From 646aee1d49f410c365e22defa02113fe9f37b330 Mon Sep 17 00:00:00 2001 From: Brandon Williams Date: Fri, 20 Sep 2024 16:07:45 -0500 Subject: [PATCH] crypto: use wasm compatible k256 library for secp256k1 support --- crates/sui-sdk-crypto/Cargo.toml | 10 ++--- crates/sui-sdk-crypto/src/ed25519.rs | 2 - crates/sui-sdk-crypto/src/secp256k1.rs | 52 ++++++++------------------ crates/sui-sdk-crypto/src/secp256r1.rs | 2 - 4 files changed, 20 insertions(+), 46 deletions(-) diff --git a/crates/sui-sdk-crypto/Cargo.toml b/crates/sui-sdk-crypto/Cargo.toml index 8f63bc189..bea402cf5 100644 --- a/crates/sui-sdk-crypto/Cargo.toml +++ b/crates/sui-sdk-crypto/Cargo.toml @@ -21,10 +21,9 @@ rustdoc-args = [ [features] default = [] -rand = ["dep:rand_core", "secp256k1?/rand"] -ed25519 = ["dep:ed25519-dalek", "sui-sdk/hash", "sui-sdk/serde"] -secp256r1 = ["dep:p256", "sui-sdk/hash", "sui-sdk/serde"] -secp256k1 = ["dep:secp256k1", "dep:sha2", "signature/std", "sui-sdk/hash", "sui-sdk/serde"] +ed25519 = ["dep:ed25519-dalek", "dep:rand_core", "sui-sdk/hash", "sui-sdk/serde"] +secp256r1 = ["dep:p256", "dep:rand_core", "sui-sdk/hash", "sui-sdk/serde"] +secp256k1 = ["dep:k256", "dep:rand_core", "signature/std", "sui-sdk/hash", "sui-sdk/serde"] [dependencies] signature = "2.2" @@ -40,8 +39,7 @@ ed25519-dalek = { version = "2.1.1", optional = true } p256 = { version = "0.13.2", default-features = false, features = ["ecdsa", "std"], optional = true } # secp256k1 support -secp256k1 = { version = "0.29.0", default-features = false, features = ["std", "global-context"], optional = true } -sha2 = { version = "0.10.8", default-features = false, features = ["std"], optional = true } +k256 = { version = "0.13.4", default-features = false, features = ["ecdsa"], optional = true } [dev-dependencies] base64ct = { version = "1.6.0", features = ["alloc"] } diff --git a/crates/sui-sdk-crypto/src/ed25519.rs b/crates/sui-sdk-crypto/src/ed25519.rs index 9f2e8fc07..9ee790f6d 100644 --- a/crates/sui-sdk-crypto/src/ed25519.rs +++ b/crates/sui-sdk-crypto/src/ed25519.rs @@ -50,8 +50,6 @@ impl Ed25519PrivateKey { self.verifying_key().public_key() } - #[cfg(feature = "rand")] - #[cfg_attr(doc_cfg, doc(cfg(feature = "rand")))] pub fn generate(mut rng: R) -> Self where R: rand_core::RngCore + rand_core::CryptoRng, diff --git a/crates/sui-sdk-crypto/src/secp256k1.rs b/crates/sui-sdk-crypto/src/secp256k1.rs index f3c876eff..e24d1cd78 100644 --- a/crates/sui-sdk-crypto/src/secp256k1.rs +++ b/crates/sui-sdk-crypto/src/secp256k1.rs @@ -1,10 +1,9 @@ use crate::SignatureError; use crate::SuiSigner; use crate::SuiVerifier; -use secp256k1::ecdsa::Signature; -use secp256k1::Message; -use secp256k1::PublicKey; -use secp256k1::SecretKey; +use k256::ecdsa::SigningKey; +use k256::ecdsa::VerifyingKey; +use k256::elliptic_curve::group::GroupEncoding; use signature::Signer; use signature::Verifier; use sui_sdk::types::PersonalMessage; @@ -14,7 +13,7 @@ use sui_sdk::types::SimpleSignature; use sui_sdk::types::Transaction; use sui_sdk::types::UserSignature; -pub struct Secp256k1PrivateKey(SecretKey); +pub struct Secp256k1PrivateKey(SigningKey); impl std::fmt::Debug for Secp256k1PrivateKey { fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result { @@ -44,34 +43,30 @@ impl Secp256k1PrivateKey { pub const LENGTH: usize = 32; pub fn new(bytes: [u8; Self::LENGTH]) -> Result { - SecretKey::from_slice(&bytes) - .map_err(SignatureError::from_source) - .map(Self) + SigningKey::from_bytes(&bytes.into()).map(Self) } pub fn verifying_key(&self) -> Secp256k1VerifyingKey { - Secp256k1VerifyingKey(PublicKey::from_secret_key_global(&self.0)) + let verifying_key = self.0.verifying_key(); + Secp256k1VerifyingKey(*verifying_key) } pub fn public_key(&self) -> Secp256k1PublicKey { - self.verifying_key().public_key() + Secp256k1PublicKey::new(self.0.verifying_key().as_ref().to_bytes().into()) } - #[cfg(feature = "rand")] - #[cfg_attr(doc_cfg, doc(cfg(feature = "rand")))] pub fn generate(mut rng: R) -> Self where R: rand_core::RngCore + rand_core::CryptoRng, { - Self(SecretKey::new(&mut rng)) + Self(SigningKey::random(&mut rng)) } } impl Signer for Secp256k1PrivateKey { fn try_sign(&self, message: &[u8]) -> Result { - let message = to_message(message); - let signature = self.0.sign_ecdsa(message); - Ok(Secp256k1Signature::new(signature.serialize_compact())) + let signature: k256::ecdsa::Signature = self.0.try_sign(message)?; + Ok(Secp256k1Signature::new(signature.to_bytes().into())) } } @@ -102,28 +97,22 @@ impl SuiSigner for Secp256k1PrivateKey { } } -pub struct Secp256k1VerifyingKey(PublicKey); +pub struct Secp256k1VerifyingKey(VerifyingKey); impl Secp256k1VerifyingKey { pub fn new(public_key: &Secp256k1PublicKey) -> Result { - PublicKey::from_slice(public_key.inner().as_ref()) - .map_err(SignatureError::from_source) - .map(Self) + VerifyingKey::try_from(public_key.inner().as_ref()).map(Self) } pub fn public_key(&self) -> Secp256k1PublicKey { - Secp256k1PublicKey::new(self.0.serialize()) + Secp256k1PublicKey::new(self.0.as_ref().to_bytes().into()) } } impl Verifier for Secp256k1VerifyingKey { fn verify(&self, message: &[u8], signature: &Secp256k1Signature) -> Result<(), SignatureError> { - let signature = - Signature::from_compact(signature.inner()).map_err(SignatureError::from_source)?; - let message = to_message(message); - signature - .verify(&message, &self.0) - .map_err(SignatureError::from_source) + let signature = k256::ecdsa::Signature::from_bytes(signature.inner().into())?; + self.0.verify(message, &signature) } } @@ -167,15 +156,6 @@ impl SuiVerifier for Secp256k1VerifyingKey { } } -fn to_message(message: &[u8]) -> Message { - use sha2::Digest; - - let mut hasher = sha2::Sha256::new(); - hasher.update(message); - let digest = hasher.finalize(); - Message::from_digest(digest.into()) -} - #[derive(Default, Clone, Debug)] pub struct Secp256k1Verifier {} diff --git a/crates/sui-sdk-crypto/src/secp256r1.rs b/crates/sui-sdk-crypto/src/secp256r1.rs index 96b0e1a14..c3ca83ebe 100644 --- a/crates/sui-sdk-crypto/src/secp256r1.rs +++ b/crates/sui-sdk-crypto/src/secp256r1.rs @@ -53,8 +53,6 @@ impl Secp256r1PrivateKey { Secp256r1PublicKey::new(self.0.verifying_key().as_ref().to_bytes().into()) } - #[cfg(feature = "rand")] - #[cfg_attr(doc_cfg, doc(cfg(feature = "rand")))] pub fn generate(mut rng: R) -> Self where R: rand_core::RngCore + rand_core::CryptoRng,