From e2721bf18695cabb44e5f7fb5c097b1f1c255762 Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Sat, 8 May 2021 17:54:06 -0400 Subject: [PATCH 01/10] swap ed25519-dalek for ed25519-zebra; no batch verificaiton fixed batch verificaiton tests removed additional zero verificaiton tests removed comments, fixed test bug, added #[derive(Clone)] Update primitives/core/src/ed25519.rs Co-authored-by: Squirrel --- Cargo.lock | 15 +++++++++- Cargo.toml | 2 +- primitives/core/Cargo.toml | 6 ++-- primitives/core/src/ed25519.rs | 52 +++++++++++++++------------------- primitives/io/src/lib.rs | 23 +++++++++------ 5 files changed, 56 insertions(+), 42 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d68330cfb15c2..1fb664a601811 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1801,6 +1801,19 @@ dependencies = [ "zeroize", ] +[[package]] +name = "ed25519-zebra" +version = "2.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0a128b76af6dd4b427e34a6fd43dc78dbfe73672ec41ff615a2414c1a0ad0409" +dependencies = [ + "curve25519-dalek 3.0.2", + "hex", + "rand_core 0.5.1", + "sha2 0.9.8", + "thiserror", +] + [[package]] name = "either" version = "1.6.1" @@ -9911,7 +9924,7 @@ dependencies = [ "byteorder", "criterion", "dyn-clonable", - "ed25519-dalek", + "ed25519-zebra", "futures", "hash-db", "hash256-std-hasher", diff --git a/Cargo.toml b/Cargo.toml index 9909e6f893877..5c7827a6d0c04 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -257,7 +257,7 @@ crc32fast = { opt-level = 3 } crossbeam-deque = { opt-level = 3 } crypto-mac = { opt-level = 3 } curve25519-dalek = { opt-level = 3 } -ed25519-dalek = { opt-level = 3 } +ed25519-zebra = { opt-level = 3 } flate2 = { opt-level = 3 } futures-channel = { opt-level = 3 } hashbrown = { opt-level = 3 } diff --git a/primitives/core/Cargo.toml b/primitives/core/Cargo.toml index cdc12c677e4f3..90314e364fa5d 100644 --- a/primitives/core/Cargo.toml +++ b/primitives/core/Cargo.toml @@ -47,7 +47,7 @@ thiserror = { version = "1.0.30", optional = true } bitflags = "1.3" # full crypto -ed25519-dalek = { version = "1.0.1", default-features = false, features = ["u64_backend", "alloc"], optional = true } +ed25519-zebra = { version = "2.2.0", default-features = false, optional = true} blake2-rfc = { version = "0.2.18", default-features = false, optional = true } schnorrkel = { version = "0.9.1", features = [ "preaudit_deprecated", @@ -97,7 +97,7 @@ std = [ "sp-std/std", "serde", "blake2-rfc/std", - "ed25519-dalek/std", + "ed25519-zebra", "hex/std", "base58", "substrate-bip39", @@ -127,7 +127,7 @@ std = [ # or Intel SGX. # For the regular wasm runtime builds this should not be used. full_crypto = [ - "ed25519-dalek", + "ed25519-zebra", "blake2-rfc", "schnorrkel", "hex", diff --git a/primitives/core/src/ed25519.rs b/primitives/core/src/ed25519.rs index 177af0651c0ef..2a56a0d1d32c1 100644 --- a/primitives/core/src/ed25519.rs +++ b/primitives/core/src/ed25519.rs @@ -39,7 +39,9 @@ use crate::crypto::{DeriveJunction, Pair as TraitPair, SecretStringError}; #[cfg(feature = "std")] use bip39::{Language, Mnemonic, MnemonicType}; #[cfg(feature = "full_crypto")] -use ed25519_dalek::{Signer as _, Verifier as _}; +use core::convert::TryFrom; +#[cfg(feature = "full_crypto")] +use ed25519_zebra::{SigningKey, VerificationKey}; #[cfg(feature = "std")] use