mirror of
https://github.com/ethereum/go-ethereum.git
synced 2026-06-24 23:46:17 +00:00
crypto: update to go version 1.22 (#28946)
This commit is contained in:
Daniel Liu
parent
97879c0ac5
commit
d0566e4165
5 changed files with 99 additions and 45 deletions
|
|
@ -51,6 +51,15 @@ var (
|
|||
|
||||
var errInvalidPubkey = errors.New("invalid secp256k1 public key")
|
||||
|
||||
// EllipticCurve contains curve operations.
|
||||
type EllipticCurve interface {
|
||||
elliptic.Curve
|
||||
|
||||
// Point marshaling/unmarshaing.
|
||||
Marshal(x, y *big.Int) []byte
|
||||
Unmarshal(data []byte) (x, y *big.Int)
|
||||
}
|
||||
|
||||
// KeccakState wraps sha3.state. In addition to the usual hash methods, it also supports
|
||||
// Read to get a variable amount of data from the hash state. Read is faster than Sum
|
||||
// because it doesn't copy the internal state, but also modifies the internal state.
|
||||
|
|
@ -148,7 +157,7 @@ func toECDSA(d []byte, strict bool) (*ecdsa.PrivateKey, error) {
|
|||
return nil, errors.New("invalid private key, zero or negative")
|
||||
}
|
||||
|
||||
priv.PublicKey.X, priv.PublicKey.Y = priv.PublicKey.Curve.ScalarBaseMult(d)
|
||||
priv.PublicKey.X, priv.PublicKey.Y = S256().ScalarBaseMult(d)
|
||||
if priv.PublicKey.X == nil {
|
||||
return nil, errors.New("invalid private key")
|
||||
}
|
||||
|
|
@ -165,7 +174,7 @@ func FromECDSA(priv *ecdsa.PrivateKey) []byte {
|
|||
|
||||
// UnmarshalPubkey converts bytes to a secp256k1 public key.
|
||||
func UnmarshalPubkey(pub []byte) (*ecdsa.PublicKey, error) {
|
||||
x, y := elliptic.Unmarshal(S256(), pub)
|
||||
x, y := S256().Unmarshal(pub)
|
||||
if x == nil {
|
||||
return nil, errInvalidPubkey
|
||||
}
|
||||
|
|
@ -176,7 +185,7 @@ func FromECDSAPub(pub *ecdsa.PublicKey) []byte {
|
|||
if pub == nil || pub.X == nil || pub.Y == nil {
|
||||
return nil
|
||||
}
|
||||
return elliptic.Marshal(S256(), pub.X, pub.Y)
|
||||
return S256().Marshal(pub.X, pub.Y)
|
||||
}
|
||||
|
||||
// HexToECDSA parses a secp256k1 private key.
|
||||
|
|
|
|||
|
|
@ -40,6 +40,8 @@ import (
|
|||
"hash"
|
||||
"io"
|
||||
"math/big"
|
||||
|
||||
"github.com/XinFinOrg/XDPoSChain/crypto"
|
||||
)
|
||||
|
||||
var (
|
||||
|
|
@ -95,15 +97,15 @@ func ImportECDSA(prv *ecdsa.PrivateKey) *PrivateKey {
|
|||
// Generate an elliptic curve public / private keypair. If params is nil,
|
||||
// the recommended default parameters for the key will be chosen.
|
||||
func GenerateKey(rand io.Reader, curve elliptic.Curve, params *ECIESParams) (prv *PrivateKey, err error) {
|
||||
pb, x, y, err := elliptic.GenerateKey(curve, rand)
|
||||
sk, err := ecdsa.GenerateKey(curve, rand)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
prv = new(PrivateKey)
|
||||
prv.PublicKey.X = x
|
||||
prv.PublicKey.Y = y
|
||||
prv.PublicKey.X = sk.X
|
||||
prv.PublicKey.Y = sk.Y
|
||||
prv.PublicKey.Curve = curve
|
||||
prv.D = new(big.Int).SetBytes(pb)
|
||||
prv.D = new(big.Int).Set(sk.D)
|
||||
if params == nil {
|
||||
params = ParamsFromCurve(curve)
|
||||
}
|
||||
|
|
@ -255,12 +257,15 @@ func Encrypt(rand io.Reader, pub *PublicKey, m, s1, s2 []byte) (ct []byte, err e
|
|||
|
||||
d := messageTag(params.Hash, Km, em, s2)
|
||||
|
||||
Rb := elliptic.Marshal(pub.Curve, R.PublicKey.X, R.PublicKey.Y)
|
||||
ct = make([]byte, len(Rb)+len(em)+len(d))
|
||||
copy(ct, Rb)
|
||||
copy(ct[len(Rb):], em)
|
||||
copy(ct[len(Rb)+len(em):], d)
|
||||
return ct, nil
|
||||
if curve, ok := pub.Curve.(crypto.EllipticCurve); ok {
|
||||
Rb := curve.Marshal(R.PublicKey.X, R.PublicKey.Y)
|
||||
ct = make([]byte, len(Rb)+len(em)+len(d))
|
||||
copy(ct, Rb)
|
||||
copy(ct[len(Rb):], em)
|
||||
copy(ct[len(Rb)+len(em):], d)
|
||||
return ct, nil
|
||||
}
|
||||
return nil, ErrInvalidCurve
|
||||
}
|
||||
|
||||
// Decrypt decrypts an ECIES ciphertext.
