From 04844113c1e73cd5bc21ed3a0963a348a7057fdc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 13:09:59 +0100 Subject: [PATCH 01/11] Refactor ECIES unit test --- test/libdevcrypto/crypto.cpp | 27 ++++++++++----------------- 1 file changed, 10 insertions(+), 17 deletions(-) diff --git a/test/libdevcrypto/crypto.cpp b/test/libdevcrypto/crypto.cpp index 875db598ba7..397e924a2ea 100644 --- a/test/libdevcrypto/crypto.cpp +++ b/test/libdevcrypto/crypto.cpp @@ -274,26 +274,19 @@ BOOST_AUTO_TEST_CASE(ecies_sharedMacData) { KeyPair k = KeyPair::create(); - string message("Now is the time for all good persons to come to the aid of humanity."); - string original = message; - bytes b = asBytes(message); - - string shared("shared MAC data"); - string wrongShared("wrong shared MAC data"); + bytes const msg = asBytes("Now is the time for all good persons to come to the aid of humanity."); + string const shared("shared MAC data"); + string const wrongShared("wrong shared MAC data"); + bytes b = msg; s_secp256k1->encryptECIES(k.pub(), shared, b); - BOOST_REQUIRE(b != asBytes(original)); - BOOST_REQUIRE(b.size() > 0 && b[0] == 0x04); - - BOOST_REQUIRE(!s_secp256k1->decryptECIES(k.secret(), wrongShared, b)); - - s_secp256k1->decryptECIES(k.secret(), shared, b); + BOOST_REQUIRE(!b.empty()); + BOOST_CHECK_EQUAL(b[0], 0x04); + BOOST_CHECK(b != msg); - // Temporary disable this assertion, which is failing in TravisCI only for Ubuntu Trusty. - // See https://travis-ci.org/bobsummerwill/cpp-ethereum/jobs/143250866. - #if !defined(DISABLE_BROKEN_UNIT_TESTS_UNTIL_WE_FIX_THEM) - BOOST_REQUIRE(bytesConstRef(&b).cropped(0, original.size()).toBytes() == asBytes(original)); - #endif // !defined(DISABLE_BROKEN_UNIT_TESTS_UNTIL_WE_FIX_THEM) + BOOST_CHECK(!s_secp256k1->decryptECIES(k.secret(), wrongShared, b)); + BOOST_CHECK(s_secp256k1->decryptECIES(k.secret(), shared, b)); + BOOST_CHECK_EQUAL(toHex(bytesConstRef(&b).cropped(0, msg.size())), toHex(msg)); } BOOST_AUTO_TEST_CASE(ecies_eckeypair) From 65ae98e6fb1726f08c8d2696c50e999677790061 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 13:12:02 +0100 Subject: [PATCH 02/11] Use SHA256 from secp256k1 in decryptECIES() --- libdevcrypto/CryptoPP.cpp | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp index 66aaf93ffdc..fd740215a1a 100644 --- a/libdevcrypto/CryptoPP.cpp +++ b/libdevcrypto/CryptoPP.cpp @@ -26,6 +26,7 @@ #include #include #include +#include #include "ECDHE.h" static_assert(CRYPTOPP_VERSION == 570, "Wrong Crypto++ version"); @@ -131,7 +132,6 @@ bool Secp256k1PP::decryptECIES(Secret const& _k, bytes& io_text) bool Secp256k1PP::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytes& io_text) { - // interop w/go ecies implementation // io_cipher[0] must be 2, 3, or 4, else invalidpublickey @@ -149,9 +149,11 @@ bool Secp256k1PP::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, b bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); bytes mKey(32); - CryptoPP::SHA256 ctx; - ctx.Update(mKeyMaterial.data(), mKeyMaterial.size()); - ctx.Final(mKey.data()); + // FIXME: Use crypto::sha256() + secp256k1_sha256_t ctx; + secp256k1_sha256_initialize(&ctx); + secp256k1_sha256_write(&ctx, mKeyMaterial.data(), mKeyMaterial.size()); + secp256k1_sha256_finalize(&ctx, mKey.data()); bytes plain; size_t cipherLen = io_text.size() - 1 - Public::size - h128::size - h256::size; @@ -162,11 +164,13 @@ bool Secp256k1PP::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, b h128 iv(cipherIV.toBytes()); // verify tag - CryptoPP::HMAC hmacctx(mKey.data(), mKey.size()); - hmacctx.Update(cipherWithIV.data(), cipherWithIV.size()); - hmacctx.Update(_sharedMacData.data(), _sharedMacData.size()); + + secp256k1_hmac_sha256_t hmacCtx; + secp256k1_hmac_sha256_initialize(&hmacCtx, mKey.data(), mKey.size()); + secp256k1_hmac_sha256_write(&hmacCtx, cipherWithIV.data(), cipherWithIV.size()); + secp256k1_hmac_sha256_write(&hmacCtx, _sharedMacData.data(), _sharedMacData.size()); h256 mac; - hmacctx.Final(mac.data()); + secp256k1_hmac_sha256_finalize(&hmacCtx, mac.data()); for (unsigned i = 0; i < h256::size; i++) if (mac[i] != msgMac[i]) return false; From c93edbb933ddb51df223240968aad29ebf249aaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 13:42:01 +0100 Subject: [PATCH 03/11] Use SHA256 from secp256k1 in encryptECIES() --- libdevcrypto/CryptoPP.cpp | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp index fd740215a1a..4ae02ded988 100644 --- a/libdevcrypto/CryptoPP.cpp +++ b/libdevcrypto/CryptoPP.cpp @@ -97,10 +97,11 @@ void Secp256k1PP::encryptECIES(Public const& _k, bytesConstRef _sharedMacData, b auto key = ecies::kdf(z, bytes(), 32); bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); - CryptoPP::SHA256 ctx; - ctx.Update(mKeyMaterial.data(), mKeyMaterial.size()); + secp256k1_sha256_t ctx; + secp256k1_sha256_initialize(&ctx); + secp256k1_sha256_write(&ctx, mKeyMaterial.data(), mKeyMaterial.size()); bytes mKey(32); - ctx.Final(mKey.data()); + secp256k1_sha256_finalize(&ctx, mKey.data()); auto iv = h128::random(); bytes cipherText = encryptSymNoAuth(SecureFixedHash<16>(eKey), iv, bytesConstRef(&io_cipher)); @@ -113,14 +114,15 @@ void Secp256k1PP::encryptECIES(Public const& _k, bytesConstRef _sharedMacData, b iv.ref().copyTo(bytesRef(&msg).cropped(1 + Public::size, h128::size)); bytesRef msgCipherRef = bytesRef(&msg).cropped(1 + Public::size + h128::size, cipherText.size()); bytesConstRef(&cipherText).copyTo(msgCipherRef); - + // tag message - CryptoPP::HMAC hmacctx(mKey.data(), mKey.size()); + secp256k1_hmac_sha256_t hmacCtx; + secp256k1_hmac_sha256_initialize(&hmacCtx, mKey.data(), mKey.size()); bytesConstRef cipherWithIV = bytesRef(&msg).cropped(1 + Public::size, h128::size + cipherText.size()); - hmacctx.Update(cipherWithIV.data(), cipherWithIV.size()); - hmacctx.Update(_sharedMacData.data(), _sharedMacData.size()); - hmacctx.Final(msg.data() + 1 + Public::size + cipherWithIV.size()); - + secp256k1_hmac_sha256_write(&hmacCtx, cipherWithIV.data(), cipherWithIV.size()); + secp256k1_hmac_sha256_write(&hmacCtx, _sharedMacData.data(), _sharedMacData.size()); + secp256k1_hmac_sha256_finalize(&hmacCtx, msg.data() + 1 + Public::size + cipherWithIV.size()); + io_cipher.resize(msg.size()); io_cipher.swap(msg); } From 07e93f6c2694c3d78358487a1ffc2d032200ed57 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 15:41:54 +0100 Subject: [PATCH 04/11] Remove old ECIES method --- libdevcrypto/Common.cpp | 4 +-- libdevcrypto/CryptoPP.cpp | 57 ------------------------------------ libdevcrypto/CryptoPP.h | 12 ++------ test/libdevcrypto/crypto.cpp | 20 ++++++------- 4 files changed, 15 insertions(+), 78 deletions(-) diff --git a/libdevcrypto/Common.cpp b/libdevcrypto/Common.cpp index 6ef6cbbb308..cd9a8ea32cb 100644 --- a/libdevcrypto/Common.cpp +++ b/libdevcrypto/Common.cpp @@ -103,14 +103,14 @@ Address dev::toAddress(Address const& _from, u256 const& _nonce) void dev::encrypt(Public const& _k, bytesConstRef _plain, bytes& o_cipher) { bytes io = _plain.toBytes(); - Secp256k1PP::get()->encrypt(_k, io); + Secp256k1PP::get()->encryptECIES(_k, io); o_cipher = std::move(io); } bool dev::decrypt(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext) { bytes io = _cipher.toBytes(); - Secp256k1PP::get()->decrypt(_k, io); + Secp256k1PP::get()->decryptECIES(_k, io); if (io.empty()) return false; o_plaintext = std::move(io); diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp index 4ae02ded988..df1def5ea16 100644 --- a/libdevcrypto/CryptoPP.cpp +++ b/libdevcrypto/CryptoPP.cpp @@ -183,60 +183,3 @@ bool Secp256k1PP::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, b return true; } - -void Secp256k1PP::encrypt(Public const& _k, bytes& io_cipher) -{ - auto& ctx = Secp256k1PPCtx::get(); - ECIES::Encryptor e; - { - Guard l(ctx.x_params); - e.AccessKey().Initialize(ctx.m_params, publicToPoint(_k)); - } - - size_t plen = io_cipher.size(); - bytes ciphertext; - ciphertext.resize(e.CiphertextLength(plen)); - - { - Guard l(ctx.x_rng); - e.Encrypt(ctx.m_rng, io_cipher.data(), plen, ciphertext.data()); - } - - memset(io_cipher.data(), 0, io_cipher.size()); - io_cipher = std::move(ciphertext); -} - -void Secp256k1PP::decrypt(Secret const& _k, bytes& io_text) -{ - auto& ctx = Secp256k1PPCtx::get(); - CryptoPP::ECIES::Decryptor d; - { - Guard l(ctx.x_params); - d.AccessKey().Initialize(ctx.m_params, secretToExponent(_k)); - } - - if (!io_text.size()) - { - io_text.resize(1); - io_text[0] = 0; - } - - size_t clen = io_text.size(); - bytes plain; - plain.resize(d.MaxPlaintextLength(io_text.size())); - - DecodingResult r; - { - Guard l(ctx.x_rng); - r = d.Decrypt(ctx.m_rng, io_text.data(), clen, plain.data()); - } - - if (!r.isValidCoding) - { - io_text.clear(); - return; - } - - io_text.resize(r.messageLength); - io_text = std::move(plain); -} diff --git a/libdevcrypto/CryptoPP.h b/libdevcrypto/CryptoPP.h index f5affa7159a..011707eae7c 100644 --- a/libdevcrypto/CryptoPP.h +++ b/libdevcrypto/CryptoPP.h @@ -41,21 +41,15 @@ class Secp256k1PP public: static Secp256k1PP* get(); - /// Encrypts text (replace input). (ECIES w/XOR-SHA1) - void encrypt(Public const& _k, bytes& io_cipher); - - /// Decrypts text (replace input). (ECIES w/XOR-SHA1) - void decrypt(Secret const& _k, bytes& io_text); - /// Encrypts text (replace input). (ECIES w/AES128-CTR-SHA256) void encryptECIES(Public const& _k, bytes& io_cipher); - + /// Encrypts text (replace input). (ECIES w/AES128-CTR-SHA256) void encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytes& io_cipher); - + /// Decrypts text (replace input). (ECIES w/AES128-CTR-SHA256) bool decryptECIES(Secret const& _k, bytes& io_text); - + /// Decrypts text (replace input). (ECIES w/AES128-CTR-SHA256) bool decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytes& io_text); diff --git a/test/libdevcrypto/crypto.cpp b/test/libdevcrypto/crypto.cpp index 397e924a2ea..9a3d4ce8953 100644 --- a/test/libdevcrypto/crypto.cpp +++ b/test/libdevcrypto/crypto.cpp @@ -159,12 +159,12 @@ BOOST_AUTO_TEST_CASE(SignAndRecoverLoop) } } -BOOST_AUTO_TEST_CASE(cryptopp_patch) +BOOST_AUTO_TEST_CASE(decryptEmpty) { KeyPair k = KeyPair::create(); - bytes io_text; - s_secp256k1->decrypt(k.secret(), io_text); - BOOST_REQUIRE_EQUAL(io_text.size(), 0); + bytes text; + decrypt(k.secret(), {}, text); + BOOST_CHECK_EQUAL(text.size(), 0); } BOOST_AUTO_TEST_CASE(verify_secert) @@ -297,11 +297,11 @@ BOOST_AUTO_TEST_CASE(ecies_eckeypair) string original = message; bytes b = asBytes(message); - s_secp256k1->encrypt(k.pub(), b); - BOOST_REQUIRE(b != asBytes(original)); + encrypt(k.pub(), &b, b); + BOOST_CHECK(b != asBytes(original)); - s_secp256k1->decrypt(k.secret(), b); - BOOST_REQUIRE(b == asBytes(original)); + decrypt(k.secret(), &b, b); + BOOST_CHECK(b == asBytes(original)); } BOOST_AUTO_TEST_CASE(ecdhCryptopp) @@ -421,7 +421,7 @@ BOOST_AUTO_TEST_CASE(handshakeNew) } bytes authcipher; encrypt(nodeB.pub(), &auth, authcipher); - BOOST_REQUIRE_EQUAL(authcipher.size(), 279); + BOOST_REQUIRE_EQUAL(authcipher.size(), 307); // Receipient is Bob (nodeB) ECDHE eB; @@ -446,7 +446,7 @@ BOOST_AUTO_TEST_CASE(handshakeNew) } bytes ackcipher; encrypt(nodeA.pub(), &ack, ackcipher); - BOOST_REQUIRE_EQUAL(ackcipher.size(), 182); + BOOST_REQUIRE_EQUAL(ackcipher.size(), 210); BOOST_REQUIRE(eA.pubkey()); BOOST_REQUIRE(eB.pubkey()); From 0c9332dabac45360383d9dfdcfa84109245e2168 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 15:55:06 +0100 Subject: [PATCH 05/11] Remove unused Crypto++ pieces --- libdevcrypto/Common.cpp | 3 ++- libdevcrypto/CryptoPP.cpp | 43 --------------------------------------- 2 files changed, 2 insertions(+), 44 deletions(-) diff --git a/libdevcrypto/Common.cpp b/libdevcrypto/Common.cpp index cd9a8ea32cb..66740670732 100644 --- a/libdevcrypto/Common.cpp +++ b/libdevcrypto/Common.cpp @@ -28,14 +28,15 @@ #include #include #include -#include #include +#include #include #include #include #include "AES.h" #include "CryptoPP.h" #include "Exceptions.h" + using namespace std; using namespace dev; using namespace dev::crypto; diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp index df1def5ea16..9e3b48d50ed 100644 --- a/libdevcrypto/CryptoPP.cpp +++ b/libdevcrypto/CryptoPP.cpp @@ -21,62 +21,19 @@ #include // conflicts with #include "CryptoPP.h" -#include -#include -#include #include #include #include #include "ECDHE.h" -static_assert(CRYPTOPP_VERSION == 570, "Wrong Crypto++ version"); - using namespace std; using namespace dev; using namespace dev::crypto; -using namespace CryptoPP; static_assert(dev::Secret::size == 32, "Secret key must be 32 bytes."); static_assert(dev::Public::size == 64, "Public key must be 64 bytes."); static_assert(dev::Signature::size == 65, "Signature must be 65 bytes."); -namespace -{ -class Secp256k1PPCtx -{ -public: - OID m_oid; - - std::mutex x_rng; - AutoSeededRandomPool m_rng; - - std::mutex x_params; - DL_GroupParameters_EC m_params; - - DL_GroupParameters_EC::EllipticCurve m_curve; - - Integer m_q; - Integer m_qs; - - static Secp256k1PPCtx& get() - { - static Secp256k1PPCtx ctx; - return ctx; - } - -private: - Secp256k1PPCtx(): - m_oid(ASN1::secp256k1()), m_params(m_oid), m_curve(m_params.GetCurve()), - m_q(m_params.GetGroupOrder()), m_qs(m_params.GetSubgroupOrder()) - {} -}; - -inline ECP::Point publicToPoint(Public const& _p) { Integer x(_p.data(), 32); Integer y(_p.data() + 32, 32); return ECP::Point(x,y); } - -inline Integer secretToExponent(Secret const& _s) { return Integer(_s.data(), Secret::size); } - -} - Secp256k1PP* Secp256k1PP::get() { static Secp256k1PP s_this; From 265bdfe4d33a0df22abf81160508d31627f068a2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 16:47:16 +0100 Subject: [PATCH 06/11] Add pbkdf2 unit test --- test/libdevcrypto/crypto.cpp | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/test/libdevcrypto/crypto.cpp b/test/libdevcrypto/crypto.cpp index 9a3d4ce8953..331ed90397d 100644 --- a/test/libdevcrypto/crypto.cpp +++ b/test/libdevcrypto/crypto.cpp @@ -776,6 +776,14 @@ BOOST_AUTO_TEST_CASE(recoverVgt3) } } +BOOST_AUTO_TEST_CASE(pbkdf2Static) +{ + auto salt = asBytes("Red Hot Chili Peppers"); + auto key = pbkdf2("Hello Ethereum!", salt, 999, 15); + auto expected = "4187067867ced7bca83da5cfc21a7a"; + BOOST_CHECK_EQUAL(toHex(key.makeInsecure()), expected); +} + BOOST_AUTO_TEST_CASE(PerfSHA256_32, *utf::disabled() *utf::label("perf")) { if (!test::Options::get().performance) From 5e47a2c31729bd6d7503369d2e5a4c15d5fe4c30 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 19:55:45 +0100 Subject: [PATCH 07/11] Fix compilation of the rlp tool --- rlp/main.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rlp/main.cpp b/rlp/main.cpp index bc1db7c4ae1..6272644be82 100644 --- a/rlp/main.cpp +++ b/rlp/main.cpp @@ -182,7 +182,7 @@ void putOut(bytes _out, Encoding _encoding, bool _encrypt, bool _quiet) { dev::h256 h = dev::sha3(_out); if (_encrypt) - crypto::Secp256k1PP::get()->encrypt(toPublic(Secret(h)), _out); + dev::encrypt(toPublic(Secret(h)), &_out, _out); if (!