serde::{de, Deserialize, Deserializer, Serialize, Serializer}; use sp_runtime_interface::pass_by::PassByInner; @@ -75,17 +77,10 @@ pub struct Public(pub [u8; 32]); /// A key pair. #[cfg(feature = "full_crypto")] -pub struct Pair(ed25519_dalek::Keypair); - -#[cfg(feature = "full_crypto")] -impl Clone for Pair { - fn clone(&self) -> Self { - Pair(ed25519_dalek::Keypair { - public: self.0.public, - secret: ed25519_dalek::SecretKey::from_bytes(self.0.secret.as_bytes()) - .expect("key is always the correct size; qed"), - }) - } +#[derive(Copy, Clone)] +pub struct Pair { + public: VerificationKey, + secret: SigningKey, } impl AsRef<[u8; 32]> for Public { @@ -456,10 +451,11 @@ impl TraitPair for Pair { /// /// You should never need to use this; generate(), generate_with_phrase fn from_seed_slice(seed_slice: &[u8]) -> Result { - let secret = ed25519_dalek::SecretKey::from_bytes(seed_slice) - .map_err(|_| SecretStringError::InvalidSeedLength)?; - let public = ed25519_dalek::PublicKey::from(&secret); - Ok(Pair(ed25519_dalek::Keypair { secret, public })) + // does try_into consume the seed? can I consume seed_slice here? I think not right? + let secret = + SigningKey::try_from(seed_slice).map_err(|_| SecretStringError::InvalidSeedLength)?; + let public = VerificationKey::from(&secret); + Ok(Pair { secret, public }) } /// Derive a child key from a series of given junctions. @@ -468,7 +464,7 @@ impl TraitPair for Pair { path: Iter, _seed: Option, ) -> Result<(Pair, Option), DeriveError> { - let mut acc = self.0.secret.to_bytes(); + let mut acc: [u8; 32] = self.secret.into(); for j in path { match j { DeriveJunction::Soft(_cc) => return Err(DeriveError::SoftKeyInPath), @@ -480,15 +476,13 @@ impl TraitPair for Pair { /// Get the public key. fn public(&self) -> Public { - let mut r = [0u8; 32]; - let pk = self.0.public.as_bytes(); - r.copy_from_slice(pk); - Public(r) + let pk: [u8; 32] = self.public.into(); + Public(pk) } /// Sign a message. fn sign(&self, message: &[u8]) -> Signature { - let r = self.0.sign(message).to_bytes(); + let r: [u8; 64] = self.secret.sign(message).into(); Signature::from_raw(r) } @@ -502,17 +496,17 @@ impl TraitPair for Pair { /// This doesn't use the type system to ensure that `sig` and `pubkey` are the correct /// size. Use it only if you're coming from byte buffers and need the speed. fn verify_weak, M: AsRef<[u8]>>(sig: &[u8], message: M, pubkey: P) -> bool { - let public_key = match ed25519_dalek::PublicKey::from_bytes(pubkey.as_ref()) { + let public_key = match VerificationKey::try_from(pubkey.as_ref()) { Ok(pk) => pk, Err(_) => return false, }; - let sig = match ed25519_dalek::Signature::try_from(sig) { + let sig = match ed25519_zebra::Signature::try_from(sig) { Ok(s) => s, Err(_) => return false, }; - public_key.verify(message.as_ref(), &sig).is_ok() + public_key.verify(&sig, message.as_ref()).is_ok() } /// Return a vec filled with raw data. @@ -524,8 +518,8 @@ impl TraitPair for Pair { #[cfg(feature = "full_crypto")] impl Pair { /// Get the seed for this key. - pub fn seed(&self) -> &Seed { - self.0.secret.as_bytes() + pub fn seed(&self) -> Seed { + self.secret.into() } /// Exactly as `from_string` except that if no matches are found then, the the first 32 @@ -577,12 +571,12 @@ mod test { fn seed_and_derive_should_work() { let seed = hex!