diff --git a/Cargo.toml b/Cargo.toml index 899e600..f7a512a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -17,12 +17,12 @@ wasm-bindgen = "0.2.87" # all the `std::fmt` and `std::panicking` infrastructure, so isn't great for # code size when deploying. console_error_panic_hook = { version = "0.1.6", optional = true } -bitcoin = "0.31.1" +bitcoin = "0.32.0" bip39 = { "version" = "2.0.0", features = ["rand"]} -ecies = { "version" = "0.2.6", default-features = false, features = ["pure"]} +ecies = { "version" = "0.2.7", default-features = false, features = ["pure"]} lightspark-remote-signing = "=0.3.0" -serde_json = "1.0.107" -serde = "1.0.188" +serde_json = "1.0.117" +serde = "1.0.202" bitcoin-bech32 = "0.13.0" [features] diff --git a/src/crypto.rs b/src/crypto.rs index 9a9b72c..3f78379 100644 --- a/src/crypto.rs +++ b/src/crypto.rs @@ -3,7 +3,7 @@ use std::str::FromStr as _; use std::sync::Arc; use bitcoin::bip32::{DerivationPath, Xpub}; -use bitcoin::hashes::sha256; +use bitcoin::hashes::{sha256, Hash}; use bitcoin::secp256k1::ecdsa::Signature; use bitcoin::secp256k1::{Message, PublicKey, Scalar, Secp256k1, SecretKey}; use bitcoin::{ @@ -18,7 +18,7 @@ use crate::signer::Network; #[derive(Clone, Copy, Debug)] pub enum CryptoError { Secp256k1Error(bitcoin::secp256k1::Error), - RustSecp256k1Error(ecies::SecpError), + RustSecp256k1Error, InvalidPublicKeyScriptError, KeyDerivationError, KeyTweakError, @@ -44,7 +44,7 @@ impl fmt::Display for CryptoError { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { match self { Self::Secp256k1Error(err) => write!(f, "Secp256k1 error {}", err), - Self::RustSecp256k1Error(err) => write!(f, "Rust Secp256k1 error {}", err), + Self::RustSecp256k1Error => write!(f, "Rust Secp256k1 error"), Self::InvalidPublicKeyScriptError => write!(f, "Invalid public key script"), Self::KeyDerivationError => write!(f, "Key derivation error"), Self::KeyTweakError => write!(f, "Key tweak error"), @@ -57,7 +57,8 @@ impl std::error::Error for CryptoError {} pub fn sign_ecdsa(msg: Vec, private_key_bytes: Vec) -> Result, CryptoError> { let secp = Secp256k1::new(); let sk = SecretKey::from_slice(&private_key_bytes).map_err(CryptoError::Secp256k1Error)?; - let msg = Message::from_hashed_data::(&msg); + let digest = sha256::Hash::hash(&msg); + let msg = Message::from_digest(digest.to_byte_array()); let signature = secp.sign_ecdsa(&msg, &sk); Ok(signature.serialize_der().to_vec()) } @@ -69,21 +70,22 @@ pub fn verify_ecdsa( ) -> Result { let secp = Secp256k1::new(); let pk = PublicKey::from_slice(&public_key_bytes).map_err(CryptoError::Secp256k1Error)?; - let msg = Message::from_hashed_data::(&msg); + let digest = sha256::Hash::hash(&msg); + let msg = Message::from_digest(digest.to_byte_array()); let sig = Signature::from_der(&signature_bytes).map_err(CryptoError::Secp256k1Error)?; let result = secp.verify_ecdsa(&msg, &sig, &pk).is_ok(); Ok(result) } pub fn encrypt_ecies(msg: Vec, public_key_bytes: Vec) -> Result, CryptoError> { - encrypt(&public_key_bytes, &msg).map_err(CryptoError::RustSecp256k1Error) + encrypt(&public_key_bytes, &msg).map_err(|_| CryptoError::RustSecp256k1Error) } pub fn decrypt_ecies( cipher_text: Vec, private_key_bytes: Vec, ) -> Result, CryptoError> { - decrypt(&private_key_bytes, &cipher_text).map_err(CryptoError::RustSecp256k1Error) + decrypt(&private_key_bytes, &cipher_text).map_err(|_| CryptoError::RustSecp256k1Error) } pub fn generate_keypair() -> Result, CryptoError> { diff --git a/src/funds_recovery_kit.rs b/src/funds_recovery_kit.rs index f4e2360..795ff9f 