From 3ff3c243342acac84aa371ec631c1b934c19c5f0 Mon Sep 17 00:00:00 2001 From: decentclock Date: Tue, 23 Aug 2022 11:09:51 -0600 Subject: [PATCH] Remove auther module --- Cargo.toml | 1 - auther/Cargo.toml | 18 ------ auther/src/lib.rs | 161 ---------------------------------------------- 3 files changed, 180 deletions(-) delete mode 100644 auther/Cargo.toml delete mode 100644 auther/src/lib.rs diff --git a/Cargo.toml b/Cargo.toml index 6b00a50..8bad12b 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -4,7 +4,6 @@ members = [ "signer", "broker", "parser", - "auther", "tester", ] diff --git a/auther/Cargo.toml b/auther/Cargo.toml deleted file mode 100644 index b1c9de2..0000000 --- a/auther/Cargo.toml +++ /dev/null @@ -1,18 +0,0 @@ -[package] -name = "sphinx-key-auther" -version = "0.1.0" -authors = ["Evan Feenstra "] -edition = "2018" - -[dependencies] -secp256k1 = { version = "0.24.0", default-features = false, features = ["std", "rand-std", "bitcoin_hashes"] } -anyhow = {version = "1", features = ["backtrace"]} -log = "0.4" -base64 = { version = "0.13.0" } - -[features] -default = [ "no-std", "secp-recovery", "secp-lowmemory" ] -no-std = ["secp256k1/alloc"] -secp-lowmemory = ["secp256k1/lowmemory"] -secp-recovery = ["secp256k1/recovery"] -rand = ["secp256k1/rand-std"] diff --git a/auther/src/lib.rs b/auther/src/lib.rs deleted file mode 100644 index 650590a..0000000 --- a/auther/src/lib.rs +++ /dev/null @@ -1,161 +0,0 @@ -use anyhow::anyhow; -use anyhow::Result; -use base64::{decode_config, encode_config, URL_SAFE}; -use secp256k1::ecdsa::Signature; -use secp256k1::hashes::sha256d::Hash as Sha256dHash; -use secp256k1::hashes::Hash; -use secp256k1::{Message, PublicKey, Secp256k1, SecretKey}; -use std::convert::TryInto; - -pub struct Token(u64); - -fn now() -> u64 { - use std::time::{SystemTime, UNIX_EPOCH}; - let start = SystemTime::now(); - let since_the_epoch = start - .duration_since(UNIX_EPOCH) - .expect("Time went backwards"); - since_the_epoch.as_nanos() as u64 -} - -pub fn u64_to_bytes(input: u64) -> [u8; 8] { - input.to_le_bytes() -} -pub fn bytes_to_u64(bytes: [u8; 8]) -> u64 { - u64::from_le_bytes(bytes) -} - -pub fn base64_encode(input: &Vec) -> String { - encode_config(input, URL_SAFE) -} -pub fn base64_decode(input: &str) -> Result> { - let r = decode_config(input, URL_SAFE)?; - Ok(r) -} - -impl Token { - pub fn new() -> Self { - Self(now()) - } - pub fn from_bytes(bytes: [u8; 8]) -> Self { - Self(bytes_to_u64(bytes)) - } - pub fn from_base64(s: &str) -> Result { - if s.len() < 8 { - return Err(anyhow!("too short slice".to_string())); - } - let bytes = base64_decode(s)?; - let ts: [u8; 8] = bytes[..8].try_into()?; - Ok(Self(bytes_to_u64(ts))) - } - pub fn expected_len(&self) -> usize { - 73 - } - pub fn sign(&self, secret_key: &SecretKey) -> Result> { - let mut ts = u64_to_bytes(self.0).to_vec(); - let sig = self.sign_message(&ts, secret_key)?; - println!("tts {:?}", ts); - ts.extend(sig); - assert_eq!(ts.len(), self.expected_len()); - Ok(ts) - } - pub fn verify(&self, sig: Vec, public_key: &PublicKey) -> Result<()> { - // remove ts - // let (msg, sig) = input.split_at(8); - let msg = u64_to_bytes(self.0); - self.verify_message(&msg.to_vec(), &sig.to_vec(), public_key) - } - /// Sign a Lightning message - pub fn sign_message(&self, message: &Vec, secret_key: &SecretKey) -> Result> { - let encmsg = self.lightning_hash(message)?; - let secp_ctx = Secp256k1::signing_only(); - let sig = secp_ctx.sign_ecdsa_recoverable(&encmsg, &secret_key); - let (rid, sig) = sig.serialize_compact(); - let mut res = sig.to_vec(); - res.push(rid.to_i32() as u8); - Ok(res) - } - /// Verify a Lightning message - pub fn verify_message( - &self, - message: &Vec, - sig: &Vec, - public_key: &PublicKey, - ) -> Result<()> { - let secp_ctx = Secp256k1::verification_only(); - let encmsg = self.lightning_hash(message)?; - // remove the rid - let s = Signature::from_compact(&sig[..64])?; - secp_ctx.verify_ecdsa(&encmsg, &s, public_key)?; - Ok(()) - } - /// hash lightning message - pub fn lightning_hash(&self, message: &Vec) -> Result { - let mut buffer = String::from("Lightning Signed Message:").into_bytes(); - buffer.extend(message); - let hash = Sha256dHash::hash(&buffer); - let encmsg = secp256k1::Message::from_slice(&hash[..])?; - Ok(encmsg) - } -} - -pub fn sign( - secp: &Secp256k1, - input: Vec, - secret_key: &SecretKey, -) -> Signature { - let message = hash_message(input); - secp.sign_ecdsa(&message, &secret_key) -} - -pub fn hash_message(input: Vec) -> Message { - let hash = Sha256dHash::hash(&input); - Message::from_slice(&hash[..]).expect("encmsg failed") -} - -#[cfg(test)] -mod tests { - use crate::*; - use secp256k1::{PublicKey, Secp256k1, SecretKey}; - - fn secret_key() -> SecretKey { - SecretKey::from_slice(&[0xcd; 32]).expect("32 bytes, within curve order") - } - - #[test] - fn test_sign() { - let secp = Secp256k1::new(); - let sk = secret_key(); - let public_key = PublicKey::from_secret_key(&secp, &sk); - let input = vec![1, 2, 3]; - let message = hash_message(input); - let sig = sign(&secp, vec![1, 2, 3], &sk); - assert!(secp.verify_ecdsa(&message, &sig, &public_key).is_ok()); - } - - #[test] - fn test_token() { - let sk = secret_key(); - let t = Token::new(); - let res = t.sign(&sk).expect("couldnt make token"); - let secp = Secp256k1::new(); - let public_key = PublicKey::from_secret_key(&secp, &sk); - let (_, sig) = res.split_at(8); - t.verify(sig.to_vec(), &public_key).expect("couldnt verify"); - println!("token verified!"); - } - - #[test] - fn test_decode() { - let sk = secret_key(); - let secp = Secp256k1::new(); - let public_key = PublicKey::from_secret_key(&secp, &sk); - let s = "aHt45kxY9xZCMvT5du5mTw-jx3X2g0Eg7QhHTIi6rBRAFqY_syx1SzcSoriXyPIVCWdG6T0I8xKXSEnoeajFdwmtQbHqC_qfAQ=="; - let v = base64_decode(s).expect("couldnt decode"); - let (_, sig) = v.split_at(8); - let t = Token::from_base64(s).expect("couldnt parse base64"); - t.verify(sig.to_vec(), &public_key) - .expect("failed to verify"); - println!("decoded token verified!"); - } -}