|
||||
|
|
@ -297,21 +302,24 @@ func (prv *PrivateKey) Decrypt(c, s1, s2 []byte) (m []byte, err error) {
|
|||
|
||||
R := new(PublicKey)
|
||||
R.Curve = prv.PublicKey.Curve
|
||||
R.X, R.Y = elliptic.Unmarshal(R.Curve, c[:rLen])
|
||||
if R.X == nil {
|
||||
return nil, ErrInvalidPublicKey
|
||||
}
|
||||
|
||||
z, err := prv.GenerateShared(R, params.KeyLen, params.KeyLen)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
Ke, Km := deriveKeys(hash, z, s1, params.KeyLen)
|
||||
if curve, ok := R.Curve.(crypto.EllipticCurve); ok {
|
||||
R.X, R.Y = curve.Unmarshal(c[:rLen])
|
||||
if R.X == nil {
|
||||
return nil, ErrInvalidPublicKey
|
||||
}
|
||||
|
||||
d := messageTag(params.Hash, Km, c[mStart:mEnd], s2)
|
||||
if subtle.ConstantTimeCompare(c[mEnd:], d) != 1 {
|
||||
return nil, ErrInvalidMessage
|
||||
}
|
||||
z, err := prv.GenerateShared(R, params.KeyLen, params.KeyLen)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
Ke, Km := deriveKeys(hash, z, s1, params.KeyLen)
|
||||
|
||||
return symDecrypt(params, Ke, c[mStart:mEnd])
|
||||
}
|
||||
d := messageTag(params.Hash, Km, c[mStart:mEnd], s2)
|
||||
if subtle.ConstantTimeCompare(c[mEnd:], d) != 1 {
|
||||
return nil, ErrInvalidMessage
|
||||
}
|
||||
return symDecrypt(params, Ke, c[mStart:mEnd])
|
||||
}
|
||||
return nil, ErrInvalidCurve
|
||||
}
|
||||
|
|
@ -10,7 +10,6 @@ package secp256k1
|
|||
import (
|
||||
"bytes"
|
||||
"crypto/ecdsa"
|
||||
"crypto/elliptic"
|
||||
"crypto/rand"
|
||||
"encoding/hex"
|
||||
"io"
|
||||
|
|
@ -24,7 +23,7 @@ func generateKeyPair() (pubkey, privkey []byte) {
|
|||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
pubkey = elliptic.Marshal(S256(), key.X, key.Y)
|
||||
pubkey = S256().Marshal(key.X, key.Y)
|
||||
|
||||
privkey = make([]byte, 32)
|
||||
blob := key.D.Bytes()
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@ package crypto
|
|||
|
||||
import (
|
||||
"crypto/ecdsa"
|
||||
"crypto/elliptic"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
|
|
@ -40,9 +39,7 @@ func SigToPub(hash, sig []byte) (*ecdsa.PublicKey, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
x, y := elliptic.Unmarshal(S256(), s)
|
||||
return &ecdsa.PublicKey{Curve: S256(), X: x, Y: y}, nil
|
||||
return UnmarshalPubkey(s)
|
||||
}
|
||||
|
||||
// Sign calculates an ECDSA signature.
|
||||
|
|
@ -84,6 +81,6 @@ func CompressPubkey(pubkey *ecdsa.PublicKey) []byte {
|
|||
}
|
||||
|
||||
// S256 returns an instance of the secp256k1 curve.
