logos-blockchain/lssa
1
0
Fork 0
mirror of https://github.com/logos-blockchain/lssa.git synced 2026-01-04 06:13:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

remove usage of prehash sinc it is hazard material. Prefer use of secure api

Browse Source
This commit is contained in:
Sergio Chouhy 2025-07-21 21:07:16 -03:00
parent 71fdce8050
commit 5de28c062e
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
common/src/transaction.rs
View File

@ -1,5 +1,5 @@
use k256::ecdsa::{ use k256::ecdsa::{
signature::hazmat::{PrehashSigner, PrehashVerifier}, signature::{Signer, Verifier},
Signature, SigningKey, VerifyingKey, Signature, SigningKey, VerifyingKey,
}; };
use log::info; use log::info;
@ -160,13 +160,17 @@ impl ActionData {
impl TransactionBody { impl TransactionBody {
/// Computes and returns the SHA-256 hash of the JSON-serialized representation of `self`. /// Computes and returns the SHA-256 hash of the JSON-serialized representation of `self`.
pub fn hash(&self) -> TreeHashType { pub fn hash(&self) -> TreeHashType {
let bytes_to_hash = self.to_bytes();
let mut hasher = sha2::Sha256::new();
hasher.update(&bytes_to_hash);
TreeHashType::from(hasher.finalize_fixed())
}
fn to_bytes(&self) -> Vec<u8> {
// TODO: Remove `unwrap` by implementing a `to_bytes` method // TODO: Remove `unwrap` by implementing a `to_bytes` method
// that deterministically encodes all transaction fields to bytes // that deterministically encodes all transaction fields to bytes
// and guarantees serialization will succeed. // and guarantees serialization will succeed.
let raw_data = serde_json::to_vec(&self).unwrap(); serde_json::to_vec(&self).unwrap()
let mut hasher = sha2::Sha256::new();
hasher.update(&raw_data);
TreeHashType::from(hasher.finalize_fixed())
} }
pub fn log(&self) { pub fn log(&self) {
@ -239,8 +243,7 @@ impl Transaction {
/// Returns a new transaction signed with the provided `private_key`. /// Returns a new transaction signed with the provided `private_key`.
/// The signature is generated over the hash of the body as computed by `body.hash()` /// The signature is generated over the hash of the body as computed by `body.hash()`
pub fn new(body: TransactionBody, private_key: SigningKey) -> Transaction { pub fn new(body: TransactionBody, private_key: SigningKey) -> Transaction {
let hash = body.hash(); let signature: TransactionSignature = private_key.sign(&body.to_bytes());
let signature: TransactionSignature = private_key.sign_prehash(&hash).unwrap();
let public_key = VerifyingKey::from(&private_key); let public_key = VerifyingKey::from(&private_key);
Self { Self {
body, body,
@ -255,7 +258,7 @@ impl Transaction {
let hash = self.body.hash(); let hash = self.body.hash();
self.public_key self.public_key
.verify_prehash(&hash, &self.signature) .verify(&self.body.to_bytes(), &self.signature)
.map_err(|_| TransactionSignatureError::InvalidSignature)?; .map_err(|_| TransactionSignatureError::InvalidSignature)?;
Ok(AuthenticatedTransaction { Ok(AuthenticatedTransaction {
@ -379,7 +382,7 @@ mod tests {
assert!(authenticated_tx assert!(authenticated_tx
.transaction() .transaction()
.public_key .public_key
.verify_prehash(hash, &signature) .verify(&transaction.body.to_bytes(), &signature)
.is_ok()); .is_ok());
} }