[Rust/Crypto]: Disable secp256k1, nist256p1, ed25519-* curves in C++

trustwallet · Oct 6, 2023 · 55a2c8e · 55a2c8e
1 parent b0adfbf
commit 55a2c8e
Show file tree

Hide file tree

Showing 9 changed files with 201 additions and 78 deletions.
diff --git a/src/PrivateKey.cpp b/src/PrivateKey.cpp
@@ -229,25 +229,42 @@ Data PrivateKey::sign(const Data& digest, TWCurve curve) const {
     Data result;
     bool success = false;
     switch (curve) {
-    case TWCurveSECP256k1:
-    case TWCurveNIST256p1: {
-        result = rust_private_key_sign(key(), digest, curve);
-        success = result.size() == 65;
-    } break;
-    case TWCurveED25519:
-    case TWCurveED25519Blake2bNano:
-    case TWCurveCurve25519:
+        case TWCurveSECP256k1: {
+            result.resize(65);
+            success = ecdsa_sign_digest_checked(&secp256k1, key().data(), digest.data(), digest.size(), result.data(), result.data() + 64, nullptr) == 0;
+        } break;
+        case TWCurveED25519: {
+            result.resize(64);
+            ed25519_sign(digest.data(), digest.size(), key().data(), result.data());
+            success = true;
+        } break;
+        case TWCurveED25519Blake2bNano: {
+            result.resize(64);
+            ed25519_sign_blake2b(digest.data(), digest.size(), key().data(), result.data());
+            success = true;
+        } break;
+        case TWCurveED25519ExtendedCardano: {
+            result.resize(64);
+            ed25519_sign_ext(digest.data(), digest.size(), key().data(), extension().data(), result.data());
+            success = true;
+        } break;
+        case TWCurveCurve25519: {
+            result.resize(64);
+            const auto publicKey = getPublicKey(TWPublicKeyTypeED25519);
+            ed25519_sign(digest.data(), digest.size(), key().data(), result.data());
+            const auto sign_bit = publicKey.bytes[31] & 0x80;
+            result[63] = result[63] & 127;
+            result[63] |= sign_bit;
+            success = true;
+        } break;
+        case TWCurveNIST256p1: {
+            result.resize(65);
+            success = ecdsa_sign_digest_checked(&nist256p1, key().data(), digest.data(), digest.size(), result.data(), result.data() + 64, nullptr) == 0;
+        } break;
     case TWCurveStarkex: {
         result = rust_private_key_sign(key(), digest, curve);
         success = result.size() == 64;
     } break;
-    case TWCurveED25519ExtendedCardano: {
-        if (bytes.size() != cardanoKeySize) {
-            break;
-        }
-        result = rust_private_key_sign(bytes, digest, curve);
-        success = result.size() == 64;
-    } break;
     case TWCurveNone:
     default:
         break;

diff --git a/src/PublicKey.cpp b/src/PublicKey.cpp
@@ -147,12 +147,32 @@ bool PublicKey::verify(const Data& signature, const Data& message) const {
     switch (type) {
     case TWPublicKeyTypeSECP256k1:
     case TWPublicKeyTypeSECP256k1Extended:
+        return ecdsa_verify_digest(&secp256k1, bytes.data(), signature.data(), message.data()) == 0;
     case TWPublicKeyTypeNIST256p1:
     case TWPublicKeyTypeNIST256p1Extended:
+        return ecdsa_verify_digest(&nist256p1, bytes.data(), signature.data(), message.data()) == 0;
     case TWPublicKeyTypeED25519:
+        return ed25519_sign_open(message.data(), message.size(), bytes.data(), signature.data()) == 0;
     case TWPublicKeyTypeED25519Blake2b:
-    case TWPublicKeyTypeCURVE25519:
-    case TWPublicKeyTypeED25519Cardano:
+        return ed25519_sign_open_blake2b(message.data(), message.size(), bytes.data(), signature.data()) == 0;
+    case TWPublicKeyTypeED25519Cardano: {
+        const auto key = subData(bytes, 0, ed25519Size);
+        return ed25519_sign_open(message.data(), message.size(), key.data(), signature.data()) == 0;
+    }
+    case TWPublicKeyTypeCURVE25519: {
+        auto ed25519PublicKey = Data();
+        ed25519PublicKey.resize(PublicKey::ed25519Size);
+        curve25519_pk_to_ed25519(ed25519PublicKey.data(), bytes.data());
+
+        ed25519PublicKey[31] &= 0x7F;
+        ed25519PublicKey[31] |= signature[63] & 0x80;
+
+        // remove sign bit
+        auto verifyBuffer = Data();
+        append(verifyBuffer, signature);
+        verifyBuffer[63] &= 127;
+        return ed25519_sign_open(message.data(), message.size(), ed25519PublicKey.data(), verifyBuffer.data()) == 0;
+    }
     case TWPublicKeyTypeStarkex:
         return rust_public_key_verify(bytes, type, signature, message);
     default:

