From 8eca3bbfb08e4524b0ca16649f09207eb30d199d Mon Sep 17 00:00:00 2001 From: Nikita Strygin Date: Mon, 30 Oct 2023 16:07:08 +0300 Subject: [PATCH] =?UTF-8?q?[refactor]=20#3237:=20remove=20ursa=20from=20de?= =?UTF-8?q?pendencies=20=F0=9F=8E=89?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Nikita Strygin --- Cargo.lock | 256 +----------------------------- crypto/Cargo.toml | 34 ++-- crypto/src/lib.rs | 89 ++--------- crypto/src/signature/bls.rs | 105 ++++++------ crypto/src/signature/ed25519.rs | 18 ++- crypto/src/signature/mod.rs | 23 +-- crypto/src/signature/secp256k1.rs | 18 +-- 7 files changed, 119 insertions(+), 424 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index fcce793b7cd..1ef5d649410 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -32,51 +32,6 @@ dependencies = [ "generic-array 0.14.7", ] -[[package]] -name = "aes" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "884391ef1066acaa41e766ba8f596341b96e93ce34f9a43e7d24bf0a0eaf0561" -dependencies = [ - "aes-soft", - "aesni", - "cipher", -] - -[[package]] -name = "aes-gcm" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5278b5fabbb9bd46e24aa69b2fdea62c99088e0a950a9be40e3e0101298f88da" -dependencies = [ - "aead", - "aes", - "cipher", - "ctr", - "ghash", - "subtle", -] - -[[package]] -name = "aes-soft" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be14c7498ea50828a38d0e24a765ed2effe92a705885b57d029cd67d45744072" -dependencies = [ - "cipher", - "opaque-debug 0.3.0", -] - -[[package]] -name = "aesni" -version = "0.10.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ea2e11f5e94c2f7d386164cc2aa1f97823fed6f259e486940a71c174dd01b0ce" -dependencies = [ - "cipher", - "opaque-debug 0.3.0", -] - [[package]] name = "ahash" version = "0.8.3" @@ -98,12 +53,6 @@ dependencies = [ "memchr", ] -[[package]] -name = "amcl" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee5cca1ddc8b9dceb55b7f1272a9d1e643d73006f350a20ab4926d24e33f0f0d" - [[package]] name = "amcl_wrapper" version = "0.4.0" @@ -118,7 +67,7 @@ dependencies = [ "serde", "serde_bytes", "serde_json", - "sha3 0.8.2", + "sha3", "subtle-encoding", "zeroize", ] @@ -423,17 +372,6 @@ dependencies = [ "wyz", ] -[[package]] -name = "blake2" -version = "0.9.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a4e37d16930f5459780f5621038b6382b9bb37c19016f39fb6b5808d831f174" -dependencies = [ - "crypto-mac 0.8.0", - "digest 0.9.0", - "opaque-debug 0.3.0", -] - [[package]] name = "blake2" version = "0.10.6" @@ -449,7 +387,7 @@ version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "c0940dc441f31689269e10ac70eb1002a3a1d3ad1390e030043662eb7fe4688b" dependencies = [ - "block-padding 0.1.5", + "block-padding", "byte-tools", "byteorder", "generic-array 0.12.4", @@ -461,7 +399,6 @@ version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ - "block-padding 0.2.1", "generic-array 0.14.7", ] @@ -474,16 +411,6 @@ dependencies = [ "generic-array 0.14.7", ] -[[package]] -name = "block-modes" -version = "0.7.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57a0e8073e8baa88212fb5823574c02ebccb395136ba9a164ab89379ec6072f0" -dependencies = [ - "block-padding 0.2.1", - "cipher", -] - [[package]] name = "block-padding" version = "0.1.5" @@ -493,12 +420,6 @@ dependencies = [ "byte-tools", ] -[[package]] -name = "block-padding" -version = "0.2.