("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"); let pair = Pair::from_seed(&seed); - assert_eq!(pair.seed(), &seed); + assert_eq!(pair.seed(), seed); let path = vec![DeriveJunction::Hard([0u8; 32])]; let derived = pair.derive(path.into_iter(), None).ok().unwrap().0; assert_eq!( derived.seed(), - &hex!("ede3354e133f9c8e337ddd6ee5415ed4b4ffe5fc7d21e933f4930a3730e5b21c") + hex!("ede3354e133f9c8e337ddd6ee5415ed4b4ffe5fc7d21e933f4930a3730e5b21c") ); } diff --git a/primitives/io/src/lib.rs b/primitives/io/src/lib.rs index edffc37351147..4330f58915354 100644 --- a/primitives/io/src/lib.rs +++ b/primitives/io/src/lib.rs @@ -1895,6 +1895,7 @@ mod tests { ext.register_extension(TaskExecutorExt::new(TaskExecutor::new())); ext.execute_with(|| { let pair = sr25519::Pair::generate_with_phrase(None).0; + let pair_unused = sr25519::Pair::generate_with_phrase(None).0; crypto::start_batch_verify(); for it in 0..70 { let msg = format!("Schnorrkel {}!", it); @@ -1902,8 +1903,10 @@ mod tests { crypto::sr25519_batch_verify(&signature, msg.as_bytes(), &pair.public()); } - // push invlaid - crypto::sr25519_batch_verify(&zero_sr_sig(), &Vec::new(), &zero_sr_pub()); + // push invalid + let msg = format!("asdf!"); + let signature = pair.sign(msg.as_bytes()); + crypto::sr25519_batch_verify(&signature, msg.as_bytes(), &pair_unused.public()); assert!(!crypto::finish_batch_verify()); crypto::start_batch_verify(); @@ -1961,12 +1964,14 @@ mod tests { // 1 valid, 1 invalid ed25519 signature crypto::start_batch_verify(); - let pair = ed25519::Pair::generate_with_phrase(None).0; + let pair1 = ed25519::Pair::generate_with_phrase(None).0; + let pair2 = ed25519::Pair::generate_with_phrase(None).0; let msg = b"Important message"; - let signature = pair.sign(msg); - crypto::ed25519_batch_verify(&signature, msg, &pair.public()); + let signature = pair1.sign(msg); crypto::ed25519_batch_verify(&zero_ed_sig(), &Vec::new(), &zero_ed_pub()); + crypto::ed25519_batch_verify(&signature, msg, &pair1.public()); + crypto::ed25519_batch_verify(&signature, msg, &pair2.public()); assert!(!crypto::finish_batch_verify()); @@ -1993,11 +1998,13 @@ mod tests { // 1 valid sr25519, 1 invalid sr25519 crypto::start_batch_verify(); - let pair = sr25519::Pair::generate_with_phrase(None).0; + let pair1 = sr25519::Pair::generate_with_phrase(None).0; + let pair2 = sr25519::Pair::generate_with_phrase(None).0; let msg = b"Schnorrkcel!"; - let signature = pair.sign(msg); - crypto::sr25519_batch_verify(&signature, msg, &pair.public()); + let signature = pair1.sign(msg); + crypto::sr25519_batch_verify(&signature, msg, &pair1.public()); + crypto::sr25519_batch_verify(&signature, msg, &pair2.public()); crypto::sr25519_batch_verify(&zero_sr_sig(), &Vec::new(), &zero_sr_pub()); assert!(!crypto::finish_batch_verify()); From 34e895b2ffe09bf9669960932fdad140953244ff Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Fri, 1 Jul 2022 23:01:55 -0400 Subject: [PATCH 02/10] modified assertion to allow default ed25519-zebra zero key behavior --- primitives/io/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/primitives/io/src/lib.rs b/primitives/io/src/lib.rs index 4330f58915354..6eae364478e90 100644 --- a/primitives/io/src/lib.rs +++ b/primitives/io/src/lib.rs @@ -1944,7 +1944,7 @@ mod tests { // invalid ed25519 signature crypto::start_batch_verify(); crypto::ed25519_batch_verify(&zero_ed_sig(), &Vec::new(), &zero_ed_pub()); - assert!