solana/src/signature.rs

//! The `signature` module provides functionality for public, and private keys.

use generic_array::typenum::{U32, U64};
use generic_array::GenericArray;
use rand::{ChaChaRng, Rng, SeedableRng};
use rayon::prelude::*;
use ring::error::Unspecified;
use ring::rand::SecureRandom;
use ring::signature::Ed25519KeyPair;
use ring::{rand, signature};
use serde_json;
use std::cell::RefCell;
use std::error;
use std::fs::File;
use untrusted::Input;

pub type KeyPair = Ed25519KeyPair;
pub type PublicKey = GenericArray<u8, U32>;
pub type Signature = GenericArray<u8, U64>;

pub trait KeyPairUtil {
    fn new() -> Self;
    fn pubkey(&self) -> PublicKey;
}

impl KeyPairUtil for Ed25519KeyPair {
    /// Return a new ED25519 keypair
    fn new() -> Self {
        let rng = rand::SystemRandom::new();
        let pkcs8_bytes = Ed25519KeyPair::generate_pkcs8(&rng).expect("generate_pkcs8");
        Ed25519KeyPair::from_pkcs8(Input::from(&pkcs8_bytes)).expect("from_pcks8")
    }

    /// Return the public key for the given keypair
    fn pubkey(&self) -> PublicKey {
        GenericArray::clone_from_slice(self.public_key_bytes())
    }
}

pub trait SignatureUtil {
    fn verify(&self, peer_public_key_bytes: &[u8], msg_bytes: &[u8]) -> bool;
}

impl SignatureUtil for GenericArray<u8, U64> {
    fn verify(&self, peer_public_key_bytes: &[u8], msg_bytes: &[u8]) -> bool {
        let peer_public_key = Input::from(peer_public_key_bytes);
        let msg = Input::from(msg_bytes);
        let sig = Input::from(self);
        signature::verify(&signature::ED25519, peer_public_key, msg, sig).is_ok()
    }
}

pub struct GenKeys {
    // This is necessary because the rng needs to mutate its state to remain
    // deterministic, and the fill trait requires an immuatble reference to self
    generator: RefCell<ChaChaRng>,
}

impl GenKeys {
    pub fn new(seed: [u8; 32]) -> GenKeys {
        let rng = ChaChaRng::from_seed(seed);
        GenKeys {
            generator: RefCell::new(rng),
        }
    }

    pub fn new_key(&self) -> Vec<u8> {
        KeyPair::generate_pkcs8(self).unwrap().to_vec()
    }

    pub fn gen_n_seeds(&self, n: i64) -> Vec<[u8; 32]> {
        let mut rng = self.generator.borrow_mut();
        (0..n).map(|_| rng.gen()).collect()
    }

    pub fn gen_n_keypairs(&self, n: i64) -> Vec<KeyPair> {
        self.gen_n_seeds(n)
            .into_par_iter()
            .map(|seed| {
                let pkcs8 = GenKeys::new(seed).new_key();
                KeyPair::from_pkcs8(Input::from(&pkcs8)).unwrap()
            })
            .collect()
    }
}

impl SecureRandom for GenKeys {
    fn fill(&self, dest: &mut [u8]) -> Result<(), Unspecified> {
        let mut rng = self.generator.borrow_mut();
        rng.fill(dest);
        Ok(())
    }
}

pub fn read_keypair(path: &str) -> Result<KeyPair, Box<error::Error>> {
    let file = File::open(path.to_string())?;
    let pkcs8: Vec<u8> = serde_json::from_reader(file)?;
    let keypair = Ed25519KeyPair::from_pkcs8(Input::from(&pkcs8))?;
    Ok(keypair)
}

#[cfg(test)]
mod tests {
    use super::*;
    use std::collections::HashSet;

    #[test]
    fn test_new_key_is_deterministic() {
        let seed = [0u8; 32];
        let rng0 = GenKeys::new(seed);
        let rng1 = GenKeys::new(seed);

        for _ in 0..100 {
            assert_eq!(rng0.new_key(), rng1.new_key());
        }
    }

    fn gen_n_pubkeys(seed: [u8; 32], n: i64) -> HashSet<PublicKey> {
        GenKeys::new(seed)
            .gen_n_keypairs(n)
            .into_iter()
            .map(|x| x.pubkey())
            .collect()
    }