diff --git a/tests/chains/NEO/SignerTests.cpp b/tests/chains/NEO/SignerTests.cpp
@@ -83,7 +83,9 @@ TEST(NEOSigner, SigningTransaction) {
 
     signer.sign(transaction);
     auto signedTx = transaction.serialize();
-    EXPECT_EQ(hex(signedTx), "800000019c85b39cd5677e2bfd6bf8a711e8da93a2f1d172b2a52c6ca87757a4bccc24de0100029b7cffdaa674beae0f930ebe6085af9093e5fe56b34a5c220ccdcf6efc336fc500e1f50500000000ea610aa6db39bd8c8556c9569d94b5e5a5d0ad199b7cffdaa674beae0f930ebe6085af9093e5fe56b34a5c220ccdcf6efc336fc500fcbbc414000000f2908c7efc0c9e43ffa7e79170ba37e501e1b4ac0141405046619c8e20e1fdeec92ce95f3019f6e7cc057294eb16b2d5e55c105bf32eb281e03fe2e7a7a89ed70e01073f6ba574e65071c87cc8cce59833d4d30479c37a232102a41c2aea8568864b106553729d32b1317ec463aa23e7a3521455d95992e17a7aac");
+    EXPECT_EQ(hex(signedTx), "800000019c85b39cd5677e2bfd6bf8a711e8da93a2f1d172b2a52c6ca87757a4bccc24de0100029b7cffdaa674beae0f930ebe6085af9093e5fe56b34a5c220ccdcf6efc336fc500e1f50500000000ea610aa6db39bd8c8556c9569d94b5e5a5d0ad199b7cffdaa674beae0f930ebe6085af9093e5fe56b34a5c220ccdcf6efc336fc500fcbbc414000000f2908c7efc0c9e43ffa7e79170ba37e501e1b4ac0141405046619c8e20e1fdeec92ce95f3019f6e7cc057294eb16b2d5e55c105bf32eb27e1fc01c1858576228f1fef8c0945a8ad69688e52a4ed19f5b85f5eff7e961d7232102a41c2aea8568864b106553729d32b1317ec463aa23e7a3521455d95992e17a7aac");
+    // TODO uncomment when nist256p1 Rust implementation is enabled.
+    // EXPECT_EQ(hex(signedTx), "800000019c85b39cd5677e2bfd6bf8a711e8da93a2f1d172b2a52c6ca87757a4bccc24de0100029b7cffdaa674beae0f930ebe6085af9093e5fe56b34a5c220ccdcf6efc336fc500e1f50500000000ea610aa6db39bd8c8556c9569d94b5e5a5d0ad199b7cffdaa674beae0f930ebe6085af9093e5fe56b34a5c220ccdcf6efc336fc500fcbbc414000000f2908c7efc0c9e43ffa7e79170ba37e501e1b4ac0141405046619c8e20e1fdeec92ce95f3019f6e7cc057294eb16b2d5e55c105bf32eb281e03fe2e7a7a89ed70e01073f6ba574e65071c87cc8cce59833d4d30479c37a232102a41c2aea8568864b106553729d32b1317ec463aa23e7a3521455d95992e17a7aac");
 }
 
 } // namespace TW::NEO::tests