Review, and followup on ledger integration

.circleci/config.yml

@@ -41,7 +41,7 @@ jobs:
         command: |
           rustc --version
           cargo --version
-          cargo test --all --all-features
+          cargo test --all --features "default softsign yubihsm yubihsm-mock"
     - run:
         name: audit
         command: |

.gitignore

@@ -4,3 +4,5 @@ tmkms.toml
 
 # Ignore VIM swap files
 *.swp
+
+\.idea/

Cargo.toml

@@ -35,6 +35,7 @@ signal-hook = "0.1.7"
 signatory = { version = "0.11", features = ["ed25519"] }
 signatory-dalek = "0.11"
 signatory-yubihsm = { version = "0.11", optional = true }
+signatory-ledger-tm = { version = "0.11", optional = true }
 subtle-encoding = "0.3"
 tendermint = { version = "0.2", path = "tendermint-rs" }
 
@@ -43,10 +44,11 @@ tempfile = "3"
 rand = "0.6"
 
 [features]
-default = ["softsign", "yubihsm"]
+default = ["softsign"]
 softsign = []
 yubihsm = ["signatory-yubihsm/usb"] # USB only for now
 yubihsm-mock = ["yubihsm", "signatory-yubihsm/mockhsm"]
+ledgertm = ["signatory-ledger-tm"]
 
 # Enable integer overflow checks in release builds for security reasons
 [profile.release]

src/commands/mod.rs

@@ -11,9 +11,9 @@ mod start;
 mod version;
 #[cfg(feature = "yubihsm")]
 mod yubihsm;
-
 #[cfg(feature = "yubihsm")]
 pub use self::yubihsm::YubihsmCommand;
+
 pub use self::{
     help::HelpCommand, keygen::KeygenCommand, start::StartCommand, version::VersionCommand,
 };

src/config/provider/ledgertm.rs

@@ -0,0 +1,5 @@
+//! Configuration for Ledger Tendermint signer
+
+/// Ledger Tendermint signer configuration
+#[derive(Clone, Deserialize, Debug)]
+pub struct LedgerTendermintConfig {}

src/config/provider/mod.rs

@@ -1,8 +1,12 @@
+#[cfg(feature = "ledgertm")]
+pub mod ledgertm;
 #[cfg(feature = "softsign")]
 pub mod softsign;
 #[cfg(feature = "yubihsm")]
 pub mod yubihsm;
 
+#[cfg(feature = "ledgertm")]
+use self::ledgertm::LedgerTendermintConfig;
 #[cfg(feature = "softsign")]
 use self::softsign::SoftSignConfig;
 #[cfg(feature = "yubihsm")]
@@ -20,4 +24,9 @@ pub struct ProviderConfig {
     #[cfg(feature = "yubihsm")]
     #[serde(default)]
     pub yubihsm: Vec<YubihsmConfig>,
+
+    /// Map of ledger-tm labels to their configurations
+    #[cfg(feature = "ledgertm")]
+    #[serde(default)]
+    pub ledgertm: Vec<LedgerTendermintConfig>,
 }

src/keyring/ed25519/ledgertm.rs

@@ -0,0 +1,37 @@
+//! Ledger Tendermint signer
+
+use signatory::PublicKeyed;
+use signatory_ledger_tm::{self, Ed25519LedgerTmAppSigner};
+
+use crate::{
+    config::provider::ledgertm::LedgerTendermintConfig,
+    error::{KmsError, KmsErrorKind::*},
+    keyring::{ed25519::Signer, KeyRing},
+};
+
+pub const LEDGER_TM_PROVIDER_LABEL: &str = "ledgertm";
+pub const LEDGER_TM_ID: &str = "ledgertm";
+
+/// Create Ledger Tendermint signer object from the given configuration
+pub fn init(
+    keyring: &mut KeyRing,
+    ledgertm_configs: &[LedgerTendermintConfig],
+) -> Result<(), KmsError> {
+    if ledgertm_configs.is_empty() {
+        return Ok(());
+    }
+
+    if ledgertm_configs.len() != 1 {
+        fail!(
+            ConfigError,
+            "expected one [providers.ledgertm] in config, found: {}",
+            ledgertm_configs.len()
+        );
+    }
+    let provider = Box::new(Ed25519LedgerTmAppSigner::connect()?);
+    let pk = provider.public_key()?;
+    // TODO: key_id shouldn't be a constant here (see LEDGER_TM_ID):
+    let signer = Signer::new(LEDGER_TM_PROVIDER_LABEL, LEDGER_TM_ID.to_string(), provider);
+    keyring.add(pk, signer)?;
+    Ok(())
+}

src/keyring/ed25519/mod.rs

@@ -1,5 +1,7 @@
 pub use signatory::ed25519::{PublicKey, Seed, PUBLIC_KEY_SIZE};
 
+#[cfg(feature = "ledgertm")]
+pub mod ledgertm;
 mod signer;
 #[cfg(feature = "softsign")]
 pub mod softsign;

src/keyring/mod.rs

@@ -12,6 +12,8 @@ use crate::{
     error::{KmsError, KmsErrorKind::*},
 };
 
+#[cfg(feature = "ledgertm")]
+use self::ed25519::ledgertm;
 #[cfg(feature = "yubihsm")]
 use self::ed25519::yubihsm;
 use self::ed25519::{softsign, Signer};
@@ -42,6 +44,9 @@ impl KeyRing {
         #[cfg(feature = "yubihsm")]
         yubihsm::init(&mut keyring, &config.yubihsm)?;
 
+        #[cfg(feature = "ledgertm")]
+        ledgertm::init(&mut keyring, &config.ledgertm)?;
+
         if keyring.0.is_empty() {
             fail!(ConfigError, "no signing keys configured!")
         } else {

src/lib.rs

@@ -29,6 +29,8 @@ extern crate sha2;
 extern crate signal_hook;
 extern crate signatory;
 extern crate signatory_dalek;
+#[cfg(feature = "ledgertm")]
+extern crate signatory_ledger_tm;
 #[cfg(feature = "yubihsm")]
 extern crate signatory_yubihsm;
 extern crate subtle_encoding;

tendermint-rs/Cargo.toml

@@ -46,7 +46,7 @@ sha2 = { version = "0.8", optional = true, default-features = false }
 subtle-encoding = { version = "0.3", features = ["bech32-preview"] }
 tai64 = { version = "1", optional = true, features = ["chrono"] }
 x25519-dalek = { version = "0.4.4", optional = true, default-features = false, features = ["u64_backend"] }
-zeroize = { version = "0.4", optional = true }
+zeroize = { version = "0.5.2", optional = true }
 
 [features]
 default = ["secret-connection", "serializers", "tai64"]

tmkms.toml.example

@@ -17,3 +17,9 @@ adapter = { type = "usb" }
 auth = { key = 1, password = "password" } # Default YubiHSM admin credentials. Change ASAP!
 keys = [{ id = "gaia-9000", key = 1 }]
 #serial_number = "0123456789" # identify serial number of a specific YubiHSM to connect to
+
+[[providers.ledgertm]]
+# note:
+#  - this will enable a ledger signer
+#  - currently no other options are supported and
+#  - the key_id used by signatory internally will be "ledgertm" by default