Skip to content

Commit

Permalink
crypto: remove legacy base58 encoding for SecretKeyEd25519
Browse files Browse the repository at this point in the history
  • Loading branch information
emturner committed Dec 19, 2023
1 parent 2347939 commit c64a247
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 6 deletions.
3 changes: 2 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,15 @@ parameterized by the lifetime of the input byte slice.

### Removed

- Nothing.
- Removed legacy `SecretKeyEd25519` encoding.

### Fixed

- Fix prefix used in `SeedEd25519` encoding.
- Add explicit prefix check during base58check decoding.
- Hash input before signing with `SecretKeyEd25519`, to match octez impl.
- Fix `BlsSignature` base58 check encoding/decoding.
- Fix `SecretKeyEd25519` base58 check encoding/decoding.

### Security

Expand Down
22 changes: 17 additions & 5 deletions crypto/src/hash.rs
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,9 @@ mod prefix_bytes {
pub const PUBLIC_KEY_P256: [u8; 4] = [3, 178, 139, 127];
pub const PUBLIC_KEY_BLS: [u8; 4] = [6, 149, 135, 204];
pub const SEED_ED25519: [u8; 4] = [13, 15, 58, 7];
pub const SECRET_KEY_ED25519: [u8; 4] = [43, 246, 78, 7];
// SecretKeyEd25519 uses identical b58 encoding as SeedEd25519 in
// non-legacy format.
pub const SECRET_KEY_ED25519: [u8; 4] = SEED_ED25519;
pub const SECRET_KEY_BLS: [u8; 4] = [3, 150, 192, 40];
pub const GENERIC_SIGNATURE_HASH: [u8; 3] = [4, 130, 43];
pub const ED22519_SIGNATURE_HASH: [u8; 5] = [9, 245, 205, 134, 18];
Expand Down Expand Up @@ -362,7 +364,7 @@ pub enum HashType {
PublicKeyBls,
// "\013\015\058\007" (* edsk(54) *)
SeedEd25519,
// "\043\246\078\007" (* edsk(98) *)
// "\013\015\058\007" (* edsk(54) *)
SecretKeyEd25519,
// "\003\150\192\040" (* BLsk(54) *)
SecretKeyBls,
Expand Down Expand Up @@ -447,10 +449,9 @@ impl HashType {
| HashType::ContractTz4Hash
| HashType::SmartRollupHash => 20,
HashType::PublicKeySecp256k1 | HashType::PublicKeyP256 => 33,
HashType::SeedEd25519 | HashType::SecretKeyBls => 32,
HashType::SecretKeyEd25519 | HashType::SeedEd25519 | HashType::SecretKeyBls => 32,
HashType::PublicKeyBls => 48,
HashType::SecretKeyEd25519
| HashType::Ed25519Signature
HashType::Ed25519Signature
| HashType::Secp256k1Signature
| HashType::P256Signature
| HashType::Signature => 64,
Expand Down Expand Up @@ -1178,6 +1179,8 @@ mod tests {
fn $name() {
for str in $h {
let h = $ty::from_base58_check(str).expect("Invalid hash");
assert_eq!(str, h.to_base58_check());

let json = serde_json::to_string(&h).expect("Cannot convert to json");
assert_eq!(json, format!(r#""{}""#, h));
let h1 = serde_json::from_str(&json).expect("Cannot convert from json");
Expand Down Expand Up @@ -1259,6 +1262,15 @@ mod tests {
["edsk31vznjHSSpGExDMHYASz45VZqXN4DPxvsa4hAyY8dHM28cZzp6"]
);

test!(
sk_ed25519,
SecretKeyEd25519,
[
"edsk31vznjHSSpGExDMHYASz45VZqXN4DPxvsa4hAyY8dHM28cZzp6",
"edsk3gUfUPyBSfrS9CCgmCiQsTCHGkviBDusMxDJstFtojtc1zcpsh"
]
);

test!(pk_hash, CryptoboxPublicKeyHash, []);

test!(pk_ed25519, PublicKeyEd25519, []);
Expand Down

0 comments on commit c64a247

Please sign in to comment.