crypto/ledger to btcec/v2 refactor: update crypto/ledger to btcec/v2 Dec 1, 2022
@julienrbrt julienrbrt marked this pull request as ready for review December 1, 2022 21:28
Copy link
Contributor

@elias-orijtech elias-orijtech left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps @odeke-em would like to take a quick look as well.

crypto/ledger/ledger_secp256k1.go Show resolved Hide resolved
@julienrbrt julienrbrt added the backport/v0.47.x PR scheduled for inclusion in the v0.47's next stable release label Dec 1, 2022
@julienrbrt julienrbrt requested a review from odeke-em December 1, 2022 23:47
@ftheirs
Copy link

ftheirs commented Dec 2, 2022

LGTM! 👍

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 3, 2022

[Cosmos SDK] Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

93.8% 93.8% Coverage
0.0% 0.0% Duplication

Copy link
Collaborator

@odeke-em odeke-em left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for this change @julienrbrt, and thank you for the co-review and tag @elias-orijtech! I've added some suggestions, please take a look @julienrbrt and then I'll approve

sigStr := sigDER.Serialize()
var r, s big.Int
// The format of a DER encoded signature is as follows:
// 0x30 <total length> 0x02 <length of R> <R> 0x02 <length of S> <S>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might seem paranoid, but I suggest that we add a length minimum check here

// Validating that we have a somewhat proper DER signature.
if n := len(sigDER); n < 4 {
    return nil, fmt.Errorf("invalid DER length: want >=4 got %d", n)
}
if g, w := sigDER[0], 0x30; g != w {
    return nil, fmt.Errorf("invalid DER: byte[0]=%x, want=%x", g, w)
}
if wantLen, gotLen := int(sigDER[1]), len(sigDER[3:]); gotLen != wantLen {
    return nil, fmt.Errorf("invalid DER len: got=%d, want=%d",
       gotLen, wantLen)
}

// Eliminate compiler Bounds checking.
_ = sigDER[9:]

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems a bit paranoid indeed, given that Serialize always returns this format.
https://go.dev/play/p/WuZKekW5s9x

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cool no biggie.

@julienrbrt julienrbrt enabled auto-merge (squash) December 5, 2022 11:47
Copy link
Member

@tac0turtle tac0turtle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

utACK

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 5, 2022

[Cosmos SDK - SimApp] Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@julienrbrt julienrbrt merged commit 417ce25 into main Dec 5, 2022
@julienrbrt julienrbrt deleted the julien/btcec-ledger branch December 5, 2022 14:15
mergify bot pushed a commit that referenced this pull request Dec 5, 2022
* chore(crypto): update crypto/ledger to v2

* go mod tidy

* updates

* add comment

(cherry picked from commit 417ce25)

# Conflicts:
#	go.mod
#	simapp/go.mod
#	simapp/go.sum
#	tests/go.mod
#	tests/go.sum
tac0turtle pushed a commit that referenced this pull request Dec 5, 2022
* refactor: update crypto/ledger to btcec/v2 (#14123)

* chore(crypto): update crypto/ledger to v2

* go mod tidy

* updates

* add comment

(cherry picked from commit 417ce25)

# Conflicts:
#	go.mod
#	simapp/go.mod
#	simapp/go.sum
#	tests/go.mod
#	tests/go.sum

* fix conflicts

Co-authored-by: Julien Robert <[email protected]>
yihuang pushed a commit that referenced this pull request Feb 7, 2023
* chore(crypto): update crypto/ledger to v2

* go mod tidy

* updates

* add comment
larry0x pushed a commit to larry0x/cosmos-sdk that referenced this pull request May 22, 2023
* chore(crypto): update crypto/ledger to v2

* go mod tidy

* updates

* add comment
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport/v0.47.x PR scheduled for inclusion in the v0.47's next stable release
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants