Skip to content

Commit

Permalink
crypto: tz3 should hash input
Browse files Browse the repository at this point in the history
  • Loading branch information
emturner committed Jun 27, 2024
1 parent 2d4b4ae commit d0601f0
Show file tree
Hide file tree
Showing 4 changed files with 102 additions and 102 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,7 @@ parameterized by the lifetime of the input byte slice.
- Fix `BlsSignature` base58 check encoding/decoding.
- Fix `SecretKeyEd25519` base58 check encoding/decoding.
- Fix all zeros signature encoding: should be `Unknown` rather than defaulting to `Ed25519`.
- Fix `tz3` signature verification: input should be hashed.

### Security

Expand Down
24 changes: 12 additions & 12 deletions crypto/src/hash.rs
Original file line number Diff line number Diff line change
Expand Up @@ -698,8 +698,10 @@ impl PublicKeySignatureVerifier for PublicKeyP256 {
elliptic_curve::consts::U32,
};

let bytes = blake2b::digest_256(bytes);

// By default p256 crate uses sha256 to get a 32-bit hash from input message.
// Here though, the input data is already a Tezos hash of proper size.
// Here though, the input data is hashed using blake2b -
// So we need to use identity digest.
#[derive(Default, Clone)]
struct NoHash([u8; CRYPTO_KEY_SIZE]);
Expand Down Expand Up @@ -1140,17 +1142,15 @@ mod tests {

#[test]
fn test_p256_signature_verification() {
let pk = PublicKeyP256::from_base58_check(
"p2pk67Cwb5Ke6oSmqeUbJxURXMe3coVnH9tqPiB2xD84CYhHbBKs4oM",
)
.unwrap();
let sig = Signature::from_base58_check(
"sigNCaj9CnmD94eZH9C7aPPqBbVCJF72fYmCFAXqEbWfqE633WNFWYQJFnDUFgRUQXR8fQ5tKSfJeTe6UAi75eTzzQf7AEc1"
).unwrap().try_into().unwrap();
let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b")
.unwrap();

let result = pk.verify_signature(&sig, &msg).unwrap();
// sk: p2sk2bixvFTFTuw9HtD4ucuDsktZTcwRJ5V3gDsQauwE2VTuh6hBiP
let tz3 =
PublicKeyP256::from_b58check("p2pk65p7HKSGvkMdeK5yckM2nmi59oGNw4ksqdcvwxxF3AV3hopkfGS")
.expect("decoding public key should work");
let sig = P256Signature::from_base58_check(
"p2sigefoF8vJvSshWmLL6NyX6QnQUyUhq76r3F3ST6mTNqeCFzosDQyaRanoZpm14eeakZhAJ3LdGHFE4z9cPv9yTWFqWM4j9A"
).expect("signature decoding should work");
let msg = b"hello, message";
let result = tz3.verify_signature(&sig, msg).unwrap();
assert!(result);
}

Expand Down
101 changes: 50 additions & 51 deletions crypto/src/public_key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -145,65 +145,65 @@ mod test {
assert_eq!(tz3, &tz3_from_pk);
}

// #[test]
// fn tz1_encoding() {
// let tz1 = "edpkuDMUm7Y53wp4gxeLBXuiAhXZrLn8XB1R83ksvvesH8Lp8bmCfK";
#[test]
fn tz1_encoding() {
let tz1 = "edpkuDMUm7Y53wp4gxeLBXuiAhXZrLn8XB1R83ksvvesH8Lp8bmCfK";

// let public_key = PublicKey::from_b58check(tz1).expect("expected valid tz1 hash");
let public_key = PublicKey::from_b58check(tz1).expect("expected valid tz1 hash");

// let mut bin = Vec::new();
// public_key
// .bin_write(&mut bin)
// .expect("serialization should work");
let mut bin = Vec::new();
public_key
.bin_write(&mut bin)
.expect("serialization should work");

// let deserde_pk = NomReader::nom_read(bin.as_slice())
// .expect("deserialization should work")
// .1;
let deserde_pk = NomReader::nom_read(bin.as_slice())
.expect("deserialization should work")
.1;

