mirrors/core-lightning
1
0
Fork 0
mirror of https://github.com/ElementsProject/lightning.git synced 2025-01-18 13:25:43 +01:00
Code Issues Projects Releases Wiki Activity

hsmtool: use errx() instead of err() everywhere

Browse Source 
errx() was printing the confusing errno as well ("Error could not [...] :Success")

Signed-off-by: Antoine Poinsot <darosior@protonmail.com>
This commit is contained in:
Antoine Poinsot 2021-01-03 01:14:33 +01:00 committed by Christian Decker
parent d41b383cf7
commit 38204f9b6d
1 changed files with 22 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
tools/hsmtool.c
View File

@ -77,9 +77,9 @@ static void get_hsm_secret(struct secret *hsm_secret,
fd = open(hsm_secret_path, O_RDONLY); fd = open(hsm_secret_path, O_RDONLY);
if (fd < 0) if (fd < 0)
err(ERROR_HSM_FILE, "Could not open hsm_secret"); errx(ERROR_HSM_FILE, "Could not open hsm_secret");
if (!read_all(fd, hsm_secret, sizeof(*hsm_secret))) if (!read_all(fd, hsm_secret, sizeof(*hsm_secret)))
err(ERROR_HSM_FILE, "Could not read hsm_secret"); errx(ERROR_HSM_FILE, "Could not read hsm_secret");
close(fd); close(fd);
} }
@ -99,25 +99,25 @@ static void get_encrypted_hsm_secret(struct secret *hsm_secret,
fd = open(hsm_secret_path, O_RDONLY); fd = open(hsm_secret_path, O_RDONLY);
if (fd < 0) if (fd < 0)
err(ERROR_HSM_FILE, "Could not open hsm_secret"); errx(ERROR_HSM_FILE, "Could not open hsm_secret");
if (!read_all(fd, header, crypto_secretstream_xchacha20poly1305_HEADERBYTES)) if (!read_all(fd, header, crypto_secretstream_xchacha20poly1305_HEADERBYTES))
err(ERROR_HSM_FILE, "Could not read cipher header"); errx(ERROR_HSM_FILE, "Could not read cipher header");
if (!read_all(fd, cipher, sizeof(cipher))) if (!read_all(fd, cipher, sizeof(cipher)))
err(ERROR_HSM_FILE, "Could not read cipher body"); errx(ERROR_HSM_FILE, "Could not read cipher body");
if (crypto_pwhash(key.data, sizeof(key.data), passwd, strlen(passwd), salt, if (crypto_pwhash(key.data, sizeof(key.data), passwd, strlen(passwd), salt,
crypto_pwhash_argon2id_OPSLIMIT_MODERATE, crypto_pwhash_argon2id_OPSLIMIT_MODERATE,
crypto_pwhash_argon2id_MEMLIMIT_MODERATE, crypto_pwhash_argon2id_MEMLIMIT_MODERATE,
crypto_pwhash_ALG_ARGON2ID13) != 0) crypto_pwhash_ALG_ARGON2ID13) != 0)
err(ERROR_LIBSODIUM, "Could not derive a key from the password."); errx(ERROR_LIBSODIUM, "Could not derive a key from the password.");
if (crypto_secretstream_xchacha20poly1305_init_pull(&crypto_state, header, if (crypto_secretstream_xchacha20poly1305_init_pull(&crypto_state, header,
key.data) != 0) key.data) != 0)
err(ERROR_LIBSODIUM, "Could not initialize the crypto state"); errx(ERROR_LIBSODIUM, "Could not initialize the crypto state");
if (crypto_secretstream_xchacha20poly1305_pull(&crypto_state, hsm_secret->data, if (crypto_secretstream_xchacha20poly1305_pull(&crypto_state, hsm_secret->data,
NULL, 0, cipher, sizeof(cipher), NULL, 0, cipher, sizeof(cipher),
NULL, 0) != 0) NULL, 0) != 0)
err(ERROR_LIBSODIUM, "Could not retrieve the seed. Wrong password ?"); errx(ERROR_LIBSODIUM, "Could not retrieve the seed. Wrong password ?");
close(fd); close(fd);
} }
@ -210,7 +210,7 @@ static int decrypt_hsm(const char *hsm_secret_path)
passwd = read_stdin_pass(); passwd = read_stdin_pass();
if (sodium_init() == -1) if (sodium_init() == -1)