|
||||
func S256() elliptic.Curve {
|
||||
func S256() EllipticCurve {
|
||||
return secp256k1.S256()
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,9 +21,9 @@ package crypto
|
|||
|
||||
import (
|
||||
"crypto/ecdsa"
|
||||
"crypto/elliptic"
|
||||
"errors"
|
||||
"fmt"
|
||||
"math/big"
|
||||
|
||||
"github.com/btcsuite/btcd/btcec/v2"
|
||||
btc_ecdsa "github.com/btcsuite/btcd/btcec/v2/ecdsa"
|
||||
|
|
@ -58,7 +58,13 @@ func SigToPub(hash, sig []byte) (*ecdsa.PublicKey, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return pub.ToECDSA(), nil
|
||||
// We need to explicitly set the curve here, because we're wrapping
|
||||
// the original curve to add (un-)marshalling
|
||||
return &ecdsa.PublicKey{
|
||||
Curve: S256(),
|
||||
X: pub.X(),
|
||||
Y: pub.Y(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
// Sign calculates an ECDSA signature.
|
||||
|
|
@ -73,7 +79,7 @@ func Sign(hash []byte, prv *ecdsa.PrivateKey) ([]byte, error) {
|
|||
if len(hash) != 32 {
|
||||
return nil, fmt.Errorf("hash is required to be exactly 32 bytes (%d)", len(hash))
|
||||
}
|
||||
if prv.Curve != btcec.S256() {
|
||||
if prv.Curve != S256() {
|
||||
return nil, errors.New("private key curve is not secp256k1")
|
||||
}
|
||||
// ecdsa.PrivateKey -> btcec.PrivateKey
|
||||
|
|
@ -82,10 +88,7 @@ func Sign(hash []byte, prv *ecdsa.PrivateKey) ([]byte, error) {
|
|||
return nil, errors.New("invalid private key")
|
||||
}
|
||||
defer priv.Zero()
|
||||
sig, err := btc_ecdsa.SignCompact(&priv, hash, false) // ref uncompressed pubkey
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
sig := btc_ecdsa.SignCompact(&priv, hash, false) // ref uncompressed pubkey
|
||||
// Convert to Ethereum signature format with 'recovery id' v at the end.
|
||||
v := sig[0] - 27
|
||||
copy(sig, sig[1:])
|
||||
|
|
@ -128,7 +131,13 @@ func DecompressPubkey(pubkey []byte) (*ecdsa.PublicKey, error) {
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return key.ToECDSA(), nil
|
||||
// We need to explicitly set the curve here, because we're wrapping
|
||||
// the original curve to add (un-)marshalling
|
||||
return &ecdsa.PublicKey{
|
||||
Curve: S256(),
|
||||
X: key.X(),
|
||||
Y: key.Y(),
|
||||
}, nil
|
||||
}
|
||||
|
||||
// CompressPubkey encodes a public key to the 33-byte compressed format. The
|
||||
|
|
@ -147,6 +156,38 @@ func CompressPubkey(pubkey *ecdsa.PublicKey) []byte {
|
|||
}
|
||||
|
||||
// S256 returns an instance of the secp256k1 curve.
|
||||
func S256() elliptic.Curve {
|
||||
return btcec.S256()
|
||||
func S256() EllipticCurve {
|
||||
return btCurve{btcec.S256()}
|
||||
}
|
||||
|
||||
type btCurve struct {
|
||||
*btcec.KoblitzCurve
|
||||
}
|
||||
|
||||
// Marshall converts a point given as (x, y) into a byte slice.
|
||||
func (curve btCurve) Marshal(x, y *big.Int) []byte {
|
||||
byteLen := (curve.Params().BitSize + 7) / 8
|
||||
|
||||
ret := make([]byte, 1+2*byteLen)
|
||||
ret[0] = 4 // uncompressed point
|
||||
|
||||
x.FillBytes(ret[1 : 1+byteLen])
|
||||
y.FillBytes(ret[1+byteLen : 1+2*byteLen])
|
||||
|
||||
return ret
|
||||
}
|
||||
|
||||
// Unmarshal converts a point, serialised by Marshal, into an x, y pair. On
|
||||
// error, x = nil.
|
||||
func (curve btCurve) Unmarshal(data []byte) (x, y *big.Int) {
|
||||
byteLen := (curve.Params().BitSize + 7) / 8
|
||||
if len(data) != 1+2*byteLen {
|
||||
return nil, nil
|
||||
}
|
||||
if data[0] != 4 { // uncompressed form
|
||||
return nil, nil
|
||||
}
|
||||
x = new(big.Int).SetBytes(data[1 : 1+byteLen])
|
||||
y = new(big.Int).SetBytes(data[1+byteLen:])
|
||||
return
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue