Skip to content

Commit

Permalink
Merge pull request #19 from ZenGo-X/bugfix/pubkey_eddsa_generation
Browse files Browse the repository at this point in the history
Bugfix/pubkey eddsa generation - fixed a bug in eddsa keypair generation from user given seed resulted in a keypair that is inconsistent with other EdDSA implementations.
  • Loading branch information
Shalevos authored Oct 12, 2021
2 parents 9bf90ad + 0fe8967 commit 13ccc1f
Show file tree
Hide file tree
Showing 8 changed files with 35 additions and 23 deletions.
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -8,3 +8,4 @@ Cargo.lock

# These are backup files generated by rustfmt
**/*.rs.bk
**/venv
2 changes: 1 addition & 1 deletion Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[package]
name = "multi-party-eddsa"
version = "0.2.2"
version = "0.2.3"
authors = [
"Omer <[email protected]>",
"Gary <[email protected]>"
Expand Down
20 changes: 8 additions & 12 deletions src/protocols/aggsig/mod.rs
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
#![allow(non_snake_case)]

/*
multi-party-ed25519
Expand All @@ -19,9 +18,10 @@
//! Simple ed25519
//!
//! See https://tools.ietf.org/html/rfc8032
pub use curv::arithmetic::traits::Samplable;
use curv::cryptographic_primitives::proofs::*;
use curv::elliptic::curves::ed25519::{FE, GE};
pub use curv::elliptic::curves::traits::*;
use curv::elliptic::curves::ed25519::{GE, FE};
use curv::BigInt;

use curv::cryptographic_primitives::hashing::hash_sha512::HSha512;
Expand Down Expand Up @@ -51,20 +51,15 @@ pub struct KeyPair {

impl KeyPair {
pub fn create() -> KeyPair {
let sk: FE = ECScalar::new_random();
Self::create_from_private_key_internal(&sk)
let secret = BigInt::sample(256);
Self::create_from_private_key(&secret)
}

pub fn create_from_private_key(secret: &BigInt) -> KeyPair {
let sk: FE = ECScalar::from(secret);
Self::create_from_private_key_internal(&sk)
}

fn create_from_private_key_internal(sk: &FE) -> KeyPair {
let ec_point: GE = ECPoint::generator();
let h = HSha512::create_hash(&vec![&sk.to_big_int()]);
let h = HSha512::create_hash(&vec![secret]);
let h_vec = BigInt::to_bytes(&h);
let mut h_vec_padded = vec![0; 64 - h_vec.len()]; // ensure hash result is padded to 64 bytes
let mut h_vec_padded = vec![0; 64 - h_vec.len()]; // ensure hash result is padded to 64 bytes
h_vec_padded.extend_from_slice(&h_vec);
let mut private_key: [u8; 32] = [0u8; 32];
let mut prefix: [u8; 32] = [0u8; 32];
Expand All @@ -73,7 +68,8 @@ impl KeyPair {
private_key[0] &= 248;
private_key[31] &= 63;
private_key[31] |= 64;
let private_key = &private_key[..private_key.len()];
let private_key = &mut private_key[..32];
private_key.reverse();
let prefix = &prefix[..prefix.len()];
let private_key: FE = ECScalar::from(&BigInt::from_bytes(private_key));
let prefix: FE = ECScalar::from(&BigInt::from_bytes(prefix));
Expand Down
20 changes: 18 additions & 2 deletions src/protocols/aggsig/test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,27 @@

#[cfg(test)]
mod tests {
use curv::arithmetic::Converter;
use curv::elliptic::curves::ed25519::{FE, GE};
use curv::elliptic::curves::traits::ECPoint;
use curv::elliptic::curves::ed25519::{GE, FE};
use curv::BigInt;
use protocols::aggsig::{test_com, verify, KeyPair, Signature};
use curv::arithmetic::Converter;

#[test]
fn test_ed25519_generate_keypair_from_seed() {
let priv_str = "48ab347b2846f96b7bcd00bf985c52b83b92415c5c914bc1f3b09e186cf2b14f"; // Private Key
let priv_dec = decode(priv_str).unwrap();
let priv_bn = BigInt::from_bytes(&priv_dec[..]);

let party1_keys = KeyPair::create_from_private_key(&priv_bn);
assert!(
&party1_keys
.public_key
.bytes_compressed_to_big_int()
.to_hex()
== "c7d17a93f129527bf7ca413f34a0f23c8462a9c3a3edd4f04550a43cdd60b27a"
);
}