// // Check tag encoding
// assert_eq!(0_u8, bin[0]);
// assert_eq!(public_key, deserde_pk);
// }
// Check tag encoding
assert_eq!(0_u8, bin[0]);
assert_eq!(public_key, deserde_pk);
}

// #[test]
// fn tz2_encoding() {
// let tz2 = "sppk7Zik17H7AxECMggqD1FyXUQdrGRFtz9X7aR8W2BhaJoWwSnPEGA";
#[test]
fn tz2_encoding() {
let tz2 = "sppk7Zik17H7AxECMggqD1FyXUQdrGRFtz9X7aR8W2BhaJoWwSnPEGA";

// let public_key = PublicKey::from_b58check(tz2).expect("expected valid tz2 hash");
let public_key = PublicKey::from_b58check(tz2).expect("expected valid tz2 hash");

// let mut bin = Vec::new();
// public_key
// .bin_write(&mut bin)
// .expect("serialization should work");
let mut bin = Vec::new();
public_key
.bin_write(&mut bin)
.expect("serialization should work");

// let deserde_pk = NomReader::nom_read(bin.as_slice())
// .expect("deserialization should work")
// .1;
let deserde_pk = NomReader::nom_read(bin.as_slice())
.expect("deserialization should work")
.1;

// // Check tag encoding
// assert_eq!(1_u8, bin[0]);
// assert_eq!(public_key, deserde_pk);
// }
// Check tag encoding
assert_eq!(1_u8, bin[0]);
assert_eq!(public_key, deserde_pk);
}

// #[test]
// fn tz3_encoding() {
// let tz3 = "p2pk67VpBjWwoPULwXCpayec6rFxaAKv8VjJ8cVMHmLDCYARu31zx5Z";
#[test]
fn tz3_encoding() {
let tz3 = "p2pk67VpBjWwoPULwXCpayec6rFxaAKv8VjJ8cVMHmLDCYARu31zx5Z";

// let public_key = PublicKey::from_b58check(tz3).expect("expected valid tz3 hash");
let public_key = PublicKey::from_b58check(tz3).expect("expected valid tz3 hash");

// let mut bin = Vec::new();
// public_key
// .bin_write(&mut bin)
// .expect("serialization should work");
let mut bin = Vec::new();
public_key
.bin_write(&mut bin)
.expect("serialization should work");

// let deserde_pk = NomReader::nom_read(bin.as_slice())
// .expect("deserialization should work")
// .1;
let deserde_pk = NomReader::nom_read(bin.as_slice())
.expect("deserialization should work")
.1;

// // Check tag encoding
// assert_eq!(2_u8, bin[0]);
// assert_eq!(public_key, deserde_pk);
// }
// Check tag encoding
assert_eq!(2_u8, bin[0]);
assert_eq!(public_key, deserde_pk);
}

#[test]
fn tz1_signature_signature_verification_succeeds() {
Expand Down Expand Up @@ -265,16 +265,15 @@ mod test {

#[test]
fn tz3_signature_signature_verification_succeeds() {
// sk: p2sk2bixvFTFTuw9HtD4ucuDsktZTcwRJ5V3gDsQauwE2VTuh6hBiP
let tz3 =
PublicKey::from_b58check("p2pk67Cwb5Ke6oSmqeUbJxURXMe3coVnH9tqPiB2xD84CYhHbBKs4oM")
PublicKey::from_b58check("p2pk65p7HKSGvkMdeK5yckM2nmi59oGNw4ksqdcvwxxF3AV3hopkfGS")
.expect("decoding public key should work");
let sig = Signature::from_base58_check(
"sigNCaj9CnmD94eZH9C7aPPqBbVCJF72fYmCFAXqEbWfqE633WNFWYQJFnDUFgRUQXR8fQ5tKSfJeTe6UAi75eTzzQf7AEc1"
"sigfMaQ3pkpywf3q5ZqfNzJuKd6apUa1gRpoGb4hK25dBuiTY5u2vVCJcPGdpUqDT1RwfeGy6gvnHuhbTgfKhn2EZVYMatnN"
).expect("signature decoding should work");
let msg = hex::decode("5538e2cc90c9b053a12e2d2f3a985aff1809eac59501db4d644e4bb381b06b4b")
.expect("payload decoding should work");

let result = tz3.verify_signature(&sig, &msg).unwrap();
let msg = b"hello, message";
let result = tz3.verify_signature(&sig, msg).unwrap();
assert!(result);
}

