From 66d2e1d061aeae81c4c0a3daf718536b09dda19e Mon Sep 17 00:00:00 2001 From: Marko Baricevic Date: Thu, 27 Aug 2020 17:02:03 +0200 Subject: [PATCH] remove ed25519 --- crypto/codec/amino.go | 7 +- crypto/keys/ed25519/bench_test.go | 27 ----- crypto/keys/ed25519/ed25519.go | 165 ---------------------------- crypto/keys/ed25519/ed25519_test.go | 30 ----- 4 files changed, 1 insertion(+), 228 deletions(-) delete mode 100644 crypto/keys/ed25519/bench_test.go delete mode 100644 crypto/keys/ed25519/ed25519.go delete mode 100644 crypto/keys/ed25519/ed25519_test.go diff --git a/crypto/codec/amino.go b/crypto/codec/amino.go index 92cd2e513a2b..6395aba725e3 100644 --- a/crypto/codec/amino.go +++ b/crypto/codec/amino.go @@ -2,10 +2,9 @@ package codec import ( "github.com/tendermint/tendermint/crypto" - tmed "github.com/tendermint/tendermint/crypto/ed25519" + "github.com/tendermint/tendermint/crypto/ed25519" "github.com/cosmos/cosmos-sdk/codec" - "github.com/cosmos/cosmos-sdk/crypto/keys/ed25519" "github.com/cosmos/cosmos-sdk/crypto/keys/secp256k1" "github.com/cosmos/cosmos-sdk/crypto/keys/sr25519" "github.com/cosmos/cosmos-sdk/crypto/types/multisig" @@ -22,8 +21,6 @@ func init() { // codec. func RegisterCrypto(cdc *codec.LegacyAmino) { cdc.RegisterInterface((*crypto.PubKey)(nil), nil) - cdc.RegisterConcrete(tmed.PubKey{}, - tmed.PubKeyName, nil) cdc.RegisterConcrete(ed25519.PubKey{}, ed25519.PubKeyName, nil) cdc.RegisterConcrete(sr25519.PubKey{}, @@ -36,8 +33,6 @@ func RegisterCrypto(cdc *codec.LegacyAmino) { cdc.RegisterInterface((*crypto.PrivKey)(nil), nil) cdc.RegisterConcrete(ed25519.PrivKey{}, ed25519.PrivKeyName, nil) - cdc.RegisterConcrete(tmed.PrivKey{}, - tmed.PrivKeyName, nil) cdc.RegisterConcrete(sr25519.PrivKey{}, sr25519.PrivKeyName, nil) cdc.RegisterConcrete(secp256k1.PrivKey{}, diff --git a/crypto/keys/ed25519/bench_test.go b/crypto/keys/ed25519/bench_test.go deleted file mode 100644 index d3961c4247ff..000000000000 --- a/crypto/keys/ed25519/bench_test.go +++ /dev/null @@ -1,27 +0,0 @@ -package ed25519 - -import ( - "io" - "testing" - - "github.com/tendermint/tendermint/crypto" - - "github.com/cosmos/cosmos-sdk/crypto/keys/internal/benchmarking" -) - -func BenchmarkKeyGeneration(b *testing.B) { - benchmarkKeygenWrapper := func(reader io.Reader) crypto.PrivKey { - return genPrivKey(reader) - } - benchmarking.BenchmarkKeyGeneration(b, benchmarkKeygenWrapper) -} - -func BenchmarkSigning(b *testing.B) { - priv := GenPrivKey() - benchmarking.BenchmarkSigning(b, priv) -} - -func BenchmarkVerification(b *testing.B) { - priv := GenPrivKey() - benchmarking.BenchmarkVerification(b, priv) -} diff --git a/crypto/keys/ed25519/ed25519.go b/crypto/keys/ed25519/ed25519.go deleted file mode 100644 index ac21f59ddef5..000000000000 --- a/crypto/keys/ed25519/ed25519.go +++ /dev/null @@ -1,165 +0,0 @@ -package ed25519 - -import ( - "bytes" - "crypto/subtle" - "fmt" - "io" - - "golang.org/x/crypto/ed25519" - - "github.com/tendermint/tendermint/crypto" - "github.com/tendermint/tendermint/crypto/tmhash" -) - -//------------------------------------- - -var _ crypto.PrivKey = PrivKey{} - -const ( - PrivKeyName = "cosmos-sdk/PrivKeyEd25519" - PubKeyName = "cosmos-sdk/PubKeyEd25519" - // PubKeySize is is the size, in bytes, of public keys as used in this package. - PubKeySize = 32 - // PrivateKeySize is the size, in bytes, of private keys as used in this package. - PrivateKeySize = 64 - // Size of an Edwards25519 signature. Namely the size of a compressed - // Edwards25519 point, and a field element. Both of which are 32 bytes. - SignatureSize = 64 - // SeedSize is the size, in bytes, of private key seeds. These are the - // private key representations used by RFC 8032. - SeedSize = 32 - - keyType = "ed25519" -) - -// PrivKey implements crypto.PrivKey. -type PrivKey []byte - -// Bytes returns the privkey byte format. -func (privKey PrivKey) Bytes() []byte { - return []byte(privKey) -} - -// Sign produces a signature on the provided message. -// This assumes the privkey is wellformed in the golang format. -// The first 32 bytes should be random, -// corresponding to the normal ed25519 private key. -// The latter 32 bytes