Bump secp256k1

2026-01-03 22:13:06 +00:00 · 2023-06-07 17:20:33 +02:00 · 2023-06-07 17:20:33 +02:00 · 96337ca3ce
commit 96337ca3ce
parent 4375b92298
3 changed files with 179 additions and 132 deletions
--- a/libp2pdht.nimble
+++ b/libp2pdht.nimble
@ -12,11 +12,10 @@ requires "nim >= 1.2.0",
         "nimcrypto >= 0.5.4 & < 0.6.0",
         "bearssl#head",
         "chronicles >= 0.10.2 & < 0.11.0",
-         "chronos >= 3.0.11 & < 3.1.0",
+         "chronos >= 3.0.11 & < 3.3.0",
         "libp2p#unstable",
         "metrics",
-         "protobufserialization >= 0.2.0 & < 0.3.0",
-         "secp256k1 >= 0.5.2 & < 0.6.0",
+         "secp256k1 >= 0.6.0 & < 0.7.0",
         "stew#head",
         "stint",
         "asynctest >= 0.3.1 & < 0.4.0",
--- a/libp2pdht/private/eth/p2p/discoveryv5/crypto.nim
+++ b/libp2pdht/private/eth/p2p/discoveryv5/crypto.nim
@ -2,7 +2,12 @@ import
  std/sugar,
  libp2p/crypto/[crypto, secp]

-from secp256k1 import ecdhRaw, SkEcdhRawSecret, toRaw
+from secp256k1 import ecdh, SkEcdhSecretSize, toRaw, SkSecretKey, SkPublicKey
+
+type
+  SharedSecret* = object
+    ## Representation of ECDH shared secret, without leading `y` byte
+    data*: array[SkEcdhSecretSize, byte]

 proc fromHex*(T: type PrivateKey, data: string): Result[PrivateKey, cstring] =
  let skKey = ? SkPrivateKey.init(data).mapErr(e =>
@ -14,17 +19,35 @@ proc fromHex*(T: type PublicKey, data: string): Result[PublicKey, cstring] =
                ("Failed to init public key from hex string: " & $e).cstring)
  ok PublicKey.init(skKey)

-func ecdhRaw*(seckey: SkPrivateKey, pubkey: SkPublicKey): SkEcdhRawSecret {.borrow.}
+proc ecdhSharedSecretHash(output: ptr byte, x32, y32: ptr byte, data: pointer): cint
+                    {.cdecl, raises: [].} =
+  ## Hash function used by `ecdhSharedSecret` below
+  # `x32` and `y32` are result of scalar multiplication of publicKey * privateKey.
+  # Both `x32` and `y32` are 32 bytes length.
+  # Take the `x32` part as ecdh shared secret.
+
+  # output length is derived from x32 length and taken from ecdh
+  # generic parameter `KeyLength`
+  copyMem(output, x32, SkEcdhSecretSize)
+  return 1
+
+func ecdhSharedSecret(seckey: SkPrivateKey, pubkey: secp.SkPublicKey): SharedSecret =
+  ## Compute ecdh agreed shared secret.
+  let res = ecdh[SkEcdhSecretSize](SkSecretKey(seckey), secp256k1.SkPublicKey(pubkey), ecdhSharedSecretHash, nil)
+  # This function only fail if the hash function return zero.
+  # Because our hash function always success, we can turn the error into defect
+  doAssert res.isOk, $res.error
+  SharedSecret(data: res.get)

 proc ecdhRaw*(
    priv: PrivateKey,
-    pub: PublicKey): Result[SkEcdhRawSecret, cstring] =
+    pub: PublicKey): Result[SharedSecret, cstring] =