    #[test]
    fn test_gen_n_pubkeys_deterministic() {
        let seed = [0u8; 32];
        assert_eq!(gen_n_pubkeys(seed, 50), gen_n_pubkeys(seed, 50));
    }
}
94: source doc review 2018-03-30 10:43:38 -07:00			//! The `signature` module provides functionality for public, and private keys.
Add signature module Because things other than transactions can be signed. 2018-03-06 12:48:26 -07:00
Fixes for serializing entries over blobs and reorg into ledger 2018-05-10 13:01:42 -07:00			`use generic_array::typenum::{U32, U64};`
cargo fmt rustfmt was updated with 1.26.1 2018-05-29 21:20:28 -06:00			`use generic_array::GenericArray;`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`use rand::{ChaChaRng, Rng, SeedableRng};`
refactored seed generation 2018-05-12 15:42:27 -04:00			`use rayon::prelude::*;`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`use ring::error::Unspecified;`
			`use ring::rand::SecureRandom;`
Add signature module Because things other than transactions can be signed. 2018-03-06 12:48:26 -07:00			`use ring::signature::Ed25519KeyPair;`
			`use ring::{rand, signature};`
Migrate to solana-keygen Most of #593 2018-07-12 15:42:01 -06:00			`use serde_json;`
changed RwLock to RefCell 2018-05-11 14:07:41 -04:00			`use std::cell::RefCell;`
Migrate to solana-keygen Most of #593 2018-07-12 15:42:01 -06:00			`use std::error;`
			`use std::fs::File;`
			`use untrusted::Input;`
Add signature module Because things other than transactions can be signed. 2018-03-06 12:48:26 -07:00
Boot genesis block helper Before this change, if you wanted to use a new Transaction feature in the genesis block, you'd need to extend its Creator object and associated methods. With yesterday's addtions to Transcation, it's now so easy to work with Transactions directly that we can get rid of the middleman. Also added a KeyPair type alias, so that ring could be easily swapped out with a competing library, if needed. 2018-03-07 11:05:06 -07:00			`pub type KeyPair = Ed25519KeyPair;`
Add signature module Because things other than transactions can be signed. 2018-03-06 12:48:26 -07:00			`pub type PublicKey = GenericArray<u8, U32>;`
			`pub type Signature = GenericArray<u8, U64>;`

Add accessors to keypairs and signatures 2018-03-07 15:32:22 -07:00			`pub trait KeyPairUtil {`
			`fn new() -> Self;`
			`fn pubkey(&self) -> PublicKey;`
Add signature module Because things other than transactions can be signed. 2018-03-06 12:48:26 -07:00			`}`

Add accessors to keypairs and signatures 2018-03-07 15:32:22 -07:00			`impl KeyPairUtil for Ed25519KeyPair {`
			`/// Return a new ED25519 keypair`
			`fn new() -> Self {`
			`let rng = rand::SystemRandom::new();`
Migrate to solana-keygen Most of #593 2018-07-12 15:42:01 -06:00			`let pkcs8_bytes = Ed25519KeyPair::generate_pkcs8(&rng).expect("generate_pkcs8");`
			`Ed25519KeyPair::from_pkcs8(Input::from(&pkcs8_bytes)).expect("from_pcks8")`
Add accessors to keypairs and signatures 2018-03-07 15:32:22 -07:00			`}`

			`/// Return the public key for the given keypair`
			`fn pubkey(&self) -> PublicKey {`
			`GenericArray::clone_from_slice(self.public_key_bytes())`
			`}`
			`}`

			`pub trait SignatureUtil {`
			`fn verify(&self, peer_public_key_bytes: &[u8], msg_bytes: &[u8]) -> bool;`
Add signature module Because things other than transactions can be signed. 2018-03-06 12:48:26 -07:00			`}`

Add accessors to keypairs and signatures 2018-03-07 15:32:22 -07:00			`impl SignatureUtil for GenericArray<u8, U64> {`
			`fn verify(&self, peer_public_key_bytes: &[u8], msg_bytes: &[u8]) -> bool {`
Migrate to solana-keygen Most of #593 2018-07-12 15:42:01 -06:00			`let peer_public_key = Input::from(peer_public_key_bytes);`
			`let msg = Input::from(msg_bytes);`
			`let sig = Input::from(self);`
Add accessors to keypairs and signatures 2018-03-07 15:32:22 -07:00			`signature::verify(&signature::ED25519, peer_public_key, msg, sig).is_ok()`
			`}`
Add signature module Because things other than transactions can be signed. 2018-03-06 12:48:26 -07:00			`}`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00
			`pub struct GenKeys {`
changed RwLock to RefCell 2018-05-11 14:07:41 -04:00			`// This is necessary because the rng needs to mutate its state to remain`
			`// deterministic, and the fill trait requires an immuatble reference to self`
			`generator: RefCell<ChaChaRng>,`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`}`

			`impl GenKeys {`
Upgrade rand 2018-06-11 14:04:51 -06:00			`pub fn new(seed: [u8; 32]) -> GenKeys {`
			`let rng = ChaChaRng::from_seed(seed);`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`GenKeys {`
changed RwLock to RefCell 2018-05-11 14:07:41 -04:00			`generator: RefCell::new(rng),`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`}`
			`}`

