From 39ee1edc458d06422799afdc63e263be01d3b101 Mon Sep 17 00:00:00 2001 From: Daniel Sanchez Quiros Date: Fri, 14 Oct 2022 11:59:44 -0500 Subject: [PATCH] Fix keys dance --- Cargo.lock | 144 +++++++------------------------------ waku-sys/vendor | 2 +- waku/Cargo.toml | 2 +- waku/src/decrypt.rs | 4 +- waku/src/general/mod.rs | 24 ++++--- waku/src/node/config.rs | 8 +-- waku/src/node/lightpush.rs | 6 +- waku/src/node/mod.rs | 4 +- waku/src/node/relay.rs | 12 ++-- waku/tests/node.rs | 27 ++++--- 10 files changed, 78 insertions(+), 155 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 4e997f2..3b203c2 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -104,15 +104,6 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -[[package]] -name = "block-buffer" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" -dependencies = [ - "generic-array", -] - [[package]] name = "bs58" version = "0.4.0" @@ -125,6 +116,12 @@ version = "1.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" +[[package]] +name = "cc" +version = "1.0.73" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11" + [[package]] name = "cexpr" version = "0.6.0" @@ -223,12 +220,6 @@ dependencies = [ "libc", ] -[[package]] -name = "crunchy" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a81dae078cea95a014a339291cec439d2f232ebe854a9d672b796c6afafa9b7" - [[package]] name = "crypto-common" version = "0.1.6" @@ -240,16 +231,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "crypto-mac" -version = "0.8.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b584a330336237c1eecd3e94266efb216c56ed91225d634cb2991c5f3fd1aeab" -dependencies = [ - "generic-array", - "subtle", -] - [[package]] name = "ctr" version = "0.9.2" @@ -265,15 +246,6 @@ version = "2.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3ee2393c4a91429dffb4bedf19f4d6abf27d8a732c8ce4980305d782e5426d57" -[[package]] -name = "digest" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" -dependencies = [ - "generic-array", -] - [[package]] name = "either" version = "1.8.0" @@ -372,27 +344,6 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" -[[package]] -name = "hmac" -version = "0.8.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "126888268dcc288495a26bf004b38c5fdbb31682f992c84ceb046a1f0fe38840" -dependencies = [ - "crypto-mac", - "digest", -] - -[[package]] -name = "hmac-drbg" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "17ea0a1394df5b6574da6e0c1ade9e78868c9fb0a4e5ef4428e32da4676b85b1" -dependencies = [ - "digest", - "generic-array", - "hmac", -] - [[package]] name = "humantime" version = "2.1.0" @@ -462,54 +413,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "libsecp256k1" -version = "0.7.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95b09eff1b35ed3b33b877ced3a691fc7a481919c7e29c53c906226fcf55e2a1" -dependencies = [ - "arrayref", - "base64", - "digest", - "hmac-drbg", - "libsecp256k1-core", - "libsecp256k1-gen-ecmult", - "libsecp256k1-gen-genmult", - "rand 0.8.5", - "serde", - "sha2", - "typenum", -] - -[[package]] -name = "libsecp256k1-core" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5be9b9bb642d8522a44d533eab56c16c738301965504753b03ad1de3425d5451" -dependencies = [ - "crunchy", - "digest", - "subtle", -] - -[[package]] -name = "libsecp256k1-gen-ecmult" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3038c808c55c87e8a172643a7d87187fc6c4174468159cb3090659d55bcb4809" -dependencies = [ - "libsecp256k1-core", -] - -[[package]] -name = "libsecp256k1-gen-genmult" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3db8d6ba2cec9eacc40e6e8ccc98931840301f1006e95647ceb2dd5c3aa06f7c" -dependencies = [ - "libsecp256k1-core", -] - [[package]] name = "log" version = "0.4.17" @@ -810,6 +713,26 @@ version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09" +[[package]] +name = "secp256k1" +version = "0.24.