zolfa
/
tendermint
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 221 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
141 Commits
183 Branches
291 MiB
Tree: 3df2ca128d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3df2ca128d'
${ noResults }
tendermint/priv_key.go

205 lines
5.7 KiB
Raw Normal View History

update package name
9 years ago
first commit
9 years ago
make PrivateKey + Signature comparisons use constant time comparisons Fixes https://github.com/tendermint/go-crypto/issues/43 Avoid susceptibility to timing/side channel attacks by ensuring that private key and signature comparisons use `subtle.ConstantTimeCompare` instead of `bytes.Equal`
7 years ago
PrivKey.Equals
9 years ago
Add secp256k1 support
9 years ago
first commit
9 years ago
Codegen wrappers for privkey and signature as well
8 years ago
first commit
9 years ago
Cleanup; Implement .Wrap()
8 years ago
Better docs and naming thanks to bucky
8 years ago
Cleanup; Implement .Wrap()
8 years ago
Better docs and naming thanks to bucky
8 years ago
Cleanup; Implement .Wrap()
8 years ago
Change codegen name holder->wrapper
7 years ago
Use new naming scheme PubKey{PubKeyInner}
8 years ago
Cleanup; Implement .Wrap()
8 years ago
Added Bytes() and *FromBytes()
9 years ago
first commit
9 years ago
PrivKey.Equals
9 years ago
Cleanup; Implement .Wrap()
8 years ago
first commit
9 years ago
Add type assertions for sig/pub/privkey implemenetations
8 years ago
first commit
9 years ago
Cleanup; Implement .Wrap()
8 years ago
Added Bytes() and *FromBytes()
9 years ago
Use new naming scheme PubKey{PubKeyInner}
8 years ago
Added Bytes() and *FromBytes()
9 years ago
Add secp256k1 support
9 years ago
first commit
9 years ago
Cleanup; Implement .Wrap()
8 years ago
first commit
9 years ago
Use new naming scheme PubKey{PubKeyInner}
8 years ago
Cleanup; Implement .Wrap()
8 years ago
first commit
9 years ago
PrivKey.Equals
9 years ago
Use new naming scheme PubKey{PubKeyInner}
8 years ago
make PrivateKey + Signature comparisons use constant time comparisons Fixes https://github.com/tendermint/go-crypto/issues/43 Avoid susceptibility to timing/side channel attacks by ensuring that private key and signature comparisons use `subtle.ConstantTimeCompare` instead of `bytes.Equal`
7 years ago
PrivKey.Equals
9 years ago
Add structs for go-data support
8 years ago
first commit
9 years ago
Add secp256k1 support
9 years ago
first commit
9 years ago
Add secp256k1 support
9 years ago
first commit
9 years ago
Added Bytes() and *FromBytes()
9 years ago
first commit
9 years ago
Fix bug in GenPrivKeyEd25519FromSecret
9 years ago
first commit
9 years ago
Add secp256k1 support
9 years ago
Add type assertions for sig/pub/privkey implemenetations
8 years ago
Add secp256k1 support
9 years ago
Cleanup; Implement .Wrap()
8 years ago
Add secp256k1 support
9 years ago
Use new naming scheme PubKey{PubKeyInner}
8 years ago
Add secp256k1 support
9 years ago
Cleanup; Implement .Wrap()
8 years ago
Add secp256k1 support
9 years ago
secp256k1: use compressed pubkey, bitcoin-style address
8 years ago
Cleanup; Implement .Wrap()
8 years ago
Add secp256k1 support
9 years ago
PrivKey.Equals
9 years ago
Use new naming scheme PubKey{PubKeyInner}
8 years ago
make PrivateKey + Signature comparisons use constant time comparisons Fixes https://github.com/tendermint/go-crypto/issues/43 Avoid susceptibility to timing/side channel attacks by ensuring that private key and signature comparisons use `subtle.ConstantTimeCompare` instead of `bytes.Equal`
7 years ago
PrivKey.Equals
9 years ago
Add structs for go-data support
8 years ago
Add secp256k1 support
9 years ago
 
  1. package crypto
  2. 

  3. import (
  4. 	"crypto/subtle"
  5. 

  6. 	secp256k1 "github.com/btcsuite/btcd/btcec"
  7. 	"github.com/tendermint/ed25519"
  8. 	"github.com/tendermint/ed25519/extra25519"
  9. 	"github.com/tendermint/go-wire"
  10. 	data "github.com/tendermint/go-wire/data"
  11. 	. "github.com/tendermint/tmlibs/common"
  12. )
  13. 

