diff --git a/digests.txt b/digests.txt index 028b627..f5aad37 100644 --- a/digests.txt +++ b/digests.txt @@ -1,4 +1,4 @@ -729804cf6652e23b8e3fc0a2548e0e0327b69826f50b10b560656f77af76f575 turnkey.darwin-aarch64 -36ddc3f9675214c35e924f8212028e35d7674ae1e6a46a49d68fa4b983c1d954 turnkey.darwin-x86_64 -20f87614b1763314c04cb2539d26b2a8aea396f3dcd3bb879aa7bca214fdb777 turnkey.linux-aarch64 -9eb4d7f96870f42ad01f67f2a948b8e57dac0ed838163e5e35bb1194b0b978bf turnkey.linux-x86_64 +dc3e5a71403708fbe02c3d4af8159cd51370f6177e83a7678b5895de36c9ad47 turnkey.darwin-aarch64 +0b653973db4a6b017d624548ba60b1cc6b2d39ce14764c65256a8f5980c2f998 turnkey.darwin-x86_64 +c65817447797d52dfcbcfca630c9fa3aa466983b1c825bc2f0cb9a750b0090aa turnkey.linux-aarch64 +7a4edffe4b8e36a5e8da2d01239aeae7e86b85fda42d08275478effaafb09720 turnkey.linux-x86_64 diff --git a/src/cmd/turnkey/pkg/decrypt.go b/src/cmd/turnkey/pkg/decrypt.go index 680452f..ade144b 100644 --- a/src/cmd/turnkey/pkg/decrypt.go +++ b/src/cmd/turnkey/pkg/decrypt.go @@ -10,6 +10,7 @@ import ( "github.com/spf13/cobra" "github.com/tkhq/go-sdk/pkg/enclave_encrypt" "github.com/tkhq/go-sdk/pkg/encryptionkey" + "github.com/tkhq/go-sdk/pkg/util" ) var ( @@ -61,9 +62,9 @@ var decryptCmd = &cobra.Command{ var signerKey *ecdsa.PublicKey if signerPublicKeyOverride != "" { - signerKey, err = hexToPublicKey(signerPublicKeyOverride) + signerKey, err = util.HexToPublicKey(signerPublicKeyOverride) } else { - signerKey, err = hexToPublicKey(signerProductionPublicKey) + signerKey, err = util.HexToPublicKey(signerProductionPublicKey) } if err != nil { OutputError(err) diff --git a/src/cmd/turnkey/pkg/encrypt.go b/src/cmd/turnkey/pkg/encrypt.go index 11b0ae6..876d9a7 100644 --- a/src/cmd/turnkey/pkg/encrypt.go +++ b/src/cmd/turnkey/pkg/encrypt.go @@ -10,6 +10,7 @@ import ( "github.com/spf13/cobra" "github.com/tkhq/go-sdk/pkg/enclave_encrypt" + "github.com/tkhq/go-sdk/pkg/util" ) var ( @@ -74,9 +75,9 @@ var encryptCmd = &cobra.Command{ // set up enclave encrypt client var signerKey *ecdsa.PublicKey if signerPublicKeyOverride != "" { - signerKey, err = hexToPublicKey(signerPublicKeyOverride) + signerKey, err = util.HexToPublicKey(signerPublicKeyOverride) } else { - signerKey, err = hexToPublicKey(signerProductionPublicKey) + signerKey, err = util.HexToPublicKey(signerProductionPublicKey) } if err != nil { OutputError(err) diff --git a/src/cmd/turnkey/pkg/root.go b/src/cmd/turnkey/pkg/root.go index 6dac489..2517ae9 100644 --- a/src/cmd/turnkey/pkg/root.go +++ b/src/cmd/turnkey/pkg/root.go @@ -2,14 +2,10 @@ package pkg import ( "bytes" - "crypto/ecdsa" - "crypto/elliptic" - "encoding/hex" "errors" "fmt" "io" "io/fs" - "math/big" "os" "path/filepath" "runtime" @@ -242,40 +238,3 @@ func checkExists(path string) (bool, error) { return true, nil } - -// Convert a hex-encoded string to an ECDSA P-256 public key. -// This key is used in encryption and decryption of data transferred to -// and from Turnkey secure enclaves. -func hexToPublicKey(hexString string) (*ecdsa.PublicKey, error) { - publicKeyBytes, err := hex.DecodeString(hexString) - if err != nil { - return nil, err - } - - // second half is the public key bytes for the enclave quorum encryption key - if len(publicKeyBytes) != 65 { - return nil, eris.Errorf("invalid public key length. Expected 65 bytes but got %d (hex string: \"%s\")", len(publicKeyBytes), publicKeyBytes) - } - - // init curve instance - curve := elliptic.P256() - - // curve's bitsize converted to length in bytes - byteLen := (curve.Params().BitSize + 7) / 8 - - // ensure the public key bytes have the correct length - if len(publicKeyBytes) != 1+2*byteLen { - return nil, eris.New("invalid encryption public key length") - } - - // extract X and Y coordinates from the