#[test]
fn test_ed25519_one_party() {
Expand Down
4 changes: 2 additions & 2 deletions src/protocols/multisig/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,8 @@ use curv::arithmetic::traits::Converter;
use curv::cryptographic_primitives::hashing::hash_sha256::HSha256;
use curv::cryptographic_primitives::hashing::hash_sha512::HSha512;
use curv::cryptographic_primitives::hashing::traits::*;
use curv::elliptic::curves::ed25519::{FE, GE};
use curv::elliptic::curves::traits::*;
use curv::elliptic::curves::ed25519::{GE, FE};
use curv::BigInt;
use protocols::multisig;

Expand Down Expand Up @@ -80,7 +80,7 @@ impl ExpendedKeyPair {
let ec_point: GE = ECPoint::generator();
let h = HSha512::create_hash(&vec![&sk.to_big_int()]);
let h_vec = BigInt::to_bytes(&h);
let mut h_vec_padded = vec![0; 64 - h_vec.len()]; // ensure hash result is padded to 64 bytes
let mut h_vec_padded = vec![0; 64 - h_vec.len()]; // ensure hash result is padded to 64 bytes
h_vec_padded.extend_from_slice(&h_vec);
let mut private_key: [u8; 32] = [0u8; 32];
let mut prefix: [u8; 32] = [0u8; 32];
Expand Down
5 changes: 2 additions & 3 deletions src/protocols/multisig/test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,13 @@
#[cfg(test)]
mod tests {

use curv::arithmetic::Converter;
use curv::cryptographic_primitives::hashing::hash_sha256::HSha256;
use curv::cryptographic_primitives::hashing::merkle_tree::MT256;
use curv::cryptographic_primitives::hashing::traits::Hash;
use curv::elliptic::curves::ed25519::{FE, GE};
use curv::elliptic::curves::traits::ECScalar;
use curv::elliptic::curves::ed25519::{GE, FE};
use curv::BigInt;
use curv::arithmetic::Converter;
use protocols::multisig::{partial_sign, verify, EphKey, Keys, Signature};

#[test]
Expand Down Expand Up @@ -89,5 +89,4 @@ mod tests {
assert!(MT256::<GE>::validate_proof(&proof1, root).is_ok());
assert!(MT256::<GE>::validate_proof(&proof2, root).is_ok());
}

}
4 changes: 2 additions & 2 deletions src/protocols/thresholdsig/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ use curv::cryptographic_primitives::commitments::traits::Commitment;
use curv::cryptographic_primitives::hashing::hash_sha512::HSha512;
use curv::cryptographic_primitives::hashing::traits::*;
use curv::cryptographic_primitives::secret_sharing::feldman_vss::VerifiableSS;
use curv::elliptic::curves::ed25519::{GE, FE};
use curv::elliptic::curves::ed25519::{FE, GE};
use curv::BigInt;

const SECURITY: usize = 256;
Expand Down Expand Up @@ -89,7 +89,7 @@ impl Keys {
let ec_point: GE = ECPoint::generator();
let h = HSha512::create_hash(&vec![&sk.to_big_int()]);
let h_vec = BigInt::to_bytes(&h);
let mut h_vec_padded = vec![0; 64 - h_vec.len()]; // ensure hash result is padded to 64 bytes
let mut h_vec_padded = vec![0; 64 - h_vec.len()]; // ensure hash result is padded to 64 bytes
h_vec_padded.extend_from_slice(&h_vec);
let mut private_key: [u8; 32] = [0u8; 32];
let mut prefix: [u8; 32] = [0u8; 32];
Expand Down
2 changes: 1 addition & 1 deletion src/protocols/thresholdsig/test.rs
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
#[cfg(test)]
mod tests {
use curv::cryptographic_primitives::secret_sharing::feldman_vss::VerifiableSS;
use curv::elliptic::curves::ed25519::{GE, FE};
use curv::elliptic::curves::ed25519::{FE, GE};
use protocols::thresholdsig::*;

#[test]
Expand Down

0 comments on commit 13ccc1f

Please sign in to comment.