_quiet) cerr << "Keccak of RLP: " << h.hex() << endl; From af45af110e320b22ce08f0779167394315106de7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 20:39:51 +0100 Subject: [PATCH 08/11] Replace pbkdf2 --- libdevcrypto/Common.cpp | 47 +++++++++++++++++++++++++++++------------ 1 file changed, 34 insertions(+), 13 deletions(-) diff --git a/libdevcrypto/Common.cpp b/libdevcrypto/Common.cpp index 66740670732..4ab04b10585 100644 --- a/libdevcrypto/Common.cpp +++ b/libdevcrypto/Common.cpp @@ -27,9 +27,7 @@ #include #include #include -#include #include -#include #include #include #include @@ -264,18 +262,41 @@ bool dev::verify(Public const& _p, Signature const& _s, h256 const& _hash) bytesSec dev::pbkdf2(string const& _pass, bytes const& _salt, unsigned _iterations, unsigned _dkLen) { + static const size_t bufSize = 32; + bytesSec secBuf(bufSize); + byte* buf = secBuf.writable().data(); + bytesSec ret(_dkLen); - if (PKCS5_PBKDF2_HMAC().DeriveKey( - ret.writable().data(), - _dkLen, - 0, - reinterpret_cast(_pass.data()), - _pass.size(), - _salt.data(), - _salt.size(), - _iterations - ) != _iterations) - BOOST_THROW_EXCEPTION(CryptoException() << errinfo_comment("Key derivation failed.")); + byte* derived = ret.writable().data(); + size_t derivedLen = _dkLen; + for (unsigned int i = 1; derivedLen > 0; ++i) + { + secp256k1_hmac_sha256_t ctx; + secp256k1_hmac_sha256_initialize(&ctx, reinterpret_cast(_pass.data()), _pass.size()); + secp256k1_hmac_sha256_write(&ctx, _salt.data(), _salt.size()); + for (auto j = 0; j < 4; ++j) + { + byte b = byte(i >> ((3-j)*8)); + secp256k1_hmac_sha256_write(&ctx, &b, 1); + } + secp256k1_hmac_sha256_finalize(&ctx, buf); + + size_t const segmentLen = std::min(derivedLen, bufSize); + std::copy(buf, buf + segmentLen, derived); + + for (decltype(_iterations) j = 1; j < _iterations; ++j) + { + secp256k1_hmac_sha256_initialize(&ctx, reinterpret_cast(_pass.data()), _pass.size()); + secp256k1_hmac_sha256_write(&ctx, buf, bufSize); + secp256k1_hmac_sha256_finalize(&ctx, buf); + std::transform(buf, buf + segmentLen, derived, derived, + [](byte a, byte b) { return a ^ b; } + ); + } + + derived += segmentLen; + derivedLen -= segmentLen; + } return ret; } From 8d3d2998a8774d1a2a5e3e5a03ade8b0eabc4157 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 21:01:44 +0100 Subject: [PATCH 09/11] Move encrypt functions to devcrypto/Common --- libdevcrypto/Common.cpp | 41 ++++++++++++++++++++++++++++----- libdevcrypto/CryptoPP.cpp | 44 ------------------------------------ libdevcrypto/CryptoPP.h | 6 ----- test/libdevcrypto/crypto.cpp | 8 +++---- 4 files changed, 39 insertions(+), 60 deletions(-) diff --git a/libdevcrypto/Common.cpp b/libdevcrypto/Common.cpp index 4ab04b10585..fd7b917e528 100644 --- a/libdevcrypto/Common.cpp +++ b/libdevcrypto/Common.cpp @@ -101,9 +101,7 @@ Address dev::toAddress(Address const& _from, u256 const& _nonce) void dev::encrypt(Public const& _k, bytesConstRef _plain, bytes& o_cipher) { - bytes io = _plain.toBytes(); - Secp256k1PP::get()->encryptECIES(_k, io); - o_cipher = std::move(io); + encryptECIES(_k, _plain, o_cipher); } bool dev::decrypt(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext) @@ -123,9 +121,40 @@ void dev::encryptECIES(Public const& _k, bytesConstRef _plain, bytes& o_cipher) void dev::encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytesConstRef _plain, bytes& o_cipher) { - bytes io = _plain.toBytes(); - Secp256k1PP::get()->encryptECIES(_k, _sharedMacData, io); - o_cipher = std::move(io); + // interop w/go ecies implementation + auto r = KeyPair::create(); + Secret z; + ecdh::agree(r.secret(), _k, z); + auto key = ecies::kdf(z, bytes(), 32); + bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); + bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); + secp256k1_sha256_t ctx; + secp256k1_sha256_initialize(&ctx); + secp256k1_sha256_write(&ctx, mKeyMaterial.data(), mKeyMaterial.size()); + bytes mKey(32); + secp256k1_sha256_finalize(&ctx, mKey.data()); + + auto iv = h128::random(); + bytes cipherText = encryptSymNoAuth(SecureFixedHash<16>(eKey), iv, _plain); + if (cipherText.empty()) + return; + + bytes msg(1 + Public::size + h128::size + cipherText.size() + 32); + msg[0] = 0x04; + r.pub().ref().copyTo(bytesRef(&msg).cropped(1, Public::size)); + iv.ref().copyTo(bytesRef(&msg).cropped(1 + Public::size, h128::size)); + bytesRef msgCipherRef = bytesRef(&msg).cropped(1 + Public::size + h128::size, cipherText.size()); + bytesConstRef(&cipherText).copyTo(msgCipherRef); + + // tag message + secp256k1_hmac_sha256_t hmacCtx; + secp256k1_hmac_sha256_initialize(&hmacCtx, mKey.data(), mKey.size()); + bytesConstRef cipherWithIV = bytesRef(&msg).cropped(1 + Public::size, h128::size + cipherText.size()); + secp256k1_hmac_sha256_write(&hmacCtx, cipherWithIV.data(), cipherWithIV.size()); + secp256k1_hmac_sha256_write(&hmacCtx, _sharedMacData.data(), _sharedMacData.size()); + secp256k1_hmac_sha256_finalize(&hmacCtx, msg.data() + 1 + Public::size + cipherWithIV.size()); + + o_cipher = std::move(msg); } bool dev::decryptECIES(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext) diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp index 9e3b48d50ed..e5b9a3ba587 100644 --- a/libdevcrypto/CryptoPP.cpp +++ b/libdevcrypto/CryptoPP.cpp @@ -40,50 +40,6 @@ Secp256k1PP* Secp256k1PP::get() return &s_this; } -void Secp256k1PP::encryptECIES(Public const& _k, bytes& io_cipher) -{ - encryptECIES(_k, bytesConstRef(), io_cipher); -} - -void Secp256k1PP::encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytes& io_cipher) -{ - // interop w/go ecies implementation - auto r = KeyPair::create(); - Secret z; - ecdh::agree(r.secret(), _k, z); - auto key = ecies::kdf(z, bytes(), 32); - bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); - bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); - secp256k1_sha256_t ctx; - secp256k1_sha256_initialize(&ctx); - secp256k1_sha256_write(&ctx, mKeyMaterial.data(), mKeyMaterial.size()); - bytes mKey(32); - secp256k1_sha256_finalize(&ctx, mKey.data()); - - auto iv = h128::random(); - bytes cipherText = encryptSymNoAuth(SecureFixedHash<16>(eKey), iv, bytesConstRef(&io_cipher)); - if (cipherText.empty()) - return; - - bytes msg(1 + Public::size + h128::size + cipherText.size() + 32); - msg[0] = 0x04; - r.pub().ref().copyTo(bytesRef(&msg).cropped(1, Public::size)); - iv.ref().copyTo(bytesRef(&msg).cropped(1 + Public::size, h128::size)); - bytesRef msgCipherRef = bytesRef(&msg).cropped(1 + Public::size + h128::size, cipherText.size()); - bytesConstRef(&cipherText).copyTo(msgCipherRef); - - // tag message - secp256k1_hmac_sha256_t hmacCtx; - secp256k1_hmac_sha256_initialize(&hmacCtx, mKey.data(), mKey.size()); - bytesConstRef cipherWithIV = bytesRef(&msg).cropped(1 + Public::size, h128::size + cipherText.size()); - secp256k1_hmac_sha256_write(&hmacCtx, cipherWithIV.data(), cipherWithIV.size()); - secp256k1_hmac_sha256_write(&hmacCtx, _sharedMacData.data(), _sharedMacData.size()); - secp256k1_hmac_sha256_finalize(&hmacCtx, msg.data() + 1 + Public::size + cipherWithIV.size()); - - io_cipher.resize(msg.size()); - io_cipher.swap(msg); -} - bool Secp256k1PP::decryptECIES(Secret const& _k, bytes& io_text) { return decryptECIES(_k, bytesConstRef(), io_text); diff --git a/libdevcrypto/CryptoPP.h b/libdevcrypto/CryptoPP.h index 011707eae7c..3d0113a8e85 100644 --- a/libdevcrypto/CryptoPP.h +++ b/libdevcrypto/CryptoPP.h @@ -41,12 +41,6 @@ class Secp256k1PP public: static Secp256k1PP* get(); - /// Encrypts text (replace input). (ECIES w/AES128-CTR-SHA256) - void encryptECIES(Public const& _k, bytes& io_cipher); - - /// Encrypts text (replace input). (ECIES w/AES128-CTR-SHA256) - void encryptECIES(Public const& _k, bytesConstRef _sharedMacData, bytes& io_cipher); - /// Decrypts text (replace input). (ECIES w/AES128-CTR-SHA256) bool decryptECIES(Secret const& _k, bytes& io_text); diff --git a/test/libdevcrypto/crypto.cpp b/test/libdevcrypto/crypto.cpp index 331ed90397d..b2a1ea5f995 100644 --- a/test/libdevcrypto/crypto.cpp +++ b/test/libdevcrypto/crypto.cpp @@ -257,12 +257,12 @@ BOOST_AUTO_TEST_CASE(ecies_kdf) BOOST_AUTO_TEST_CASE(ecies_standard) { KeyPair k = KeyPair::create(); - + string message("Now is the time for all good persons to come to the aid of humanity."); string original = message; bytes b = asBytes(message); - - s_secp256k1->encryptECIES(k.pub(), b); + + encryptECIES(k.pub(), &b, b); BOOST_REQUIRE(b != asBytes(original)); BOOST_REQUIRE(b.size() > 0 && b[0] == 0x04); @@ -279,7 +279,7 @@ BOOST_AUTO_TEST_CASE(ecies_sharedMacData) string const wrongShared("wrong shared MAC data"); bytes b = msg; - s_secp256k1->encryptECIES(k.pub(), shared, b); + encryptECIES(k.pub(), shared, &b, b); BOOST_REQUIRE(!b.empty()); BOOST_CHECK_EQUAL(b[0], 0x04); BOOST_CHECK(b != msg); From 1499f01c22dd1a29e1baafb1dc5bb30b99d8e5b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 21:20:03 +0100 Subject: [PATCH 10/11] Move decrypt functions to devcrypto/Common --- libdevcrypto/Common.cpp | 53 ++++++++++++++++++++++++++------ libdevcrypto/CryptoPP.cpp | 59 +----------------------------------- libdevcrypto/CryptoPP.h | 6 ---- test/libdevcrypto/crypto.cpp | 6 ++-- test/libp2p/rlpx.cpp | 26 ++++++++-------- 5 files changed, 61 insertions(+), 89 deletions(-) diff --git a/libdevcrypto/Common.cpp b/libdevcrypto/Common.cpp index fd7b917e528..fdbf4df4db4 100644 --- a/libdevcrypto/Common.cpp +++ b/libdevcrypto/Common.cpp @@ -106,12 +106,7 @@ void dev::encrypt(Public const& _k, bytesConstRef _plain, bytes& o_cipher) bool dev::decrypt(Secret const& _k, bytesConstRef _cipher, bytes& o_plaintext) { - bytes io = _cipher.toBytes(); - Secp256k1PP::get()->decryptECIES(_k, io); - if (io.empty()) - return false; - o_plaintext = std::move(io); - return true; + return decryptECIES(_k, _cipher, o_plaintext); } void dev::encryptECIES(Public const& _k, bytesConstRef _plain, bytes& o_cipher) @@ -164,10 +159,50 @@ bool dev::decryptECIES(Secret const& _k, bytesConstRef _cipher, bytes& o_plainte bool dev::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytesConstRef _cipher, bytes& o_plaintext) { - bytes io = _cipher.toBytes(); - if (!Secp256k1PP::get()->decryptECIES(_k, _sharedMacData, io)) + // interop w/go ecies implementation + + // io_cipher[0] must be 2, 3, or 4, else invalidpublickey + if (_cipher.empty() || _cipher[0] < 2 || _cipher[0] > 4) + // invalid message: publickey + return false; + + if (_cipher.size() < (1 + Public::size + h128::size + 1 + h256::size)) + // invalid message: length return false; - o_plaintext = std::move(io); + + Secret z; + ecdh::agree(_k, *(Public*)(_cipher.data() + 1), z); + auto key = ecies::kdf(z, bytes(), 64); + bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); + bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); + bytes mKey(32); + // FIXME: Use crypto::sha256() + secp256k1_sha256_t ctx; + secp256k1_sha256_initialize(&ctx); + secp256k1_sha256_write(&ctx, mKeyMaterial.data(), mKeyMaterial.size()); + secp256k1_sha256_finalize(&ctx, mKey.data()); + + bytes plain; + size_t cipherLen = _cipher.size() - 1 - Public::size - h128::size - h256::size; + bytesConstRef cipherWithIV(_cipher.data() + 1 + Public::size, h128::size + cipherLen); + bytesConstRef cipherIV = cipherWithIV.cropped(0, h128::size); + bytesConstRef cipherNoIV = cipherWithIV.cropped(h128::size, cipherLen); + bytesConstRef msgMac(cipherNoIV.data() + cipherLen, h256::size); + h128 iv(cipherIV.toBytes()); + + // verify tag + + secp256k1_hmac_sha256_t hmacCtx; + secp256k1_hmac_sha256_initialize(&hmacCtx, mKey.data(), mKey.size()); + secp256k1_hmac_sha256_write(&hmacCtx, cipherWithIV.data(), cipherWithIV.size()); + secp256k1_hmac_sha256_write(&hmacCtx, _sharedMacData.data(), _sharedMacData.size()); + h256 mac; + secp256k1_hmac_sha256_finalize(&hmacCtx, mac.data()); + for (unsigned i = 0; i < h256::size; i++) + if (mac[i] != msgMac[i]) + return false; + + o_plaintext = decryptSymNoAuth(SecureFixedHash<16>(eKey), iv, cipherNoIV).makeInsecure(); return true; } diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp index e5b9a3ba587..882753524e4 100644 --- a/libdevcrypto/CryptoPP.cpp +++ b/libdevcrypto/CryptoPP.cpp @@ -38,61 +38,4 @@ Secp256k1PP* Secp256k1PP::get() { static Secp256k1PP s_this; return &s_this; -} - -bool Secp256k1PP::decryptECIES(Secret const& _k, bytes& io_text) -{ - return decryptECIES(_k, bytesConstRef(), io_text); -} - -bool Secp256k1PP::decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytes& io_text) -{ - // interop w/go ecies implementation - - // io_cipher[0] must be 2, 3, or 4, else invalidpublickey - if (io_text.empty() || io_text[0] < 2 || io_text[0] > 4) - // invalid message: publickey - return false; - - if (io_text.size() < (1 + Public::size + h128::size + 1 + h256::size)) - // invalid message: length - return false; - - Secret z; - ecdh::agree(_k, *(Public*)(io_text.data() + 1), z); - auto key = ecies::kdf(z, bytes(), 64); - bytesConstRef eKey = bytesConstRef(&key).cropped(0, 16); - bytesRef mKeyMaterial = bytesRef(&key).cropped(16, 16); - bytes mKey(32); - // FIXME: Use crypto::sha256() - secp256k1_sha256_t ctx; - secp256k1_sha256_initialize(&ctx); - secp256k1_sha256_write(&ctx, mKeyMaterial.data(), mKeyMaterial.size()); - secp256k1_sha256_finalize(&ctx, mKey.data()); - - bytes plain; - size_t cipherLen = io_text.size() - 1 - Public::size - h128::size - h256::size; - bytesConstRef cipherWithIV(io_text.data() + 1 + Public::size, h128::size + cipherLen); - bytesConstRef cipherIV = cipherWithIV.cropped(0, h128::size); - bytesConstRef cipherNoIV = cipherWithIV.cropped(h128::size, cipherLen); - bytesConstRef msgMac(cipherNoIV.data() + cipherLen, h256::size); - h128 iv(cipherIV.toBytes()); - - // verify tag - - secp256k1_hmac_sha256_t hmacCtx; - secp256k1_hmac_sha256_initialize(&hmacCtx, mKey.data(), mKey.size()); - secp256k1_hmac_sha256_write(&hmacCtx, cipherWithIV.data(), cipherWithIV.size()); - secp256k1_hmac_sha256_write(&hmacCtx, _sharedMacData.data(), _sharedMacData.size()); - h256 mac; - secp256k1_hmac_sha256_finalize(&hmacCtx, mac.data()); - for (unsigned i = 0; i < h256::size; i++) - if (mac[i] != msgMac[i]) - return false; - - plain = decryptSymNoAuth(SecureFixedHash<16>(eKey), iv, cipherNoIV).makeInsecure(); - io_text.resize(plain.size()); - io_text.swap(plain); - - return true; -} +} \ No newline at end of file diff --git a/libdevcrypto/CryptoPP.h b/libdevcrypto/CryptoPP.h index 3d0113a8e85..728943b3c28 100644 --- a/libdevcrypto/CryptoPP.h +++ b/libdevcrypto/CryptoPP.h @@ -41,12 +41,6 @@ class Secp256k1PP public: static Secp256k1PP* get(); - /// Decrypts text (replace input). (ECIES w/AES128-CTR-SHA256) - bool decryptECIES(Secret const& _k, bytes& io_text); - - /// Decrypts text (replace input). (ECIES w/AES128-CTR-SHA256) - bool decryptECIES(Secret const& _k, bytesConstRef _sharedMacData, bytes& io_text); - private: Secp256k1PP() = default; }; diff --git a/test/libdevcrypto/crypto.cpp b/test/libdevcrypto/crypto.cpp index b2a1ea5f995..cd44d406491 100644 --- a/test/libdevcrypto/crypto.cpp +++ b/test/libdevcrypto/crypto.cpp @@ -266,7 +266,7 @@ BOOST_AUTO_TEST_CASE(ecies_standard) BOOST_REQUIRE(b != asBytes(original)); BOOST_REQUIRE(b.size() > 0 && b[0] == 0x04); - s_secp256k1->decryptECIES(k.secret(), b); + decryptECIES(k.secret(), &b, b); BOOST_REQUIRE(bytesConstRef(&b).cropped(0, original.size()).toBytes() == asBytes(original)); } @@ -284,8 +284,8 @@ BOOST_AUTO_TEST_CASE(ecies_sharedMacData) BOOST_CHECK_EQUAL(b[0], 