From 797f7ddc9a1db89e07cf27c36a42a2c72bcb7027 Mon Sep 17 00:00:00 2001 From: Kirk Baird Date: Tue, 28 Apr 2020 14:28:29 +1000 Subject: [PATCH 1/3] enforce strict 32 byte SecretKeys Signed-off-by: Kirk Baird --- src/aggregates.rs | 65 +++++++++++++++++++---------------------------- src/keys.rs | 52 +++++++++++++++++++++---------------- 2 files changed, 56 insertions(+), 61 deletions(-) diff --git a/src/aggregates.rs b/src/aggregates.rs index c75fe73..d91eaa1 100644 --- a/src/aggregates.rs +++ b/src/aggregates.rs @@ -346,14 +346,12 @@ mod tests { fn test_aggregate_serialization() { let signing_secret_key_bytes = vec![ vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 98, 161, 50, 32, 254, 87, 16, 25, - 167, 79, 192, 116, 176, 74, 164, 217, 40, 57, 179, 15, 19, 21, 240, 100, 70, 127, - 111, 170, 129, 137, 42, 53, + 98, 161, 50, 32, 254, 87, 16, 25, 167, 79, 192, 116, 176, 74, 164, 217, 40, 57, + 179, 15, 19, 21, 240, 100, 70, 127, 111, 170, 129, 137, 42, 53, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 53, 72, 211, 104, 184, 68, 142, - 208, 115, 22, 156, 97, 28, 216, 228, 102, 4, 218, 116, 226, 166, 131, 67, 7, 40, - 55, 157, 167, 157, 127, 143, 13, + 53, 72, 211, 104, 184, 68, 142, 208, 115, 22, 156, 97, 28, 216, 228, 102, 4, 218, + 116, 226, 166, 131, 67, 7, 40, 55, 157, 167, 157, 127, 143, 13, ], ]; let signing_keypairs: Vec = signing_secret_key_bytes @@ -560,65 +558,54 @@ mod tests { #[test] fn test_known_aggregate_public_keys() { let control_secret_key_bytes = vec![vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 40, 129, 16, 229, 203, 159, 171, 37, - 94, 38, 3, 24, 17, 213, 243, 246, 122, 105, 202, 156, 186, 237, 54, 148, 116, 130, 20, - 138, 15, 134, 45, 73, + 40, 129, 16, 229, 203, 159, 171, 37, 94, 38, 3, 24, 17, 213, 243, 246, 122, 105, 202, + 156, 186, 237, 54, 148, 116, 130, 20, 138, 15, 134, 45, 73, ]]; let control_kps = map_secret_bytes_to_keypairs(control_secret_key_bytes); let control_kp = control_kps[0].clone(); let signing_secret_key_bytes = vec![ vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 98, 161, 50, 32, 254, 87, 16, 25, - 167, 79, 192, 116, 176, 74, 164, 217, 40, 57, 179, 15, 19, 21, 240, 100, 70, 127, - 111, 170, 129, 137, 42, 53, + 98, 161, 50, 32, 254, 87, 16, 25, 167, 79, 192, 116, 176, 74, 164, 217, 40, 57, + 179, 15, 19, 21, 240, 100, 70, 127, 111, 170, 129, 137, 42, 53, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 53, 72, 211, 104, 184, 68, 142, - 208, 115, 22, 156, 97, 28, 216, 228, 102, 4, 218, 116, 226, 166, 131, 67, 7, 40, - 55, 157, 167, 157, 127, 143, 13, + 53, 72, 211, 104, 184, 68, 142, 208, 115, 22, 156, 97, 28, 216, 228, 102, 4, 218, + 116, 226, 166, 131, 67, 7, 40, 55, 157, 167, 157, 127, 143, 13, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 94, 157, 163, 128, 239, 119, 116, - 194, 162, 172, 189, 100, 36, 33, 13, 31, 137, 177, 80, 73, 119, 126, 246, 215, 123, - 178, 195, 12, 141, 65, 65, 89, + 94, 157, 163, 128, 239, 119, 116, 194, 162, 172, 189, 100, 36, 33, 13, 31, 137, + 177, 80, 73, 119, 126, 246, 215, 123, 178, 195, 12, 141, 65, 65, 89, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 74, 195, 255, 195, 62, 36, 197, 48, - 100, 25, 121, 8, 191, 219, 73, 136, 227, 203, 98, 123, 204, 27, 197, 66, 193, 107, - 115, 53, 5, 98, 137, 77, + 74, 195, 255, 195, 62, 36, 197, 48, 100, 25, 121, 8, 191, 219, 73, 136, 227, 203, + 98, 123, 204, 27, 197, 66, 193, 107, 115, 53, 5, 98, 137, 77, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 