From 76a9a723e1d4e45fad807d1b29961651844b7d5d Mon Sep 17 00:00:00 2001 From: subtly Date: Thu, 23 Oct 2014 22:12:47 +0200 Subject: [PATCH] style. remove unused code. --- libdevcrypto/CryptoPP.cpp | 9 ++- libdevcrypto/EC.cpp | 32 ----------- libdevcrypto/EC.h | 47 --------------- libdevcrypto/ECDHE.cpp | 71 ----------------------- libdevcrypto/ECDHE.h | 118 -------------------------------------- test/crypto.cpp | 47 ++------------- 6 files changed, 10 insertions(+), 314 deletions(-) delete mode 100644 libdevcrypto/ECDHE.cpp delete mode 100644 libdevcrypto/ECDHE.h diff --git a/libdevcrypto/CryptoPP.cpp b/libdevcrypto/CryptoPP.cpp index 84e354d5f..480ababdd 100644 --- a/libdevcrypto/CryptoPP.cpp +++ b/libdevcrypto/CryptoPP.cpp @@ -44,7 +44,8 @@ Integer pp::ExponentFromSecret(Secret const& _s) return std::move(Integer(_s.data(), 32)); } -void pp::PublicFromExponent(Integer const& _e, Public& _p) { +void pp::PublicFromExponent(Integer const& _e, Public& _p) +{ CryptoPP::DL_PrivateKey_EC k; k.AccessGroupParameters().Initialize(secp256k1()); k.SetPrivateExponent(_e); @@ -55,12 +56,14 @@ void pp::PublicFromExponent(Integer const& _e, Public& _p) { pp::PublicFromDL_PublicKey_EC(p, _p); } -void pp::PublicFromDL_PublicKey_EC(CryptoPP::DL_PublicKey_EC const& _k, Public& _p) { +void pp::PublicFromDL_PublicKey_EC(CryptoPP::DL_PublicKey_EC const& _k, Public& _p) +{ bytes prefixedKey(65); _k.GetGroupParameters().GetCurve().EncodePoint(prefixedKey.data(), _k.GetPublicElement(), false); memcpy(_p.data(), &prefixedKey[1], 64); } -void pp::SecretFromDL_PrivateKey_EC(CryptoPP::DL_PrivateKey_EC const& _k, Secret& _s) { +void pp::SecretFromDL_PrivateKey_EC(CryptoPP::DL_PrivateKey_EC const& _k, Secret& _s) +{ _k.GetPrivateExponent().Encode(_s.data(), 32); } diff --git a/libdevcrypto/EC.cpp b/libdevcrypto/EC.cpp index 084539c17..4a03b3e0e 100644 --- a/libdevcrypto/EC.cpp +++ b/libdevcrypto/EC.cpp @@ -69,35 +69,3 @@ void dev::crypto::decrypt(Secret const& _k, bytes& _c) memcpy(_c.data(), p.data(), _c.size()); } -SecretKeyRef::SecretKeyRef() -{ - secp256k1_start(); - static std::mt19937_64 s_eng(time(0)); - std::uniform_int_distribution d(0, 255); - - for (int i = 0; i < 100; ++i) - { - for (unsigned i = 0; i < 32; ++i) - m_secret[i] = (byte)d(s_eng); - - /// todo: check key validity w/cryptopp - KeyPair ret(m_secret); - if (ret.address()) - break; - } - /// todo: throw exception if key doesn't happen (or run forever?) - /// todo: ^ also in KeyPair::create() -} - -Public SecretKeyRef::pub() const -{ - Public p; - pp::PublicFromExponent(pp::ExponentFromSecret(m_secret), p); - return p; -} - -Address SecretKeyRef::address() const -{ - return dev::right160(dev::sha3(bytesConstRef(pub().data(), 64))); -} - diff --git a/libdevcrypto/EC.h b/libdevcrypto/EC.h index f4edb2c0d..ecb9964d8 100644 --- a/libdevcrypto/EC.h +++ b/libdevcrypto/EC.h @@ -35,53 +35,6 @@ void encrypt(Public const& _k, bytes& _text); /// Decrypts text (in place). void decrypt(Secret const& _k, bytes& _text); - -class SecretKeyRef -{ -public: - /// Creates random secret - SecretKeyRef(); - - /// Creates from secret (move). - SecretKeyRef(Secret _s): m_secret(_s) {} - - /// Retrieve the secret key. - Secret sec() const { return m_secret; } - - /// Retrieve the public key. - Public pub() const; - - /// Retrieve the associated address of the public key. - Address address() const; - -private: - Secret m_secret; -}; - -/// [ECDHE Trusted Key Exchange]: - -/// ECDSA Signature -using Signature = FixedHash<65>; - -/// Secret nonce from trusted key exchange. -using Nonce = h256; - -/// Public key with nonce corresponding to trusted key exchange. -typedef std::pair PublicTrust; - -/** - * @brief EC KeyPair - * @deprecated - */ -class ECKeyPair -{ - - /// TO BE REMOVED - - friend class