100644 --- a/src/funds_recovery_kit.rs +++ b/src/funds_recovery_kit.rs @@ -1,6 +1,5 @@ use std::fmt; -use bitcoin::bip32; use bitcoin::consensus::encode; use bitcoin::hashes::hex::FromHex; use bitcoin::hashes::{sha512, Hash, HashEngine, Hmac, HmacEngine}; @@ -8,8 +7,8 @@ use bitcoin::secp256k1::{Scalar, Secp256k1, SecretKey}; use bitcoin::sighash; use bitcoin::sighash::EcdsaSighashType; use bitcoin::PrivateKey; -use bitcoin::PublicKey; use bitcoin::Witness; +use bitcoin::{bip32, CompressedPublicKey}; use bitcoin::{Amount, Script, Transaction}; use serde::{Deserialize, Serialize}; use std::str::FromStr; @@ -542,12 +541,10 @@ fn sign_counterparty_sweep_transaction( ))? .witness .to_vec(); - let pubkey = PublicKey::from_slice(new_witness[1].as_slice()).map_err(|_| { + let pubkey = CompressedPublicKey::from_slice(new_witness[1].as_slice()).map_err(|_| { FundsRecoveryKitInternalError::from("Could not generate pubkey from witness") })?; - let script = bitcoin::Address::p2wpkh(&pubkey, network) - .unwrap() - .script_pubkey(); + let script = bitcoin::Address::p2wpkh(&pubkey, network).script_pubkey(); let sighash = sighash::SighashCache::new(transaction.clone()) .p2wpkh_signature_hash(0, &script, amount, EcdsaSighashType::All) .map_err(|e| FundsRecoveryKitInternalError::from(e.to_string().as_str()))?; diff --git a/src/signer.rs b/src/signer.rs index 6b9c9a3..a74923f 100644 --- a/src/signer.rs +++ b/src/signer.rs @@ -3,10 +3,9 @@ use std::str::FromStr; use std::sync::Arc; use bitcoin::bip32::{DerivationPath, Xpriv, Xpub}; -use bitcoin::hashes::{sha512, Hash, HashEngine, Hmac, HmacEngine}; +use bitcoin::hashes::{sha256, sha512, Hash, HashEngine, Hmac, HmacEngine}; use bitcoin::secp256k1::ecdh::SharedSecret; use bitcoin::secp256k1::ecdsa::Signature; -use bitcoin::secp256k1::hashes::sha256; use bitcoin::secp256k1::{Message, PublicKey, Scalar, Secp256k1, SecretKey}; use rand_core::{OsRng, RngCore}; use wasm_bindgen::prelude::*; @@ -199,7 +198,8 @@ impl LightsparkSigner { secp.sign_ecdsa(&msg, &signing_key) } false => { - let msg = Message::from_hashed_data::(message.as_slice()); + let digest = sha256::Hash::hash(&message); + let msg = Message::from_digest(digest.to_byte_array()); secp.sign_ecdsa(&msg, &signing_key) } }; @@ -375,7 +375,8 @@ impl LightsparkSigner { unsigned_invoice: String, ) -> Result, LightsparkSignerError> { let signing_key = self.node_private_key.private_key; - let msg = Message::from_hashed_data::(unsigned_invoice.as_bytes()); + let digest = sha256::Hash::hash(unsigned_invoice.as_bytes()); + let msg = Message::from_digest(digest.to_byte_array()); let secp = Secp256k1::new(); let sig = secp .sign_ecdsa_recoverable(&msg, &signing_key) @@ -413,7 +414,8 @@ impl LightsparkSigner { unsigned_invoice: String, ) -> Result { let signing_key = self.node_private_key.private_key; - let msg = Message::from_hashed_data::(unsigned_invoice.as_bytes()); + let digest = sha256::Hash::hash(unsigned_invoice.as_bytes()); + let msg = Message::from_digest(*digest.as_byte_array()); let secp = Secp256k1::new(); let sig = secp .sign_ecdsa_recoverable(&msg, &signing_key) @@ -504,7 +506,8 @@ mod tests { .derive_key_and_sign(message.to_vec(), "m".to_owned(), false, None, None) .unwrap(); let signature = Signature::from_compact(signature_bytes.as_slice()).unwrap(); - let msg = Message::from_hashed_data::(message); + let digest = sha256::Hash::hash(message); + let msg = Message::from_digest(digest.to_byte_array()); let secp = Secp256k1::new(); assert!(secp .verify_ecdsa(&msg, &signature, &verification_key)