Upgrade to yubihsm-go v0.1.0

2018-10-24 11:34:13 +02:00 · 2018-10-24 11:34:13 +02:00 · 4395c53661
parent 247a8286ee
commit 4395c53661
3 changed files with 16 additions and 38 deletions
--- a/Gopkg.lock
+++ b/Gopkg.lock
@ -8,7 +8,6 @@
  revision = "67e573d211ace594f1366b4ce9d39726c4b19bd0"
 [[projects]]
  branch = "master"
  name = "github.com/certusone/yubihsm-go"
  packages = [
    ".",
@ -16,7 +15,8 @@
    "connector",
    "securechannel"
  ]
-  revision = "cbe259b1eea4d9429b0d083619a980e581ac59e8"
+  revision = "2f4bdbb679b59998a67ab3443a896c36211ade80"
  version = "v0.1.0"
 [[projects]]
  name = "github.com/davecgh/go-spew"
@ -220,6 +220,6 @@
 [solve-meta]
  analyzer-name = "dep"
  analyzer-version = 1
-  inputs-digest = "ce36da4f71a430971b68672ab49a690efd7bf70faf8188e3474f0d82af7dd355"
+  inputs-digest = "67414e714c2545c1a8679288655315fa603e148f48459c727d031bbf164c4d4e"
  solver-name = "gps-cdcl"
  solver-version = 1
--- a/Gopkg.toml
+++ b/Gopkg.toml
@ -34,7 +34,7 @@
 [[constraint]]
  name = "github.com/certusone/yubihsm-go"
-  branch = "master"
+  version = "0.1.0"
 [prune]
  go-tests = true
--- a/hsm.go
+++ b/hsm.go
@ -2,6 +2,7 @@ package aiakos
 import (
 	"errors"
 	"github.com/certusone/yubihsm-go"
 	"github.com/certusone/yubihsm-go/commands"
 	"github.com/certusone/yubihsm-go/connector"
@ -10,17 +11,12 @@ import (
 	cmn "github.com/tendermint/tendermint/libs/common"
 	"github.com/tendermint/tendermint/libs/log"
 	"github.com/tendermint/tendermint/types"
 	"time"
 )
 const (
 	defaultPoolSize = 5
 )
 type (
 	// AiakosPV implements PrivValidator using Aiakos
 	AiakosPV struct {
-		hsmSessionPool *yubihsm.SessionManager
+		hsmSessionManager *yubihsm.SessionManager
 		hsmURL       string
 		authKeyID    uint16
@ -49,26 +45,19 @@ func NewAiakosPV(hsmURL string, signingKeyID uint16, authKeyID uint16, password
 // OnStart implements cmn.Service.
 func (a *AiakosPV) OnStart() error {
-
+	sessionManager, err := yubihsm.NewSessionManager(connector.NewHTTPConnector(a.hsmURL), a.authKeyID, a.password)
 	sessionPool, err := yubihsm.NewSessionManager(connector.NewHTTPConnector(a.hsmURL), a.authKeyID, a.password, defaultPoolSize)
 	if err != nil {
 		return err
 	}
 	a.hsmSessionPool = sessionPool
-	select {
+	a.hsmSessionManager = sessionManager
 	case <-sessionPool.Connected:
 		a.Logger.Info("connected to HSM")
 	case <-time.After(5 * time.Second):
 		return errors.New("connection/authentication with the HSM timed out; look at yubihsm logs for more info")
 	}
 	return nil
 }
 // OnStop implements cmn.Service.
 func (a *AiakosPV) OnStop() {
-	a.hsmSessionPool.Destroy()
+	a.hsmSessionManager.Destroy()
 }
 // GetAddress returns the address of the validator.
@ -84,16 +73,12 @@ func (a *AiakosPV) GetPubKey() crypto.PubKey {
 	if a.cachedPubKey != nil {
 		return a.cachedPubKey
 	}
 	session, err := a.hsmSessionPool.GetSession()
 	if err != nil {
 		panic(err)
 	}
 	command, err := commands.CreateGetPubKeyCommand(a.signingKeyID)
 	if err != nil {
 		panic(err)
 	}
-	resp, err := session.SendEncryptedCommand(command)
+	resp, err := a.hsmSessionManager.SendEncryptedCommand(command)
 	if err != nil {
 		panic(err)
 	}
@ -167,17 +152,15 @@ func (a *AiakosPV) SignHeartbeat(chainID string, heartbeat *types.Heartbeat) err
 // This fails if the key slot already contains a key.
 // This should be used for testing purposes only. Wrap and import keys in production.
 func (a *AiakosPV) ImportKey(keyID uint16, key []byte) error {
 	session, err := a.hsmSessionPool.GetSession()
 	if err != nil {
 		return err
 	}
 	command, err := commands.CreatePutAsymmetricKeyCommand(keyID, []byte("imported"), commands.Domain1, commands.CapabilityAsymmetricSignEddsa, commands.AlgorighmED25519, key, []byte{})
 	resp, err := session.SendEncryptedCommand(command)
 	if err != nil {
 		return err
 	}
 	resp, err := a.hsmSessionManager.SendEncryptedCommand(command)
 	if err != nil {
 		return err
 	}
 	parsedResp, matched := resp.(*commands.PutAsymmetricKeyResponse)
 	if !matched {
 		a.Logger.Error("invalid response type")
@ -193,16 +176,11 @@ func (a *AiakosPV) ImportKey(keyID uint16, key []byte) error {
 }
 func (a *AiakosPV) signBytes(data []byte) ([]byte, error) {
 	session, err := a.hsmSessionPool.GetSession()
 	if err != nil {
 		return nil, err
 	}
 	command, err := commands.CreateSignDataEddsaCommand(a.signingKeyID, data)
 	if err != nil {
 		return nil, err
 	}
-	resp, err := session.SendEncryptedCommand(command)
+	resp, err := a.hsmSessionManager.SendEncryptedCommand(command)
 	if err != nil {
 		return nil, err
 	}