err(ERROR_LIBSODIUM, errx(ERROR_LIBSODIUM,
"Could not initialize libsodium. Not enough entropy ?"); "Could not initialize libsodium. Not enough entropy ?");
dir = path_dirname(NULL, hsm_secret_path); dir = path_dirname(NULL, hsm_secret_path);
@ -225,13 +225,13 @@ static int decrypt_hsm(const char *hsm_secret_path)
rename(hsm_secret_path, backup); rename(hsm_secret_path, backup);
fd = open(hsm_secret_path, O_CREAT|O_EXCL|O_WRONLY, 0400); fd = open(hsm_secret_path, O_CREAT|O_EXCL|O_WRONLY, 0400);
if (fd < 0) if (fd < 0)
err(ERROR_HSM_FILE, "Could not open new hsm_secret"); errx(ERROR_HSM_FILE, "Could not open new hsm_secret");
if (!write_all(fd, &hsm_secret, sizeof(hsm_secret))) { if (!write_all(fd, &hsm_secret, sizeof(hsm_secret))) {
unlink_noerr(hsm_secret_path); unlink_noerr(hsm_secret_path);
close(fd); close(fd);
rename("hsm_secret.backup", hsm_secret_path); rename("hsm_secret.backup", hsm_secret_path);
err(ERROR_HSM_FILE, errx(ERROR_HSM_FILE,
"Failure writing plaintext seed to hsm_secret."); "Failure writing plaintext seed to hsm_secret.");
} }
@ -239,7 +239,7 @@ static int decrypt_hsm(const char *hsm_secret_path)
if (!ensure_hsm_secret_exists(fd, hsm_secret_path)) { if (!ensure_hsm_secret_exists(fd, hsm_secret_path)) {
unlink_noerr(hsm_secret_path); unlink_noerr(hsm_secret_path);
rename(backup, hsm_secret_path); rename(backup, hsm_secret_path);
err(ERROR_HSM_FILE, errx(ERROR_HSM_FILE,
"Could not ensure hsm_secret existence."); "Could not ensure hsm_secret existence.");
} }
unlink_noerr(backup); unlink_noerr(backup);
@ -274,7 +274,7 @@ static int encrypt_hsm(const char *hsm_secret_path)
backup = path_join(dir, dir, "hsm_secret.backup"); backup = path_join(dir, dir, "hsm_secret.backup");
if (sodium_init() == -1) if (sodium_init() == -1)
err(ERROR_LIBSODIUM, errx(ERROR_LIBSODIUM,
"Could not initialize libsodium. Not enough entropy ?"); "Could not initialize libsodium. Not enough entropy ?");
/* Derive the encryption key from the password provided, and try to encrypt /* Derive the encryption key from the password provided, and try to encrypt
@ -283,15 +283,15 @@ static int encrypt_hsm(const char *hsm_secret_path)
crypto_pwhash_argon2id_OPSLIMIT_MODERATE, crypto_pwhash_argon2id_OPSLIMIT_MODERATE,
crypto_pwhash_argon2id_MEMLIMIT_MODERATE, crypto_pwhash_argon2id_MEMLIMIT_MODERATE,
crypto_pwhash_ALG_ARGON2ID13) != 0) crypto_pwhash_ALG_ARGON2ID13) != 0)
err(ERROR_LIBSODIUM, "Could not derive a key from the password."); errx(ERROR_LIBSODIUM, "Could not derive a key from the password.");
if (crypto_secretstream_xchacha20poly1305_init_push(&crypto_state, header, if (crypto_secretstream_xchacha20poly1305_init_push(&crypto_state, header,
key.data) != 0) key.data) != 0)
err(ERROR_LIBSODIUM, "Could not initialize the crypto state"); errx(ERROR_LIBSODIUM, "Could not initialize the crypto state");
if (crypto_secretstream_xchacha20poly1305_push(&crypto_state, cipher, if (crypto_secretstream_xchacha20poly1305_push(&crypto_state, cipher,
NULL, hsm_secret.data, NULL, hsm_secret.data,
sizeof(hsm_secret.data), sizeof(hsm_secret.data),
NULL, 0, 0) != 0) NULL, 0, 0) != 0)
err(ERROR_LIBSODIUM, "Could not encrypt the seed."); errx(ERROR_LIBSODIUM, "Could not encrypt the seed.");
/* Once the encryption key derived, we don't need it anymore. */ /* Once the encryption key derived, we don't need it anymore. */
