From 25ef23fc8ebe2ffabc27e2d419b8f443938fa91f Mon Sep 17 00:00:00 2001
From: Tony Arcieri <tony@iqlusion.io>
Date: Wed, 6 Mar 2019 11:50:13 -0800
Subject: [PATCH] Disable 'softsign' backend by default

The 'softsign' backend is intended for testing only. This shuts it off
by default so as to start encouraging people to select specific HSM
backends instead.
---
 .circleci/config.yml | 16 +++++++---------
 Cargo.toml           |  2 +-
 src/keyring/mod.rs   | 13 +++++++------
 src/lib.rs           |  6 ++++++
 4 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index 5ccd4ee..59d1ecb 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -23,25 +23,22 @@ jobs:
         command: |
           rustc --version
           cargo --version
-          cargo build
+          cargo build --features=yubihsm
+          cargo build --features=ledgertm
+          cargo build --features=yubihsm,ledgertm,softsign
     - run:
         name: build --release
         command: |
           rustc --version
           cargo --version
-          cargo build --release
-    - run:
-        name: build --all-features (debug)
-        command: |
-          rustc --version
-          cargo --version
-          cargo build --all-features
+          cargo build --release --features=yubihsm
+          cargo build --release --features=ledgertm
     - run:
         name: test --all-features
         command: |
           rustc --version
           cargo --version
-          cargo test --all --features "default softsign yubihsm yubihsm-mock"
+          cargo test --all --features=yubihsm,ledgertm,softsign
     - run:
         name: audit
         command: |
@@ -50,6 +47,7 @@ jobs:
     - run:
         name: validate against test harness
         command: |
+          cargo build --features=softsign
           TMKMS_BIN=./target/debug/tmkms sh tests/support/run-harness-tests.sh
     - save_cache:
         key: cache-2019-01-25-v0 # bump restore_cache key above too
diff --git a/Cargo.toml b/Cargo.toml
index 6c59ea6..fe935a0 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -50,7 +50,7 @@ tempfile = "3"
 rand = "0.6" # TODO: switch to the getrandom crate
 
 [features]
-default = ["softsign"]
+default = []
 softsign = []
 ledgertm = ["signatory-ledger-tm"]
 yubihsm-mock = ["yubihsm/mockhsm"]
diff --git a/src/keyring/mod.rs b/src/keyring/mod.rs
index c688bea..176b5b9 100644
--- a/src/keyring/mod.rs
+++ b/src/keyring/mod.rs
@@ -2,21 +2,22 @@
 
 mod ed25519;
 
-use signatory::ed25519::{PublicKey, Signature};
-use std::{collections::BTreeMap, sync::RwLock};
-use subtle_encoding;
-use tendermint::public_keys::ConsensusKey;
-
+use self::ed25519::Signer;
 use crate::{
     config::provider::ProviderConfig,
     error::{KmsError, KmsErrorKind::*},
 };
+use signatory::ed25519::{PublicKey, Signature};
+use std::{collections::BTreeMap, sync::RwLock};
+use subtle_encoding;
+use tendermint::public_keys::ConsensusKey;
 
 #[cfg(feature = "ledgertm")]
 use self::ed25519::ledgertm;
+#[cfg(feature = "softsign")]
+use self::ed25519::softsign;
 #[cfg(feature = "yubihsm")]
 use self::ed25519::yubihsm;
-use self::ed25519::{softsign, Signer};
 
 /// File encoding for software-backed secret keys
 pub type SecretKeyEncoding = subtle_encoding::Base64;
diff --git a/src/lib.rs b/src/lib.rs
index ec811fc..078feb9 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -8,6 +8,12 @@
     unused_qualifications
 )]
 
+#[cfg(not(any(feature = "softsign", feature = "yubihsm", feature = "ledgertm")))]
+compile_error!(
+    "please enable one of the following backends with cargo's --features argument: \
+     yubihsm, ledgertm, softsign (e.g. --features=yubihsm)"
+);
+
 extern crate prost_amino as prost;
 #[macro_use]
 extern crate abscissa;