You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

237 lines
6.1 KiB

9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
9 years ago
  1. package crypto
  2. import (
  3. "bytes"
  4. secp256k1 "github.com/btcsuite/btcd/btcec"
  5. "github.com/tendermint/ed25519"
  6. "github.com/tendermint/ed25519/extra25519"
  7. . "github.com/tendermint/go-common"
  8. data "github.com/tendermint/go-data"
  9. "github.com/tendermint/go-wire"
  10. )
  11. func PrivKeyFromBytes(privKeyBytes []byte) (privKey PrivKey, err error) {
  12. err = wire.ReadBinaryBytes(privKeyBytes, &privKey)
  13. return
  14. }
  15. //----------------------------------------
  16. type PrivKey struct {
  17. PrivKeyInner `json:"unwrap"`
  18. }
  19. // DO NOT USE THIS INTERFACE.
  20. // You probably want to use PubKey
  21. type PrivKeyInner interface {
  22. AssertIsPrivKeyInner()
  23. Bytes() []byte
  24. Sign(msg []byte) Signature
  25. PubKey() PubKey
  26. Equals(PrivKey) bool
  27. Wrap() PrivKey
  28. }
  29. func (p PrivKey) MarshalJSON() ([]byte, error) {
  30. return privKeyMapper.ToJSON(p.PrivKeyInner)
  31. }
  32. func (p *PrivKey) UnmarshalJSON(data []byte) (err error) {
  33. parsed, err := privKeyMapper.FromJSON(data)
  34. if err == nil && parsed != nil {
  35. p.PrivKeyInner = parsed.(PrivKeyInner)
  36. }
  37. return
  38. }
  39. // Unwrap recovers the concrete interface safely (regardless of levels of embeds)
  40. func (p PrivKey) Unwrap() PrivKeyInner {
  41. pk := p.PrivKeyInner
  42. for wrap, ok := pk.(PrivKey); ok; wrap, ok = pk.(PrivKey) {
  43. pk = wrap.PrivKeyInner
  44. }
  45. return pk
  46. }
  47. func (p PrivKey) Empty() bool {
  48. return p.PrivKeyInner == nil
  49. }
  50. var privKeyMapper = data.NewMapper(PrivKey{}).
  51. RegisterImplementation(PrivKeyEd25519{}, NameEd25519, TypeEd25519).
  52. RegisterImplementation(PrivKeySecp256k1{}, NameSecp256k1, TypeSecp256k1)
  53. //-------------------------------------
  54. var _ PrivKeyInner = PrivKeyEd25519{}
  55. // Implements PrivKey
  56. type PrivKeyEd25519 [64]byte
  57. func (privKey PrivKeyEd25519) AssertIsPrivKeyInner() {}
  58. func (privKey PrivKeyEd25519) Bytes() []byte {
  59. return wire.BinaryBytes(PrivKey{privKey})
  60. }
  61. func (privKey PrivKeyEd25519) Sign(msg []byte) Signature {
  62. privKeyBytes := [64]byte(privKey)
  63. signatureBytes := ed25519.Sign(&privKeyBytes, msg)
  64. return SignatureEd25519(*signatureBytes).Wrap()
  65. }
  66. func (privKey PrivKeyEd25519) PubKey() PubKey {
  67. privKeyBytes := [64]byte(privKey)
  68. pubBytes := *ed25519.MakePublicKey(&privKeyBytes)
  69. return PubKeyEd25519(pubBytes).Wrap()
  70. }
  71. func (privKey PrivKeyEd25519) Equals(other PrivKey) bool {
  72. if otherEd, ok := other.Unwrap().(PrivKeyEd25519); ok {
  73. return bytes.Equal(privKey[:], otherEd[:])
  74. } else {
  75. return false
  76. }
  77. }
  78. func (p PrivKeyEd25519) MarshalJSON() ([]byte, error) {
  79. return data.Encoder.Marshal(p[:])
  80. }
  81. func (p *PrivKeyEd25519) UnmarshalJSON(enc []byte) error {
  82. var ref []byte
  83. err := data.Encoder.Unmarshal(&ref, enc)
  84. copy(p[:], ref)
  85. return err
  86. }
  87. func (privKey PrivKeyEd25519) ToCurve25519() *[32]byte {
  88. keyCurve25519 := new([32]byte)
  89. privKeyBytes := [64]byte(privKey)
  90. extra25519.PrivateKeyToCurve25519(keyCurve25519, &privKeyBytes)
  91. return keyCurve25519
  92. }
  93. func (privKey PrivKeyEd25519) String() string {
  94. return Fmt("PrivKeyEd25519{*****}")
  95. }
  96. // Deterministically generates new priv-key bytes from key.
