From 5f33dcd7cbbab984842043c56cc66c9255e312e3 Mon Sep 17 00:00:00 2001
From: Tony Arcieri <tony@iqlusion.io>
Date: Fri, 10 Mar 2023 10:02:38 -0700
Subject: [PATCH] Bump `ed25519` => v2; `k256` => v0.13; `signature` => v2

Bumps all of the above dependencies to their latest versions, which use
the new `signature` v2 release:

https://github.com/RustCrypto/traits/pull/1211
---
 p2p/Cargo.toml                             | 2 +-
 tendermint/Cargo.toml                      | 8 ++++----
 tendermint/src/account.rs                  | 2 +-
 tendermint/src/crypto/default/signature.rs | 4 ++--
 tendermint/src/public_key.rs               | 8 ++++----
 tendermint/src/signature.rs                | 7 ++++---
 tendermint/src/test.rs                     | 4 +++-
 tendermint/src/vote.rs                     | 6 +++---
 tendermint/tests/alt_crypto.rs             | 4 ++--
 9 files changed, 24 insertions(+), 21 deletions(-)

diff --git a/p2p/Cargo.toml b/p2p/Cargo.toml
index 2d8e5ffd6..5278c4f47 100644
--- a/p2p/Cargo.toml
+++ b/p2p/Cargo.toml
@@ -39,7 +39,7 @@ sha2 = { version = "0.10", default-features = false }
 subtle = { version = "2", default-features = false }
 x25519-dalek = { version = "1.1", default-features = false, features = ["u64_backend"] }
 zeroize = { version = "1", default-features = false }
-signature = { version = "1", default-features = false }
+signature = { version = "2", default-features = false }
 aead = { version = "0.4.1", default-features = false }
 flex-error = { version = "0.4.4", default-features = false }
 
diff --git a/tendermint/Cargo.toml b/tendermint/Cargo.toml
index bb8b5bd22..b749d75fb 100644
--- a/tendermint/Cargo.toml
+++ b/tendermint/Cargo.toml
@@ -31,7 +31,7 @@ rustdoc-args = ["--cfg", "docsrs"]
 [dependencies]
 bytes = { version = "1.2", default-features = false, features = ["serde"] }
 digest = { version = "0.10", default-features = false }
-ed25519 = { version = "1.5", default-features = false }
+ed25519 = { version = "2", default-features = false, features = ["alloc"] }
 futures = { version = "0.3", default-features = false }
 num-traits = { version = "0.2", default-features = false }
 once_cell = { version = "1.3", default-features = false }
@@ -41,7 +41,7 @@ serde = { version = "1", default-features = false, features = ["derive"] }
 serde_json = { version = "1", default-features = false, features = ["alloc"] }
 serde_bytes = { version = "0.11", default-features = false }
 serde_repr = { version = "0.1", default-features = false }
-signature = { version = "1", default-features = false }
+signature = { version = "2", default-features = false, features = ["alloc"] }
 subtle = { version = "2", default-features = false }
 subtle-encoding = { version = "0.5", default-features = false, features = ["bech32-preview"] }
 tendermint-proto = { version = "0.30.0", default-features = false, path = "../proto" }
@@ -50,7 +50,7 @@ zeroize = { version = "1.1", default-features = false, features = ["zeroize_deri
 flex-error = { version = "0.4.4", default-features = false }
 ed25519-consensus = { version = "2", optional = true, default-features = false }
 sha2 = { version = "0.10", optional = true, default-features = false }
-k256 = { version = "0.11", optional = true, default-features = false, features = ["ecdsa"] }
+k256 = { version = "0.13", optional = true, default-features = false, features = ["alloc", "ecdsa"] }
 ripemd = { version = "0.1.3", optional = true, default-features = false }
 
 [features]
@@ -61,7 +61,7 @@ secp256k1 = ["k256", "ripemd"]
 rust-crypto = ["sha2", "ed25519-consensus"]
 
