crypto: move keys to sdk

client/keys/show_test.go

@@ -6,12 +6,11 @@ import (
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 
-	"github.com/tendermint/tendermint/crypto"
-	"github.com/tendermint/tendermint/crypto/multisig"
-	"github.com/tendermint/tendermint/crypto/secp256k1"
-
 	"github.com/cosmos/cosmos-sdk/client/flags"
 	"github.com/cosmos/cosmos-sdk/crypto/keys"
+	crypto "github.com/cosmos/cosmos-sdk/crypto/keys"
+	"github.com/cosmos/cosmos-sdk/crypto/keys/multisig"
+	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
 	"github.com/cosmos/cosmos-sdk/tests"
 	sdk "github.com/cosmos/cosmos-sdk/types"
 )

crypto/encode_test.go

@@ -6,9 +6,9 @@ import (
 
 	"github.com/stretchr/testify/require"
 
-	tcrypto "github.com/tendermint/tendermint/crypto"
+	tcrypto "github.com/cosmos/cosmos-sdk/crypto/keys"
+	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
 	"github.com/tendermint/tendermint/crypto/ed25519"
-	"github.com/tendermint/tendermint/crypto/secp256k1"
 )
 
 type byter interface {

crypto/keys/keybase.go → crypto/keybase/keybase.go

@@ -340,8 +340,7 @@ func (kb dbKeybase) Import(name string, armor string) (err error) {
 		return
 	}
 
-	kb.db.Set(infoKey(name), infoBytes)
-	return nil
+	return kb.db.Set(infoKey(name), infoBytes)
 }
 
 // ImportPubKey imports ASCII-armored public keys. Store a new Info object holding
@@ -388,8 +387,15 @@ func (kb dbKeybase) Delete(name, passphrase string, skipPass bool) error {
 		}
 	}
 
-	kb.db.DeleteSync(addrKey(info.GetAddress()))
-	kb.db.DeleteSync(infoKey(name))
+	err = kb.db.DeleteSync(addrKey(info.GetAddress()))
+	if err != nil {
+		return err
+	}
+
+	err = kb.db.DeleteSync(infoKey(name))
+	if err != nil {
+		return err
+	}
 
 	return nil
 }
@@ -428,11 +434,6 @@ func (kb dbKeybase) Update(name, oldpass string, getNewpass func() (string, erro
 	}
 }
 
-// CloseDB releases the lock and closes the storage backend.
-func (kb dbKeybase) CloseDB() {
-	kb.db.Close()
-}
-
 // SupportedAlgos returns a list of supported signing algorithms.
 func (kb dbKeybase) SupportedAlgos() []SigningAlgo {
 	return kb.base.SupportedAlgos()

crypto/keys/keybase_base.go → crypto/keybase/keybase_base.go

@@ -7,11 +7,11 @@ import (
 
 	"github.com/cosmos/go-bip39"
 	"github.com/pkg/errors"
-	tmcrypto "github.com/tendermint/tendermint/crypto"
-	"github.com/tendermint/tendermint/crypto/secp256k1"
 
 	"github.com/cosmos/cosmos-sdk/crypto"
+	keys "github.com/cosmos/cosmos-sdk/crypto/keys"
 	"github.com/cosmos/cosmos-sdk/crypto/keys/hd"
+	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
 	"github.com/cosmos/cosmos-sdk/types"
 )
 
@@ -35,7 +35,7 @@ type (
 	}
 
 	writeLocalKeyer interface {
-		writeLocalKey(name string, priv tmcrypto.PrivKey, passphrase string, algo SigningAlgo) Info
+		writeLocalKey(name string, priv keys.PrivKey, passphrase string, algo SigningAlgo) Info
 	}
 
 	infoWriter interface {
@@ -90,23 +90,23 @@ func newBaseKeybase(optionsFns ...KeybaseOption) baseKeybase {
 