  14. func PrivKeyFromBytes(privKeyBytes []byte) (privKey PrivKey, err error) {
  15. 	err = wire.ReadBinaryBytes(privKeyBytes, &privKey)
  16. 	return
  17. }
  18. 

  19. //----------------------------------------

  20. 

  21. // DO NOT USE THIS INTERFACE.

  22. // You probably want to use PubKey

  23. // +gen wrapper:"PrivKey,Impl[PrivKeyEd25519,PrivKeySecp256k1],ed25519,secp256k1"

  24. type PrivKeyInner interface {
  25. 	AssertIsPrivKeyInner()
  26. 	Bytes() []byte
  27. 	Sign(msg []byte) Signature
  28. 	PubKey() PubKey
  29. 	Equals(PrivKey) bool
  30. 	Wrap() PrivKey
  31. }
  32. 

  33. //-------------------------------------

  34. 

  35. var _ PrivKeyInner = PrivKeyEd25519{}
  36. 

  37. // Implements PrivKey

  38. type PrivKeyEd25519 [64]byte
  39. 

  40. func (privKey PrivKeyEd25519) AssertIsPrivKeyInner() {}
  41. 

  42. func (privKey PrivKeyEd25519) Bytes() []byte {
  43. 	return wire.BinaryBytes(PrivKey{privKey})
  44. }
  45. 

  46. func (privKey PrivKeyEd25519) Sign(msg []byte) Signature {
  47. 	privKeyBytes := [64]byte(privKey)
  48. 	signatureBytes := ed25519.Sign(&privKeyBytes, msg)
  49. 	return SignatureEd25519(*signatureBytes).Wrap()
  50. }
  51. 

  52. func (privKey PrivKeyEd25519) PubKey() PubKey {
  53. 	privKeyBytes := [64]byte(privKey)
  54. 	pubBytes := *ed25519.MakePublicKey(&privKeyBytes)
  55. 	return PubKeyEd25519(pubBytes).Wrap()
  56. }
  57. 

  58. func (privKey PrivKeyEd25519) Equals(other PrivKey) bool {
  59. 	if otherEd, ok := other.Unwrap().(PrivKeyEd25519); ok {
  60. 		// It is essential that we constant time compare

  61. 		// private keys and signatures instead of bytes.Equal,

  62. 		// to avoid susceptibility to timing/side channel attacks.

  63. 		// See Issue https://github.com/tendermint/go-crypto/issues/43

  64. 		return subtle.ConstantTimeCompare(privKey[:], otherEd[:]) == 0
  65. 	} else {
  66. 		return false
  67. 	}
  68. }
  69. 

  70. func (p PrivKeyEd25519) MarshalJSON() ([]byte, error) {
  71. 	return data.Encoder.Marshal(p[:])
  72. }
  73. 

  74. func (p *PrivKeyEd25519) UnmarshalJSON(enc []byte) error {
  75. 	var ref []byte
  76. 	err := data.Encoder.Unmarshal(&ref, enc)
  77. 	copy(p[:], ref)
  78. 	return err
  79. }
  80. 

  81. func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte {
  82. 	keyCurve25519 := new([32]byte)
  83. 	privKeyBytes := [64]byte(privKey)
  84. 	extra25519.PrivateKeyToCurve25519(keyCurve25519, &privKeyBytes)
  85. 	return keyCurve25519
  86. }
  87. 

  88. func (privKey PrivKeyEd25519) String() string {
  89. 	return Fmt("PrivKeyEd25519{*****}")
  90. }
  91. 

  92. // Deterministically generates new priv-key bytes from key.

  93. func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519 {
  94. 	newBytes := wire.BinarySha256(struct {
  95. 		PrivKey [64]byte
  96. 		Index   int
  97. 	}{privKey, index})
  98. 	var newKey [64]byte
  99. 	copy(newKey[:], newBytes)
  100. 	return PrivKeyEd25519(newKey)
  101. }
  102. 

  103. func GenPrivKeyEd25519() PrivKeyEd25519 {
  104. 	privKeyBytes := new([64]byte)
  105. 	copy(privKeyBytes[:32], CRandBytes(32))
  106. 	ed25519.MakePublicKey(privKeyBytes)
  107. 	return PrivKeyEd25519(*privKeyBytes)
  108. }
  109. 