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b7649a0b3ffb32636e60c7ce0d70511eda9c52c658cd0634e194d5a19943aeff" +dependencies = [ + "rand 0.8.5", + "secp256k1-sys", + "serde", +] + +[[package]] +name = "secp256k1-sys" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "83080e2c2fc1006e625be82e5d1eb6a43b7fd9578b617fcc55814daf286bba4b" +dependencies = [ + "cc", +] + [[package]] name = "serde" version = "1.0.145" @@ -841,19 +764,6 @@ dependencies = [ "serde", ] -[[package]] -name = "sha2" -version = "0.9.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" -dependencies = [ - "block-buffer", - "cfg-if", - "cpufeatures", - "digest", - "opaque-debug", -] - [[package]] name = "shlex" version = "1.1.0" @@ -1068,11 +978,11 @@ dependencies = [ "aes-gcm", "base64", "hex", - "libsecp256k1", "multiaddr", "once_cell", "rand 0.8.5", "rust-crypto", + "secp256k1", "serde", "serde_json", "sscanf", diff --git a/waku-sys/vendor b/waku-sys/vendor index caf6d01..3a7f260 160000 --- a/waku-sys/vendor +++ b/waku-sys/vendor @@ -1 +1 @@ -Subproject commit caf6d0133348e19e8ed7316c1f499f3c35fba52f +Subproject commit 3a7f2608b3613e40c055e8f9a6afb9337c28c580 diff --git a/waku/Cargo.toml b/waku/Cargo.toml index f3b0aa5..9c7b8ac 100644 --- a/waku/Cargo.toml +++ b/waku/Cargo.toml @@ -9,7 +9,7 @@ edition = "2021" aes-gcm = { version = "0.10", features = ["aes"] } base64 = "0.13" hex = "0.4" -libsecp256k1 = "0.7" +secp256k1 = { version = "0.24", features = ["rand", "recovery", "serde"] } multiaddr = "0.14" once_cell = "1.15" rand = "0.8" diff --git a/waku/src/decrypt.rs b/waku/src/decrypt.rs index c9f67ea..acf443c 100644 --- a/waku/src/decrypt.rs +++ b/waku/src/decrypt.rs @@ -4,7 +4,7 @@ use std::ffi::{CStr, CString}; // crates use aes_gcm::{Aes256Gcm, Key}; -use libsecp256k1::SecretKey; +use secp256k1::SecretKey; // internal use crate::general::{DecodedPayload, JsonResponse, Result, WakuMessage}; @@ -43,7 +43,7 @@ pub fn waku_decode_asymmetric( message: &WakuMessage, asymmetric_key: &SecretKey, ) -> Result { - let sk = hex::encode(asymmetric_key.serialize()); + let sk = hex::encode(asymmetric_key.secret_bytes()); let result = unsafe { CStr::from_ptr(waku_sys::waku_decode_asymmetric( CString::new( diff --git a/waku/src/general/mod.rs b/waku/src/general/mod.rs index 78c3529..5f8f5de 100644 --- a/waku/src/general/mod.rs +++ b/waku/src/general/mod.rs @@ -5,7 +5,7 @@ use std::fmt::{Display, Formatter}; use std::str::FromStr; // crates use aes_gcm::{Aes256Gcm, Key}; -use libsecp256k1::{PublicKey, SecretKey, Signature}; +use secp256k1::{ecdsa::Signature, PublicKey, SecretKey}; use serde::{de::Error, Deserialize, Deserializer, Serialize, Serializer}; use sscanf::{scanf, RegexRepresentation}; // internal @@ -140,10 +140,10 @@ impl WakuMessage { #[serde(rename_all = "camelCase")] pub struct DecodedPayload { /// Public key that signed the message (optional), hex encoded with 0x prefix - #[serde(deserialize_with = "deserialize_optional_pk")] + #[serde(deserialize_with = "deserialize_optional_pk", default)] public_key: Option, /// Message signature (optional), hex encoded with 0x prefix - #[serde(deserialize_with = "deserialize_optional_signature")] + #[serde(deserialize_with = "deserialize_optional_signature", default)] signature: Option, /// Decrypted message payload base64 encoded #[serde(with = "base64_serde")] @@ -470,7 +470,7 @@ where base64_str .map(|base64_str| { let raw_bytes = base64::decode(base64_str).map_err(D::Error::custom)?; - PublicKey::parse_slice(&raw_bytes, None).map_err(D::Error::custom) + PublicKey::from_slice(&raw_bytes).map_err(D::Error::custom) }) .transpose() } @@ -481,11 +481,17 @@ pub fn deserialize_optional_signature<'de, D>( where D: Deserializer<'de>, { - let base64_str: Option = Option::::deserialize(deserializer)?; - base64_str - .map(|base64_str| { - let raw_bytes = base64::decode(base64_str).map_err(D::Error::custom)?; - Signature::parse_der(&raw_bytes).map_err(D::Error::custom) + let hex_str: Option = Option::::deserialize(deserializer)?; + hex_str + .map(|hex_str| { + let raw_bytes = hex::decode(hex_str.strip_prefix("0x").unwrap_or(&hex_str)) + .map_err(D::Error::custom)?; + if ![64, 65].contains(&raw_bytes.len()) { + return Err(D::Error::custom( + "Invalid signature, only 64 or 65 bytes len are supported", + )); + } + Signature::from_compact(&raw_bytes[..64]).map_err(D::Error::custom) }) .transpose() } diff --git a/waku/src/node/config.rs b/waku/src/node/config.rs index e88d6a8..beb9cae 100644 --- a/waku/src/node/config.rs +++ b/waku/src/node/config.rs @@ -2,8 +2,8 @@ // std // crates -use libsecp256k1::SecretKey; use multiaddr::Multiaddr; +use secp256k1::SecretKey; use serde::{Deserialize, Serialize}; // internal @@ -33,7 +33,7 @@ pub struct WakuNodeConfig { } mod secret_key_serde { - use libsecp256k1::SecretKey; + use secp256k1::SecretKey; use serde::de::Error; use serde::{Deserialize, Deserializer, Serialize, Serializer}; @@ -41,7 +41,7 @@ mod secret_key_serde { where S: Serializer, { - let as_string: Option = key.as_ref().map(|key| hex::encode(key.serialize())); + let as_string: Option = key.as_ref().map(|key| hex::encode(key.secret_bytes())); as_string.serialize(serializer) } @@ -55,7 +55,7 @@ mod secret_key_serde { Some(s) => { let key_bytes = hex::decode(s).map_err(|e| D::Error::custom(format!("{e}")))?; Ok(Some( - SecretKey::parse_slice(&key_bytes) + SecretKey::from_slice(&key_bytes) .map_err(|e| D::Error::custom(format!("{e}")))?, )) } diff --git a/waku/src/node/lightpush.rs b/waku/src/node/lightpush.rs index 34ad952..dcd824d 100644 --- a/waku/src/node/lightpush.rs +++ b/waku/src/node/lightpush.rs @@ -5,7 +5,7 @@ use std::ffi::{CStr, CString}; use std::time::Duration; // crates use aes_gcm::{Aes256Gcm, Key}; -use libsecp256k1::{PublicKey, SecretKey}; +use secp256k1::{PublicKey, SecretKey}; // internal use crate::general::{JsonResponse, MessageId, PeerId, Result, WakuMessage, WakuPubSubTopic}; use crate::node::waku_dafault_pubsub_topic; @@ -59,7 +59,7 @@ pub fn waku_lightpush_publish_encrypt_asymmetric( ) -> Result { let pk = hex::encode(public_key.serialize()); let sk = signing_key - .map(|signing_key| hex::encode(signing_key.serialize())) + .map(|signing_key| hex::encode(signing_key.secret_bytes())) .unwrap_or_else(String::new); let pubsub_topic = pubsub_topic .unwrap_or_else(waku_dafault_pubsub_topic) @@ -109,7 +109,7 @@ pub fn waku_lightpush_publish_encrypt_symmetric( ) -> Result { let symk = hex::encode(symmetric_key.as_slice()); let sk = signing_key - .map(|signing_key| hex::encode(signing_key.serialize())) + .map(|signing_key| hex::encode(signing_key.secret_bytes())) .unwrap_or_else(String::new); let pubsub_topic = pubsub_topic .unwrap_or_else(waku_dafault_pubsub_topic) diff --git a/waku/src/node/mod.rs b/waku/src/node/mod.rs index cefe8a9..4f88f44 100644 --- a/waku/src/node/mod.rs +++ b/waku/src/node/mod.rs @@ -10,8 +10,8 @@ mod store; // std use aes_gcm::{Aes256Gcm, Key}; -use libsecp256k1::{PublicKey, SecretKey}; use multiaddr::Multiaddr; +use secp256k1::{PublicKey, SecretKey}; use std::marker::PhantomData; use std::sync::Mutex; use std::time::Duration; @@ -192,7 +192,7 @@ impl WakuNodeHandle { &self, message: &WakuMessage, pubsub_topic: Option, - symmetric_key: &PublicKey, + symmetric_key: &Key, signing_key: Option<&SecretKey>, timeout: Option, ) -> Result { diff --git a/waku/src/node/relay.rs b/waku/src/node/relay.rs index