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8d696c370c750c948ada61c69a0ee2cbbb9c50b1019ddb86d9317157a99c2cae" - [[package]] name = "bstr" version = "1.7.0" @@ -1175,16 +1096,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "crypto-mac" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab" -dependencies = [ - "generic-array 0.14.7", - "subtle", -] - [[package]] name = "crypto-mac" version = "0.11.1" @@ -1195,15 +1106,6 @@ dependencies = [ "subtle", ] -[[package]] -name = "ctr" -version = "0.6.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb4a30d54f7443bf3d6191dcd486aca19e67cb3c49fa7a06a319966346707e7f" -dependencies = [ - "cipher", -] - [[package]] name = "curve25519-dalek" version = "3.2.1" @@ -1569,28 +1471,6 @@ dependencies = [ "once_cell", ] -[[package]] -name = "failure" -version = "0.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d32e9bd16cc02eae7db7ef620b392808b89f6a5e16bb3497d159c6b92a0f4f86" -dependencies = [ - "backtrace", - "failure_derive", -] - -[[package]] -name = "failure_derive" -version = "0.1.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "aa4da3c766cd7a0db8242e326e9e4e081edd567072893ed320008189715366a4" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", - "synstructure", -] - [[package]] name = "fallible-iterator" version = "0.3.0" @@ -1847,10 +1727,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" dependencies = [ "cfg-if", - "js-sys", "libc", "wasi 0.9.0+wasi-snapshot-preview1", - "wasm-bindgen", ] [[package]] @@ -1876,16 +1754,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "ghash" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "97304e4cd182c3846f7575ced3890c53012ce534ad9114046b0a9e00bb30a375" -dependencies = [ - "opaque-debug 0.3.0", - "polyval", -] - [[package]] name = "gimli" version = "0.28.0" @@ -2029,7 +1897,7 @@ dependencies = [ "bstr", "itoa", "thiserror", - "time 0.3.29", + "time", ] [[package]] @@ -2532,16 +2400,6 @@ version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6fe2267d4ed49bc07b63801559be28c718ea06c4738b7a03c94df7386d2cde46" -[[package]] -name = "hkdf" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "01706d578d5c281058480e673ae4086a9f4710d8df1ad80a5b03e39ece5f886b" -dependencies = [ - "digest 0.9.0", - "hmac 0.11.0", -] - [[package]] name = "hkdf" version = "0.12.3" @@ -2557,7 +2415,7 @@ version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b" dependencies = [ - "crypto-mac 0.11.1", + "crypto-mac", "digest 0.9.0", ] @@ -2760,12 +2618,6 @@ dependencies = [ "unicode-width", ] -[[package]] -name = "int_traits" -version = "0.1.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b33c9a5c599d67d051c4dc25eb1b6b4ef715d1763c20c85c688717a1734f204e" - [[package]] name = "iroha" version = "2.0.0-pre-rc.20" @@ -2984,7 +2836,7 @@ dependencies = [ "aead", "amcl_wrapper", "arrayref", - "blake2 0.10.6", + "blake2", "chacha20poly1305", "curve25519-dalek", "derive_more", @@ -2992,7 +2844,7 @@ dependencies = [ "getset", "hex", "hex-literal", - "hkdf 0.12.3", + "hkdf", "iroha_ffi", "iroha_macro", "iroha_primitives", @@ -3008,7 +2860,6 @@ dependencies = [ "serde_json", "serde_with", "sha2 0.10.8", - "ursa", "x25519-dalek", "zeroize", ] @@ -4350,17 +4201,6 @@ dependencies = [ "universal-hash", ] -[[package]] -name = "polyval" -version = "0.4.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eebcc4aa140b9abd2bc40d9c3f7ccec842679cd79045ac3a7ac698c1a064b7cd" -dependencies = [ - "cpuid-bool", - "opaque-debug 0.3.0", - "universal-hash", -] - [[package]] name = "ppv-lite86" version = "0.2.17" @@ -5192,18 +5032,6 @@ dependencies = [ "opaque-debug 0.2.3", ] -[[package]] -name = "sha3" -version = "0.9.