should be the compressed public key. -// If these conditions aren't met, Sign will panic or produce an -// incorrect signature. -func (privKey PrivKey) Sign(msg []byte) ([]byte, error) { - signatureBytes := ed25519.Sign(ed25519.PrivateKey(privKey), msg) - return signatureBytes, nil -} - -// PubKey gets the corresponding public key from the private key. -// -// Panics if the private key is not initialized. -func (privKey PrivKey) PubKey() crypto.PubKey { - // If the latter 32 bytes of the privkey are all zero, privkey is not - // initialized. - initialized := false - for _, v := range privKey[32:] { - if v != 0 { - initialized = true - break - } - } - - if !initialized { - panic("Expected ed25519 PrivKey to include concatenated pubkey bytes") - } - - pubkeyBytes := make([]byte, PubKeySize) - copy(pubkeyBytes, privKey[32:]) - return PubKey(pubkeyBytes) -} - -// Equals - you probably don't need to use this. -// Runs in constant time based on length of the keys. -func (privKey PrivKey) Equals(other crypto.PrivKey) bool { - if otherEd, ok := other.(PrivKey); ok { - return subtle.ConstantTimeCompare(privKey[:], otherEd[:]) == 1 - } - - return false -} - -func (privKey PrivKey) Type() string { - return keyType -} - -// GenPrivKey generates a new ed25519 private key. -// It uses OS randomness in conjunction with the current global random seed -// in tendermint/libs/common to generate the private key. -func GenPrivKey() PrivKey { - return genPrivKey(crypto.CReader()) -} - -// genPrivKey generates a new ed25519 private key using the provided reader. -func genPrivKey(rand io.Reader) PrivKey { - seed := make([]byte, SeedSize) - - _, err := io.ReadFull(rand, seed) - if err != nil { - panic(err) - } - - return PrivKey(ed25519.NewKeyFromSeed(seed)) -} - -// GenPrivKeyFromSecret hashes the secret with SHA2, and uses -// that 32 byte output to create the private key. -// NOTE: secret should be the output of a KDF like bcrypt, -// if it's derived from user input. -func GenPrivKeyFromSecret(secret []byte) PrivKey { - seed := crypto.Sha256(secret) // Not Ripemd160 because we want 32 bytes. - - return PrivKey(ed25519.NewKeyFromSeed(seed)) -} - -//------------------------------------- - -var _ crypto.PubKey = PubKey{} - -// PubKeyEd25519 implements crypto.PubKey for the Ed25519 signature scheme. -type PubKey []byte - -// Address is the SHA256-20 of the raw pubkey bytes. -func (pubKey PubKey) Address() crypto.Address { - if len(pubKey) != PubKeySize { - panic("pubkey is incorrect size") - } - return crypto.Address(tmhash.SumTruncated(pubKey)) -} - -// Bytes returns the PubKey byte format. -func (pubKey PubKey) Bytes() []byte { - return []byte(pubKey) -} - -func (pubKey PubKey) VerifySignature(msg []byte, sig []byte) bool { - // make sure we use the same algorithm to sign - if len(sig) != SignatureSize { - return false - } - - return ed25519.Verify(ed25519.PublicKey(pubKey), msg, sig) -} - -func (pubKey PubKey) String() string { - return fmt.Sprintf("PubKeyEd25519{%X}", []byte(pubKey)) -} - -func (pubKey PubKey) Type() string { - return keyType -} - -func (pubKey PubKey) Equals(other crypto.PubKey) bool { - if otherEd, ok := other.(PubKey); ok { - return bytes.Equal(pubKey[:], otherEd[:]) - } - - return false -} diff --git a/crypto/keys/ed25519/ed25519_test.go b/crypto/keys/ed25519/ed25519_test.go deleted file mode 100644 index 487097692804..000000000000 --- a/crypto/keys/ed25519/ed25519_test.go +++ /dev/null @@ -1,30 +0,0 @@ -package ed25519_test - -import ( - "testing" - - "github.com/stretchr/testify/assert" - "github.com/stretchr/testify/require" - "github.com/tendermint/tendermint/crypto" - - "github.com/cosmos/cosmos-sdk/crypto/keys/ed25519" -) - -func TestSignAndValidateEd25519(t *testing.T) { - - privKey := ed25519.GenPrivKey() - pubKey := privKey.PubKey() - - msg := crypto.CRandBytes(128) - sig, err := privKey.Sign(msg) - require.Nil(t, err) - - // Test the signature - assert.True(t, pubKey.VerifySignature(msg, sig)) - - // Mutate the signature, just one bit. - // TODO: Replace this with a much better fuzzer, tendermint/ed25519/issues/10 - sig[7] ^= byte(0x01) - - assert.False(t, pubKey.VerifySignature(msg, sig)) -}