 [dev-dependencies]
-k256 = { version = "0.11", default-features = false, features = ["ecdsa"] }
+k256 = { version = "0.13", default-features = false, features = ["ecdsa"] }
 pretty_assertions = "1.3.0"
 proptest = { version = "0.10.1", default-features = false, features = ["std"] }
 tendermint-pbt-gen = { path = "../pbt-gen", default-features = false, features = ["time"] }
diff --git a/tendermint/src/account.rs b/tendermint/src/account.rs
index 473c97271..774dbae07 100644
--- a/tendermint/src/account.rs
+++ b/tendermint/src/account.rs
@@ -117,7 +117,7 @@ mod key_conversions {
         fn from(pk: Secp256k1) -> Id {
             use ripemd::Ripemd160;
 
-            let sha_digest = Sha256::digest(pk.to_bytes());
+            let sha_digest = Sha256::digest(pk.to_sec1_bytes());
             let ripemd_digest = Ripemd160::digest(&sha_digest[..]);
             let mut bytes = [0u8; LENGTH];
             bytes.copy_from_slice(&ripemd_digest[..LENGTH]);
diff --git a/tendermint/src/crypto/default/signature.rs b/tendermint/src/crypto/default/signature.rs
index 78c71d397..1eee3bbe3 100644
--- a/tendermint/src/crypto/default/signature.rs
+++ b/tendermint/src/crypto/default/signature.rs
@@ -283,8 +283,8 @@ mod tests {
                 _ => panic!("expected public key to be secp256k1: {:?}", public_key),
             }
             let der_sig = k256::ecdsa::Signature::from_der(sig).unwrap();
-            let sig = der_sig.as_ref();
-            let sig = Signature::try_from(sig).unwrap();
+            let sig = der_sig.to_bytes();
+            let sig = Signature::try_from(sig.as_slice()).unwrap();
             Verifier::verify(public_key, msg, &sig)
                 .unwrap_or_else(|_| panic!("signature should be valid for test vector {}", i));
         }
diff --git a/tendermint/src/public_key.rs b/tendermint/src/public_key.rs
index 0efa72bec..352e50afc 100644
--- a/tendermint/src/public_key.rs
+++ b/tendermint/src/public_key.rs
@@ -153,7 +153,7 @@ tendermint_pb_modules! {
                 #[cfg(feature = "secp256k1")]
                 PublicKey::Secp256k1(ref pk) => RawPublicKey {
                     sum: Some(Sum::Secp256k1(
-                        pk.to_bytes().to_vec(),
+                        pk.to_sec1_bytes().into(),
                     )),
                 },
             }
@@ -200,7 +200,7 @@ impl PublicKey {
         match self {
             PublicKey::Ed25519(pk) => pk.as_bytes().to_vec(),
             #[cfg(feature = "secp256k1")]
-            PublicKey::Secp256k1(pk) => pk.to_bytes().to_vec(),
+            PublicKey::Secp256k1(pk) => pk.to_sec1_bytes().into(),
         }
     }
 
@@ -215,7 +215,7 @@ impl PublicKey {
             #[cfg(feature = "secp256k1")]
             PublicKey::Secp256k1(ref pk) => {
                 let mut key_bytes = vec![0xEB, 0x5A, 0xE9, 0x87, 0x21];
-                key_bytes.extend(pk.to_bytes());
+                key_bytes.extend(pk.to_sec1_bytes().as_ref());
                 key_bytes
             },
         };
@@ -373,7 +373,7 @@ fn serialize_secp256k1_base64<S>(pk: &Secp256k1, serializer: S) -> Result<S::Ok,
 where
     S: ser::Serializer,
 {
-    String::from_utf8(base64::encode(pk.to_bytes()))
+    String::from_utf8(base64::encode(pk.to_sec1_bytes()))
         .unwrap()
         .serialize(serializer)
 }
diff --git a/tendermint/src/signature.rs b/tendermint/src/signature.rs
index d31901509..ff6788940 100644
--- a/tendermint/src/signature.rs
+++ b/tendermint/src/signature.rs
@@ -5,6 +5,7 @@ use core::convert::TryFrom;
 pub use ed25519::Signature as Ed25519Signature;
 #[cfg(feature = "secp256k1")]
 pub use k256::ecdsa::Signature as Secp256k1Signature;
+use signature::SignatureEncoding;
 use tendermint_proto::Protobuf;
 
