diff --git a/eth_keys.nimble b/eth_keys.nimble index b19bb9d..d1e0670 100644 --- a/eth_keys.nimble +++ b/eth_keys.nimble @@ -7,7 +7,7 @@ srcDir = "src" ### Dependencies -requires "nim >= 0.18.0", "keccak_tiny >= 0.1.0", "ttmath >= 0.1.0", "nimSHA2", "secp256k1" +requires "nim >= 0.18.0", "nimcrypto", "ttmath >= 0.1.0", "nimSHA2", "secp256k1" proc test(name: string, lang: string = "c") = if not dirExists "build": diff --git a/src/backend_libsecp256k1/libsecp256k1.nim b/src/backend_libsecp256k1/libsecp256k1.nim index 03b30ba..e981926 100644 --- a/src/backend_libsecp256k1/libsecp256k1.nim +++ b/src/backend_libsecp256k1/libsecp256k1.nim @@ -8,7 +8,7 @@ # at your option. This file may not be copied, modified, or distributed except according to those terms. import ../datatypes, ../private/conversion_bytes -import secp256k1, keccak_tiny +import secp256k1, nimcrypto const SECP256K1_CONTEXT_ALL = SECP256K1_CONTEXT_VERIFY or SECP256K1_CONTEXT_SIGN @@ -31,7 +31,7 @@ proc asPtrCuchar(key: PrivateKey): ptr cuchar = proc asPtrCuchar(key: Serialized_PubKey): ptr cuchar = cast[ptr cuchar](unsafeAddr key) -proc asPtrCuchar(msg_hash: Hash[256]): ptr cuchar = +proc asPtrCuchar(msg_hash: MDigest[256]): ptr cuchar = cast[ptr cuchar](unsafeAddr msg_hash) proc asPtrRecoverableSignature(sig: Signature): ptr secp256k1_ecdsa_recoverable_signature = @@ -120,7 +120,7 @@ proc parsePublicKey*(data: openarray[byte]): PublicKey = else: # TODO: Support other lengths raise newException(Exception, "Wrong public key length") -proc ecdsa_sign*(key: PrivateKey, msg_hash: Hash[256]): Signature {.noInit.}= +proc ecdsa_sign*(key: PrivateKey, msg_hash: MDigest[256]): Signature {.noInit.}= ## Sign a message with a recoverable signature ## Input: ## - A message encoded with keccak_256 @@ -139,7 +139,7 @@ proc ecdsa_sign*(key: PrivateKey, msg_hash: Hash[256]): Signature {.noInit.}= if not success: raise newException(ValueError, "The nonce generation function failed, or the private key was invalid.") -proc ecdsa_recover*(msg_hash: Hash[256], sig: Signature): PublicKey = +proc ecdsa_recover*(msg_hash: MDigest[256], sig: Signature): PublicKey = ## Recover the Public Key from the message hash and the signature let success: bool = bool secp256k1_ecdsa_recover( diff --git a/src/backend_native/ecdsa.nim b/src/backend_native/ecdsa.nim index 2d128fd..842ff24 100644 --- a/src/backend_native/ecdsa.nim +++ b/src/backend_native/ecdsa.nim @@ -10,8 +10,8 @@ import ../datatypes, ../private/[array_utils, lowlevel_types], ./jacobian, ./mod_arithmetic, ./hmac, ./constants -import ttmath, keccak_tiny, strutils, - nimSHA2 # TODO: For SHA-256, use OpenSSL instead? (see https://rosettacode.org/wiki/SHA-256#Nim) +import ttmath, nimcrypto, strutils, + nimSHA2 # TODO: For SHA-256, use nimcrypto instead? (see https://github.com/cheatfate/nimcrypto/blob/master/tests/testhmac.nim) proc decode_public_key(pubKey: ByteArrayBE[64] @@ -46,7 +46,7 @@ proc private_key_to_public_key*(key: PrivateKey): PublicKey {.noInit.}= result.raw_key = encode_raw_public_key fast_multiply(SECPK1_G, keyInt) -proc ecdsa_raw_verify*(msg_hash: Hash[256], vrs: Signature, key: PublicKey): bool = +proc ecdsa_raw_verify*(msg_hash: MDigest[256], vrs: Signature, key: PublicKey): bool = let w = invmod(vrs.s, SECPK1_N) z = readUint256BE cast[ByteArrayBE[32]](msg_hash) @@ -59,7 +59,7 @@ proc ecdsa_raw_verify*(msg_hash: Hash[256], vrs: Signature, key: PublicKey): boo ) result = vrs.r == xy[0] and vrs.r.isOdd and vrs.s.isOdd -proc deterministic_generate_k(msg_hash: Hash[256], key: PrivateKey): UInt256 = +proc deterministic_generate_k(msg_hash: MDigest[256], key: PrivateKey): UInt256 = const v_0 = initArray[32, byte](0x01'u8) k_0 = initArray[32, byte](0x00'u8) @@ -75,7 +75,7 @@ proc deterministic_generate_k(msg_hash: Hash[256], key: PrivateKey): UInt256 = result = readUint256BE cast[ByteArrayBE[32]](kb) -proc ecdsa_sign*(key: PrivateKey, msg_hash: Hash[256]): Signature {.noInit.