ff83738..d6888ae 100644 --- a/waku/src/node/relay.rs +++ b/waku/src/node/relay.rs @@ -5,7 +5,7 @@ use std::ffi::{CStr, CString}; use std::time::Duration; // crates use aes_gcm::{Aes256Gcm, Key}; -use libsecp256k1::{PublicKey, SecretKey}; +use secp256k1::{PublicKey, SecretKey}; // internal use crate::general::{ Encoding, JsonResponse, MessageId, Result, WakuContentTopic, WakuMessage, WakuPubSubTopic, @@ -116,9 +116,9 @@ pub fn waku_relay_publish_encrypt_asymmetric( signing_key: Option<&SecretKey>, timeout: Option, ) -> Result { - let pk = hex::encode(public_key.serialize()); + let pk = hex::encode(public_key.serialize_uncompressed()); let sk = signing_key - .map(|signing_key| hex::encode(signing_key.serialize())) + .map(|signing_key| hex::encode(signing_key.secret_bytes())) .unwrap_or_else(String::new); let pubsub_topic = pubsub_topic .unwrap_or_else(waku_dafault_pubsub_topic) @@ -162,13 +162,13 @@ pub fn waku_relay_publish_encrypt_asymmetric( pub fn waku_relay_publish_encrypt_symmetric( message: &WakuMessage, pubsub_topic: Option, - symmetric_key: &PublicKey, + symmetric_key: &Key, signing_key: Option<&SecretKey>, timeout: Option, ) -> Result { - let symk = hex::encode(symmetric_key.serialize()); + let symk = hex::encode(symmetric_key.as_slice()); let sk = signing_key - .map(|signing_key| hex::encode(signing_key.serialize())) + .map(|signing_key| hex::encode(signing_key.secret_bytes())) .unwrap_or_else(String::new); let pubsub_topic = pubsub_topic .unwrap_or_else(waku_dafault_pubsub_topic) diff --git a/waku/tests/node.rs b/waku/tests/node.rs index b38a1de..9cc3468 100644 --- a/waku/tests/node.rs +++ b/waku/tests/node.rs @@ -1,7 +1,7 @@ use aes_gcm::{Aes256Gcm, KeyInit}; -use libsecp256k1::PublicKey; use multiaddr::Multiaddr; use rand::thread_rng; +use secp256k1::{PublicKey, Secp256k1, SecretKey}; use std::net::IpAddr; use std::str::FromStr; use std::time::{Duration, SystemTime}; @@ -42,8 +42,8 @@ pub fn main() -> Result<(), String> { assert!(node.peer_count()? >= NODES.len()); assert!(node.relay_enough_peers(None)?); - let sk = libsecp256k1::SecretKey::random(&mut thread_rng()); - let pk = PublicKey::from_secret_key(&sk); + let sk = SecretKey::new(&mut thread_rng()); + let pk = PublicKey::from_secret_key(&Secp256k1::new(), &sk); let ssk = Aes256Gcm::generate_key(&mut thread_rng()); let content = "Hi from 🦀!"; @@ -53,11 +53,17 @@ pub fn main() -> Result<(), String> { Event::WakuMessage(message) => { println!("Message with id [{}] received", message.message_id()); let message = message.waku_message(); - let payload = if let Ok(message) = message.try_decode_asymmetric(&sk) { - println!("Asymemetry message"); + let payload = if let Ok(message) = message + .try_decode_asymmetric(&sk) + .map_err(|e| println!("{e}")) + { + println!("Asymmetryc message"); message.data().to_vec() - } else if let Ok(message) = message.try_decode_symmetric(&ssk) { - println!("Symemetry message"); + } else if let Ok(message) = message + .try_decode_symmetric(&ssk) + .map_err(|e| println!("{e}")) + { + println!("Symmetryc message"); message.data().to_vec() } else { println!("Unencoded message"); @@ -94,10 +100,11 @@ pub fn main() -> Result<(), String> { .unwrap(), ); - // node.relay_publish_message(&message, None, None)?; - + node.relay_publish_message(&message, None, None)?; + node.relay_publish_encrypt_asymmetric(&message, None, &pk, None, None)?; + node.relay_publish_encrypt_symmetric(&message, None, &ssk, None, None)?; node.relay_publish_encrypt_asymmetric(&message, None, &pk, Some(&sk), None)?; - // node.relay_publish_encrypt_symmetric(&message, None, &pk, None, None)?; + node.relay_publish_encrypt_symmetric(&message, None, &ssk, Some(&sk), None)?; std::thread::sleep(Duration::from_secs(2)); node.stop()?;