 use crate::{error::Error, prelude::*};
@@ -83,7 +84,7 @@ impl AsRef<[u8]> for Signature {
 
 impl From<Ed25519Signature> for Signature {
     fn from(sig: Ed25519Signature) -> Signature {
-        Self(sig.as_ref().to_vec())
+        Self(sig.to_vec())
     }
 }
 
@@ -96,7 +97,7 @@ impl From<ed25519_consensus::Signature> for Signature {
 
 #[cfg(feature = "secp256k1")]
 impl From<Secp256k1Signature> for Signature {
-    fn from(pk: Secp256k1Signature) -> Signature {
-        Self(pk.as_ref().to_vec())
+    fn from(sig: Secp256k1Signature) -> Signature {
+        Self(sig.to_vec())
     }
 }
diff --git a/tendermint/src/test.rs b/tendermint/src/test.rs
index 801d14da6..c4157141a 100644
--- a/tendermint/src/test.rs
+++ b/tendermint/src/test.rs
@@ -31,5 +31,7 @@ where
 
 /// Produces a dummy signature value for use as a placeholder in tests.
 pub fn dummy_signature() -> Signature {
-    Signature::from(Ed25519Signature::from_bytes(&[0; Ed25519Signature::BYTE_SIZE]).unwrap())
+    Signature::from(Ed25519Signature::from_bytes(
+        &[0; Ed25519Signature::BYTE_SIZE],
+    ))
 }
diff --git a/tendermint/src/vote.rs b/tendermint/src/vote.rs
index fe5d32e13..8c2e4c416 100644
--- a/tendermint/src/vote.rs
+++ b/tendermint/src/vote.rs
@@ -171,9 +171,9 @@ impl Default for Vote {
             validator_index: ValidatorIndex::try_from(0_i32).unwrap(),
             // Could have reused crate::test::dummy_signature, except that
             // this Default impl is defined outside of #[cfg(test)].
-            signature: Some(Signature::from(
-                Ed25519Signature::from_bytes(&[0; Ed25519Signature::BYTE_SIZE]).unwrap(),
-            )),
+            signature: Some(Signature::from(Ed25519Signature::from_bytes(
+                &[0; Ed25519Signature::BYTE_SIZE],
+            ))),
         }
     }
 }
diff --git a/tendermint/tests/alt_crypto.rs b/tendermint/tests/alt_crypto.rs
index 24d5c2742..b6b1cc1be 100644
--- a/tendermint/tests/alt_crypto.rs
+++ b/tendermint/tests/alt_crypto.rs
@@ -2,7 +2,7 @@
 //! for a chain environment that provides its own cryptographic API.
 #![cfg(all(feature = "secp256k1", feature = "rust-crypto"))]
 
-use ::signature::{DigestVerifier, Signature as _};
+use ::signature::DigestVerifier;
 use digest::Digest;
 
 use tendermint::crypto::signature::{self, Verifier};
@@ -23,7 +23,7 @@ impl Verifier for SubstrateSignatureVerifier {
     ) -> Result<(), signature::Error> {
         match pubkey {
             PublicKey::Secp256k1(pk) => {
-                let sig = k256::ecdsa::Signature::from_bytes(signature.as_bytes())
+                let sig = k256::ecdsa::Signature::try_from(signature.as_bytes())
                     .map_err(|_| signature::Error::MalformedSignature)?;
                 let mut hasher = sha2::Sha256::new();
                 Digest::update(&mut hasher, msg);