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f81199417d4e5de3f04b1e871023acea7389672c4135918f05aa9cbf2f2fa809" -dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "keccak", - "opaque-debug 0.3.0", -] - [[package]] name = "sharded-slab" version = "0.1.7" @@ -5505,18 +5333,6 @@ version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2047c6ded9c721764247e62cd3b03c09ffc529b2ba5b10ec482ae507a4a70160" -[[package]] -name = "synstructure" -version = "0.12.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f36bdaa60a83aca3921b5259d5400cbf5e90fc51931376a9bd4a0eb79aa7210f" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", - "unicode-xid", -] - [[package]] name = "tap" version = "1.0.1" @@ -5638,17 +5454,6 @@ dependencies = [ "once_cell", ] -[[package]] -name = "time" -version = "0.1.45" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b797afad3f312d1c66a56d11d0316f916356d11bd158fbc6ca6389ff6bf805a" -dependencies = [ - "libc", - "wasi 0.10.0+wasi-snapshot-preview1", - "winapi", -] - [[package]] name = "time" version = "0.3.29" @@ -5913,7 +5718,7 @@ dependencies = [ "log", "serde", "serde_json", - "time 0.3.29", + "time", "tracing", "tracing-core", "tracing-log", @@ -6160,45 +5965,6 @@ dependencies = [ "serde", ] -[[package]] -name = "ursa" -version = "0.3.7" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8760a62e18e4d3e3f599e15c09a9f9567fd9d4a90594d45166162be8d232e63b" -dependencies = [ - "aead", - "aes", - "aes-gcm", - "amcl", - "amcl_wrapper", - "arrayref", - "blake2 0.9.2", - "block-modes", - "block-padding 0.2.1", - "chacha20poly1305", - "curve25519-dalek", - "ed25519-dalek", - "failure", - "hex", - "hkdf 0.11.0", - "hmac 0.11.0", - "int_traits", - "k256", - "lazy_static", - "log", - "openssl", - "rand 0.7.3", - "rand_chacha 0.2.1", - "secp256k1", - "serde", - "sha2 0.9.9", - "sha3 0.9.1", - "subtle", - "time 0.1.45", - "x25519-dalek", - "zeroize", -] - [[package]] name = "utf-8" version = "0.7.6" @@ -6247,7 +6013,7 @@ dependencies = [ "anyhow", "gix", "rustversion", - "time 0.3.29", + "time", ] [[package]] @@ -6321,12 +6087,6 @@ version = "0.9.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" -[[package]] -name = "wasi" -version = "0.10.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f" - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" diff --git a/crypto/Cargo.toml b/crypto/Cargo.toml index a1802651ab4..7ce2c7e3f10 100644 --- a/crypto/Cargo.toml +++ b/crypto/Cargo.toml @@ -15,25 +15,24 @@ default = ["std"] # Enable static linkage of the rust standard library. # Please refer to https://docs.rust-embedded.org/book/intro/no-std.html std = [ - "ursa", - "blake2", - "sha2", - "hkdf", - "amcl_wrapper", - "ed25519-dalek", - "curve25519-dalek", - "x25519-dalek", - "rand", - "rand_chacha", - "secp256k1", - "zeroize", - "arrayref", - "aead", - "chacha20poly1305", - "k256", + "dep:blake2", + "dep:sha2", + "dep:hkdf", + "dep:amcl_wrapper", + "dep:ed25519-dalek", + "dep:curve25519-dalek", + "dep:x25519-dalek", + "dep:rand", + "dep:rand_chacha", + "dep:secp256k1", + "dep:zeroize", + "dep:arrayref", + "dep:aead", + "dep:chacha20poly1305", + "dep:k256", ] # Force static linking -vendored = ["openssl-sys"] +vendored = ["dep:openssl-sys"] # Replace structures and methods with FFI equivalents to facilitate dynamic linkage (mainly used in smartcontracts) #ffi_import = ["iroha_ffi", "iroha_primitives/ffi_import"] @@ -54,7 +53,6 @@ hex = { workspace = true, features = ["alloc", "serde"] } openssl-sys = { version = "0.9.93", features = ["vendored"], optional = true } getset = { workspace = true } -ursa = { workspace = true, optional = true } blake2 = { version = "0.10.6", optional = true } sha2 = { version = "0.10.8", optional = true } hkdf = { version = "0.12.3", optional = true } diff --git a/crypto/src/lib.rs b/crypto/src/lib.rs index a7ecc11a4ac..2e5859f6c1d 100755 --- a/crypto/src/lib.rs +++ b/crypto/src/lib.rs @@ -48,17 +48,6 @@ use serde::Serialize; use serde_with::{DeserializeFromStr, SerializeDisplay}; // TODO: do not spill the signatures to the crate root pub use signature::*; -#[cfg(feature = "std")] -#[cfg(not(feature = "ffi_import"))] -use ursa::{ - keys::{KeyGenOption as UrsaKeyGenOption, PrivateKey as UrsaPrivateKey}, - signatures::{ - bls::{normal::Bls as BlsNormal, small::Bls as BlsSmall}, - ed25519::Ed25519Sha512, - secp256k1::EcdsaSecp256k1Sha256, - SignatureScheme, - }, -}; // Hiding constants is a bad idea. For one, you're forcing the user to // create temporaries, but also you're not actually hiding any @@ -137,28 +126,6 @@ pub enum KeyGenOption { FromPrivateKey(PrivateKey), } -#[cfg(feature = "std")] -#[cfg(not(feature = "ffi_import"))] -impl TryFrom for UrsaKeyGenOption { - type Error = NoSuchAlgorithm; - - fn try_from(key_gen_option: KeyGenOption) -> Result { - match key_gen_option { - KeyGenOption::UseSeed(seed) => Ok(Self::UseSeed(seed)), - KeyGenOption::FromPrivateKey(key) => { - let algorithm = key.digest_function(); - - match algorithm { - Algorithm::Ed25519 | Algorithm::Secp256k1 => { - Ok(Self::FromSecretKey(UrsaPrivateKey(key.payload.into_vec()))) - } - _ => Err(Self::Error {}), - } - } - } - } -} - ffi::ffi_item! { /// Configuration of key generation #[derive(Clone, Default)] @@ -256,18 +223,16 @@ impl KeyPair { /// Fails if decoding fails #[cfg(any(feature = "std", feature = "ffi_import"))] pub fn generate_with_configuration(configuration: KeyGenConfiguration) -> Result { - let key_gen_option: Option = - match (configuration.algorithm, configuration.key_gen_option) { - (Algorithm::Secp256k1, Some(KeyGenOption::UseSeed(seed))) if seed.len() < 32 => { - return Err(Error::KeyGen( - "secp256k1 seed for must be at least 32 bytes long".to_owned(), - )) - } - (_, key_gen_option) => key_gen_option, + let key_gen_option = match (configuration.algorithm, configuration.key_gen_option) { + (Algorithm::Secp256k1, Some(KeyGenOption::UseSeed(seed))) if seed.len() < 32 => { + return Err(Error::KeyGen( + "secp256k1 seed for must be at least 32 bytes long".to_owned(), + )) } - .map(TryInto::try_into) - .transpose()?; - let (mut public_key, mut private_key) = match configuration.algorithm { + (_, key_gen_option) => key_gen_option, + }; + + let (public_key, private_key) = match configuration.algorithm { Algorithm::Ed25519 => Ed25519Sha512.keypair(key_gen_option), Algorithm::Secp256k1 => EcdsaSecp256k1Sha256::new().keypair(key_gen_option), Algorithm::BlsNormal => BlsNormal::new().keypair(key_gen_option), @@ -275,14 +240,8 @@ impl KeyPair { }?; Ok(Self { - public_key: PublicKey { - digest_function: configuration.algorithm, - payload: ConstVec::new(core::mem::take(&mut public_key.0)), - }, - private_key: PrivateKey { - digest_function: configuration.algorithm, - payload: ConstVec::new(core::mem::take(&mut private_key.0)), - }, + public_key, + private_key, }) } } @@ -355,21 +314,16 @@ impl PublicKey { #[cfg(feature = "std")] fn try_from_private(private_key: PrivateKey) -> Result { let digest_function = private_key.digest_function(); - let key_gen_option = Some(UrsaKeyGenOption::FromSecretKey(UrsaPrivateKey( - private_key.payload.into_vec(), - ))); + let key_gen_option = Some(KeyGenOption::FromPrivateKey(private_key)); - let (mut public_key, _) = match digest_function { + let (public_key, _) = match digest_function { Algorithm::Ed25519 => Ed25519Sha512.keypair(key_gen_option), Algorithm::Secp256k1 => EcdsaSecp256k1Sha256::new().keypair(key_gen_option), Algorithm::BlsNormal => BlsNormal::new().keypair(key_gen_option), Algorithm::BlsSmall => BlsSmall::new().keypair(key_gen_option), }?; - Ok(PublicKey { - digest_function: private_key.digest_function, - payload: ConstVec::new(core::mem::take(&mut public_key.0)), - }) + Ok(public_key) } } @@ -552,21 +506,6 @@ pub mod error { Other(String), } - #[cfg(feature = "std")] - #[cfg(not(feature = "ffi_import"))] - impl From for Error { - fn from(source: ursa::CryptoError) -> Self { - match source { - ursa::CryptoError::NoSuchAlgorithm(source) => Self::NoSuchAlgorithm(source), - ursa::CryptoError::ParseError(source) => Self::Parse(source), - ursa::CryptoError::SigningError(source) => Self::Signing(source), - ursa::CryptoError::KeyGenError(source) => Self::KeyGen(source), - ursa::CryptoError::DigestGenError(source) => Self::DigestGen(source), - ursa::CryptoError::GeneralError(source) => Self::Other(source), - } - } - } - #[cfg(feature = "std")] impl From for Error { fn from(source: NoSuchAlgorithm) -> Self { diff --git a/crypto/src/signature/bls.rs b/crypto/src/signature/bls.rs index c3a030dd721..f6816713cec 100644 --- a/crypto/src/signature/bls.rs +++ b/crypto/src/signature/bls.rs @@ -1,4 +1,5 @@ -#![allow(unused)] +// TODO: clean up & remove +#![allow(unused, missing_docs)] /// Implements /// https://eprint.iacr.org/2018/483 and @@ -59,14 +60,41 @@ macro_rules! bls_impl { SignatureGroup::from_msg_hash(value.as_slice()) } + #[derive(Debug, Clone)] + pub struct PublicKey(Generator); + + impl PublicKey { + pub fn new(sk: &PrivateKey, g: &Generator) -> Self { + PublicKey(g * sk) + } + + // Create an combined public key without rogue key mitigation + pub fn combine(&mut self, pks: &[PublicKey]) { + for pk in pks { + self.0 += &pk.0; + } + } + + pub fn to_bytes(&self) -> Vec { + self.0.to_bytes(false) + } + + pub fn from_bytes(bytes: &[u8]) -> Result { + Ok(PublicKey( + Generator::from_bytes(bytes).map_err(|e| Error::Parse(format!("{:?}", e)))?, + )) + } + } + + #[derive(Debug, Clone, Copy)] pub struct Bls; impl Bls { - fn new() -> Self { + pub fn new() -> Self { Bls } - fn keypair( + pub fn keypair( &self, options: Option, ) -> Result<(IrohaPublicKey, IrohaPrivateKey), Error> { @@ -90,20 +118,16 @@ macro_rules! bls_impl { ) } KeyGenOption::FromPrivateKey(ref key) => { - // iroha_crypto doesn't use this I think? - // also, we probably have to assert that the key type is BLS I think? - todo!() - - // let private_key = - // PrivateKey::from_bytes(key.as_ref()).map_err(|_| { - // Error::Parse( - // "Failed to parse private key.".to_string(), - // ) - // })?; - // ( - // PublicKey::new(&private_key, &Generator::generator()), - // private_key, - // ) + assert_eq!(key.digest_function, $algo); + + let private_key = + PrivateKey::from_bytes(&key.payload).map_err(|_| { + Error::Parse("Failed to parse private key.".to_string()) + })?; + ( + PublicKey::new(&private_key, &Generator::generator()), + private_key, + ) } }, None => generate(&Generator::generator()), @@ -120,60 +144,39 @@ macro_rules! bls_impl { )) } - fn sign(&self, message: &[u8], sk: &PrivateKey) -> Result, Error> { - Ok(Signature::new(message, None, sk).to_bytes()) + pub fn sign(&self, message: &[u8], sk: &IrohaPrivateKey) -> Result, Error> { + let sk = PrivateKey::from_bytes(&sk.payload) + .map_err(|_| Error::Parse("Failed to parse private key.".to_string()))?; + + Ok(Signature::new(message, None, &sk).to_bytes()) } - fn