0x04); BOOST_CHECK(b != msg); - BOOST_CHECK(!s_secp256k1->decryptECIES(k.secret(), wrongShared, b)); - BOOST_CHECK(s_secp256k1->decryptECIES(k.secret(), shared, b)); + BOOST_CHECK(!decryptECIES(k.secret(), wrongShared, &b, b)); + BOOST_CHECK(decryptECIES(k.secret(), shared, &b, b)); BOOST_CHECK_EQUAL(toHex(bytesConstRef(&b).cropped(0, msg.size())), toHex(msg)); } diff --git a/test/libp2p/rlpx.cpp b/test/libp2p/rlpx.cpp index c502e1f2a6a..f63c4a8ace0 100644 --- a/test/libp2p/rlpx.cpp +++ b/test/libp2p/rlpx.cpp @@ -204,11 +204,11 @@ BOOST_AUTO_TEST_CASE(test_secrets_from_go) bytes authPlainExpected(fromHex("0x884c36f7ae6b406637c1f61b2f57e1d2cab813d24c6559aaf843c3f48962f32f46662c066d39669b7b2e3ba14781477417600e7728399278b1b5d801a519aa570034fdb5419558137e0d44cd13d319afe5629eeccb47fd9dfe55cc6089426e46cc762dd8a0636e07a54b31169eba0c7a20a1ac1ef68596f1f283b5c676bae4064abfcce24799d09f67e392632d3ffdc12e3d6430dcb0ea19c318343ffa7aae74d4cd26fecb93657d1cd9e9eaf4f8be720b56dd1d39f190c4e1c6b7ec66f077bb1100")); bytes ackPlainExpected(fromHex("0x802b052f8b066640bba94a4fc39d63815c377fced6fcb84d27f791c9921ddf3e9bf0108e298f490812847109cbd778fae393e80323fd643209841a3b7f110397f37ec61d84cea03dcc5e8385db93248584e8af4b4d1c832d8c7453c0089687a700")); - - bytes authPlain = authCipher; - BOOST_REQUIRE(s_secp256k1->decryptECIES(recv.secret(), authPlain)); - bytes ackPlain = ackCipher; - BOOST_REQUIRE(s_secp256k1->decryptECIES(init.secret(), ackPlain)); + + bytes authPlain; + BOOST_REQUIRE(decryptECIES(recv.secret(), &authCipher, authPlain)); + bytes ackPlain; + BOOST_REQUIRE(decryptECIES(init.secret(), &ackCipher, ackPlain)); CryptoPP::CTR_Mode::Encryption m_frameEnc; CryptoPP::CTR_Mode::Encryption m_frameDec; @@ -436,9 +436,9 @@ BOOST_AUTO_TEST_CASE(ecies_interop_test_primitives) KeyPair kmK(Secret(fromHex("0x57baf2c62005ddec64c357d96183ebc90bf9100583280e848aa31d683cad73cb"))); bytes kmCipher(fromHex("0x04ff2c874d0a47917c84eea0b2a4141ca95233720b5c70f81a8415bae1dc7b746b61df7558811c1d6054333907333ef9bb0cc2fbf8b34abb9730d14e0140f4553f4b15d705120af46cf653a1dc5b95b312cf8444714f95a4f7a0425b67fc064d18f4d0a528761565ca02d97faffdac23de10")); - bytes kmPlain = kmCipher; + bytes kmPlain; bytes kmExpected(asBytes("a")); - BOOST_REQUIRE(s_secp256k1->decryptECIES(kmK.secret(), kmPlain)); + BOOST_REQUIRE(decryptECIES(kmK.secret(), &kmCipher, kmPlain)); BOOST_REQUIRE(kmExpected == kmPlain); KeyPair kenc(Secret(fromHex("0x472413e97f1fd58d84e28a559479e6b6902d2e8a0cee672ef38a3a35d263886b"))); @@ -446,21 +446,21 @@ BOOST_AUTO_TEST_CASE(ecies_interop_test_primitives) BOOST_REQUIRE(penc == kenc.pub()); bytes cipher1(fromHex("0x046f647e1bd8a5cd1446d31513bac233e18bdc28ec0e59d46de453137a72599533f1e97c98154343420d5f16e171e5107999a7c7f1a6e26f57bcb0d2280655d08fb148d36f1d4b28642d3bb4a136f0e33e3dd2e3cffe4b45a03fb7c5b5ea5e65617250fdc89e1a315563c20504b9d3a72555")); - bytes plainTest1 = cipher1; + bytes plainTest1; bytes expectedPlain1 = asBytes("a"); - BOOST_REQUIRE(s_secp256k1->decryptECIES(kenc.secret(), plainTest1)); + BOOST_REQUIRE(decryptECIES(kenc.secret(), &cipher1, plainTest1)); BOOST_REQUIRE(plainTest1 == expectedPlain1); bytes cipher2(fromHex("0x0443c24d6ccef3ad095140760bb143078b3880557a06392f17c5e368502d79532bc18903d59ced4bbe858e870610ab0d5f8b7963dd5c9c4cf81128d10efd7c7aa80091563c273e996578403694673581829e25a865191bdc9954db14285b56eb0043b6288172e0d003c10f42fe413222e273d1d4340c38a2d8344d7aadcbc846ee")); - bytes plainTest2 = cipher2; + bytes plainTest2; bytes expectedPlain2 = asBytes("aaaaaaaaaaaaaaaa"); - BOOST_REQUIRE(s_secp256k1->decryptECIES(kenc.secret(), plainTest2)); + BOOST_REQUIRE(decryptECIES(kenc.secret(), &cipher2, plainTest2)); BOOST_REQUIRE(plainTest2 == expectedPlain2); bytes cipher3(fromHex("0x04c4e40c86bb5324e017e598c6d48c19362ae527af8ab21b077284a4656c8735e62d73fb3d740acefbec30ca4c024739a1fcdff69ecaf03301eebf156eb5f17cca6f9d7a7e214a1f3f6e34d1ee0ec00ce0ef7d2b242fbfec0f276e17941f9f1bfbe26de10a15a6fac3cda039904ddd1d7e06e7b96b4878f61860e47f0b84c8ceb64f6a900ff23844f4359ae49b44154980a626d3c73226c19e")); - bytes plainTest3 = cipher3; + bytes plainTest3; bytes expectedPlain3 = asBytes("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"); - BOOST_REQUIRE(s_secp256k1->decryptECIES(kenc.secret(), plainTest3)); + BOOST_REQUIRE(decryptECIES(kenc.secret(), &cipher3, plainTest3)); BOOST_REQUIRE(plainTest3 == expectedPlain3); } From f0f8ed59bc37e744fab866ec6286dc803547b3d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Bylica?