-
Notifications
You must be signed in to change notification settings - Fork 893
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wallet openssl ed25519 #26770
base: master
Are you sure you want to change the base?
Wallet openssl ed25519 #26770
Changes from all commits
39a4b1e
fe9e34c
c540149
76253e4
f50c51e
9fe6c8b
bd72bcc
c4edca8
c622ddb
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -11,17 +11,26 @@ | |
#include <vector> | ||
|
||
#include "base/containers/span.h" | ||
#include "brave/components/brave_wallet/rust/lib.rs.h" | ||
#include "base/gtest_prod_util.h" | ||
|
||
namespace brave_wallet { | ||
|
||
// This class implement basic EdDSA over ed25519 functionality of bip32-ed25519 | ||
// https://www.rfc-editor.org/rfc/rfc8032.html#section-5.1.5 | ||
inline constexpr size_t kEd25519PrivateKeySize = 32; | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 32 bytes is private key size per spec. 64 bytes is what OpenSSL names as private_key which is actually a pair of private and public keys. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I had left a comment elsewhere about this, but I guess both me and Brian were confused, so I guess maybe we need some better naming, the comment above could also better explain this distinction, besides the link to the rfc. |
||
inline constexpr size_t kEd25519PublicKeySize = 32; | ||
inline constexpr size_t kEd25519KeyPairSize = | ||
kEd25519PrivateKeySize + kEd25519PublicKeySize; | ||
|
||
// https://github.com/satoshilabs/slips/blob/de7f963959ccfc80256fb5e001f64ce9ada9fba1/slip-0010.md?plain=1#L116-L117 | ||
inline constexpr size_t kSlip10ChainCodeSize = 32; | ||
|
||
// This class implements basic EdDSA over ed25519 functionality of SLIP-0010 | ||
// spec with 32 bytes private key and only allows private key derivation with | ||
// hardened index. | ||
// https://github.com/satoshilabs/slips/blob/master/slip-0010.md | ||
class HDKeyEd25519 { | ||
public: | ||
HDKeyEd25519(std::string path, | ||
rust::Box<Ed25519DalekExtendedSecretKeyResult>); | ||
HDKeyEd25519(); | ||
~HDKeyEd25519(); | ||
HDKeyEd25519(const HDKeyEd25519&) = delete; | ||
HDKeyEd25519& operator=(const HDKeyEd25519&) = delete; | ||
|
@@ -31,14 +40,9 @@ class HDKeyEd25519 { | |
static std::unique_ptr<HDKeyEd25519> GenerateFromPrivateKey( | ||
base::span<const uint8_t> private_key); | ||
|
||
std::string GetPath() const; | ||
std::unique_ptr<HDKeyEd25519> DeriveHardenedChild(uint32_t index); | ||
|
||
// If path contains normal index, nullptr will be returned | ||
std::unique_ptr<HDKeyEd25519> DeriveChildFromPath(const std::string& path); | ||
std::vector<uint8_t> Sign(base::span<const uint8_t> msg); | ||
bool VerifyForTesting(base::span<const uint8_t> msg, | ||
base::span<const uint8_t> sig); | ||
|
||
std::vector<uint8_t> GetPrivateKeyBytes() const; | ||
std::vector<uint8_t> GetPublicKeyBytes() const; | ||
|
@@ -47,8 +51,18 @@ class HDKeyEd25519 { | |
std::string GetBase58EncodedKeypair() const; | ||
|
||
private: | ||
std::string path_; | ||
rust::Box<Ed25519DalekExtendedSecretKeyResult> private_key_; | ||
FRIEND_TEST_ALL_PREFIXES(HDKeyEd25519UnitTest, TestVector1); | ||
FRIEND_TEST_ALL_PREFIXES(HDKeyEd25519UnitTest, TestVector2); | ||
|
||
base::span<const uint8_t, kEd25519PrivateKeySize> GetPrivateKeyAsSpan() const; | ||
base::span<const uint8_t, kEd25519PublicKeySize> GetPublicKeyAsSpan() const; | ||
|
||
static std::unique_ptr<HDKeyEd25519> DeriveFromHmacPayload( | ||
base::span<const uint8_t> key, | ||
base::span<const uint8_t> data); | ||
|
||
std::array<uint8_t, kEd25519KeyPairSize> key_pair_ = {}; | ||
std::array<uint8_t, kSlip10ChainCodeSize> chain_code_ = {}; | ||
}; | ||
|
||
} // namespace brave_wallet | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
are these changes to the method signature necessary for something in the new implementation? Please don't change anything that doesn't strictly need to be changed. Any other changes should be follow-ups
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
agreed