diff --git a/CHANGELOG.md b/CHANGELOG.md index 967da3f6b2..5a1941bb71 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,7 +24,7 @@ parameterized by the lifetime of the input byte slice. ### Removed -- Nothing. +- Removed legacy `SecretKeyEd25519` encoding. ### Fixed @@ -32,6 +32,7 @@ parameterized by the lifetime of the input byte slice. - Add explicit prefix check during base58check decoding. - Hash input before signing with `SecretKeyEd25519`, to match octez impl. - Fix `BlsSignature` base58 check encoding/decoding. +- Fix `SecretKeyEd25519` base58 check encoding/decoding. ### Security diff --git a/crypto/src/hash.rs b/crypto/src/hash.rs index 7680fefcf1..42a7dac383 100644 --- a/crypto/src/hash.rs +++ b/crypto/src/hash.rs @@ -38,7 +38,9 @@ mod prefix_bytes { pub const PUBLIC_KEY_P256: [u8; 4] = [3, 178, 139, 127]; pub const PUBLIC_KEY_BLS: [u8; 4] = [6, 149, 135, 204]; pub const SEED_ED25519: [u8; 4] = [13, 15, 58, 7]; - pub const SECRET_KEY_ED25519: [u8; 4] = [43, 246, 78, 7]; + // SecretKeyEd25519 uses identical b58 encoding as SeedEd25519 in + // non-legacy format. + pub const SECRET_KEY_ED25519: [u8; 4] = SEED_ED25519; pub const SECRET_KEY_BLS: [u8; 4] = [3, 150, 192, 40]; pub const GENERIC_SIGNATURE_HASH: [u8; 3] = [4, 130, 43]; pub const ED22519_SIGNATURE_HASH: [u8; 5] = [9, 245, 205, 134, 18]; @@ -363,7 +365,7 @@ pub enum HashType { PublicKeyBls, // "\013\015\058\007" (* edsk(54) *) SeedEd25519, - // "\043\246\078\007" (* edsk(98) *) + // "\013\015\058\007" (* edsk(54) *) SecretKeyEd25519, // "\003\150\192\040" (* BLsk(54) *) SecretKeyBls, @@ -448,10 +450,9 @@ impl HashType { | HashType::ContractTz4Hash | HashType::SmartRollupHash => 20, HashType::PublicKeySecp256k1 | HashType::PublicKeyP256 => 33, - HashType::SeedEd25519 | HashType::SecretKeyBls => 32, + HashType::SecretKeyEd25519 | HashType::SeedEd25519 | HashType::SecretKeyBls => 32, HashType::PublicKeyBls => 48, - HashType::SecretKeyEd25519 - | HashType::Ed25519Signature + HashType::Ed25519Signature | HashType::Secp256k1Signature | HashType::P256Signature | HashType::UnknownSignature => 64, @@ -1181,6 +1182,8 @@ mod tests { fn $name() { for str in $h { let h = $ty::from_base58_check(str).expect("Invalid hash"); + assert_eq!(str, h.to_base58_check()); + let json = serde_json::to_string(&h).expect("Cannot convert to json"); assert_eq!(json, format!(r#""{}""#, h)); let h1 = serde_json::from_str(&json).expect("Cannot convert from json"); @@ -1262,6 +1265,15 @@ mod tests { ["edsk31vznjHSSpGExDMHYASz45VZqXN4DPxvsa4hAyY8dHM28cZzp6"] ); + test!( + sk_ed25519, + SecretKeyEd25519, + [ + "edsk31vznjHSSpGExDMHYASz45VZqXN4DPxvsa4hAyY8dHM28cZzp6", + "edsk3gUfUPyBSfrS9CCgmCiQsTCHGkviBDusMxDJstFtojtc1zcpsh" + ] + ); + test!(pk_hash, CryptoboxPublicKeyHash, []); test!(pk_ed25519, PublicKeyEd25519, []);