  # TODO: Do we need to support non-secp256k1 schemes?
  if priv.scheme != Secp256k1 or pub.scheme != Secp256k1:
    return err "Must use secp256k1 scheme".cstring

-  ok ecdhRaw(priv.skkey, pub.skkey)
+  ok ecdhSharedSecret(priv.skkey, pub.skkey)

 proc toRaw*(pubkey: PublicKey): seq[byte] =
  secp256k1.SkPublicKey(pubkey.skkey).toRaw()[1..^1]
--- a/nimble.lock
+++ b/nimble.lock
@ -1,54 +1,87 @@
 {
-  "version": 1,
+  "version": 2,
  "packages": {
-    "unittest2": {
-      "version": "0.0.4",
-      "vcsRevision": "f180f596c88dfd266f746ed6f8dbebce39c824db",
-      "url": "https://github.com/status-im/nim-unittest2.git",
+    "upraises": {
+      "version": "0.1.0",
+      "vcsRevision": "d9f268db1021959fe0f2c7a5e49fba741f9932a0",
+      "url": "https://github.com/markspanbroek/upraises",
      "downloadMethod": "git",
      "dependencies": [],
      "checksums": {
-        "sha1": "fa309c41eaf6ef57895b9e603f2620a2f6e11780"
+        "sha1": "176234f808b44a0be763df706ed634d6e8df17bb"
+      }
+    },
+    "sqlite3_abi": {
+      "version": "3.40.1.1",
+      "vcsRevision": "362e1bd9f689ad9f5380d9d27f0705b3d4dfc7d3",
+      "url": "https://github.com/arnetheduck/nim-sqlite3-abi",
+      "downloadMethod": "git",
+      "dependencies": [],
+      "checksums": {
+        "sha1": "8e91db8156a82383d9c48f53b33e48f4e93077b1"
+      }
+    },
+    "asynctest": {
+      "version": "0.3.2",
+      "vcsRevision": "a236a5f0f3031573ac2cb082b63dbf6e170e06e7",
+      "url": "https://github.com/markspanbroek/asynctest",
+      "downloadMethod": "git",
+      "dependencies": [],
+      "checksums": {
+        "sha1": "0ef50d086659835b0a23a4beb77cb11747695448"
+      }
+    },
+    "unittest2": {
+      "version": "0.0.7",
+      "vcsRevision": "b178f47527074964f76c395ad0dfc81cf118f379",
+      "url": "https://github.com/status-im/nim-unittest2",
+      "downloadMethod": "git",
+      "dependencies": [],
+      "checksums": {
+        "sha1": "b6d4a5cbe28b43c166d6442ba6804aafd4abe368"
      }
    },
    "stew": {
      "version": "0.1.0",
-      "vcsRevision": "6ad35b876fb6ebe0dfee0f697af173acc47906ee",
-      "url": "https://github.com/status-im/nim-stew.git",
+      "vcsRevision": "13e55ed27a6ab125435ad9f9f0353669b9b554fa",
+      "url": "https://github.com/status-im/nim-stew",
      "downloadMethod": "git",
-      "dependencies": [],
+      "dependencies": [
+        "unittest2"
+      ],
      "checksums": {
-        "sha1": "46d58c4feb457f3241e3347778334e325dce5268"
+        "sha1": "88ce27d9e9b86c518cd3d753cd77cf7051e4123f"
      }
    },
    "bearssl": {
-      "version": "0.1.5",
-      "vcsRevision": "ba80e2a0d7ae8aab666cee013e38ff8d33a3e5e7",
+      "version": "0.2.0",
+      "vcsRevision": "9372f27a25d0718d3527afad6cc936f6a853f86e",
      "url": "https://github.com/status-im/nim-bearssl",
      "downloadMethod": "git",
      "dependencies": [
        "unittest2"
      ],
      "checksums": {
-        "sha1": "383abd5becc77bf8e365b780a29d20529e1d9c4c"
+        "sha1": "9e9b4c34bae17aa7218e7ce449128064ae5e1118"
      }
    },
    "httputils": {
      "version": "0.3.0",
-      "vcsRevision": "689da19e9e9cfff4ced85e2b25c6b2b5598ed079",
-      "url": "https://github.com/status-im/nim-http-utils.git",
+      "vcsRevision": "aad684d3758a74c1b327df93da2e956458410b48",
+      "url": "https://github.com/status-im/nim-http-utils",
      "downloadMethod": "git",
      "dependencies": [
-        "stew"
+        "stew",
+        "unittest2"
      ],
