zecfoundation
/
zcash_script
mirror of https://github.com/ZcashFoundation/zcash_script.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Remove init_and_check_sodium from crypto/common.h 

This removes the last implicit dependency on libsodium from
libzcashconsensus.

The test code no longer asserts that the linked libsodium enforces that
s < L in signatures, but zcashd itself still does.
This commit is contained in:
Jack Grigg 2020-07-17 15:37:07 +12:00
parent f6a5273e5f
commit 6272d92b53
4 changed files with 44 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
src/crypto/common.h
View File

@ -13,7 +13,6 @@
#include <assert.h> #include <assert.h>
#include <string.h> #include <string.h>
#include "sodium.h"
#include "compat/endian.h" #include "compat/endian.h"
#if defined(NDEBUG) #if defined(NDEBUG)
@ -85,42 +84,4 @@ void static inline WriteBE64(unsigned char* ptr, uint64_t x)
memcpy(ptr, (char*)&v, 8); memcpy(ptr, (char*)&v, 8);
} }
int inline init_and_check_sodium()
{
if (sodium_init() == -1) {
return -1;
}
// What follows is a runtime test that ensures the version of libsodium
// we're linked against checks that signatures are canonical (s < L).
const unsigned char message[1] = { 0 };
unsigned char pk[crypto_sign_PUBLICKEYBYTES];
unsigned char sk[crypto_sign_SECRETKEYBYTES];
unsigned char sig[crypto_sign_BYTES];
crypto_sign_keypair(pk, sk);
crypto_sign_detached(sig, NULL, message, sizeof(message), sk);
assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) == 0);
// Copied from libsodium/crypto_sign/ed25519/ref10/open.c
static const unsigned char L[32] =
{ 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 };
// Add L to S, which starts at sig[32].
unsigned int s = 0;
for (size_t i = 0; i < 32; i++) {
s = sig[32 + i] + L[i] + (s >> 8);
sig[32 + i] = s & 0xff;
}
assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) != 0);
return 0;
}
#endif // BITCOIN_CRYPTO_COMMON_H #endif // BITCOIN_CRYPTO_COMMON_H

4
src/gtest/main.cpp
View File

@ -1,10 +1,10 @@
#include "gmock/gmock.h" #include "gmock/gmock.h"
#include "crypto/common.h"
#include "key.h" #include "key.h"
#include "pubkey.h" #include "pubkey.h"
#include "util.h" #include "util.h"
#include "librustzcash.h" #include "librustzcash.h"
#include <sodium.h>
struct ECCryptoClosure struct ECCryptoClosure
{ {
@ -14,7 +14,7 @@ struct ECCryptoClosure
ECCryptoClosure instance_of_eccryptoclosure; ECCryptoClosure instance_of_eccryptoclosure;
int main(int argc, char **argv) { int main(int argc, char **argv) {
assert(init_and_check_sodium() != -1); assert(sodium_init() != -1);
ECC_Start(); ECC_Start();
boost::filesystem::path sapling_spend = ZC_GetParamsDir() / "sapling-spend.params"; boost::filesystem::path sapling_spend = ZC_GetParamsDir() / "sapling-spend.params";

41
src/init.cpp
View File

@ -8,7 +8,6 @@
#endif #endif
#include "init.h" #include "init.h"
#include "crypto/common.h"
#include "addrman.h" #include "addrman.h"
#include "amount.h" #include "amount.h"
#include "checkpoints.h" #include "checkpoints.h"
@ -60,6 +59,7 @@
#include <boost/interprocess/sync/file_lock.hpp> #include <boost/interprocess/sync/file_lock.hpp>
#include <boost/thread.hpp> #include <boost/thread.hpp>
#include <openssl/crypto.h> #include <openssl/crypto.h>
#include <sodium.h>
#if ENABLE_ZMQ #if ENABLE_ZMQ
#include "zmq/zmqnotificationinterface.h" #include "zmq/zmqnotificationinterface.h"
@ -686,6 +686,45 @@ bool InitSanityCheck(void)
} }
int inline init_and_check_sodium()
{
if (sodium_init() == -1) {
return -1;
}
// What follows is a runtime test that ensures the version of libsodium
// we're linked against checks that signatures are canonical (s < L).
const unsigned char message[1] = { 0 };
unsigned char pk[crypto_sign_PUBLICKEYBYTES];
unsigned char sk[crypto_sign_SECRETKEYBYTES];
unsigned char sig[crypto_sign_BYTES];
crypto_sign_keypair(pk, sk);
crypto_sign_detached(sig, NULL, message, sizeof(message), sk);
assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) == 0);
// Copied from libsodium/crypto_sign/ed25519/ref10/open.c
static const unsigned char L[32] =
{ 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 };
// Add L to S, which starts at sig[32].
unsigned int s = 0;
for (size_t i = 0; i < 32; i++) {
s = sig[32 + i] + L[i] + (s >> 8);
sig[32 + i] = s & 0xff;
}
assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) != 0);
return 0;
}
static void ZC_LoadParams( static void ZC_LoadParams(
const CChainParams& chainparams const CChainParams& chainparams
) )

5
src/test/test_bitcoin.cpp
View File

@ -6,8 +6,6 @@
#include "test_bitcoin.h" #include "test_bitcoin.h"
#include "crypto/common.h"
#include "chainparams.h" #include "chainparams.h"
#include "consensus/consensus.h" #include "consensus/consensus.h"
#include "consensus/validation.h" #include "consensus/validation.h"
@ -28,6 +26,7 @@
#include <boost/filesystem.hpp> #include <boost/filesystem.hpp>
#include <boost/test/unit_test.hpp> #include <boost/test/unit_test.hpp>
#include <boost/thread.hpp> #include <boost/thread.hpp>
#include <sodium.h>
#include "librustzcash.h" #include "librustzcash.h"
@ -69,7 +68,7 @@ JoinSplitTestingSetup::~JoinSplitTestingSetup()
BasicTestingSetup::BasicTestingSetup(const std::string& chainName) BasicTestingSetup::BasicTestingSetup(const std::string& chainName)
{ {
assert(init_and_check_sodium() != -1); assert(sodium_init() != -1);
ECC_Start(); ECC_Start();
SetupEnvironment(); SetupEnvironment();
SetupNetworking(); SetupNetworking();