			`pub fn new_key(&self) -> Vec<u8> {`
			`KeyPair::generate_pkcs8(self).unwrap().to_vec()`
			`}`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00
Upgrade rand 2018-06-11 14:04:51 -06:00			`pub fn gen_n_seeds(&self, n: i64) -> Vec<[u8; 32]> {`
refactored seed generation 2018-05-12 15:42:27 -04:00			`let mut rng = self.generator.borrow_mut();`
Fix nondeterministic key generation (#243) Our one and only unsafe operation was ...unsafe. 2018-05-23 14:04:07 -06:00			`(0..n).map(\|_\| rng.gen()).collect()`
refactored seed generation 2018-05-12 15:42:27 -04:00			`}`

Fix nondeterministic key generation (#243) Our one and only unsafe operation was ...unsafe. 2018-05-23 14:04:07 -06:00			`pub fn gen_n_keypairs(&self, n: i64) -> Vec<KeyPair> {`
			`self.gen_n_seeds(n)`
Test cleanup GenKey unit tests were in the benchmark suite. 2018-05-23 12:23:39 -06:00			`.into_par_iter()`
refactored seed generation 2018-05-12 15:42:27 -04:00			`.map(\|seed\| {`
Upgrade rand 2018-06-11 14:04:51 -06:00			`let pkcs8 = GenKeys::new(seed).new_key();`
Migrate to solana-keygen Most of #593 2018-07-12 15:42:01 -06:00			`KeyPair::from_pkcs8(Input::from(&pkcs8)).unwrap()`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00			`})`
Test cleanup GenKey unit tests were in the benchmark suite. 2018-05-23 12:23:39 -06:00			`.collect()`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00			`}`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`}`

removed old keygen 2018-05-13 18:14:10 -04:00			`impl SecureRandom for GenKeys {`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`fn fill(&self, dest: &mut [u8]) -> Result<(), Unspecified> {`
changed RwLock to RefCell 2018-05-11 14:07:41 -04:00			`let mut rng = self.generator.borrow_mut();`
Upgrade rand 2018-06-11 14:04:51 -06:00			`rng.fill(dest);`
deterministic random wallet generationg 2018-05-09 00:03:05 -04:00			`Ok(())`
			`}`
			`}`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00
Migrate to solana-keygen Most of #593 2018-07-12 15:42:01 -06:00			`pub fn read_keypair(path: &str) -> Result<KeyPair, Box<error::Error>> {`
			`let file = File::open(path.to_string())?;`
			`let pkcs8: Vec<u8> = serde_json::from_reader(file)?;`
			`let keypair = Ed25519KeyPair::from_pkcs8(Input::from(&pkcs8))?;`
			`Ok(keypair)`
			`}`

Test cleanup GenKey unit tests were in the benchmark suite. 2018-05-23 12:23:39 -06:00			`#[cfg(test)]`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00			`mod tests {`
			`use super::*;`
			`use std::collections::HashSet;`

			`#[test]`
Fix nondeterministic key generation (#243) Our one and only unsafe operation was ...unsafe. 2018-05-23 14:04:07 -06:00			`fn test_new_key_is_deterministic() {`
Upgrade rand 2018-06-11 14:04:51 -06:00			`let seed = [0u8; 32];`
			`let rng0 = GenKeys::new(seed);`
			`let rng1 = GenKeys::new(seed);`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00
			`for _ in 0..100 {`
Fix nondeterministic key generation (#243) Our one and only unsafe operation was ...unsafe. 2018-05-23 14:04:07 -06:00			`assert_eq!(rng0.new_key(), rng1.new_key());`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00			`}`
			`}`

Upgrade rand 2018-06-11 14:04:51 -06:00			`fn gen_n_pubkeys(seed: [u8; 32], n: i64) -> HashSet<PublicKey> {`
			`GenKeys::new(seed)`
Fix nondeterministic key generation (#243) Our one and only unsafe operation was ...unsafe. 2018-05-23 14:04:07 -06:00			`.gen_n_keypairs(n)`
			`.into_iter()`
			`.map(\|x\| x.pubkey())`
			`.collect()`
			`}`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00
Fix nondeterministic key generation (#243) Our one and only unsafe operation was ...unsafe. 2018-05-23 14:04:07 -06:00			`#[test]`
			`fn test_gen_n_pubkeys_deterministic() {`
Upgrade rand 2018-06-11 14:04:51 -06:00			`let seed = [0u8; 32];`
			`assert_eq!(gen_n_pubkeys(seed, 50), gen_n_pubkeys(seed, 50));`
added tests and utility method for key generation 2018-05-11 12:55:05 -04:00			`}`
			`}`