  97. func (privKey PrivKeyEd25519) Generate(index int) PrivKeyEd25519 {
  98. newBytes := wire.BinarySha256(struct {
  99. PrivKey [64]byte
  100. Index int
  101. }{privKey, index})
  102. var newKey [64]byte
  103. copy(newKey[:], newBytes)
  104. return PrivKeyEd25519(newKey)
  105. }
  106. func (privKey PrivKeyEd25519) Wrap() PrivKey {
  107. return PrivKey{privKey}
  108. }
  109. func GenPrivKeyEd25519() PrivKeyEd25519 {
  110. privKeyBytes := new([64]byte)
  111. copy(privKeyBytes[:32], CRandBytes(32))
  112. ed25519.MakePublicKey(privKeyBytes)
  113. return PrivKeyEd25519(*privKeyBytes)
  114. }
  115. // NOTE: secret should be the output of a KDF like bcrypt,
  116. // if it's derived from user input.
  117. func GenPrivKeyEd25519FromSecret(secret []byte) PrivKeyEd25519 {
  118. privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.
  119. privKeyBytes := new([64]byte)
  120. copy(privKeyBytes[:32], privKey32)
  121. ed25519.MakePublicKey(privKeyBytes)
  122. return PrivKeyEd25519(*privKeyBytes)
  123. }
  124. //-------------------------------------
  125. var _ PrivKeyInner = PrivKeySecp256k1{}
  126. // Implements PrivKey
  127. type PrivKeySecp256k1 [32]byte
  128. func (privKey PrivKeySecp256k1) AssertIsPrivKeyInner() {}
  129. func (privKey PrivKeySecp256k1) Bytes() []byte {
  130. return wire.BinaryBytes(PrivKey{privKey})
  131. }
  132. func (privKey PrivKeySecp256k1) Sign(msg []byte) Signature {
  133. priv__, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
  134. sig__, err := priv__.Sign(Sha256(msg))
  135. if err != nil {
  136. PanicSanity(err)
  137. }
  138. return SignatureSecp256k1(sig__.Serialize()).Wrap()
  139. }
  140. func (privKey PrivKeySecp256k1) PubKey() PubKey {
  141. _, pub__ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey[:])
  142. var pub PubKeySecp256k1
  143. copy(pub[:], pub__.SerializeCompressed())
  144. return pub.Wrap()
  145. }
  146. func (privKey PrivKeySecp256k1) Equals(other PrivKey) bool {
  147. if otherSecp, ok := other.Unwrap().(PrivKeySecp256k1); ok {
  148. return bytes.Equal(privKey[:], otherSecp[:])
  149. } else {
  150. return false
  151. }
  152. }
  153. func (p PrivKeySecp256k1) MarshalJSON() ([]byte, error) {
  154. return data.Encoder.Marshal(p[:])
  155. }
  156. func (p *PrivKeySecp256k1) UnmarshalJSON(enc []byte) error {
  157. var ref []byte
  158. err := data.Encoder.Unmarshal(&ref, enc)
  159. copy(p[:], ref)
  160. return err
  161. }
  162. func (privKey PrivKeySecp256k1) String() string {
  163. return Fmt("PrivKeySecp256k1{*****}")
  164. }
  165. func (privKey PrivKeySecp256k1) Wrap() PrivKey {
  166. return PrivKey{privKey}
  167. }
  168. /*
  169. // Deterministically generates new priv-key bytes from key.
  170. func (key PrivKeySecp256k1) Generate(index int) PrivKeySecp256k1 {
  171. newBytes := wire.BinarySha256(struct {
  172. PrivKey [64]byte
  173. Index int
  174. }{key, index})
  175. var newKey [64]byte
  176. copy(newKey[:], newBytes)
  177. return PrivKeySecp256k1(newKey)
  178. }
  179. */
  180. func GenPrivKeySecp256k1() PrivKeySecp256k1 {
  181. privKeyBytes := [32]byte{}
  182. copy(privKeyBytes[:], CRandBytes(32))
  183. priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKeyBytes[:])
  184. copy(privKeyBytes[:], priv.Serialize())
  185. return PrivKeySecp256k1(privKeyBytes)
  186. }
  187. // NOTE: secret should be the output of a KDF like bcrypt,
  188. // if it's derived from user input.
  189. func GenPrivKeySecp256k1FromSecret(secret []byte) PrivKeySecp256k1 {
  190. privKey32 := Sha256(secret) // Not Ripemd160 because we want 32 bytes.
  191. priv, _ := secp256k1.PrivKeyFromBytes(secp256k1.S256(), privKey32)
  192. privKeyBytes := [32]byte{}
  193. copy(privKeyBytes[:], priv.Serialize())
  194. return PrivKeySecp256k1(privKeyBytes)
  195. }