ECDHETKeyExchange; - std::map m_trustEgress; - std::set m_trustIngress; -}; } } diff --git a/libdevcrypto/ECDHE.cpp b/libdevcrypto/ECDHE.cpp deleted file mode 100644 index ca6e483bf..000000000 --- a/libdevcrypto/ECDHE.cpp +++ /dev/null @@ -1,71 +0,0 @@ -/* - This file is part of cpp-ethereum. - - cpp-ethereum is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - cpp-ethereum is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with cpp-ethereum. If not, see . - */ -/** @file ECDHE.cpp - * @author Alex Leverington - * @date 2014 - */ - -#include "SHA3.h" -#include "ECDHE.h" - -using namespace dev::crypto; - -ECDHE::ECDHE() -{ - -} - -void ECDHE::agree(Public _remote) -{ - m_remote = _remote; - // cryptopp::agree -} - -dev::Secret ECDHE::secret() -{ - // return cryptopp::secret -} - -ECDHETKeyExchange::ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust): - blind(true), - m_ecdhe(_ecdhe), - m_keypair(_keyTrust), - m_trust(m_ecdhe.m_remote,dev::sha3(bytesConstRef(m_ecdhe.m_remote.ref()))) -{ - -} - -ECDHETKeyExchange::ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust, Address _remote): - blind(false), - m_ecdhe(_ecdhe), - m_keypair(_keyTrust), - m_trust(_keyTrust->m_trustEgress.find(_remote)->second) -{ - -} - -dev::bytes ECDHETKeyExchange::exchange() -{ - -} - -bool ECDHETKeyExchange::authenticate(bytes _exchangeIn) -{ - -} - - diff --git a/libdevcrypto/ECDHE.h b/libdevcrypto/ECDHE.h deleted file mode 100644 index 5e40bb8ff..000000000 --- a/libdevcrypto/ECDHE.h +++ /dev/null @@ -1,118 +0,0 @@ -/* - This file is part of cpp-ethereum. - - cpp-ethereum is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - cpp-ethereum is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with cpp-ethereum. If not, see . - */ -/** @file ECDHE.h - * @author Alex Leverington - * @date 2014 - * - * Elliptic curve Diffie-Hellman ephemeral key exchange - */ - -#pragma once - -#include "EC.h" - -namespace dev -{ -namespace crypto -{ - -/** - * @brief Derive DH shared secret from EC keypairs. - * @todo shield secret() - */ -class ECDHE -{ - friend class ECDHETKeyExchange; -public: - ECDHE(); - - /// Agree on ECDH parmaters and derive shared secret. - void agree(Public _remote); - -protected: - Secret secret(); - -private: - KeyPair m_ephemeral; ///< Ephemeral keypair - Public m_remote; ///< Public key of remote -}; - -/** - * @brief Secure exchange of static keys. - * Key exchange is encrypted with public key of remote and then encrypted by block cipher. For a blind remote the ecdhe public key is used to encrypt exchange, and for a trusted remote the trusted public key is used. The block cipher key is derived from ecdhe shared secret. - */ -class ECDHETKeyExchange -{ -public: - /// Blind key exchange. KeyPair trusts are updated if successful. - ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust); - - /// Trusted key exchange. Upon success, KeyPair trusts are updated. - ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust, Address _remote); - - /// Authentication for trusted remote, blind trust, or disconnect. - /// Returns key exchange. encrypted w/aes-ctr. key=ecdhe.m_shared[0-127] - /// - /// @returns E(K,prefix||e(epub,m||v||sign(k,sha3(dhe-k||m)))||mac) - /// - /// E = AES in CTR mode (todo: nonce) - /// K = ecdhe.secret[0..127] - /// ECDHETKeyExchange(ECDHE const&, ECKeyPair*): - /// prefix = sha3(ecdhe.remote) - /// epub = ecdhe.remote - /// ECDHETKeyExchange(ECDHE const&, ECKeyPair* _k, Address _r): - /// trust = _k.m_trustEgress.find(_r) - /// sha3(trust.first) - /// epub = trust.second - /// e = ECIES encrypt() - /// m = keypair.public - /// v = 0x80 - /// k = keypair.secret - /// mac = sha3(M||prefix||e()); M = ecdhe.secret[128..255] - /// K = ecdhe.secret[0..127] - bytes exchange(); - - /// Decrypts payload, checks