if (passwd) if (passwd)
@ -301,7 +301,7 @@ static int encrypt_hsm(const char *hsm_secret_path)
rename(hsm_secret_path, backup); rename(hsm_secret_path, backup);
fd = open(hsm_secret_path, O_CREAT|O_EXCL|O_WRONLY, 0400); fd = open(hsm_secret_path, O_CREAT|O_EXCL|O_WRONLY, 0400);
if (fd < 0) if (fd < 0)
err(ERROR_HSM_FILE, "Could not open new hsm_secret"); errx(ERROR_HSM_FILE, "Could not open new hsm_secret");
/* Write the encrypted hsm_secret. */ /* Write the encrypted hsm_secret. */
if (!write_all(fd, header, sizeof(header)) if (!write_all(fd, header, sizeof(header))
@ -309,14 +309,14 @@ static int encrypt_hsm(const char *hsm_secret_path)
unlink_noerr(hsm_secret_path); unlink_noerr(hsm_secret_path);
close(fd); close(fd);
rename(backup, hsm_secret_path); rename(backup, hsm_secret_path);
err(ERROR_HSM_FILE, "Failure writing cipher to hsm_secret."); errx(ERROR_HSM_FILE, "Failure writing cipher to hsm_secret.");
} }
/* Be as paranoïd as in hsmd with the file state on disk. */ /* Be as paranoïd as in hsmd with the file state on disk. */
if (!ensure_hsm_secret_exists(fd, hsm_secret_path)) { if (!ensure_hsm_secret_exists(fd, hsm_secret_path)) {
unlink_noerr(hsm_secret_path); unlink_noerr(hsm_secret_path);
rename(backup, hsm_secret_path); rename(backup, hsm_secret_path);
err(ERROR_HSM_FILE, "Could not ensure hsm_secret existence."); errx(ERROR_HSM_FILE, "Could not ensure hsm_secret existence.");
} }
unlink_noerr(backup); unlink_noerr(backup);
tal_free(dir); tal_free(dir);
@ -352,12 +352,12 @@ static int dump_commitments_infos(struct node_id *node_id, u64 channel_id,
printf("shaseed: %s\n", type_to_string(tmpctx, struct sha256, &shaseed)); printf("shaseed: %s\n", type_to_string(tmpctx, struct sha256, &shaseed));
for (u64 i = 0; i < depth; i++) { for (u64 i = 0; i < depth; i++) {
if (!per_commit_secret(&shaseed, &per_commitment_secret, i)) if (!per_commit_secret(&shaseed, &per_commitment_secret, i))
err(ERROR_KEYDERIV, "Could not derive secret #%"PRIu64, i); errx(ERROR_KEYDERIV, "Could not derive secret #%"PRIu64, i);
printf("commit secret #%"PRIu64": %s\n", printf("commit secret #%"PRIu64": %s\n",
i, tal_hexstr(tmpctx, per_commitment_secret.data, i, tal_hexstr(tmpctx, per_commitment_secret.data,
sizeof(per_commitment_secret.data))); sizeof(per_commitment_secret.data)));
if (!per_commit_point(&shaseed, &per_commitment_point, i)) if (!per_commit_point(&shaseed, &per_commitment_point, i))
err(ERROR_KEYDERIV, "Could not derive point #%"PRIu64, i); errx(ERROR_KEYDERIV, "Could not derive point #%"PRIu64, i);
printf("commit point #%"PRIu64": %s\n", printf("commit point #%"PRIu64": %s\n",
i, type_to_string(tmpctx, struct pubkey, &per_commitment_point)); i, type_to_string(tmpctx, struct pubkey, &per_commitment_point));
} }
@ -638,7 +638,7 @@ int main(int argc, char *argv[])
show_usage(argv[0]); show_usage(argv[0]);
struct node_id node_id; struct node_id node_id;
if (!node_id_from_hexstr(argv[2], strlen(argv[2]), &node_id)) if (!node_id_from_hexstr(argv[2], strlen(argv[2]), &node_id))
err(ERROR_USAGE, "Bad node id"); errx(ERROR_USAGE, "Bad node id");
return dump_commitments_infos(&node_id, atol(argv[3]), atol(argv[4]), return dump_commitments_infos(&node_id, atol(argv[3]), atol(argv[4]),
argv[5]); argv[5]);
} }