 // StdPrivKeyGen is the default PrivKeyGen function in the keybase.
 // For now, it only supports Secp256k1
-func StdPrivKeyGen(bz []byte, algo SigningAlgo) (tmcrypto.PrivKey, error) {
+func StdPrivKeyGen(bz []byte, algo SigningAlgo) (keys.PrivKey, error) {
 	if algo == Secp256k1 {
 		return SecpPrivKeyGen(bz), nil
 	}
 	return nil, ErrUnsupportedSigningAlgo
 }
 
 // SecpPrivKeyGen generates a secp256k1 private key from the given bytes
-func SecpPrivKeyGen(bz []byte) tmcrypto.PrivKey {
+func SecpPrivKeyGen(bz []byte) keys.PrivKey {
 	var bzArr [32]byte
 	copy(bzArr[:], bz)
 	return secp256k1.PrivKeySecp256k1(bzArr)
 }
 
 // DecodeSignature decodes a an length-prefixed binary signature from standard input
 // and return it as a byte slice.
-func (kb baseKeybase) DecodeSignature(info Info, msg []byte) (sig []byte, pub tmcrypto.PubKey, err error) {
+func (kb baseKeybase) DecodeSignature(info Info, msg []byte) (sig []byte, pub keys.PubKey, err error) {
 	_, err = fmt.Fprintf(os.Stderr, "Message to sign:\n\n%s\n", msg)
 	if err != nil {
 		return nil, nil, err
@@ -212,19 +212,19 @@ func (kb baseKeybase) CreateMnemonic(
 	return info, mnemonic, err
 }
 
-func (kb baseKeybase) writeLedgerKey(w infoWriter, name string, pub tmcrypto.PubKey, path hd.BIP44Params, algo SigningAlgo) Info {
+func (kb baseKeybase) writeLedgerKey(w infoWriter, name string, pub keys.PubKey, path hd.BIP44Params, algo SigningAlgo) Info {
 	info := newLedgerInfo(name, pub, path, algo)
 	w.writeInfo(name, info)
 	return info
 }
 
-func (kb baseKeybase) writeOfflineKey(w infoWriter, name string, pub tmcrypto.PubKey, algo SigningAlgo) Info {
+func (kb baseKeybase) writeOfflineKey(w infoWriter, name string, pub keys.PubKey, algo SigningAlgo) Info {
 	info := newOfflineInfo(name, pub, algo)
 	w.writeInfo(name, info)
 	return info
 }
 
-func (kb baseKeybase) writeMultisigKey(w infoWriter, name string, pub tmcrypto.PubKey) Info {
+func (kb baseKeybase) writeMultisigKey(w infoWriter, name string, pub keys.PubKey) Info {
 	info := NewMultiInfo(name, pub)
 	w.writeInfo(name, info)
 	return info
@@ -282,7 +282,7 @@ func IsSupportedAlgorithm(supported []SigningAlgo, algo SigningAlgo) bool {
 // SignWithLedger signs a binary message with the ledger device referenced by an Info object
 // and returns the signed bytes and the public key. It returns an error if the device could
 // not be queried or it returned an error.
-func SignWithLedger(info Info, msg []byte) (sig []byte, pub tmcrypto.PubKey, err error) {
+func SignWithLedger(info Info, msg []byte) (sig []byte, pub keys.PubKey, err error) {
 	switch info.(type) {
 	case *ledgerInfo, ledgerInfo:
 	default:

crypto/keys/keybase_test.go → crypto/keybase/keybase_test.go

@@ -227,7 +227,8 @@ func TestSignVerify(t *testing.T) {
 	// Import a public key
 	armor, err := cstore.ExportPubKey(n2)
 	require.Nil(t, err)
-	cstore.ImportPubKey(n3, armor)
+	err = cstore.ImportPubKey(n3, armor)
+	require.NoError(t, err)
 	i3, err := cstore.Get(n3)
 	require.NoError(t, err)
 	require.Equal(t, i3.GetName(), n3)

crypto/keys/keyring.go → crypto/keybase/keyring.go

@@ -430,9 +430,6 @@ func (kb keyringKeybase) SupportedAlgosLedger() []SigningAlgo {
 	return kb.base.SupportedAlgosLedger()
 }
 
