You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

215 lines
5.8 KiB

9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
7 years ago
9 years ago
7 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
7 years ago
9 years ago
7 years ago
9 years ago
  1. package crypto
  2. import (
  3. "crypto/subtle"
  4. secp256k1 "github.com/btcsuite/btcd/btcec"
  5. "github.com/tendermint/ed25519"
  6. "github.com/tendermint/ed25519/extra25519"
  7. "github.com/tendermint/go-wire"
  8. data "github.com/tendermint/go-wire/data"
  9. . "github.com/tendermint/tmlibs/common"
  10. )
  11. func PrivKeyFromBytes(privKeyBytes []byte) (privKey PrivKey, err error) {
  12. err = wire.ReadBinaryBytes(privKeyBytes, &privKey)
  13. if err == nil {
  14. // add support for a ValidateKey method on PrivKeys
  15. // to make sure they load correctly
  16. val, ok := privKey.Unwrap().(validatable)
  17. if ok {
  18. err = val.ValidateKey()
  19. }
  20. }
  21. return
  22. }
  23. // validatable is an optional interface for keys that want to
  24. // check integrity
  25. type validatable interface {
  26. ValidateKey() error
  27. }
  28. //----------------------------------------
  29. // DO NOT USE THIS INTERFACE.
  30. // You probably want to use PrivKey
  31. // +gen wrapper:"PrivKey,Impl[PrivKeyEd25519,PrivKeySecp256k1],ed25519,secp256k1"
  32. type PrivKeyInner interface {
  33. AssertIsPrivKeyInner()
  34. Bytes() []byte
  35. Sign(msg []byte) Signature
  36. PubKey() PubKey
  37. Equals(PrivKey) bool
  38. Wrap() PrivKey
  39. }
  40. //-------------------------------------
  41. var _ PrivKeyInner = PrivKeyEd25519{}
  42. // Implements PrivKey
  43. type PrivKeyEd25519 [64]byte
  44. func (privKey PrivKeyEd25519) AssertIsPrivKeyInner() {}
  45. func (privKey PrivKeyEd25519) Bytes() []byte {
  46. return wire.BinaryBytes(PrivKey{privKey})
  47. }
  48. func (privKey PrivKeyEd25519) Sign(msg []byte) Signature {
  49. privKeyBytes := [64]byte(privKey)
  50. signatureBytes := ed25519.Sign(&privKeyBytes, msg)
  51. return SignatureEd25519(*signatureBytes).Wrap()
  52. }
  53. func (privKey PrivKeyEd25519) PubKey() PubKey {
  54. privKeyBytes := [64]byte(privKey)
  55. pubBytes := *ed25519.MakePublicKey(&privKeyBytes)
  56. return PubKeyEd25519(pubBytes).Wrap()
  57. }
  58. // Equals - you probably don't need to use this.
  59. // Runs in constant time based on length of the keys.
  60. func (privKey PrivKeyEd25519) Equals(other PrivKey) bool {
  61. if otherEd, ok := other.Unwrap().(PrivKeyEd25519); ok {
  62. return subtle.ConstantTimeCompare(privKey[:], otherEd[:]) == 1
  63. } else {
  64. return false
  65. }
  66. }
  67. func (p PrivKeyEd25519) MarshalJSON() ([]byte, error) {
  68. return data.Encoder.Marshal(p[:])
  69. }
  70. func (p *PrivKeyEd25519) UnmarshalJSON(enc []byte) error {
  71. var ref []byte
  72. err := data.Encoder.Unmarshal(&ref, enc)
  73. copy(p[:], ref)
  74. return err
  75. }
  76. func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte {
  77. keyCurve25519 := new([32]byte)
  78. privKeyBytes := [64]byte(privKey)
  79. extra25519.PrivateKeyToCurve25519(keyCurve25519, &privKeyBytes)
  80. return keyCurve25519
  81. }
  82. func (privKey PrivKeyEd25519) String() string {
  83. return Fmt("PrivKeyEd25519{*****}")
  84. }
  85. // Deterministically generates new priv-key bytes from key.