verify( + pub fn verify( &self, message: &[u8], signature: &[u8], - pk: &PublicKey, + pk: &IrohaPublicKey, ) -> Result { + let pk = PublicKey::from_bytes(&pk.payload)?; + Ok(Signature::from_bytes(signature) .map_err(|_| Error::Parse("Failed to parse signature.".to_string()))? - .verify(message, None, pk, &Generator::generator())) + .verify(message, None, &pk, &Generator::generator())) } - fn signature_size() -> usize { + pub const fn signature_size() -> usize { SIGNATURE_SIZE } - fn private_key_size() -> usize { + pub const fn private_key_size() -> usize { PRIVATE_KEY_SIZE } - fn public_key_size() -> usize { + pub const fn public_key_size() -> usize { PUBLIC_KEY_SIZE } } - #[derive(Debug, Clone)] - pub struct PublicKey(Generator); - - impl PublicKey { - pub fn new(sk: &PrivateKey, g: &Generator) -> Self { - PublicKey(g * sk) - } - - // Create an combined public key without rogue key mitigation - pub fn combine(&mut self, pks: &[PublicKey]) { - for pk in pks { - self.0 += &pk.0; - } - } - - pub fn to_bytes(&self) -> Vec { - self.0.to_bytes(false) - } - - pub fn from_bytes(bytes: &[u8]) -> Result { - Ok(PublicKey( - Generator::from_bytes(bytes).map_err(|e| Error::Parse(format!("{:?}", e)))?, - )) - } - } - /// Represents an aggregated BLS public key that mitigates the rogue key attack /// for verifying aggregated signatures. #[derive(Debug, Clone)] diff --git a/crypto/src/signature/ed25519.rs b/crypto/src/signature/ed25519.rs index b5c49ae8e99..0ab78638020 100644 --- a/crypto/src/signature/ed25519.rs +++ b/crypto/src/signature/ed25519.rs @@ -1,4 +1,5 @@ -#![allow(unused)] +// TODO: clean up & remove +#![allow(missing_docs)] use std::convert::TryFrom; @@ -18,13 +19,14 @@ const ALGORITHM: Algorithm = Algorithm::Ed25519; use crate::{Algorithm, Error, KeyGenOption, PrivateKey, PublicKey}; +#[derive(Debug, Clone, Copy)] pub struct Ed25519Sha512; impl Ed25519Sha512 { - fn new() -> Self { + pub fn new() -> Self { Self } - fn keypair(&self, option: Option) -> Result<(PublicKey, PrivateKey), Error> { + pub fn keypair(&self, option: Option) -> Result<(PublicKey, PrivateKey), Error> { let kp = match option { Some(mut o) => match o { KeyGenOption::UseSeed(ref mut s) => { @@ -54,12 +56,12 @@ impl Ed25519Sha512 { }, )) } - fn sign(&self, message: &[u8], sk: &PrivateKey) -> Result, Error> { + pub fn sign(&self, message: &[u8], sk: &PrivateKey) -> Result, Error> { assert_eq!(sk.digest_function, ALGORITHM); let kp = Keypair::from_bytes(&sk.payload).map_err(|e| Error::KeyGen(e.to_string()))?; Ok(kp.sign(message).to_bytes().to_vec()) } - fn verify(&self, message: &[u8], signature: &[u8], pk: &PublicKey) -> Result { + pub fn verify(&self, message: &[u8], signature: &[u8], pk: &PublicKey) -> Result { assert_eq!(pk.digest_function, ALGORITHM); let p = PK::from_bytes(&pk.payload).map_err(|e| Error::Parse(e.to_string()))?; let s = Signature::try_from(signature).map_err(|e| Error::Parse(e.to_string()))?; @@ -67,13 +69,13 @@ impl Ed25519Sha512 { .map_err(|e| Error::Signing(e.to_string()))?; Ok(true) } - fn signature_size() -> usize { + pub const fn signature_size() -> usize { SIGNATURE_SIZE } - fn private_key_size() -> usize { + pub const fn private_key_size() -> usize { PRIVATE_KEY_SIZE } - fn public_key_size() -> usize { + pub const fn public_key_size() -> usize { PUBLIC_KEY_SIZE } } diff --git a/crypto/src/signature/mod.rs b/crypto/src/signature/mod.rs index 9712c975475..da36656f807 100644 --- a/crypto/src/signature/mod.rs +++ b/crypto/src/signature/mod.rs @@ -24,18 +24,13 @@ use iroha_schema::{IntoSchema, TypeId}; use