Expand Down
78 changes: 39 additions & 39 deletions crypto/src/public_key_hash.rs
Original file line number Diff line number Diff line change
Expand Up @@ -122,57 +122,57 @@ mod test {
assert_eq!(tz3, &tz3_from_pkh);
}

// #[test]
// fn tz1_encoding() {
// let tz1 = "tz1KqTpEZ7Yob7QbPE4Hy4Wo8fHG8LhKxZSx";
#[test]
fn tz1_encoding() {
let tz1 = "tz1KqTpEZ7Yob7QbPE4Hy4Wo8fHG8LhKxZSx";

// let pkh = PublicKeyHash::from_b58check(tz1).expect("expected valid tz1 hash");
let pkh = PublicKeyHash::from_b58check(tz1).expect("expected valid tz1 hash");

// let mut bin = Vec::new();
// pkh.bin_write(&mut bin).expect("serialization should work");
let mut bin = Vec::new();
pkh.bin_write(&mut bin).expect("serialization should work");

// let deserde_pkh = NomReader::nom_read(bin.as_slice())
// .expect("deserialization should work")
// .1;
let deserde_pkh = NomReader::nom_read(bin.as_slice())
.expect("deserialization should work")
.1;

// // Check tag encoding
// assert_eq!(0_u8, bin[0]);
// assert_eq!(pkh, deserde_pkh);
// }
// Check tag encoding
assert_eq!(0_u8, bin[0]);
assert_eq!(pkh, deserde_pkh);
}

// #[test]
// fn tz2_encoding() {
// let tz2 = "tz2KZPgf2rshxNUBXFcTaCemik1LH1v9qz3F";
#[test]
fn tz2_encoding() {
let tz2 = "tz2KZPgf2rshxNUBXFcTaCemik1LH1v9qz3F";

// let pkh = PublicKeyHash::from_b58check(tz2).expect("expected valid tz2 hash");
let pkh = PublicKeyHash::from_b58check(tz2).expect("expected valid tz2 hash");

// let mut bin = Vec::new();
// pkh.bin_write(&mut bin).expect("serialization should work");
let mut bin = Vec::new();
pkh.bin_write(&mut bin).expect("serialization should work");

// let deserde_pkh = NomReader::nom_read(bin.as_slice())
// .expect("deserialization should work")
// .1;
let deserde_pkh = NomReader::nom_read(bin.as_slice())
.expect("deserialization should work")
.1;

// // Check tag encoding
// assert_eq!(1_u8, bin[0]);
// assert_eq!(pkh, deserde_pkh);
// }
// Check tag encoding
assert_eq!(1_u8, bin[0]);
assert_eq!(pkh, deserde_pkh);
}

// #[test]
// fn tz3_encoding() {
// let tz3 = "tz3fTJbAxj1LQCEKDKmYLWKP6e5vNC9vwvyo";
#[test]
fn tz3_encoding() {
let tz3 = "tz3fTJbAxj1LQCEKDKmYLWKP6e5vNC9vwvyo";

// let pkh = PublicKeyHash::from_b58check(tz3).expect("expected valid tz3 hash");
let pkh = PublicKeyHash::from_b58check(tz3).expect("expected valid tz3 hash");

// let mut bin = Vec::new();
// pkh.bin_write(&mut bin).expect("serialization should work");
let mut bin = Vec::new();
pkh.bin_write(&mut bin).expect("serialization should work");

// let deserde_pkh = NomReader::nom_read(bin.as_slice())
// .expect("deserialization should work")
// .1;
let deserde_pkh = NomReader::nom_read(bin.as_slice())
.expect("deserialization should work")
.1;

// // Check tag encoding
// assert_eq!(2_u8, bin[0]);
// assert_eq!(pkh, deserde_pkh);
// }
// Check tag encoding
assert_eq!(2_u8, bin[0]);
assert_eq!(pkh, deserde_pkh);
}
}

0 comments on commit d0601f0

Please sign in to comment.