  86. func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519 {
  87. newBytes := wire.BinarySha256(struct {
  88. PrivKey [64]byte
  89. Index int
  90. }{privKey, index})
  91. var newKey [64]byte
  92. copy(newKey[:], newBytes)
  93. return PrivKeyEd25519(newKey)
  94. }
  95. func GenPrivKeyEd25519() PrivKeyEd25519 {
  96. privKeyBytes := new([64]byte)
  97. copy(privKeyBytes[:32], CRandBytes(32))
  98. ed25519.MakePublicKey(privKeyBytes)
  99. return PrivKeyEd25519(*privKeyBytes)
  100. }
  101. // NOTE: secret should be the output of a KDF like bcrypt,
  102. // if it's derived from user input.
  103. func GenPrivKeyEd25519FromSecret(secret []byte) PrivKeyEd25519 {
  104. privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.
  105. privKeyBytes := new([64]byte)
  106. copy(privKeyBytes[:32], privKey32)
  107. ed25519.MakePublicKey(privKeyBytes)
  108. return PrivKeyEd25519(*privKeyBytes)
  109. }
  110. //-------------------------------------
  111. var _ PrivKeyInner = PrivKeySecp256k1{}
  112. // Implements PrivKey
  113. type PrivKeySecp256k1 [32]byte
  114. func (privKey PrivKeySecp256k1) AssertIsPrivKeyInner() {}
  115. func (privKey PrivKeySecp256k1) Bytes() []byte {
  116. return wire.BinaryBytes(PrivKey{privKey})
  117. }
  118. func (privKey PrivKeySecp256k1) Sign(msg []byte) Signature {
  119. priv__, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
  120. sig__, err := priv__.Sign(Sha256(msg))
  121. if err != nil {
  122. PanicSanity(err)
  123. }
  124. return SignatureSecp256k1(sig__.Serialize()).Wrap()
  125. }
  126. func (privKey PrivKeySecp256k1) PubKey() PubKey {
  127. _, pub__ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
  128. var pub PubKeySecp256k1
  129. copy(pub[:], pub__.SerializeCompressed())
  130. return pub.Wrap()
  131. }
  132. // Equals - you probably don't need to use this.
  133. // Runs in constant time based on length of the keys.
  134. func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool {
  135. if otherSecp, ok := other.Unwrap().(PrivKeySecp256k1); ok {
  136. return subtle.ConstantTimeCompare(privKey[:], otherSecp[:]) == 1
  137. } else {
  138. return false
  139. }
  140. }
  141. func (p PrivKeySecp256k1) MarshalJSON() ([]byte, error) {
  142. return data.Encoder.Marshal(p[:])
  143. }
  144. func (p *PrivKeySecp256k1) UnmarshalJSON(enc []byte) error {
  145. var ref []byte
  146. err := data.Encoder.Unmarshal(&ref, enc)
  147. copy(p[:], ref)
  148. return err
  149. }
  150. func (privKey PrivKeySecp256k1) String() string {
  151. return Fmt("PrivKeySecp256k1{*****}")
  152. }
  153. /*
  154. // Deterministically generates new priv-key bytes from key.
  155. func (key PrivKeySecp256k1) Generate(index int) PrivKeySecp256k1 {
  156. newBytes := wire.BinarySha256(struct {
  157. PrivKey [64]byte
  158. Index int
  159. }{key, index})
  160. var newKey [64]byte
  161. copy(newKey[:], newBytes)
  162. return PrivKeySecp256k1(newKey)
  163. }
  164. */
  165. func GenPrivKeySecp256k1() PrivKeySecp256k1 {
  166. privKeyBytes := [32]byte{}
  167. copy(privKeyBytes[:], CRandBytes(32))
  168. priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKeyBytes[:])
  169. copy(privKeyBytes[:], priv.Serialize())
  170. return PrivKeySecp256k1(privKeyBytes)
  171. }
  172. // NOTE: secret should be the output of a KDF like bcrypt,
  173. // if it's derived from user input.
  174. func GenPrivKeySecp256k1FromSecret(secret []byte) PrivKeySecp256k1 {
  175. privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.
  176. priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey32)
  177. privKeyBytes := [32]byte{}
  178. copy(privKeyBytes[:], priv.Serialize())
  179. return PrivKeySecp256k1(privKeyBytes)
  180. }