parity_scale_codec::{Decode, Encode}; #[cfg(not(feature = "ffi_import"))] use serde::{Deserialize, Serialize}; + #[cfg(feature = "std")] #[cfg(not(feature = "ffi_import"))] -use ursa::{ - keys::{PrivateKey as UrsaPrivateKey, PublicKey as UrsaPublicKey}, - signatures::{ - bls::{normal::Bls as BlsNormal, small::Bls as BlsSmall}, - ed25519::Ed25519Sha512, - secp256k1::EcdsaSecp256k1Sha256, - SignatureScheme, - }, +pub use self::{ + bls::normal::Bls as BlsNormal, bls::small::Bls as BlsSmall, ed25519::Ed25519Sha512, + secp256k1::EcdsaSecp256k1Sha256, }; - #[cfg(any(feature = "std", feature = "import_ffi"))] use crate::Error; use crate::{ffi, PublicKey}; @@ -76,7 +71,6 @@ impl Signature { let (public_key, private_key) = key_pair.into(); let algorithm: crate::Algorithm = private_key.digest_function(); - let private_key = UrsaPrivateKey(private_key.payload.into_vec()); let signature = match algorithm { crate::Algorithm::Ed25519 => Ed25519Sha512::new().sign(payload, &private_key), @@ -97,20 +91,19 @@ impl Signature { #[cfg(any(feature = "std", feature = "import_ffi"))] pub fn verify(&self, payload: &[u8]) -> Result<(), Error> { let algorithm: crate::Algorithm = self.public_key.digest_function(); - let public_key = UrsaPublicKey(self.public_key.payload().to_owned()); match algorithm { crate::Algorithm::Ed25519 => { - Ed25519Sha512::new().verify(payload, self.payload(), &public_key) + Ed25519Sha512::new().verify(payload, self.payload(), &self.public_key) } crate::Algorithm::Secp256k1 => { - EcdsaSecp256k1Sha256::new().verify(payload, self.payload(), &public_key) + EcdsaSecp256k1Sha256::new().verify(payload, self.payload(), &self.public_key) } crate::Algorithm::BlsSmall => { - BlsSmall::new().verify(payload, self.payload(), &public_key) + BlsSmall::new().verify(payload, self.payload(), &self.public_key) } crate::Algorithm::BlsNormal => { - BlsNormal::new().verify(payload, self.payload(), &public_key) + BlsNormal::new().verify(payload, self.payload(), &self.public_key) } }?; diff --git a/crypto/src/signature/secp256k1.rs b/crypto/src/signature/secp256k1.rs index 29b5eed0099..93c9fe980e6 100644 --- a/crypto/src/signature/secp256k1.rs +++ b/crypto/src/signature/secp256k1.rs @@ -1,7 +1,7 @@ -#![allow(unused)] +// TODO: clean up & remove +#![allow(missing_docs, unused)] use rand::rngs::OsRng; -use serde::{de::Visitor, Deserialize, Deserializer, Serialize, Serializer}; use sha2::digest::generic_array::typenum::U32; use crate::{Algorithm, Error, KeyGenOption, PrivateKey, PublicKey}; @@ -24,25 +24,25 @@ impl EcdsaSecp256k1Sha256 { } impl EcdsaSecp256k1Sha256 { - fn new() -> Self { + pub fn new() -> Self { EcdsaSecp256k1Sha256(ecdsa_secp256k1::EcdsaSecp256k1Impl::new()) } - fn keypair(&self, option: Option) -> Result<(PublicKey, PrivateKey), Error> { + pub fn keypair(&self, option: Option) -> Result<(PublicKey, PrivateKey), Error> { self.0.keypair::(option) } - fn sign(&self, message: &[u8], sk: &PrivateKey) -> Result, Error> { + pub fn sign(&self, message: &[u8], sk: &PrivateKey) -> Result, Error> { self.0.sign::(message, sk) } - fn verify(&self, message: &[u8], signature: &[u8], pk: &PublicKey) -> Result { + pub fn verify(&self, message: &[u8], signature: &[u8], pk: &PublicKey) -> Result { self.0.verify::(message, signature, pk) } - fn signature_size() -> usize { + pub const fn signature_size() -> usize { SIGNATURE_SIZE } - fn private_key_size() -> usize { + pub const fn private_key_size() -> usize { PRIVATE_KEY_SIZE } - fn public_key_size() -> usize { + pub const fn public_key_size() -> usize { PUBLIC_KEY_SIZE } }