} = +proc ecdsa_sign*(key: PrivateKey, msg_hash: MDigest[256]): Signature {.noInit.} = modulo(SECPK1_N): let z = readUint256BE cast[ByteArrayBE[32]](msg_hash) @@ -92,7 +92,7 @@ proc ecdsa_sign*(key: PrivateKey, msg_hash: Hash[256]): Signature {.noInit.} = else: SECPK1_N - s_raw result.r = ry[0] -proc ecdsa_recover*(msg_hash: Hash[256], vrs: Signature): PublicKey {.noInit.} = +proc ecdsa_recover*(msg_hash: MDigest[256], vrs: Signature): PublicKey {.noInit.} = modulo(SECPK1_P): let x = vrs.r diff --git a/src/backend_native/hmac.nim b/src/backend_native/hmac.nim index 06d92a2..03a8c38 100644 --- a/src/backend_native/hmac.nim +++ b/src/backend_native/hmac.nim @@ -14,7 +14,7 @@ # TODO: this is a duplicate of https://github.com/status-im/nim-eth-keys/blob/master/src/backend_native/hmac.nim # It should be replaced by a common crypto library in the future like https://github.com/cheatfate/nimcrypto -import nimSHA2 # TODO: For SHA-256, use OpenSSL instead? (see https://rosettacode.org/wiki/SHA-256#Nim) +import nimSHA2 # TODO: For SHA-256, use nimcrypto instead? (see https://github.com/cheatfate/nimcrypto/blob/master/tests/testhmac.nim) proc hmac_sha256*[N: static[int]](key: array[N, byte|char], data: string|seq[byte|char]): SHA256Digest = diff --git a/src/datatypes_interface.nim b/src/datatypes_interface.nim index 4c9e2ca..d2392ec 100644 --- a/src/datatypes_interface.nim +++ b/src/datatypes_interface.nim @@ -15,7 +15,7 @@ import ./datatypes, ./private/conversion_bytes -import keccak_tiny +import nimcrypto when defined(backend_native): import ./backend_native/ecdsa @@ -43,28 +43,32 @@ proc initPublicKey*(hexString: string): PublicKey {.noInit.} = # ################################ # Public key/signature interface -proc recover_pubkey_from_msg*(message_hash: Hash[256], sig: Signature): PublicKey {.inline.} = +proc recover_pubkey_from_msg*(message_hash: MDigest[256], sig: Signature): PublicKey {.inline.} = ecdsa_recover(message_hash, sig) proc recover_pubkey_from_msg*(message: string, sig: Signature): PublicKey {.inline.} = - let message_hash = keccak_256(message) + let message_hash = keccak256.digest(message) ecdsa_recover(message_hash, sig) -proc verify_msg*(key: PublicKey, message_hash: Hash[256], sig: Signature): bool {.inline.} = +proc verify_msg*(key: PublicKey, message_hash: MDigest[256], sig: Signature): bool {.inline.} = key == ecdsa_recover(message_hash, sig) proc verify_msg*(key: PublicKey, message: string, sig: Signature): bool {.inline.} = - let message_hash = keccak_256(message) + let message_hash = keccak256.digest(message) key == ecdsa_recover(message_hash, sig) # # ################################ # # Private key interface -proc sign_msg*(key: PrivateKey, message: string): Signature {.inline.} = - let message_hash = keccak_256(message) +proc sign_msg*(key: PrivateKey, message: openarray[byte]): Signature {.inline.} = + let message_hash = keccak256.digest(message) ecdsa_sign(key, message_hash) -proc sign_msg*(key: PrivateKey, message_hash: Hash[256]): Signature {.inline.} = +proc sign_msg*(key: PrivateKey, message: string): Signature {.inline.} = + let message_hash = keccak256.digest(message) + ecdsa_sign(key, message_hash) + +proc sign_msg*(key: PrivateKey, message_hash: MDigest[256]): Signature {.inline.} = ecdsa_sign(key, message_hash) proc `$`*(key: PrivateKey): string {.inline.} = diff --git a/tests/config.nim b/tests/config.nim index 9bce828..a60e58f 100644 --- a/tests/config.nim +++ b/tests/config.nim @@ -29,7 +29,7 @@ # assert crypto.ecdsa_recover(msghash, sig) == pubkey # """ -import keccak_tiny +import nimcrypto type testKeySig* = object @@ -40,7 +40,7 @@ type let MSG* = "message" - MSGHASH* = keccak256(MSG) + MSGHASH* = keccak256.digest(MSG) # Conversion done through https://www.mobilefish.com/services/big_number/big_number.php