82, 16, 65, 222, 228, 32, 47, 1, - 245, 135, 169, 125, 46, 120, 57, 149, 121, 254, 168, 52, 30, 221, 150, 186, 157, - 141, 25, 143, 175, 196, 21, 176, + 82, 16, 65, 222, 228, 32, 47, 1, 245, 135, 169, 125, 46, 120, 57, 149, 121, 254, + 168, 52, 30, 221, 150, 186, 157, 141, 25, 143, 175, 196, 21, 176, ], ]; let signing_kps = map_secret_bytes_to_keypairs(signing_secret_key_bytes); let non_signing_secret_key_bytes = vec![ vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, 235, 126, 159, 58, 82, 170, 175, - 73, 188, 251, 60, 79, 24, 164, 146, 88, 210, 177, 65, 62, 183, 124, 129, 109, 248, - 181, 29, 16, 128, 207, 23, + 6, 235, 126, 159, 58, 82, 170, 175, 73, 188, 251, 60, 79, 24, 164, 146, 88, 210, + 177, 65, 62, 183, 124, 129, 109, 248, 181, 29, 16, 128, 207, 23, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 100, 177, 235, 229, 217, 215, 204, - 237, 178, 196, 182, 51, 28, 147, 58, 24, 79, 134, 41, 185, 153, 133, 229, 195, 32, - 221, 247, 171, 91, 196, 65, 250, + 100, 177, 235, 229, 217, 215, 204, 237, 178, 196, 182, 51, 28, 147, 58, 24, 79, + 134, 41, 185, 153, 133, 229, 195, 32, 221, 247, 171, 91, 196, 65, 250, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 65, 154, 236, 86, 178, 14, 179, - 117, 113, 4, 40, 173, 150, 221, 23, 7, 117, 162, 173, 104, 172, 241, 111, 31, 170, - 241, 185, 31, 69, 164, 115, 126, + 65, 154, 236, 86, 178, 14, 179, 117, 113, 4, 40, 173, 150, 221, 23, 7, 117, 162, + 173, 104, 172, 241, 111, 31, 170, 241, 185, 31, 69, 164, 115, 126, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 13, 67, 192, 157, 69, 188, 53, 161, - 77, 187, 133, 49, 254, 165, 47, 189, 185, 150, 23, 231, 143, 31, 64, 208, 134, 147, - 53, 53, 228, 225, 104, 62, + 13, 67, 192, 157, 69, 188, 53, 161, 77, 187, 133, 49, 254, 165, 47, 189, 185, 150, + 23, 231, 143, 31, 64, 208, 134, 147, 53, 53, 228, 225, 104, 62, ], vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 22, 66, 26, 11, 101, 38, 37, 1, - 148, 156, 162, 211, 37, 231, 37, 222, 172, 36, 224, 218, 187, 127, 122, 195, 229, - 234, 124, 91, 246, 73, 12, 120, + 22, 66, 26, 11, 101, 38, 37, 1, 148, 156, 162, 211, 37, 231, 37, 222, 172, 36, 224, + 218, 187, 127, 122, 195, 229, 234, 124, 91, 246, 73, 12, 120, ], ]; let non_signing_kps = map_secret_bytes_to_keypairs(non_signing_secret_key_bytes); diff --git a/src/keys.rs b/src/keys.rs index 2f601a2..73c51fb 100644 --- a/src/keys.rs +++ b/src/keys.rs @@ -11,6 +11,9 @@ use rand::Rng; #[cfg(feature = "std")] use std::fmt; +/// The required number of bytes for a `SecretKey` +pub const SECRET_KEY_BYTES: usize = 32; + /// A BLS secret key. #[derive(Clone)] pub struct SecretKey { @@ -27,17 +30,15 @@ impl SecretKey { /// Instantiate a SecretKey from existing bytes. pub fn from_bytes(input: &[u8]) -> Result { - let mut bytes: Vec; - // Require input <= 48 bytes, prepend zeros if necessary. - if input.len() > MODBYTES { + // Require input 32 bytes. + if input.len() != SECRET_KEY_BYTES { return Err(DecodeError::IncorrectSize); - } else if input.len() < MODBYTES { - bytes = vec![0u8; MODBYTES - input.len()]; - bytes.extend_from_slice(input); - } else { - bytes = input.to_vec(); } + // Prepend to MODBYTES in length + let mut bytes = vec![0u8; MODBYTES - input.len()]; + bytes.extend_from_slice(input); + // Ensure secret key is in the range [0, r-1]. let sk = Big::frombytes(&bytes); if sk >= Big::new_ints(&CURVE_ORDER) { @@ -47,12 +48,12 @@ impl SecretKey { Ok(SecretKey { x: sk }) } - /// Export the SecretKey to bytes. + /// Export the SecretKey as 32 bytes. pub fn as_bytes(&self) -> Vec { - let mut temp = Big::new_copy(&self.x); + let mut temp = self.x.clone(); let mut bytes: [u8; MODBYTES] = [0; MODBYTES]; temp.tobytes(&mut bytes); - bytes.to_vec() + bytes[MODBYTES - SECRET_KEY_BYTES..].to_vec() } pub fn as_raw(&self) -> &Big { @@ -198,9 +199,8 @@ mod tests { #[test] fn test_secret_key_serialization_isomorphism() { let sk_bytes = vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 78, 252, 122, 126, 32, 0, 75, 89, 252, - 31, 42, 130, 254, 88, 6, 90, 138, 202, 135, 194, 233, 117, 181, 75, 96, 238, 79, 100, - 237, 59, 140, 111, + 78, 252, 122, 126, 32, 0, 75, 89, 252, 31, 42, 130, 254, 88, 6, 90, 138, 202, 135, 194, + 233, 117, 181, 75, 96, 238, 79, 100, 237, 59, 140, 111, ]; let sk = SecretKey::from_bytes(&sk_bytes).unwrap(); let decoded_sk = sk.as_bytes(); @@ -281,31 +281,39 @@ mod tests { #[test] fn test_secret_key_from_bytes() { - let bytes = vec![1; 1]; - assert!(SecretKey::from_bytes(&bytes).is_ok()); + let bytes = vec![]; + assert_eq!( + SecretKey::from_bytes(&bytes), + Err(DecodeError::IncorrectSize) + ); - let bytes = vec![1; 49]; + let bytes = vec![1; 33]; assert_eq!( SecretKey::from_bytes(&bytes), Err(DecodeError::IncorrectSize) ); - let bytes = vec![0; 48]; + let bytes = vec![0; 32]; assert!(SecretKey::from_bytes(&bytes).is_ok()); - let bytes = vec![255; 48]; + let bytes = vec![255; 32]; assert_eq!( SecretKey::from_bytes(&bytes), Err(DecodeError::InvalidSecretKeyRange) ); } + #[test] + fn test_secret_key_as_bytes() { + let sk = SecretKey::random(&mut rand::thread_rng()); + assert!(sk.as_bytes().len() == 32); + } + #[test] fn test_signature_verify_with_serialized_public_key() { let sk_bytes = vec![ - 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 78, 252, 122, 126, 32, 0, 75, 89, 252, - 31, 42, 130, 254, 88, 6, 90, 138, 202, 135, 194, 233, 117, 181, 75, 96, 238, 79, 100, - 237, 59, 140, 111, + 78, 252, 122, 126, 32, 0, 75, 89, 252, 31, 42, 130, 254, 88, 6, 90, 138, 202, 135, 194, + 233, 117, 181, 75, 96, 238, 79, 100, 237, 59, 140, 111, ]; let sk = SecretKey::from_bytes(&sk_bytes).unwrap(); let pk = PublicKey::from_secret_key(&sk); From 12d2dfb48ab5babf833c26f00d81e9f8be36e161 Mon Sep 17 00:00:00 2001 From: Kirk Baird Date: Tue, 28 Apr 2020 14:31:29 +1000 Subject: [PATCH 2/3] Expose secret key size constant Signed-off-by: Kirk Baird --- src/lib.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib.rs b/src/lib.rs index 7117717..0d70b4a 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -43,5 +43,5 @@ pub use amcl_utils::{compress_g2, decompress_g2, hash_to_curve_g2}; pub use errors::DecodeError; pub use g1::G1Point; pub use g2::G2Point; -pub use keys::{Keypair, PublicKey, SecretKey}; +pub use keys::{Keypair, PublicKey, SecretKey, SECRET_KEY_BYTES}; pub use signature::Signature; From 6b3e5d9326ea65d2562f6aa9a8c763fa1f9a3b6d Mon Sep 17 00:00:00 2001 From: Kirk Baird Date: Tue, 28 Apr 2020 14:34:27 +1000 Subject: [PATCH 3/3] Version bump Signed-off-by: Kirk Baird --- Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Cargo.toml b/Cargo.toml index dddd368..a390412 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "milagro_bls" -version = "1.0.0" +version = "1.0.1" authors = ["Lovesh Harchandani ", "Kirk Baird ", "Paul Hauner "] description = "BLS12-381 signatures using the Apache Milagro curve library, targeting Ethereum 2.0" license = "Apache-2.0"