= Date: Mon, 13 Mar 2017 21:30:05 +0100 Subject: [PATCH 11/11] Remove CryptoPP wrapper from devcrypto --- bench/main.cpp | 1 - libdevcrypto/Common.cpp | 1 - libdevcrypto/CryptoPP.cpp | 41 ----------------------------- libdevcrypto/CryptoPP.h | 50 ------------------------------------ libethashseal/EthashAux.cpp | 1 - libp2p/RLPXFrameCoder.h | 1 - libp2p/RLPxHandshake.cpp | 2 ++ rlp/main.cpp | 1 - test/libdevcrypto/crypto.cpp | 8 +----- test/libp2p/rlpx.cpp | 9 +------ 10 files changed, 4 insertions(+), 111 deletions(-) delete mode 100644 libdevcrypto/CryptoPP.cpp delete mode 100644 libdevcrypto/CryptoPP.h diff --git a/bench/main.cpp b/bench/main.cpp index 6042d9b82e0..0531a4627ad 100644 --- a/bench/main.cpp +++ b/bench/main.cpp @@ -31,7 +31,6 @@ #include #include #include -#include using namespace std; using namespace dev; namespace js = json_spirit; diff --git a/libdevcrypto/Common.cpp b/libdevcrypto/Common.cpp index fdbf4df4db4..02619e1ac7c 100644 --- a/libdevcrypto/Common.cpp +++ b/libdevcrypto/Common.cpp @@ -32,7 +32,6 @@ #include #include #include "AES.h" -#include "CryptoPP.h" #include "Exceptions.h" using namespace std; diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp deleted file mode 100644 index 882753524e4..00000000000 --- a/libdevcrypto/CryptoPP.cpp +++ /dev/null @@ -1,41 +0,0 @@ -/* - This file is part of cpp-ethereum. - - cpp-ethereum is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - cpp-ethereum is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with cpp-ethereum. If not, see . - */ -/** @file CryptoPP.cpp - * @author Alex Leverington - * @date 2014 - */ - -#include // conflicts with -#include "CryptoPP.h" -#include -#include -#include -#include "ECDHE.h" - -using namespace std; -using namespace dev; -using namespace dev::crypto; - -static_assert(dev::Secret::size == 32, "Secret key must be 32 bytes."); -static_assert(dev::Public::size == 64, "Public key must be 64 bytes."); -static_assert(dev::Signature::size == 65, "Signature must be 65 bytes."); - -Secp256k1PP* Secp256k1PP::get() -{ - static Secp256k1PP s_this; - return &s_this; -} \ No newline at end of file diff --git a/libdevcrypto/CryptoPP.h b/libdevcrypto/CryptoPP.h deleted file mode 100644 index 728943b3c28..00000000000 --- a/libdevcrypto/CryptoPP.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - This file is part of cpp-ethereum. - - cpp-ethereum is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - cpp-ethereum is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with cpp-ethereum. If not, see . - */ -/** @file CryptoPP.h - * @author Alex Leverington - * @date 2014 - * - * CryptoPP headers and primitive helper methods - */ - -#pragma once - -#include "Common.h" - -namespace dev -{ -namespace crypto -{ -/// Amount of bytes added when encrypting with encryptECIES. -static const unsigned c_eciesOverhead = 113; - -/** - * CryptoPP secp256k1 algorithms. - * @todo Collect ECIES methods into class. - */ -class Secp256k1PP -{ -public: - static Secp256k1PP* get(); - -private: - Secp256k1PP() = default; -}; - -} -} - diff --git a/libethashseal/EthashAux.cpp b/libethashseal/EthashAux.cpp index e6ee864089d..996e8c03899 100644 --- a/libethashseal/EthashAux.cpp +++ b/libethashseal/EthashAux.cpp @@ -29,7 +29,6 @@ #include #include #include -#include #include #include #include diff --git a/libp2p/RLPXFrameCoder.h b/libp2p/RLPXFrameCoder.h index 66add6ed8f8..e8d6277fb4c 100644 --- a/libp2p/RLPXFrameCoder.h +++ b/libp2p/RLPXFrameCoder.h @@ -25,7 +25,6 @@ #include #include #include -#include #include "Common.h" namespace dev diff --git a/libp2p/RLPxHandshake.cpp b/libp2p/RLPxHandshake.cpp index a9119ef9e25..413f5831d5f 100644 --- a/libp2p/RLPxHandshake.cpp +++ b/libp2p/RLPxHandshake.cpp @@ -86,6 +86,8 @@ void RLPXHandshake::writeAckEIP8() m_ack.resize(m_ack.size() + padAmount, 0); bytes prefix(2); + /// Amount of bytes added when encrypting with encryptECIES. + static const unsigned c_eciesOverhead = 113; toBigEndian(m_ack.size() + c_eciesOverhead, prefix); encryptECIES(m_remote, bytesConstRef(&prefix), &m_ack, m_ackCipher); m_ackCipher.insert(m_ackCipher.begin(), prefix.begin(), prefix.end()); diff --git a/rlp/main.cpp b/rlp/main.cpp index 6272644be82..f45ad14b882 100644 --- a/rlp/main.cpp +++ b/rlp/main.cpp @@ -29,7 +29,6 @@ #include #include #include -#include using namespace std; using namespace dev; namespace js = json_spirit; diff --git a/test/libdevcrypto/crypto.cpp b/test/libdevcrypto/crypto.cpp index cd44d406491..ab759418534 100644 --- a/test/libdevcrypto/crypto.cpp +++ b/test/libdevcrypto/crypto.cpp @@ -38,7 +38,6 @@ #include #include #include -#include #include using namespace std; @@ -51,12 +50,7 @@ namespace utf = boost::unit_test; BOOST_AUTO_TEST_SUITE(Crypto) -struct DevcryptoTestFixture: public TestOutputHelper { - DevcryptoTestFixture() : s_secp256k1(Secp256k1PP::get()) {} - - Secp256k1PP* s_secp256k1; -}; -BOOST_FIXTURE_TEST_SUITE(devcrypto, DevcryptoTestFixture) +BOOST_FIXTURE_TEST_SUITE(devcrypto, TestOutputHelper) static CryptoPP::AutoSeededRandomPool& rng() { diff --git a/test/libp2p/rlpx.cpp b/test/libp2p/rlpx.cpp index f63c4a8ace0..38be4301899 100644 --- a/test/libp2p/rlpx.cpp +++ b/test/libp2p/rlpx.cpp @@ -33,7 +33,6 @@ #include #include #include -#include #include #include #include @@ -46,13 +45,7 @@ using namespace dev::p2p; using namespace dev::test; using namespace CryptoPP; -struct RLPXTestFixture: public TestOutputHelper { - RLPXTestFixture() : s_secp256k1(Secp256k1PP::get()) {} - ~RLPXTestFixture() {} - - Secp256k1PP* s_secp256k1; -}; -BOOST_FIXTURE_TEST_SUITE(rlpx, RLPXTestFixture) +BOOST_FIXTURE_TEST_SUITE(rlpx, TestOutputHelper) BOOST_AUTO_TEST_CASE(test_secrets_cpp_vectors) {