(!crypto::finish_batch_verify()); + assert!(crypto::finish_batch_verify()); // 2 valid ed25519 signatures crypto::start_batch_verify(); From 092837ec483abdfe096c3528b037e45ffb04916d Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Wed, 13 Jul 2022 11:33:27 -0400 Subject: [PATCH 03/10] cargo clippy --- primitives/io/src/lib.rs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/primitives/io/src/lib.rs b/primitives/io/src/lib.rs index 6eae364478e90..68fa6f33a7ec8 100644 --- a/primitives/io/src/lib.rs +++ b/primitives/io/src/lib.rs @@ -1904,9 +1904,9 @@ mod tests { } // push invalid - let msg = format!("asdf!"); - let signature = pair.sign(msg.as_bytes()); - crypto::sr25519_batch_verify(&signature, msg.as_bytes(), &pair_unused.public()); + let msg = b"asdf!"; + let signature = pair.sign(msg); + crypto::sr25519_batch_verify(&signature, msg, &pair_unused.public()); assert!(!crypto::finish_batch_verify()); crypto::start_batch_verify(); From 8ce42687713e7b3ac74969b4f474408753aa1270 Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Fri, 12 Aug 2022 23:22:03 -0400 Subject: [PATCH 04/10] Update primitives/core/Cargo.toml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Bastian Köcher --- primitives/core/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/primitives/core/Cargo.toml b/primitives/core/Cargo.toml index 737026e19eb91..2cdfd04e942d7 100644 --- a/primitives/core/Cargo.toml +++ b/primitives/core/Cargo.toml @@ -47,7 +47,7 @@ thiserror = { version = "1.0.30", optional = true } bitflags = "1.3" # full crypto -ed25519-zebra = { version = "2.2.0", default-features = false, optional = true} +ed25519-zebra = { version = "3.0.0", default-features = false, optional = true} blake2-rfc = { version = "0.2.18", default-features = false, optional = true } schnorrkel = { version = "0.9.1", features = [ "preaudit_deprecated", From 160f47182c26a189e816cc2804207811876ddff4 Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Sat, 13 Aug 2022 13:42:26 -0400 Subject: [PATCH 05/10] Update primitives/core/src/ed25519.rs Co-authored-by: Davide Galassi --- primitives/core/src/ed25519.rs | 1 - 1 file changed, 1 deletion(-) diff --git a/primitives/core/src/ed25519.rs b/primitives/core/src/ed25519.rs index 2a56a0d1d32c1..bff9bb0955d2d 100644 --- a/primitives/core/src/ed25519.rs +++ b/primitives/core/src/ed25519.rs @@ -451,7 +451,6 @@ impl TraitPair for Pair { /// /// You should never need to use this; generate(), generate_with_phrase fn from_seed_slice(seed_slice: &[u8]) -> Result { - // does try_into consume the seed? can I consume seed_slice here? I think not right? let secret = SigningKey::try_from(seed_slice).map_err(|_| SecretStringError::InvalidSeedLength)?; let public = VerificationKey::from(&secret); From 279a1f407247624dacc0331a92fdc39edf55a8ec Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Sat, 13 Aug 2022 13:42:31 -0400 Subject: [PATCH 06/10] Update primitives/core/src/ed25519.rs Co-authored-by: Davide Galassi --- primitives/core/src/ed25519.