-// CloseDB releases the lock and closes the storage backend.
-func (kb keyringKeybase) CloseDB() {}
-
 func (kb keyringKeybase) writeLocalKey(name string, priv tmcrypto.PrivKey, _ string, algo SigningAlgo) Info {
 	// encrypt private key using keyring
 	pub := priv.PubKey()

crypto/keys/keyring_test.go → crypto/keybase/keyring_test.go

@@ -96,8 +96,6 @@ func TestLazyKeyManagementKeyRing(t *testing.T) {
 
 	// addr cache gets nuked - and test skip flag
 	require.NoError(t, kb.Delete(n2, "", true))
-
-	require.NotPanics(t, kb.CloseDB)
 }
 
 // TestSignVerify does some detailed checks on how we sign and validate
@@ -157,7 +155,8 @@ func TestLazySignVerifyKeyRing(t *testing.T) {
 	// Import a public key
 	armor, err := kb.ExportPubKey(n2)
 	require.Nil(t, err)
-	kb.ImportPubKey(n3, armor)
+	err = kb.ImportPubKey(n3, armor)
+	require.NoError(t, err)
 	i3, err := kb.Get(n3)
 	require.NoError(t, err)
 	require.Equal(t, i3.GetName(), n3)

crypto/keys/lazy_keybase.go → crypto/keybase/lazy_keybase.go

@@ -219,5 +219,3 @@ func (lkb lazyKeybase) SupportedAlgos() []SigningAlgo {
 func (lkb lazyKeybase) SupportedAlgosLedger() []SigningAlgo {
 	return newBaseKeybase(lkb.options...).SupportedAlgosLedger()
 }
-
-func (lkb lazyKeybase) CloseDB() {}

crypto/keys/lazy_keybase_test.go → crypto/keybase/lazy_keybase_test.go

@@ -128,7 +128,8 @@ func TestLazySignVerify(t *testing.T) {
 	// Import a public key
 	armor, err := kb.ExportPubKey(n2)
 	require.Nil(t, err)
-	kb.ImportPubKey(n3, armor)
+	err = kb.ImportPubKey(n3, armor)
+	require.NoError(t, err)
 	i3, err := kb.Get(n3)
 	require.NoError(t, err)
 	require.Equal(t, i3.GetName(), n3)

crypto/keys/types.go → crypto/keybase/types.go

@@ -80,9 +80,6 @@ type Keybase interface {
 
 	// SupportedAlgosLedger returns a list of signing algorithms supported by the keybase's ledger integration
 	SupportedAlgosLedger() []SigningAlgo
-
-	// CloseDB closes the database.
-	CloseDB()
 }
 
 // KeyType reflects a human-readable type for key listing.

crypto/keys/crypto.go

@@ -0,0 +1,40 @@
+package crypto
+
+import (
+	"github.com/tendermint/tendermint/crypto/tmhash"
+	"github.com/tendermint/tendermint/libs/bytes"
+)
+
+const (
+	// AddressSize is the size of a pubkey address.
+	AddressSize = tmhash.TruncatedSize
+)
+
+// An address is a []byte, but hex-encoded even in JSON.
+// []byte leaves us the option to change the address length.
+// Use an alias so Unmarshal methods (with ptr receivers) are available too.
+type Address = bytes.HexBytes
+
+func AddressHash(bz []byte) Address {
+	return Address(tmhash.SumTruncated(bz))
+}
+
+type PubKey interface {
+	Address() Address
+	Bytes() []byte
+	VerifyBytes(msg []byte, sig []byte) bool
+	Equals(PubKey) bool
+}
+
+type PrivKey interface {
+	Bytes() []byte
+	Sign(msg []byte) ([]byte, error)
+	PubKey() PubKey
+	Equals(PrivKey) bool
+}
+
+type Symmetric interface {
+	Keygen() []byte
+	Encrypt(plaintext []byte, secret []byte) (ciphertext []byte)
+	Decrypt(ciphertext []byte, secret []byte) (plaintext []byte, err error)
+}

