From e6f773f697badb1c74fa71f7a1e340a9cfba8d4d Mon Sep 17 00:00:00 2001 From: Vincent Bernardoff Date: Mon, 8 Jan 2018 17:21:29 +0100 Subject: [PATCH] Base58: encode secret keys as seed --- src/bin_client/tezos-init-sandboxed-client.sh | 12 ++-- src/lib_crypto/base58.ml | 11 ++-- src/lib_crypto/base58.mli | 1 + src/lib_crypto/ed25519.ml | 62 ++++++++++++++----- test/proto_alpha/proto_alpha_helpers.ml | 18 ++---- test/proto_alpha/test_endorsement.ml | 3 +- test/test_utils.sh | 12 ++-- 7 files changed, 72 insertions(+), 47 deletions(-) diff --git a/src/bin_client/tezos-init-sandboxed-client.sh b/src/bin_client/tezos-init-sandboxed-client.sh index f1b338e6d..233b43ea0 100755 --- a/src/bin_client/tezos-init-sandboxed-client.sh +++ b/src/bin_client/tezos-init-sandboxed-client.sh @@ -161,25 +161,25 @@ log_endorser() { BOOTSTRAP1_IDENTITY="tz1KqTpEZ7Yob7QbPE4Hy4Wo8fHG8LhKxZSx" BOOTSTRAP1_PUBLIC="edpkuBknW28nW72KG6RoHtYW7p12T6GKc7nAbwYX5m8Wd9sDVC9yav" -BOOTSTRAP1_SECRET="edskRuR1azSfboG86YPTyxrQgosh5zChf5bVDmptqLTb5EuXAm9rsnDYfTKhq7rDQujdn5WWzwUMeV3agaZ6J2vPQT58jJAJPi" +BOOTSTRAP1_SECRET="edsk3gUfUPyBSfrS9CCgmCiQsTCHGkviBDusMxDJstFtojtc1zcpsh" BOOTSTRAP2_IDENTITY="tz1gjaF81ZRRvdzjobyfVNsAeSC6PScjfQwN" BOOTSTRAP2_PUBLIC="edpktzNbDAUjUk697W7gYg2CRuBQjyPxbEg8dLccYYwKSKvkPvjtV9" -BOOTSTRAP2_SECRET="edskRkJz4Rw2rM5NtabEWMbbg2bF4b1nfFajaqEuEk4SgU7eeDbym9gVQtBTbYo32WUg2zb5sNBkD1whRN7zX43V9bftBbtaKc" +BOOTSTRAP2_SECRET="edsk39qAm1fiMjgmPkw1EgQYkMzkJezLNewd7PLNHTkr6w9XA2zdfo" BOOTSTRAP3_IDENTITY="tz1faswCTDciRzE4oJ9jn2Vm2dvjeyA9fUzU" BOOTSTRAP3_PUBLIC="edpkuTXkJDGcFd5nh6VvMz8phXxU3Bi7h6hqgywNFi1vZTfQNnS1RV" -BOOTSTRAP3_SECRET="edskS3qsqsNgdjUqeMsVcEwBn8dkZ5iDRz6aF21KhcCtRiAkWBypUSbicccR4Vgqm9UdW2Vabuos6seezqgbXTrmcbLUG4rdAC" +BOOTSTRAP3_SECRET="edsk4ArLQgBTLWG5FJmnGnT689VKoqhXwmDPBuGx3z4cvwU9MmrPZZ" BOOTSTRAP4_IDENTITY="tz1b7tUupMgCNw2cCLpKTkSD1NZzB5TkP2sv" BOOTSTRAP4_PUBLIC="edpkuFrRoDSEbJYgxRtLx2ps82UdaYc1WwfS9sE11yhauZt5DgCHbU" -BOOTSTRAP4_SECRET="edskRg9qcPqaVQa6jXWNMU5p71tseSuR7NzozgqZ9URsVDi81wTyPJdFSBdeakobyHUi4Xgu61jgKRQvkhXrPmEdEUfiqfiJFL" +BOOTSTRAP4_SECRET="edsk2uqQB9AY4FvioK2YMdfmyMrer5R8mGFyuaLLFfSRo8EoyNdht3" BOOTSTRAP5_IDENTITY="tz1ddb9NMYHZi5UzPdzTZMYQQZoMub195zgv" BOOTSTRAP5_PUBLIC="edpkv8EUUH68jmo3f7Um5PezmfGrRF24gnfLpH3sVNwJnV5bVCxL2n" -BOOTSTRAP5_SECRET="edskS7rLN2Df3nbS1EYvwJbWo4umD7yPM1SUeX7gp1WhCVpMFXjcCyM58xs6xsnTsVqHQmJQ2RxoAjJGedWfvFmjQy6etA3dgZ" +BOOTSTRAP5_SECRET="edsk4QLrcijEffxV31gGdN2HU7UpyJjA8drFoNcmnB28n89YjPNRFm" -DICTATOR_SECRET="edskRhxswacLW6jF6ULavDdzwqnKJVS4UcDTNiCyiH6H8ZNnn2pmNviL7pRNz9kRxxaWQFzEQEcZExGHKbwmuaAcoMegj5T99z" +DICTATOR_SECRET="edsk31vznjHSSpGExDMHYASz45VZqXN4DPxvsa4hAyY8dHM28cZzp6" add_sandboxed_bootstrap_identities() { diff --git a/src/lib_crypto/base58.ml b/src/lib_crypto/base58.ml index 373b1a96c..5e268e46a 100644 --- a/src/lib_crypto/base58.ml +++ b/src/lib_crypto/base58.ml @@ -160,11 +160,11 @@ module MakeEncodings(E: sig let encodings = ref E.encodings - let check_ambiguous_prefix prefix encodings = + let check_ambiguous_prefix prefix length encodings = List.iter - (fun (Encoding { encoded_prefix = s ; _ }) -> - if TzString.remove_prefix ~prefix:s prefix <> None || - TzString.remove_prefix ~prefix s <> None then + (fun (Encoding { encoded_prefix = s ; length = l ; _ }) -> + if length = l && (TzString.remove_prefix ~prefix:s prefix <> None || + TzString.remove_prefix ~prefix s <> None) then Format.ksprintf invalid_arg "Base58.register_encoding: duplicate prefix: %S, %S." s prefix) encodings @@ -191,7 +191,7 @@ module MakeEncodings(E: sig let s = to_raw x in assert (String.length s = length) ; s in let of_raw s = assert (String.length s = length) ; of_raw s in let encoded_prefix, encoded_length = make_encoded_prefix prefix length in - check_ambiguous_prefix encoded_prefix !encodings ; + check_ambiguous_prefix encoded_prefix encoded_length !encodings ; let encoding = { prefix ; length ; encoded_prefix ; encoded_length ; to_raw ; of_raw ; wrap } in @@ -311,6 +311,7 @@ module Prefix = struct let cryptobox_public_key_hash = "\153\103" (* id(30) *) (* 32 *) + let ed25519_seed = "\013\015\058\007" (* edsk(54) *) let ed25519_public_key = "\013\015\037\217" (* edpk(54) *) (* 64 *) diff --git a/src/lib_crypto/base58.mli b/src/lib_crypto/base58.mli index 6100319cf..7cb81fb9b 100644 --- a/src/lib_crypto/base58.mli +++ b/src/lib_crypto/base58.mli @@ -19,6 +19,7 @@ module Prefix : sig val context_hash: string val ed25519_public_key_hash: string val cryptobox_public_key_hash: string + val ed25519_seed: string val ed25519_public_key: string val ed25519_secret_key: string val ed25519_signature: string diff --git a/src/lib_crypto/ed25519.ml b/src/lib_crypto/ed25519.ml index 6877b58af..b7ae29b08 100644 --- a/src/lib_crypto/ed25519.ml +++ b/src/lib_crypto/ed25519.ml @@ -122,31 +122,55 @@ module Secret_key = struct type Base58.data += | Secret_key of t - let b58check_encoding = + let seed_encoding = Base58.register_encoding - ~prefix: Base58.Prefix.ed25519_secret_key - ~length:Sodium.Sign.secret_key_size - ~to_raw:(fun x -> Bytes.to_string (Sodium.Sign.Bytes.of_secret_key x)) + ~prefix: Base58.Prefix.ed25519_seed + ~length:Sodium.Sign.seed_size + ~to_raw:(fun x -> Sodium.Sign.secret_key_to_seed x |> + Sodium.Sign.Bytes.of_seed |> + Bytes.unsafe_to_string) ~of_raw:(fun x -> - try Some (Sodium.Sign.Bytes.to_secret_key (Bytes.of_string x)) + try Some (Bytes.unsafe_of_string x |> + Sodium.Sign.Bytes.to_seed |> + Sodium.Sign.seed_keypair |> + fst) with _ -> None) ~wrap:(fun x -> Secret_key x) - let of_b58check_opt s = Base58.simple_decode b58check_encoding s + let secret_key_encoding = + Base58.register_encoding + ~prefix: Base58.Prefix.ed25519_secret_key + ~length:Sodium.Sign.secret_key_size + ~to_raw:(fun x -> Sodium.Sign.Bytes.of_secret_key x |> + Bytes.unsafe_to_string) + ~of_raw:(fun x -> + try Some (Bytes.unsafe_of_string x |> + Sodium.Sign.Bytes.to_secret_key) + with _ -> None) + ~wrap:(fun x -> Secret_key x) + + let of_b58check_opt s = + match Base58.simple_decode seed_encoding s with + | Some x -> Some x + | None -> Base58.simple_decode secret_key_encoding s + let of_b58check_exn s = - match Base58.simple_decode b58check_encoding s with + match of_b58check_opt s with | Some x -> x | None -> Pervasives.failwith "Unexpected hash (ed25519 secret key)" let of_b58check s = - match Base58.simple_decode b58check_encoding s with + match of_b58check_opt s with | Some x -> Ok x | None -> generic_error "Unexpected hash (ed25519 secret key)" - let to_b58check s = Base58.simple_encode b58check_encoding s + let to_b58check s = Base58.simple_encode seed_encoding s let of_bytes_opt s = match Sodium.Sign.Bigbytes.to_seed s with - | exception _ -> None | seed -> Some (seed |> Sodium.Sign.seed_keypair |> fst) + | exception _ -> + match Sodium.Sign.Bigbytes.to_secret_key s with + | exception _ -> None + | sk -> Some sk let of_bytes s = match of_bytes_opt s with @@ -167,7 +191,8 @@ module Secret_key = struct Cli_entries.(param ~name ~desc (parameter (fun _ str -> Lwt.return (of_b58check str))) t) let () = - Base58.check_encoded_prefix b58check_encoding "edsk" 98 + Base58.check_encoded_prefix seed_encoding "edsk" 54 ; + Base58.check_encoded_prefix secret_key_encoding "edsk" 98 let encoding = let open Data_encoding in @@ -176,18 +201,23 @@ module Secret_key = struct (describe ~title: "An Ed25519 secret key (Base58Check encoded)" @@ conv - (fun s -> Base58.simple_encode b58check_encoding s) + (fun s -> Base58.simple_encode seed_encoding s) (fun s -> - match Base58.simple_decode b58check_encoding s with + match of_b58check_opt s with | Some x -> x | None -> Data_encoding.Json.cannot_destruct "Ed25519 secret key: unexpected