public key bytes - // ignore first byte (prefix) - x := new(big.Int).SetBytes(publicKeyBytes[1 : 1+byteLen]) - y := new(big.Int).SetBytes(publicKeyBytes[1+byteLen:]) - - return &ecdsa.PublicKey{ - Curve: curve, - X: x, - Y: y, - }, nil -} diff --git a/src/go.mod b/src/go.mod index 77079dd..c98cdcf 100644 --- a/src/go.mod +++ b/src/go.mod @@ -10,8 +10,8 @@ require ( github.com/rotisserie/eris v0.5.4 github.com/spf13/cobra v1.7.0 github.com/stretchr/testify v1.8.4 - github.com/tkhq/go-sdk v0.0.0-20240813203011-ed45fe0d5c27 - github.com/tkhq/go-sdk/pkg/enclave_encrypt v0.0.0-20240513225018-5ebfb539ec1e + github.com/tkhq/go-sdk v0.5.0 + github.com/tkhq/go-sdk/pkg/enclave_encrypt v0.0.0-20250602160912-e8b775f28273 gopkg.in/yaml.v3 v3.0.1 ) @@ -20,7 +20,6 @@ require ( github.com/cloudflare/circl v1.3.7 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect - github.com/ethereum/go-ethereum v1.14.5 // indirect github.com/go-logr/logr v1.2.4 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/analysis v0.21.4 // indirect @@ -46,7 +45,7 @@ require ( go.opentelemetry.io/otel v1.19.0 // indirect go.opentelemetry.io/otel/metric v1.19.0 // indirect go.opentelemetry.io/otel/trace v1.19.0 // indirect - golang.org/x/crypto v0.22.0 // indirect - golang.org/x/sys v0.20.0 // indirect + golang.org/x/crypto v0.31.0 // indirect + golang.org/x/sys v0.28.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect ) diff --git a/src/go.sum b/src/go.sum index bab0f42..28418d5 100644 --- a/src/go.sum +++ b/src/go.sum @@ -27,8 +27,6 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8Yc github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 h1:YLtO71vCjJRCBcrPMtQ9nqBsqpA1m5sE92cU+pd5Mcc= github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs= -github.com/ethereum/go-ethereum v1.14.5 h1:szuFzO1MhJmweXjoM5nSAeDvjNUH3vIQoMzzQnfvjpw= -github.com/ethereum/go-ethereum v1.14.5/go.mod h1:VEDGGhSxY7IEjn98hJRFXl/uFvpRgbIIf2PpXiyGGgc= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ= @@ -189,12 +187,10 @@ github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= -github.com/tkhq/go-sdk v0.0.0-20240813182504-228a50933080 h1:Yhc2J2GCB0SDbLBVwK1ZlrYNiHVuwHGCU+N9CdJz4WQ= -github.com/tkhq/go-sdk v0.0.0-20240813182504-228a50933080/go.mod h1:NgCPbnpGdhx+31NLwmK3iC6UftT7I70dbKXVbblVpjk= -github.com/tkhq/go-sdk v0.0.0-20240813203011-ed45fe0d5c27 h1:1Tm6Z2uD9THuycnXtkNbTMf07Owdm071fV5JcKLsAQE= -github.com/tkhq/go-sdk v0.0.0-20240813203011-ed45fe0d5c27/go.mod h1:2372WQ2x5SWlXmFBygP8PaNcR225Pn8Nd2WmzT9E35Y= -github.com/tkhq/go-sdk/pkg/enclave_encrypt v0.0.0-20240513225018-5ebfb539ec1e h1:6TQn08QGF615Bt2LRNv1MwlI5qL9NlpO2A/DIKX8MUo= -github.com/tkhq/go-sdk/pkg/enclave_encrypt v0.0.0-20240513225018-5ebfb539ec1e/go.mod h1:BvoxNhFz61TSwjbULvHYdeV0aS68qkcHXpGkJFVkzrw= +github.com/tkhq/go-sdk v0.5.0 h1:7bCvw//+KY7RjC40Dw2LWAdefxPLLTk64N63Qou+Bi8= +github.com/tkhq/go-sdk v0.5.0/go.mod h1:AZFnAibZbbfOgQxWH4e44gNxB7hMIZeX1bzplKw0zWA= +github.com/tkhq/go-sdk/pkg/enclave_encrypt v0.0.0-20250602160912-e8b775f28273 h1:/m7xLq6Aa5MnvP+g/j4VB48yee8UpitHKePZ1yM1Ybk= +github.com/tkhq/go-sdk/pkg/enclave_encrypt v0.0.0-20250602160912-e8b775f28273/go.mod h1:0pcvW05Ipfn9UA23ldTAn6lkifcpN+84ALQblOrqmu0= github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI= github.com/xdg-go/scram v1.0.2/go.mod h1:1WAq6h33pAW+iRreB34OORO2Nf7qel3VV3fjBj+hCSs= github.com/xdg-go/scram v1.1.1/go.mod h1:RaEWvsqvNKKvBPvcKeFjrG2cJqOkHTiyTpzz23ni57g= @@ -225,8 +221,8 @@ golang.org/x/crypto v0.0.0-20200115085410-6d4e4cb37c7d/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= -golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= +golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= @@ -257,8 +253,8 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=