crypto/keys/encoding/amino/amino.go

@@ -0,0 +1,86 @@
+package cryptoamino
+
+import (
+	"reflect"
+
+	"github.com/cosmos/cosmos-sdk/crypto/keys/multisig"
+	"github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1"
+	"github.com/cosmos/cosmos-sdk/crypto/keys/sr25519"
+
+	amino "github.com/tendermint/go-amino"
+	"github.com/tendermint/tendermint/crypto"
+	"github.com/tendermint/tendermint/crypto/ed25519"
+)
+
+var cdc = amino.NewCodec()
+
+// nameTable is used to map public key concrete types back
+// to their registered amino names. This should eventually be handled
+// by amino. Example usage:
+// nameTable[reflect.TypeOf(ed25519.PubKeyEd25519{})] = ed25519.PubKeyAminoName
+var nameTable = make(map[reflect.Type]string, 3)
+
+func init() {
+	// NOTE: It's important that there be no conflicts here,
+	// as that would change the canonical representations,
+	// and therefore change the address.
+	// TODO: Remove above note when
+	// https://github.com/tendermint/go-amino/issues/9
+	// is resolved
+	RegisterAmino(cdc)
+
+	// TODO: Have amino provide a way to go from concrete struct to route directly.
+	// Its currently a private API
+	nameTable[reflect.TypeOf(ed25519.PubKey{})] = ed25519.PubKeyAminoName
+	nameTable[reflect.TypeOf(sr25519.PubKey{})] = sr25519.PubKeyAminoName
+	nameTable[reflect.TypeOf(secp256k1.PubKey{})] = secp256k1.PubKeyAminoName
+	nameTable[reflect.TypeOf(multisig.PubKeyMultisigThreshold{})] = multisig.PubKeyMultisigThresholdAminoRoute
+}
+
+// PubkeyAminoName returns the amino route of a pubkey
+// cdc is currently passed in, as eventually this will not be using
+// a package level codec.
+func PubkeyAminoName(cdc *amino.Codec, key crypto.PubKey) (string, bool) {
+	route, found := nameTable[reflect.TypeOf(key)]
+	return route, found
+}
+
+// RegisterAmino registers all crypto related types in the given (amino) codec.
+func RegisterAmino(cdc *amino.Codec) {
+	// These are all written here instead of
+	cdc.RegisterInterface((*crypto.PubKey)(nil), nil)
+	cdc.RegisterConcrete(ed25519.PubKey{},
+		ed25519.PubKeyAminoName, nil)
+	cdc.RegisterConcrete(sr25519.PubKey{},
+		sr25519.PubKeyAminoName, nil)
+	cdc.RegisterConcrete(secp256k1.PubKey{},
+		secp256k1.PubKeyAminoName, nil)
+	cdc.RegisterConcrete(multisig.PubKeyMultisigThreshold{},
+		multisig.PubKeyMultisigThresholdAminoRoute, nil)
+
+	cdc.RegisterInterface((*crypto.PrivKey)(nil), nil)
+	cdc.RegisterConcrete(ed25519.PrivKey{},
+		ed25519.PrivKeyAminoName, nil)
+	cdc.RegisterConcrete(sr25519.PrivKey{},
+		sr25519.PrivKeyAminoName, nil)
+	cdc.RegisterConcrete(secp256k1.PrivKey{},
+		secp256k1.PrivKeyAminoName, nil)
+}
+
+// RegisterKeyType registers an external key type to allow decoding it from bytes
+func RegisterKeyType(o interface{}, name string) {
+	cdc.RegisterConcrete(o, name, nil)
+	nameTable[reflect.TypeOf(o)] = name
+}
+
+// PrivKeyFromBytes unmarshals private key bytes and returns a PrivKey
+func PrivKeyFromBytes(privKeyBytes []byte) (privKey crypto.PrivKey, err error) {
+	err = cdc.UnmarshalBinaryBare(privKeyBytes, &privKey)
+	return
+}
+
+// PubKeyFromBytes unmarshals public key bytes and returns a PubKey
+func PubKeyFromBytes(pubKeyBytes []byte) (pubKey crypto.PubKey, err error) {
+	err = cdc.UnmarshalBinaryBare(pubKeyBytes, &pubKey)
+	return
+}