From 96337ca3cef10de581c0ca3f8716e5c7266ad5d1 Mon Sep 17 00:00:00 2001 From: Tanguy Date: Wed, 7 Jun 2023 17:20:33 +0200 Subject: [PATCH] Bump secp256k1 --- libp2pdht.nimble | 5 +- .../private/eth/p2p/discoveryv5/crypto.nim | 31 +- nimble.lock | 275 ++++++++++-------- 3 files changed, 179 insertions(+), 132 deletions(-) diff --git a/libp2pdht.nimble b/libp2pdht.nimble index 147c78d..b40f9d9 100644 --- a/libp2pdht.nimble +++ b/libp2pdht.nimble @@ -12,11 +12,10 @@ requires "nim >= 1.2.0", "nimcrypto >= 0.5.4 & < 0.6.0", "bearssl#head", "chronicles >= 0.10.2 & < 0.11.0", - "chronos >= 3.0.11 & < 3.1.0", + "chronos >= 3.0.11 & < 3.3.0", "libp2p#unstable", "metrics", - "protobufserialization >= 0.2.0 & < 0.3.0", - "secp256k1 >= 0.5.2 & < 0.6.0", + "secp256k1 >= 0.6.0 & < 0.7.0", "stew#head", "stint", "asynctest >= 0.3.1 & < 0.4.0", diff --git a/libp2pdht/private/eth/p2p/discoveryv5/crypto.nim b/libp2pdht/private/eth/p2p/discoveryv5/crypto.nim index f0bc7ba..6ae61d3 100644 --- a/libp2pdht/private/eth/p2p/discoveryv5/crypto.nim +++ b/libp2pdht/private/eth/p2p/discoveryv5/crypto.nim @@ -2,7 +2,12 @@ import std/sugar, libp2p/crypto/[crypto, secp] -from secp256k1 import ecdhRaw, SkEcdhRawSecret, toRaw +from secp256k1 import ecdh, SkEcdhSecretSize, toRaw, SkSecretKey, SkPublicKey + +type + SharedSecret* = object + ## Representation of ECDH shared secret, without leading `y` byte + data*: array[SkEcdhSecretSize, byte] proc fromHex*(T: type PrivateKey, data: string): Result[PrivateKey, cstring] = let skKey = ? SkPrivateKey.init(data).mapErr(e => @@ -14,17 +19,35 @@ proc fromHex*(T: type PublicKey, data: string): Result[PublicKey, cstring] = ("Failed to init public key from hex string: " & $e).cstring) ok PublicKey.init(skKey) -func ecdhRaw*(seckey: SkPrivateKey, pubkey: SkPublicKey): SkEcdhRawSecret {.borrow.} +proc ecdhSharedSecretHash(output: ptr byte, x32, y32: ptr byte, data: pointer): cint + {.cdecl, raises: [].} = + ## Hash function used by `ecdhSharedSecret` below + # `x32` and `y32` are result of scalar multiplication of publicKey * privateKey. + # Both `x32` and `y32` are 32 bytes length. + # Take the `x32` part as ecdh shared secret. + + # output length is derived from x32 length and taken from ecdh + # generic parameter `KeyLength` + copyMem(output, x32, SkEcdhSecretSize) + return 1 + +func ecdhSharedSecret(seckey: SkPrivateKey, pubkey: secp.SkPublicKey): SharedSecret = + ## Compute ecdh agreed shared secret. + let res = ecdh[SkEcdhSecretSize](SkSecretKey(seckey), secp256k1.SkPublicKey(pubkey), ecdhSharedSecretHash, nil) + # This function only fail if the hash function return zero. + # Because our hash function always success, we can turn the error into defect + doAssert res.isOk, $res.error + SharedSecret(data: res.get) proc ecdhRaw*( priv: PrivateKey, - pub: PublicKey): Result[SkEcdhRawSecret, cstring] = + pub: PublicKey): Result[SharedSecret, cstring] = # TODO: Do we need to support non-secp256k1 schemes? if priv.scheme != Secp256k1 or pub.scheme != Secp256k1: return err "Must use secp256k1 scheme".cstring - ok ecdhRaw(priv.skkey, pub.skkey) + ok ecdhSharedSecret(priv.skkey, pub.skkey) proc toRaw*(pubkey: PublicKey): seq[byte] = secp256k1.SkPublicKey(pubkey.skkey).toRaw()[1..