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/primitives/core/src/ed25519.rs b/primitives/core/src/ed25519.rs index bff9bb0955d2d..2be4c05d41c9c 100644 --- a/primitives/core/src/ed25519.rs +++ b/primitives/core/src/ed25519.rs @@ -463,7 +463,7 @@ impl TraitPair for Pair { path: Iter, _seed: Option, ) -> Result<(Pair, Option), DeriveError> { - let mut acc: [u8; 32] = self.secret.into(); + let mut acc = self.secret.into(); for j in path { match j { DeriveJunction::Soft(_cc) => return Err(DeriveError::SoftKeyInPath), From 91fff86dbad8f880fff1607cb8e6ffe59d4c1012 Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Sat, 13 Aug 2022 13:42:36 -0400 Subject: [PATCH 07/10] Update primitives/core/src/ed25519.rs Co-authored-by: Davide Galassi --- primitives/core/src/ed25519.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/primitives/core/src/ed25519.rs b/primitives/core/src/ed25519.rs index 2be4c05d41c9c..b59d764a899d3 100644 --- a/primitives/core/src/ed25519.rs +++ b/primitives/core/src/ed25519.rs @@ -475,8 +475,7 @@ impl TraitPair for Pair { /// Get the public key. fn public(&self) -> Public { - let pk: [u8; 32] = self.public.into(); - Public(pk) + Public(self.public.into()) } /// Sign a message. From 06dfad42682f9aefb72de4f348a54708214b1d85 Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Sat, 13 Aug 2022 13:42:45 -0400 Subject: [PATCH 08/10] Update primitives/core/src/ed25519.rs Co-authored-by: Davide Galassi --- primitives/core/src/ed25519.rs | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/primitives/core/src/ed25519.rs b/primitives/core/src/ed25519.rs index b59d764a899d3..0553cf4843df5 100644 --- a/primitives/core/src/ed25519.rs +++ b/primitives/core/src/ed25519.rs @@ -480,8 +480,7 @@ impl TraitPair for Pair { /// Sign a message. fn sign(&self, message: &[u8]) -> Signature { - let r: [u8; 64] = self.secret.sign(message).into(); - Signature::from_raw(r) + Signature::from_raw(self.secret.sign(message).into()) } /// Verify a signature on a message. Returns true if the signature is good. From 16dff93918ac27a54b2bb1c2c766a61ca529914e Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Sat, 13 Aug 2022 13:46:12 -0400 Subject: [PATCH 09/10] updated Cargo.lock for sp-core --- Cargo.lock | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index b80ea4eddc2dd..65f4a83937651 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1790,15 +1790,16 @@ dependencies = [ [[package]] name = "ed25519-zebra" -version = "2.2.0" +version = "3.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a128b76af6dd4b427e34a6fd43dc78dbfe73672ec41ff615a2414c1a0ad0409" +checksum = "403ef3e961ab98f0ba902771d29f842058578bb1ce7e3c59dad5a6a93e784c69" dependencies = [ "curve25519-dalek 3.0.2", "hex", - "rand_core 0.5.1", + "rand_core 0.6.2", "sha2 0.9.8", "thiserror", + "zeroize", ] [[package]] From 8cbe0d6765e87465e55739741851370766310294 Mon Sep 17 00:00:00 2001 From: Jake Hemmerle Date: Sat, 13 Aug 2022 13:53:16 -0400 Subject: [PATCH 10/10] fix inaccurate comment --- primitives/io/src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/primitives/io/src/lib.rs b/primitives/io/src/lib.rs index 95c3baeab2a23..7942bafcc2a1b 100644 --- a/primitives/io/src/lib.rs +++ b/primitives/io/src/lib.rs @@ -1941,7 +1941,7 @@ mod tests { ext.register_extension(TaskExecutorExt::new(TaskExecutor::new())); ext.execute_with(|| { - // invalid ed25519 signature + // valid ed25519 signature crypto::start_batch_verify(); crypto::ed25519_batch_verify(&zero_ed_sig(), &Vec::new(), &zero_ed_pub()); assert!(crypto::finish_batch_verify());