  110. // NOTE: secret should be the output of a KDF like bcrypt,

  111. // if it's derived from user input.

  112. func GenPrivKeyEd25519FromSecret(secret []byte) PrivKeyEd25519 {
  113. 	privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.

  114. 	privKeyBytes := new([64]byte)
  115. 	copy(privKeyBytes[:32], privKey32)
  116. 	ed25519.MakePublicKey(privKeyBytes)
  117. 	return PrivKeyEd25519(*privKeyBytes)
  118. }
  119. 

  120. //-------------------------------------

  121. 

  122. var _ PrivKeyInner = PrivKeySecp256k1{}
  123. 

  124. // Implements PrivKey

  125. type PrivKeySecp256k1 [32]byte
  126. 

  127. func (privKey PrivKeySecp256k1) AssertIsPrivKeyInner() {}
  128. 

  129. func (privKey PrivKeySecp256k1) Bytes() []byte {
  130. 	return wire.BinaryBytes(PrivKey{privKey})
  131. }
  132. 

  133. func (privKey PrivKeySecp256k1) Sign(msg []byte) Signature {
  134. 	priv__, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
  135. 	sig__, err := priv__.Sign(Sha256(msg))
  136. 	if err != nil {
  137. 		PanicSanity(err)
  138. 	}
  139. 	return SignatureSecp256k1(sig__.Serialize()).Wrap()
  140. }
  141. 

  142. func (privKey PrivKeySecp256k1) PubKey() PubKey {
  143. 	_, pub__ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
  144. 	var pub PubKeySecp256k1
  145. 	copy(pub[:], pub__.SerializeCompressed())
  146. 	return pub.Wrap()
  147. }
  148. 

  149. func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool {
  150. 	if otherSecp, ok := other.Unwrap().(PrivKeySecp256k1); ok {
  151. 		// It is essential that we constant time compare

  152. 		// private keys and signatures instead of bytes.Equal,

  153. 		// to avoid susceptibility to timing/side channel attacks.

  154. 		// See Issue https://github.com/tendermint/go-crypto/issues/43

  155. 		return subtle.ConstantTimeCompare(privKey[:], otherSecp[:]) == 0
  156. 	} else {
  157. 		return false
  158. 	}
  159. }
  160. 

  161. func (p PrivKeySecp256k1) MarshalJSON() ([]byte, error) {
  162. 	return data.Encoder.Marshal(p[:])
  163. }
  164. 

  165. func (p *PrivKeySecp256k1) UnmarshalJSON(enc []byte) error {
  166. 	var ref []byte
  167. 	err := data.Encoder.Unmarshal(&ref, enc)
  168. 	copy(p[:], ref)
  169. 	return err
  170. }
  171. 

  172. func (privKey PrivKeySecp256k1) String() string {
  173. 	return Fmt("PrivKeySecp256k1{*****}")
  174. }
  175. 

  176. /*
  177. // Deterministically generates new priv-key bytes from key.

  178. func (key PrivKeySecp256k1) Generate(index int) PrivKeySecp256k1 {
  179. 	newBytes := wire.BinarySha256(struct {
  180. 		PrivKey [64]byte
  181. 		Index   int
  182. 	}{key, index})
  183. 	var newKey [64]byte
  184. 	copy(newKey[:], newBytes)
  185. 	return PrivKeySecp256k1(newKey)
  186. }
  187. */
  188. 

  189. func GenPrivKeySecp256k1() PrivKeySecp256k1 {
  190. 	privKeyBytes := [32]byte{}
  191. 	copy(privKeyBytes[:], CRandBytes(32))
  192. 	priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKeyBytes[:])
  193. 	copy(privKeyBytes[:], priv.Serialize())
  194. 	return PrivKeySecp256k1(privKeyBytes)
  195. }
  196. 

  197. // NOTE: secret should be the output of a KDF like bcrypt,

  198. // if it's derived from user input.

  199. func GenPrivKeySecp256k1FromSecret(secret []byte) PrivKeySecp256k1 {
  200. 	privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.

  201. 	priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey32)
  202. 	privKeyBytes := [32]byte{}
  203. 	copy(privKeyBytes[:], priv.Serialize())
  204. 	return PrivKeySecp256k1(privKeyBytes)
  205. }