      "checksums": {
-        "sha1": "4ad3ad68d13c50184180ab4b2eacc0bd7ed2ed44"
+        "sha1": "cff631f7f4d6769aa3c02e48ab079b371614896f"
      }
    },
    "chronos": {
-      "version": "3.0.11",
-      "vcsRevision": "17fed89c99beac5a92d3668d0d3e9b0e4ac13936",
-      "url": "https://github.com/status-im/nim-chronos.git",
+      "version": "3.2.0",
+      "vcsRevision": "ba143e029f35fd9b4cd3d89d007cc834d0d5ba3c",
+      "url": "https://github.com/status-im/nim-chronos",
      "downloadMethod": "git",
      "dependencies": [
        "stew",
@ -57,62 +90,64 @@
        "unittest2"
      ],
      "checksums": {
-        "sha1": "f6fffc87571e5f76af2a77c4ebcc0e00909ced4e"
+        "sha1": "5783067584ac6812eb64b8454ea6f9c97ff1262a"
      }
    },
-    "metrics": {
-      "version": "0.0.1",
-      "vcsRevision": "71e0f0e354e1f4c59e3dc92153989c8b723c3440",
-      "url": "https://github.com/status-im/nim-metrics",
-      "downloadMethod": "git",
-      "dependencies": [
-        "chronos"
-      ],
-      "checksums": {
-        "sha1": "86da251fe532ef2163da30343688ab1c148c0340"
-      }
-    },
-    "combparser": {
-      "version": "0.2.0",
-      "vcsRevision": "ba4464c005d7617c008e2ed2ebc1ba52feb469c6",
-      "url": "https://github.com/PMunch/combparser",
+    "questionable": {
+      "version": "0.10.8",
+      "vcsRevision": "6cbbda7e4d009e02d0583b325b31dc68dff27854",
+      "url": "https://github.com/markspanbroek/questionable",
      "downloadMethod": "git",
      "dependencies": [],
      "checksums": {
-        "sha1": "a3635260961a893b88f69aac19f1b24e032a7e97"
+        "sha1": "401d04d895a057513fea64872d26e21309bf1012"
      }
    },
-    "testutils": {
-      "version": "0.4.2",
-      "vcsRevision": "aa6e5216f4b4ab5aa971cdcdd70e1ec1203cedf2",
-      "url": "https://github.com/status-im/nim-testutils",
+    "datastore": {
+      "version": "0.0.1",
+      "vcsRevision": "0cde8aeb67c59fd0ac95496dc6b5e1168d6632aa",
+      "url": "https://github.com/status-im/nim-datastore",
      "downloadMethod": "git",
      "dependencies": [
-        "unittest2"
+        "asynctest",
+        "chronos",
+        "questionable",
+        "sqlite3_abi",
+        "stew",
+        "unittest2",
+        "upraises"
      ],
      "checksums": {
-        "sha1": "94427e0cce0e0c5841edcd3a6530b4e6b857a3cb"
+        "sha1": "2c03bb47de97962d2a64be1ed0a8161cd9d65159"
      }
    },
    "faststreams": {
      "version": "0.3.0",
-      "vcsRevision": "1b561a9e71b6bdad1c1cdff753418906037e9d09",
-      "url": "https://github.com/status-im/nim-faststreams.git",
+      "vcsRevision": "2a771bb91f8aae8520a5553955a2acce5fdd0c87",
+      "url": "https://github.com/status-im/nim-faststreams",
      "downloadMethod": "git",
      "dependencies": [
        "stew",
-        "testutils",
-        "chronos",
        "unittest2"
      ],
      "checksums": {
-        "sha1": "97edf9797924af48566a0af8267203dc21d80c77"
+        "sha1": "787fa266aafe0eebec2c216cc166c31deab36226"
+      }
+    },
+    "dnsclient": {
+      "version": "0.3.3",
+      "vcsRevision": "2b3d4b4e35b5e698fbbeafe16a4fa757926a4673",
+      "url": "https://github.com/ba0f3/dnsclient.nim",
+      "downloadMethod": "git",
+      "dependencies": [],
+      "checksums": {
+        "sha1": "e5bd81f1b29bef3c2881d6dfd9adc400956d14af"
      }
    },
    "serialization": {
-      "version": "0.1.0",
-      "vcsRevision": "fcd0eadadde0ee000a63df8ab21dc4e9f015a790",
-      "url": "https://github.com/status-im/nim-serialization.git",