^1] diff --git a/nimble.lock b/nimble.lock index bbeb32c..0b45057 100644 --- a/nimble.lock +++ b/nimble.lock @@ -1,54 +1,87 @@ { - "version": 1, + "version": 2, "packages": { - "unittest2": { - "version": "0.0.4", - "vcsRevision": "f180f596c88dfd266f746ed6f8dbebce39c824db", - "url": "https://github.com/status-im/nim-unittest2.git", + "upraises": { + "version": "0.1.0", + "vcsRevision": "d9f268db1021959fe0f2c7a5e49fba741f9932a0", + "url": "https://github.com/markspanbroek/upraises", "downloadMethod": "git", "dependencies": [], "checksums": { - "sha1": "fa309c41eaf6ef57895b9e603f2620a2f6e11780" + "sha1": "176234f808b44a0be763df706ed634d6e8df17bb" + } + }, + "sqlite3_abi": { + "version": "3.40.1.1", + "vcsRevision": "362e1bd9f689ad9f5380d9d27f0705b3d4dfc7d3", + "url": "https://github.com/arnetheduck/nim-sqlite3-abi", + "downloadMethod": "git", + "dependencies": [], + "checksums": { + "sha1": "8e91db8156a82383d9c48f53b33e48f4e93077b1" + } + }, + "asynctest": { + "version": "0.3.2", + "vcsRevision": "a236a5f0f3031573ac2cb082b63dbf6e170e06e7", + "url": "https://github.com/markspanbroek/asynctest", + "downloadMethod": "git", + "dependencies": [], + "checksums": { + "sha1": "0ef50d086659835b0a23a4beb77cb11747695448" + } + }, + "unittest2": { + "version": "0.0.7", + "vcsRevision": "b178f47527074964f76c395ad0dfc81cf118f379", + "url": "https://github.com/status-im/nim-unittest2", + "downloadMethod": "git", + "dependencies": [], + "checksums": { + "sha1": "b6d4a5cbe28b43c166d6442ba6804aafd4abe368" } }, "stew": { "version": "0.1.0", - "vcsRevision": "6ad35b876fb6ebe0dfee0f697af173acc47906ee", - "url": "https://github.com/status-im/nim-stew.git", + "vcsRevision": "13e55ed27a6ab125435ad9f9f0353669b9b554fa", + "url": "https://github.com/status-im/nim-stew", "downloadMethod": "git", - "dependencies": [], + "dependencies": [ + "unittest2" + ], "checksums": { - "sha1": "46d58c4feb457f3241e3347778334e325dce5268" + "sha1": "88ce27d9e9b86c518cd3d753cd77cf7051e4123f" } }, "bearssl": { - "version": "0.1.5", - "vcsRevision": "ba80e2a0d7ae8aab666cee013e38ff8d33a3e5e7", + "version": "0.2.0", + "vcsRevision": "9372f27a25d0718d3527afad6cc936f6a853f86e", "url": "https://github.com/status-im/nim-bearssl", "downloadMethod": "git", "dependencies": [ "unittest2" ], "checksums": { - "sha1": "383abd5becc77bf8e365b780a29d20529e1d9c4c" + "sha1": "9e9b4c34bae17aa7218e7ce449128064ae5e1118" } }, "httputils": { "version": "0.3.0", - "vcsRevision": "689da19e9e9cfff4ced85e2b25c6b2b5598ed079", - "url": "https://github.com/status-im/nim-http-utils.git", + "vcsRevision": "aad684d3758a74c1b327df93da2e956458410b48", + "url": "https://github.com/status-im/nim-http-utils", "downloadMethod": "git", "dependencies": [ - "stew" + "stew", + "unittest2" ], "checksums": { - "sha1": "4ad3ad68d13c50184180ab4b2eacc0bd7ed2ed44" + "sha1": "cff631f7f4d6769aa3c02e48ab079b371614896f" } }, "chronos": { - "version": "3.0.11", - "vcsRevision": "17fed89c99beac5a92d3668d0d3e9b0e4ac13936", - "url": "https://github.com/status-im/nim-chronos.git", + "version": "3.2.0", + "vcsRevision": "ba143e029f35fd9b4cd3d89d007cc834d0d5ba3c", + "url": "https://github.com/status-im/nim-chronos", "downloadMethod": "git", "dependencies": [ "stew", @@ -57,62 +90,64 @@ "unittest2" ], "checksums": { - "sha1": "f6fffc87571e5f76af2a77c4ebcc0e00909ced4e" + "sha1": "5783067584ac6812eb64b8454ea6f9c97ff1262a" } }, - "metrics": { - "version": "0.0.1", - "vcsRevision": "71e0f0e354e1f4c59e3dc92153989c8b723c3440", - "url": "https://github.com/status-im/nim-metrics", - "downloadMethod": "git", - "dependencies": [ - "chronos" - ], - "checksums": { - "sha1": "86da251fe532ef2163da30343688ab1c148c0340" - } - }, - "combparser": { - "version": "0.2.0", - "vcsRevision": "ba4464c005d7617c008e2ed2ebc1ba52feb469c6", - "url": "https://github.com/PMunch/combparser", + "questionable": { + "version": "0.10.8", + "vcsRevision": "6cbbda7e4d009e02d0583b325b31dc68dff27854", + "url": "https://github.com/markspanbroek/questionable", "downloadMethod": "git", "dependencies": [], "checksums": { - "sha1": "a3635260961a893b88f69aac19f1b24e032a7e97" + "sha1": "401d04d895a057513fea64872d26e21309bf1012" } }, - "testutils": { - "version": "0.4.2", - "vcsRevision": "aa6e5216f4b4ab5aa971cdcdd70e1ec1203cedf2", - "url": "https://github.com/status-im/nim-testutils", + "datastore": { + "version": "0.0.1", + "vcsRevision": "0cde8aeb67c59fd0ac95496dc6b5e1168d6632aa", + "url": "https://github.com/status-im/nim-datastore", "downloadMethod": "git", "dependencies": [ - "unittest2" + "asynctest", + "chronos", + "questionable", + "sqlite3_abi", + "stew", + "unittest2", + "upraises" ], "checksums": { - "sha1": "94427e0cce0e0c5841edcd3a6530b4e6b857a3cb" + "sha1": "2c03bb47de97962d2a64be1ed0a8161cd9d65159" } }, "faststreams": { "version": "0.3.0", - "vcsRevision": "1b561a9e71b6bdad1c1cdff753418906037e9d09", - "url": "https://github.com/status-im/nim-faststreams.git", + "vcsRevision": "2a771bb91f8aae8520a5553955a2acce5fdd0c87", + "url": "https://github.com/status-im/nim-faststreams", "downloadMethod": "git", "dependencies": [ "stew", - "testutils", - "chronos", "unittest2" ], "checksums": { - "sha1": "97edf9797924af48566a0af8267203dc21d80c77" + "sha1": "787fa266aafe0eebec2c216cc166c31deab36226" + } + }, + "dnsclient": { + "version": "0.3.3", + "vcsRevision": "2b3d4b4e35b5e698fbbeafe16a4fa757926a4673", + "url": "https://github.com/ba0f3/dnsclient.nim", + "downloadMethod": "git", + "dependencies": [], + "checksums": { + "sha1": "e5bd81f1b29bef3c2881d6dfd9adc400956d14af" } }, "serialization": { - "version": "0.1.0", - "vcsRevision": "fcd0eadadde0ee000a63df8ab21dc4e9f015a790", - "url": "https://github.com/status-im/nim-serialization.git", + "version": "0.2.0", + "vcsRevision": "f0860e1c25acf26ef5e6ea231c7c0537c793b555", + "url": "https://github.com/status-im/nim-serialization", "downloadMethod": "git", "dependencies": [ "faststreams", @@ -120,70 +155,97 @@ "stew" ], "checksums": { - "sha1": "fef59519892cac70cccd81b612085caaa5e3e6cf" + "sha1": "744cbc8305ac3e39bba5089aeac1aebe7fe1f507" + } + }, + "nimcrypto": { + "version": "0.5.4", + "vcsRevision": "4014ef939b51e02053c2e16dd3481d47bc9267dd", + "url": "https://github.com/cheatfate/nimcrypto", + "downloadMethod": "git", + "dependencies": [], + "checksums": { + "sha1": "6e0f5178a608ecf7bb046fd0179bf78662fcff16" + } + }, + "testutils": { + "version": "0.5.0", + "vcsRevision": "dfc4c1b39f9ded9baf6365014de2b4bfb4dafc34", + "url": "https://github.com/status-im/nim-testutils", + "downloadMethod": "git", + "dependencies": [ + "unittest2" + ], + "checksums": { + "sha1": "756d0757c4dd06a068f9d38c7f238576ba5ee897" } }, "json_serialization": { - "version": "0.1.0", - "vcsRevision": "c5f0e2465e8375dfc7aa0f56ccef67cb680bc6b0", - "url": "https://github.com/status-im/nim-json-serialization.git", + "version": "0.1.5", + "vcsRevision": "aa44ee61dd323022d4abe7cbf4e44668aad88454", + "url": "https://github.com/status-im/nim-json-serialization", "downloadMethod": "git", "dependencies": [ "serialization", "stew" ], "checksums": { - "sha1": "d89d79d0679a3a41b350e3ad4be56c0308cc5ec6" + "sha1": "87124e1a8c4278d85f55ccae7f5597445b57ad8d" } }, "chronicles": { - "version": "0.10.2", - "vcsRevision": "1682096306ddba8185dcfac360a8c3f952d721e4", - "url": "https://github.com/status-im/nim-chronicles.git", + "version": "0.10.3", + "vcsRevision": "32ac8679680ea699f7dbc046e8e0131cac97d41a", + "url": "https://github.com/status-im/nim-chronicles", "downloadMethod": "git", "dependencies": [ "testutils", "json_serialization" ], "checksums": { - "sha1": "9a5bebb76b0f7d587a31e621d260119279e91c76" + "sha1": "79f09526d4d9b9196dd2f6a75310d71a890c4f88" } }, - "asynctest": { - "version": "0.3.1", - "vcsRevision": "5347c59b4b057443a014722aa40800cd8bb95c69", - "url": "https://github.com/status-im/asynctest.git", + "metrics": { + "version": "0.0.1", + "vcsRevision": "abf3acc7f06cee9ee2c287d2f31413dc3df4c04e", + "url": "https://github.com/status-im/nim-metrics", "downloadMethod": "git", - "dependencies": [], + "dependencies": [ + "chronos" + ], "checksums": { - "sha1": "53e0b610d13700296755a4ebe789882cae47a3b9" + "sha1": "b966ea6e6f86f1d5c77e7822fc838f6f5c65a9f7" } }, - "nimcrypto": { - "version": "0.5.4", - "vcsRevision": "a5742a9a214ac33f91615f3862c7b099aec43b00", - "url": "https://github.com/cheatfate/nimcrypto", + "secp256k1": { + "version": "0.6.0.3.1", + "vcsRevision": "5fd81357839d57ef38fb17647bd5e31dfa9f55b8", + "url": "https://github.com/status-im/nim-secp256k1", "downloadMethod": "git", - "dependencies": [], + "dependencies": [ + "stew", + "nimcrypto" + ], "checksums": { - "sha1": "f76c87707cd4e96355b8bb6ef27e7f8b0aac1e08" + "sha1": "84c318e294175ba91d25516e0ee676814301ca95" } }, "zlib": { "version": "0.1.0", - "vcsRevision": "74cdeb54b21bededb5a515d36f608bc1850555a2", + "vcsRevision": "d65ee2a7611eb9f0ef0e7350caed6e93ccfa9651", "url": "https://github.com/status-im/nim-zlib", "downloadMethod": "git", "dependencies": [ "stew" ], "checksums": { - "sha1": "01d330dc4c1924e56b1559ee73bc760e526f635c" + "sha1": "c4d041561c815506eeb02251205d41e73814e906" } }, "websock": { "version": "0.1.0", - "vcsRevision": "73edde4417f7b45003113b7a34212c3ccd95b9fd", + "vcsRevision": "3696e3f3a5b938e478e473a6089bf8de386d2f04", "url": "https://github.com/status-im/nim-websock", "downloadMethod": "git", "dependencies": [ @@ -191,41 +253,17 @@ "httputils", "chronicles", "stew", - "asynctest", "nimcrypto", "bearssl", "zlib" ], "checksums": { - "sha1": "ec2b137543f280298ca48de9ed4461a033ba88d3" - } - }, - "dnsclient": { - "version": "0.1.2", - "vcsRevision": "fbb76f8af8a33ab818184a7d4406d9fee20993be", - "url": "https://github.com/ba0f3/dnsclient.nim.git", - "downloadMethod": "git", - "dependencies": [], - "checksums": { - "sha1": "663239a914c814204b30dda6e0902cc0fbd0b8ee" - } - }, - "secp256k1": { - "version": "0.5.2", - "vcsRevision": "5340cf188168d6afcafc8023770d880f067c0b2f", - "url": "https://github.com/status-im/nim-secp256k1.git", - "downloadMethod": "git", - "dependencies": [ - "stew", - "nimcrypto" - ], - "checksums": { - "sha1": "ae9cbea4487be94a06653ffee075a7f1bd1e231e" + "sha1": "e15709d37f9142ed6053098de555f645cca5770f" } }, "libp2p": { - "version": "0.0.2", - "vcsRevision": "c7504d2446717a48a79c8b15e0f21bbfc84957ba", + "version": "1.1.0", + "vcsRevision": "3725f6a95b2619f8e05454ccf5c121a5c5041568", "url": "https://github.com/status-im/nim-libp2p", "downloadMethod": "git", "dependencies": [ @@ -237,38 +275,25 @@ "metrics", "secp256k1", "stew", - "websock" + "websock", + "unittest2" ], "checksums": { - "sha1": "ba1aed8860c8771ef23ae7600bbfd459d5651a2c" - } - }, - "protobuf_serialization": { - "version": "0.2.0", - "vcsRevision": "f7d671f877e01213494aac7903421ccdbe70616f", - "url": "https://github.com/status-im/nim-protobuf-serialization.git", - "downloadMethod": "git", - "dependencies": [ - "stew", - "faststreams", - "serialization", - "combparser" - ], - "checksums": { - "sha1": "9418459027d0d5eb30a974649dc615a76e8e4aca" + "sha1": "5512ca4813243e4b1009ddc404d4dd79c5bfbb3f" } }, "stint": { "version": "0.0.1", - "vcsRevision": "036c71d06a6b22f8f967ba9d54afd2189c3872ca", - "url": "https://github.com/status-im/stint.git", + "vcsRevision": "86621eced1dcfb5e25903019ebcfc76ed9128ec5", + "url": "https://github.com/status-im/nim-stint", "downloadMethod": "git", "dependencies": [ "stew" ], "checksums": { - "sha1": "0f187a2115315ca898e5f9a30c5e506cf6057062" + "sha1": "6b4a6fdd317202b7c092dc32b74a6573f81cca62" } } - } -} \ No newline at end of file + }, + "tasks": {} +}