prefix.") string) ~binary: (conv - Sodium.Sign.Bigbytes.of_secret_key - Sodium.Sign.Bigbytes.to_secret_key - (Fixed.bytes Sodium.Sign.secret_key_size)) + (fun sk -> Sodium.Sign.secret_key_to_seed sk |> + Sodium.Sign.Bigbytes.of_seed) + (fun bytes -> + if MBytes.length bytes = Sodium.Sign.seed_size + then Sodium.Sign.Bigbytes.to_seed bytes |> + Sodium.Sign.seed_keypair |> fst + else Sodium.Sign.Bigbytes.to_secret_key bytes) + (dynamic_size (Variable.bytes))) end diff --git a/test/proto_alpha/proto_alpha_helpers.ml b/test/proto_alpha/proto_alpha_helpers.ml index 371f88227..19ab8bf26 100644 --- a/test/proto_alpha/proto_alpha_helpers.ml +++ b/test/proto_alpha/proto_alpha_helpers.ml @@ -35,8 +35,7 @@ end let dictator_sk = Ed25519.Secret_key.of_b58check_exn - "edskRhxswacLW6jF6ULavDdzwqnKJVS4UcDTNiCyiH6H8ZNnn2pmNviL7\ - pRNz9kRxxaWQFzEQEcZExGHKbwmuaAcoMegj5T99z" + "edsk31vznjHSSpGExDMHYASz45VZqXN4DPxvsa4hAyY8dHM28cZzp6" let activate_alpha () = let fitness = Fitness_repr.from_int64 0L in @@ -155,24 +154,19 @@ module Account = struct "edpkv8EUUH68jmo3f7Um5PezmfGrRF24gnfLpH3sVNwJnV5bVCxL2n" in let bootstrap1_sk = Ed25519.Secret_key.of_b58check_exn - "edskRuR1azSfboG86YPTyxrQgosh5zChf5bVDmptqLTb5EuXAm9\ - rsnDYfTKhq7rDQujdn5WWzwUMeV3agaZ6J2vPQT58jJAJPi" in + "edsk3gUfUPyBSfrS9CCgmCiQsTCHGkviBDusMxDJstFtojtc1zcpsh" in let bootstrap2_sk = Ed25519.Secret_key.of_b58check_exn - "edskRkJz4Rw2rM5NtabEWMbbg2bF4b1nfFajaqEuEk4SgU7eeDby\ - m9gVQtBTbYo32WUg2zb5sNBkD1whRN7zX43V9bftBbtaKc" in + "edsk39qAm1fiMjgmPkw1EgQYkMzkJezLNewd7PLNHTkr6w9XA2zdfo" in let bootstrap3_sk = Ed25519.Secret_key.of_b58check_exn - "edskS3qsqsNgdjUqeMsVcEwBn8dkZ5iDRz6aF21KhcCtRiAkWByp\ - USbicccR4Vgqm9UdW2Vabuos6seezqgbXTrmcbLUG4rdAC" in + "edsk4ArLQgBTLWG5FJmnGnT689VKoqhXwmDPBuGx3z4cvwU9MmrPZZ" in let bootstrap4_sk = Ed25519.Secret_key.of_b58check_exn - "edskRg9qcPqaVQa6jXWNMU5p71tseSuR7NzozgqZ9URsVDi81wTyP\ - JdFSBdeakobyHUi4Xgu61jgKRQvkhXrPmEdEUfiqfiJFL" in + "edsk2uqQB9AY4FvioK2YMdfmyMrer5R8mGFyuaLLFfSRo8EoyNdht3" in let bootstrap5_sk = Ed25519.Secret_key.of_b58check_exn - "edskS7rLN2Df3nbS1EYvwJbWo4umD7yPM1SUeX7gp1WhCVpMFXjcC\ - yM58xs6xsnTsVqHQmJQ2RxoAjJGedWfvFmjQy6etA3dgZ" in + "edsk4QLrcijEffxV31gGdN2HU7UpyJjA8drFoNcmnB28n89YjPNRFm" in let cpt = ref 0 in match List.map begin fun (pk, sk) -> incr cpt ; diff --git a/test/proto_alpha/test_endorsement.ml b/test/proto_alpha/test_endorsement.ml index b7b07d1e9..79c73478e 100644 --- a/test/proto_alpha/test_endorsement.ml +++ b/test/proto_alpha/test_endorsement.ml @@ -46,8 +46,7 @@ let test_invalid_signature block = "edpkv8EUUH68jmo3f7Um5PezmfGrRF24gnfLpH3sVNwJnV5bVCxL2n" in let secret_key = Environment.Ed25519.Secret_key.of_b58check_exn - "edskRuR1azSfboG86YPTyxrQgosh5zChf5bVDmptqLTb5EuXAm9rsn\ - DYfTKhq7rDQujdn5WWzwUMeV3agaZ6J2vPQT58jJAJPi" in + "edsk3gUfUPyBSfrS9CCgmCiQsTCHGkviBDusMxDJstFtojtc1zcpsh" in let account = Helpers.Account.create ~keys:(secret_key, public_key) "WRONG SIGNATURE" in Helpers.Baking.bake block account [] >>= fun res -> diff --git a/test/test_utils.sh b/test/test_utils.sh index b6451c8c4..564c72d86 100755 --- a/test/test_utils.sh +++ b/test/test_utils.sh @@ -81,7 +81,7 @@ activate_alpha() { protocol ProtoALphaALphaALphaALphaALphaALphaALphaALphaDdp3zK \ with fitness 1 \ and passes 1 \ - and key edskRhxswacLW6jF6ULavDdzwqnKJVS4UcDTNiCyiH6H8ZNnn2pmNviL7pRNz9kRxxaWQFzEQEcZExGHKbwmuaAcoMegj5T99z \ + and key edsk31vznjHSSpGExDMHYASz45VZqXN4DPxvsa4hAyY8dHM28cZzp6 \ > /dev/stderr } @@ -198,19 +198,19 @@ assert_fails() { BOOTSTRAP1_IDENTITY=tz1KqTpEZ7Yob7QbPE4Hy4Wo8fHG8LhKxZSx BOOTSTRAP1_PUBLIC=edpkuBknW28nW72KG6RoHtYW7p12T6GKc7nAbwYX5m8Wd9sDVC9yav -BOOTSTRAP1_SECRET=edskRuR1azSfboG86YPTyxrQgosh5zChf5bVDmptqLTb5EuXAm9rsnDYfTKhq7rDQujdn5WWzwUMeV3agaZ6J2vPQT58jJAJPi +BOOTSTRAP1_SECRET=edsk3gUfUPyBSfrS9CCgmCiQsTCHGkviBDusMxDJstFtojtc1zcpsh BOOTSTRAP2_IDENTITY=tz1gjaF81ZRRvdzjobyfVNsAeSC6PScjfQwN BOOTSTRAP2_PUBLIC=edpktzNbDAUjUk697W7gYg2CRuBQjyPxbEg8dLccYYwKSKvkPvjtV9 -BOOTSTRAP2_SECRET=edskRkJz4Rw2rM5NtabEWMbbg2bF4b1nfFajaqEuEk4SgU7eeDbym9gVQtBTbYo32WUg2zb5sNBkD1whRN7zX43V9bftBbtaKc +BOOTSTRAP2_SECRET=edsk39qAm1fiMjgmPkw1EgQYkMzkJezLNewd7PLNHTkr6w9XA2zdfo BOOTSTRAP3_IDENTITY=tz1faswCTDciRzE4oJ9jn2Vm2dvjeyA9fUzU BOOTSTRAP3_PUBLIC=edpkuTXkJDGcFd5nh6VvMz8phXxU3Bi7h6hqgywNFi1vZTfQNnS1RV -BOOTSTRAP3_SECRET=edskS3qsqsNgdjUqeMsVcEwBn8dkZ5iDRz6aF21KhcCtRiAkWBypUSbicccR4Vgqm9UdW2Vabuos6seezqgbXTrmcbLUG4rdAC +BOOTSTRAP3_SECRET=edsk4ArLQgBTLWG5FJmnGnT689VKoqhXwmDPBuGx3z4cvwU9MmrPZZ BOOTSTRAP4_IDENTITY=tz1b7tUupMgCNw2cCLpKTkSD1NZzB5TkP2sv BOOTSTRAP4_PUBLIC=edpkuFrRoDSEbJYgxRtLx2ps82UdaYc1WwfS9sE11yhauZt5DgCHbU -BOOTSTRAP4_SECRET=edskRg9qcPqaVQa6jXWNMU5p71tseSuR7NzozgqZ9URsVDi81wTyPJdFSBdeakobyHUi4Xgu61jgKRQvkhXrPmEdEUfiqfiJFL +BOOTSTRAP4_SECRET=edsk2uqQB9AY4FvioK2YMdfmyMrer5R8mGFyuaLLFfSRo8EoyNdht3 BOOTSTRAP5_IDENTITY=tz1ddb9NMYHZi5UzPdzTZMYQQZoMub195zgv BOOTSTRAP5_PUBLIC=edpkv8EUUH68jmo3f7Um5PezmfGrRF24gnfLpH3sVNwJnV5bVCxL2n -BOOTSTRAP5_SECRET=edskS7rLN2Df3nbS1EYvwJbWo4umD7yPM1SUeX7gp1WhCVpMFXjcCyM58xs6xsnTsVqHQmJQ2RxoAjJGedWfvFmjQy6etA3dgZ +BOOTSTRAP5_SECRET=edsk4QLrcijEffxV31gGdN2HU7UpyJjA8drFoNcmnB28n89YjPNRFm KEY1=foo KEY2=bar