+      "version": "0.2.0",
+      "vcsRevision": "f0860e1c25acf26ef5e6ea231c7c0537c793b555",
+      "url": "https://github.com/status-im/nim-serialization",
      "downloadMethod": "git",
      "dependencies": [
        "faststreams",
@ -120,70 +155,97 @@
        "stew"
      ],
      "checksums": {
-        "sha1": "fef59519892cac70cccd81b612085caaa5e3e6cf"
+        "sha1": "744cbc8305ac3e39bba5089aeac1aebe7fe1f507"
+      }
+    },
+    "nimcrypto": {
+      "version": "0.5.4",
+      "vcsRevision": "4014ef939b51e02053c2e16dd3481d47bc9267dd",
+      "url": "https://github.com/cheatfate/nimcrypto",
+      "downloadMethod": "git",
+      "dependencies": [],
+      "checksums": {
+        "sha1": "6e0f5178a608ecf7bb046fd0179bf78662fcff16"
+      }
+    },
+    "testutils": {
+      "version": "0.5.0",
+      "vcsRevision": "dfc4c1b39f9ded9baf6365014de2b4bfb4dafc34",
+      "url": "https://github.com/status-im/nim-testutils",
+      "downloadMethod": "git",
+      "dependencies": [
+        "unittest2"
+      ],
+      "checksums": {
+        "sha1": "756d0757c4dd06a068f9d38c7f238576ba5ee897"
      }
    },
    "json_serialization": {
-      "version": "0.1.0",
-      "vcsRevision": "c5f0e2465e8375dfc7aa0f56ccef67cb680bc6b0",
-      "url": "https://github.com/status-im/nim-json-serialization.git",
+      "version": "0.1.5",
+      "vcsRevision": "aa44ee61dd323022d4abe7cbf4e44668aad88454",
+      "url": "https://github.com/status-im/nim-json-serialization",
      "downloadMethod": "git",
      "dependencies": [
        "serialization",
        "stew"
      ],
      "checksums": {
-        "sha1": "d89d79d0679a3a41b350e3ad4be56c0308cc5ec6"
+        "sha1": "87124e1a8c4278d85f55ccae7f5597445b57ad8d"
      }
    },
    "chronicles": {
-      "version": "0.10.2",
-      "vcsRevision": "1682096306ddba8185dcfac360a8c3f952d721e4",
-      "url": "https://github.com/status-im/nim-chronicles.git",
+      "version": "0.10.3",
+      "vcsRevision": "32ac8679680ea699f7dbc046e8e0131cac97d41a",
+      "url": "https://github.com/status-im/nim-chronicles",
      "downloadMethod": "git",
      "dependencies": [
        "testutils",
        "json_serialization"
      ],
      "checksums": {
-        "sha1": "9a5bebb76b0f7d587a31e621d260119279e91c76"
+        "sha1": "79f09526d4d9b9196dd2f6a75310d71a890c4f88"
      }
    },
-    "asynctest": {
-      "version": "0.3.1",
-      "vcsRevision": "5347c59b4b057443a014722aa40800cd8bb95c69",
-      "url": "https://github.com/status-im/asynctest.git",
+    "metrics": {
+      "version": "0.0.1",
+      "vcsRevision": "abf3acc7f06cee9ee2c287d2f31413dc3df4c04e",
+      "url": "https://github.com/status-im/nim-metrics",
      "downloadMethod": "git",
-      "dependencies": [],
+      "dependencies": [
+        "chronos"
+      ],
      "checksums": {
-        "sha1": "53e0b610d13700296755a4ebe789882cae47a3b9"
+        "sha1": "b966ea6e6f86f1d5c77e7822fc838f6f5c65a9f7"
      }
    },
-    "nimcrypto": {
-      "version": "0.5.4",
-      "vcsRevision": "a5742a9a214ac33f91615f3862c7b099aec43b00",
-      "url": "https://github.com/cheatfate/nimcrypto",
+    "secp256k1": {
+      "version": "0.6.0.3.1",
+      "vcsRevision": "5fd81357839d57ef38fb17647bd5e31dfa9f55b8",
+      "url": "https://github.com/status-im/nim-secp256k1",
      "downloadMethod": "git",
-      "dependencies": [],
+      "dependencies": [
+        "stew",
+        "nimcrypto"
+      ],
      "checksums": {
-        "sha1": "f76c87707cd4e96355b8bb6ef27e7f8b0aac1e08"
