From 4e39b21853dec14e2666e7a15356240c473b2a06 Mon Sep 17 00:00:00 2001 From: Emma Turner Date: Fri, 15 Dec 2023 09:53:55 +0000 Subject: [PATCH] crypto: fix base58 encoding for BlsSignature The current base58 dep has a 128 byte limit, which is not long enough for bls sigs --- CHANGELOG.md | 1 + Cargo.lock | 32 +++++++++++++++++++++++++------- crypto/Cargo.toml | 2 +- crypto/src/base58.rs | 28 ++-------------------------- crypto/src/hash.rs | 6 ++++++ 5 files changed, 35 insertions(+), 34 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index dfc5ae2844..3325fa5e6d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -27,6 +27,7 @@ parameterized by the lifetime of the input byte slice. - Fix prefix used in `SeedEd25519` encoding. - Add explicit prefix check during base58check decoding. - Hash input before signing with `SecretKeyEd25519`, to match octez impl. +- Fix `BlsSignature` base58 check encoding/decoding. ### Security diff --git a/Cargo.lock b/Cargo.lock index cc36bf2751..d3f4c5abd0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -29,12 +29,6 @@ version = "1.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" -[[package]] -name = "base58" -version = "0.1.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5024ee8015f02155eee35c711107ddd9a9bf3cb689cf2a9089c97e79b6e1ae83" - [[package]] name = "base64" version = "0.13.1" @@ -105,6 +99,15 @@ dependencies = [ "zeroize", ] +[[package]] +name = "bs58" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f5353f36341f7451062466f0b755b96ac3a9547e4d7f6b70d603fc721a7d7896" +dependencies = [ + "tinyvec", +] + [[package]] name = "byteorder" version = "1.4.3" @@ -1006,8 +1009,8 @@ name = "tezos_crypto_rs" version = "0.5.2" dependencies = [ "anyhow", - "base58", "blst", + "bs58", "byteorder", "cryptoxide", "ed25519-dalek", @@ -1085,6 +1088,21 @@ dependencies = [ "num_cpus", ] +[[package]] +name = "tinyvec" +version = "1.6.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "87cc5ceb3875bb20c2890005a4e226a4651264a5c75edb2421b52861a0a0cb50" +dependencies = [ + "tinyvec_macros", +] + +[[package]] +name = "tinyvec_macros" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" + [[package]] name = "typenum" version = "1.16.0" diff --git a/crypto/Cargo.toml b/crypto/Cargo.toml index 5e04416c20..c8de5f60f7 100644 --- a/crypto/Cargo.toml +++ b/crypto/Cargo.toml @@ -12,7 +12,7 @@ repository = "https://github.com/trilitech/tezedge.git" [dependencies] anyhow = "1.0" -base58 = "0.1.0" +bs58 = { version = "0.5", default-features = false, features = ["alloc"] } thiserror = "1.0" hex = "0.4" libsecp256k1 = { version = "0.7", default-features = false, features = ["static-context"] } diff --git a/crypto/src/base58.rs b/crypto/src/base58.rs index 84d6d76ca9..467d7b5d82 100644 --- a/crypto/src/base58.rs +++ b/crypto/src/base58.rs @@ -2,7 +2,6 @@ // SPDX-FileCopyrightText: 2023 TriliTech // SPDX-License-Identifier: MIT -use base58::{FromBase58, ToBase58}; use cryptoxide::hashing::sha256; use thiserror::Error; @@ -18,9 +17,6 @@ pub enum FromBase58CheckError { /// The input is missing checksum. #[error("missing checksum")] MissingChecksum, - /// Data is too long - #[error("data too long")] - DataTooLong, #[error("mismatched data lenght: expected {expected}, actual {actual}")] MismatchedLength { expected: usize, actual: usize }, /// Prefix does not match expected. @@ -60,25 +56,19 @@ pub trait FromBase58Check { impl ToBase58Check for [u8] { fn to_base58check(&self) -> Result { - if self.len() > 128 { - return Err(ToBase58CheckError::DataTooLong); - } // 4 bytes checksum let mut payload = Vec::with_capacity(self.len() + 4); payload.extend(self); let checksum = double_sha256(self); payload.extend(&checksum[..4]); - Ok(payload.to_base58()) + Ok(bs58::encode(payload).into_string()) } } impl FromBase58Check for str { fn from_base58check(&self) -> Result, FromBase58CheckError> { - if self.len() > 128 { - return Err(FromBase58CheckError::DataTooLong); - } - match self.from_base58() { + match bs58::decode(self).into_vec() { Ok(payload) => { if payload.len() >= Self::CHECKSUM_BYTE_SIZE { let data_len = payload.len() - Self::CHECKSUM_BYTE_SIZE; @@ -123,18 +113,4 @@ mod tests { Ok(()) } - - #[test] - fn test_encode_fail() { - let data = [0; 129].to_vec(); - let res = data.to_base58check(); - assert!(matches!(res, Err(ToBase58CheckError::DataTooLong))); - } - - #[test] - fn test_decode_fail() { - let encoded = "111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"; - let res = encoded.from_base58check(); - assert!(matches!(res, Err(FromBase58CheckError::DataTooLong))); - } } diff --git a/crypto/src/hash.rs b/crypto/src/hash.rs index 9944b4caaa..48e3072e6f 100644 --- a/crypto/src/hash.rs +++ b/crypto/src/hash.rs @@ -1265,6 +1265,12 @@ mod tests { ["BLsk1WTwJFkLU2P57itDq1cgEUqJK7Fwygvtj49vT4HeLfNBXRgpDA"] ); + test!( + sig_bls, + BlsSignature, + ["BLsigAmLKnuw12tethjMmotFPaQ6u4XCKrVk6c15dkRXKkjDDjHywbhS3nd4rBT31yrCvvQrS2HntWhDRu7sX8Vvek53zBUwQHqfcHRiVKVj1ehq8CBYs1Z7XW2rkL2XkVNHua4cnvxY7F"] + ); + test!(ed25519_sig, Ed25519Signature, ["edsigtXomBKi5CTRf5cjATJWSyaRvhfYNHqSUGrn4SdbYRcGwQrUGjzEfQDTuqHhuA8b2d8NarZjz8TRf65WkpQmo423BtomS8Q"]); test!(generic_sig, Signature, ["sigNCaj9CnmD94eZH9C7aPPqBbVCJF72fYmCFAXqEbWfqE633WNFWYQJFnDUFgRUQXR8fQ5tKSfJeTe6UAi75eTzzQf7AEc1"]);