mac, checks trust, decrypts exchange, authenticates exchange, verifies version, verifies signature, and if no failures occur, updates or creats trust and derives trusted-shared-secret. - /// New ECDH agreement is created with trusted public keys. - /// _out = E(m_trustedC, _out) - /// E = AES in CTR mode (todo: nonce) - /// sigk = k from exchange signature sent - /// sigr = r from exchange signature received - /// K = sha3(ecdheTrusted.secret||(sha3(sigk)⊕sha3(sigr)) - /// m_trustedC = K[0..127] - /// m_trustedM = K[128..255] - bool authenticate(bytes _exchangeIn); - - /// Places ciphertext in _out, zeros _in, and upates _mac. MAC is finalized and appended to _out if _finalmac is true. - void blockEncrypt(bytes* _in, bytes* _out, h256* _mac, bool _finalmac); - -private: - /// Encrypt message using current m_trust public key. During blind trust key exchange the remote ephemeral public key is used. - void encrypt(); - - bool blind; - ECDHE const& m_ecdhe; - ECKeyPair* m_keypair; - PublicTrust m_trust; - ECDHE m_ecdheTrusted; - FixedHash<16> m_trustedC; - FixedHash<16> m_trustedM; -}; - -} -} - diff --git a/test/crypto.cpp b/test/crypto.cpp index 57c992e50..0d3b6202f 100644 --- a/test/crypto.cpp +++ b/test/crypto.cpp @@ -43,7 +43,7 @@ BOOST_AUTO_TEST_CASE(common_encrypt_decrypt) bytes m = asBytes(message); bytesConstRef bcr(&m); - SecretKeyRef k; + KeyPair k = KeyPair::create(); bytes cipher; encrypt(k.pub(), bcr, cipher); assert(cipher != asBytes(message) && cipher.size() > 0); @@ -87,7 +87,7 @@ BOOST_AUTO_TEST_CASE(cryptopp_vs_secp256k1) BOOST_AUTO_TEST_CASE(cryptopp_keys_cryptor_sipaseckp256k1) { - SecretKeyRef k; + KeyPair k = KeyPair::create(); Secret s = k.sec(); // Convert secret to exponent used by pp @@ -139,7 +139,7 @@ BOOST_AUTO_TEST_CASE(cryptopp_public_export_import) pub.Initialize(pp::secp256k1(), pp::PointFromPublic(p)); assert(pub.GetPublicElement() == e.GetKey().GetPublicElement()); - SecretKeyRef k; + KeyPair k = KeyPair::create(); Public p2; pp::PublicFromExponent(pp::ExponentFromSecret(k.sec()), p2); assert(k.pub() == p2); @@ -151,8 +151,7 @@ BOOST_AUTO_TEST_CASE(cryptopp_public_export_import) BOOST_AUTO_TEST_CASE(ecies_eckeypair) { - KeyPair l = KeyPair::create(); - SecretKeyRef k(l.sec()); + KeyPair k = KeyPair::create(); string message("Now is the time for all good persons to come to the aide of humanity."); string original = message; @@ -225,44 +224,6 @@ BOOST_AUTO_TEST_CASE(cryptopp_ecies_message) assert(plainLocalFromFuture == plainLocal); } -BOOST_AUTO_TEST_CASE(cryptopp_ecdh_prime) -{ - cnote << "Testing cryptopp_ecdh_prime..."; - - using namespace CryptoPP; - OID curve = ASN1::secp256k1(); - - ECDH::Domain dhLocal(curve); - SecByteBlock privLocal(dhLocal.PrivateKeyLength()); - SecByteBlock pubLocal(dhLocal.PublicKeyLength()); - dhLocal.GenerateKeyPair(pp::PRNG(), privLocal, pubLocal); - - ECDH::Domain dhRemote(curve); - SecByteBlock privRemote(dhRemote.PrivateKeyLength()); - SecByteBlock pubRemote(dhRemote.PublicKeyLength()); - dhRemote.GenerateKeyPair(pp::PRNG(), privRemote, pubRemote); - - assert(dhLocal.AgreedValueLength() == dhRemote.AgreedValueLength()); - - // local: send public to remote; remote: send public to local - - // Local - SecByteBlock sharedLocal(dhLocal.AgreedValueLength()); - assert(dhLocal.Agree(sharedLocal, privLocal, pubRemote)); - - // Remote - SecByteBlock sharedRemote(dhRemote.AgreedValueLength()); - assert(dhRemote.Agree(sharedRemote, privRemote, pubLocal)); - - // Test - Integer ssLocal, ssRemote; - ssLocal.Decode(sharedLocal.BytePtr(), sharedLocal.SizeInBytes()); - ssRemote.Decode(sharedRemote.BytePtr(), sharedRemote.SizeInBytes()); - - assert(ssLocal != 0); - assert(ssLocal == ssRemote); -} - BOOST_AUTO_TEST_CASE(cryptopp_aes128_ctr) { const int aesKeyLen = 16;