+        "sha1": "84c318e294175ba91d25516e0ee676814301ca95"
      }
    },
    "zlib": {
      "version": "0.1.0",
-      "vcsRevision": "74cdeb54b21bededb5a515d36f608bc1850555a2",
+      "vcsRevision": "d65ee2a7611eb9f0ef0e7350caed6e93ccfa9651",
      "url": "https://github.com/status-im/nim-zlib",
      "downloadMethod": "git",
      "dependencies": [
        "stew"
      ],
      "checksums": {
-        "sha1": "01d330dc4c1924e56b1559ee73bc760e526f635c"
+        "sha1": "c4d041561c815506eeb02251205d41e73814e906"
      }
    },
    "websock": {
      "version": "0.1.0",
-      "vcsRevision": "73edde4417f7b45003113b7a34212c3ccd95b9fd",
+      "vcsRevision": "3696e3f3a5b938e478e473a6089bf8de386d2f04",
      "url": "https://github.com/status-im/nim-websock",
      "downloadMethod": "git",
      "dependencies": [
@ -191,41 +253,17 @@
        "httputils",
        "chronicles",
        "stew",
-        "asynctest",
        "nimcrypto",
        "bearssl",
        "zlib"
      ],
      "checksums": {
-        "sha1": "ec2b137543f280298ca48de9ed4461a033ba88d3"
-      }
-    },
-    "dnsclient": {
-      "version": "0.1.2",
-      "vcsRevision": "fbb76f8af8a33ab818184a7d4406d9fee20993be",
-      "url": "https://github.com/ba0f3/dnsclient.nim.git",
-      "downloadMethod": "git",
-      "dependencies": [],
-      "checksums": {
-        "sha1": "663239a914c814204b30dda6e0902cc0fbd0b8ee"
-      }
-    },
-    "secp256k1": {
-      "version": "0.5.2",
-      "vcsRevision": "5340cf188168d6afcafc8023770d880f067c0b2f",
-      "url": "https://github.com/status-im/nim-secp256k1.git",
-      "downloadMethod": "git",
-      "dependencies": [
-        "stew",
-        "nimcrypto"
-      ],
-      "checksums": {
-        "sha1": "ae9cbea4487be94a06653ffee075a7f1bd1e231e"
+        "sha1": "e15709d37f9142ed6053098de555f645cca5770f"
      }
    },
    "libp2p": {
-      "version": "0.0.2",
-      "vcsRevision": "c7504d2446717a48a79c8b15e0f21bbfc84957ba",
+      "version": "1.1.0",
+      "vcsRevision": "3725f6a95b2619f8e05454ccf5c121a5c5041568",
      "url": "https://github.com/status-im/nim-libp2p",
      "downloadMethod": "git",
      "dependencies": [
@ -237,38 +275,25 @@
        "metrics",
        "secp256k1",
        "stew",
-        "websock"
+        "websock",
+        "unittest2"
      ],
      "checksums": {
-        "sha1": "ba1aed8860c8771ef23ae7600bbfd459d5651a2c"
-      }
-    },
-    "protobuf_serialization": {
-      "version": "0.2.0",
-      "vcsRevision": "f7d671f877e01213494aac7903421ccdbe70616f",
-      "url": "https://github.com/status-im/nim-protobuf-serialization.git",
-      "downloadMethod": "git",
-      "dependencies": [
-        "stew",
-        "faststreams",
-        "serialization",
-        "combparser"
-      ],
-      "checksums": {
-        "sha1": "9418459027d0d5eb30a974649dc615a76e8e4aca"
+        "sha1": "5512ca4813243e4b1009ddc404d4dd79c5bfbb3f"
      }
    },
    "stint": {
      "version": "0.0.1",
-      "vcsRevision": "036c71d06a6b22f8f967ba9d54afd2189c3872ca",
-      "url": "https://github.com/status-im/stint.git",
+      "vcsRevision": "86621eced1dcfb5e25903019ebcfc76ed9128ec5",
+      "url": "https://github.com/status-im/nim-stint",
      "downloadMethod": "git",
      "dependencies": [
        "stew"
      ],
      "checksums": {
-        "sha1": "0f187a2115315ca898e5f9a30c5e506cf6057062"
+        "sha1": "6b4a6fdd317202b7c092dc32b74a6573f81cca62"
      }
    }
-  }
-}
+  },
+  "tasks": {}
+}