crypto: replace ed25519-dalek with ed25519-consensus #624
Conversation
joyqvq
force-pushed
the
use-25519-consensus
branch
from
3e57023
to
7758e77
Compare
| @@ -4,7 +4,7 @@ expression: committee | |||
| --- | |||
| { | |||
| "authorities": { | |||
| "IP26ybELdYe7p7W8FjvOaeeW1x5O1EwQ/LRIhon3oUQ=": { | |||
| "ildi4hrBzbOHBELHe0w69Yx87bh3nQJw5tTx4vc2fXQ=": { | |||
There was a problem hiding this comment.
this is expected as rand 0.8.5 uses ChaChaRng for 12 rounds whereas rand 0.7.3 uses 20 rounds with reference to rust-random/rand#932
from 0.7.3:
/// The current algorithm used is the ChaCha block cipher with 20 rounds.
/// This may change as new evidence of cipher security and performance
/// becomes available.
from 0.8.5:
/// The current algorithm used is the ChaCha block cipher with 12 rounds. Please
/// see this relevant [rand issue] for the discussion. This may change as new
/// evidence of cipher security and performance becomes available.
/// [rand issue]: https://github.com/rust-random/rand/issues/932
i can't think of a way to preserve the key files as the upgrade would affect all rand lib usage in narwhal
There was a problem hiding this comment.
Thanks for the context! I expect this would change procedurally generated keys / formats only, correct?
There was a problem hiding this comment.
yeah, only for the generate function in KeyPair trait that takes in the Rng
| } | ||
| } | ||
|
|
||
| impl Serialize for Ed25519Signature { |
There was a problem hiding this comment.
as discussed serde_as would produce {"sig": base64_encoded_string} instead of a flattened base64_encoded_string, removed related functions in serder_helper
| @@ -41,7 +41,7 @@ fn serialize_deserialize() { | |||
|
|
|||
| let private_key = kpref.private(); | |||
| let bytes = bincode::serialize(&private_key).unwrap(); | |||
| let privkey = bincode::deserialize::<Ed25519PublicKey>(&bytes).unwrap(); | |||
| let privkey = bincode::deserialize::<Ed25519PrivateKey>(&bytes).unwrap(); | |||
There was a problem hiding this comment.
i dont know why this test passed on main branch.
There was a problem hiding this comment.
It is indeed worrrisome, I suspect an abuse of ToFromBytes since ed25519-dalek and ed25519-consensus share the same underlying EdwardsPoint representation for the decompressed form of the key. Could we add a test for deserializing Ed25519PublicKey with a point known to not be on curve?
| @@ -43,8 +43,6 @@ Committee: | |||
| - epoch: U64 | |||
| Ed25519PublicKey: | |||
| NEWTYPESTRUCT: STR | |||
| Ed25519Signature: | |||
| NEWTYPESTRUCT: BYTES | |||
There was a problem hiding this comment.
is there any downstream impact on this file? it seems like just a documentation
There was a problem hiding this comment.
Yes, it lets us set up the binary representation manifest for our project. In fact, this makes me think we should open an issue to inspect the key types and use serde annotations to make sure the OnceCell is elided when serializing, and reset when deserializing. We should open an issue.
joyqvq
force-pushed
the
use-25519-consensus
branch
from
7758e77
to
adbcadf
Compare
joyqvq
force-pushed
the
use-25519-consensus
branch
from
adbcadf
to
438b36d
Compare
joyqvq
force-pushed
the
use-25519-consensus
branch
3 times, most recently
from
9f77c69
to
96cd44a
Compare
There was a problem hiding this comment.
Thanks @joyqvq ! This looks good, I just have 3 questions:
- Is this change sufficient to fix Use input Rng across all KeyPair impl #544 as well?
- Can we write one negative test for invalid EdDSA serialization? The full issue is #500, no need to solve it, I just want to see a non-regression on the unit test you fix: you fix the code, I would like to see the non-fixed code fail.
- We should open an issue to inspect our now pervasive use of
OnceCellin key/signature material and make sure it complies with serde best practices.
| @@ -4,7 +4,7 @@ expression: committee | |||
| --- | |||
| { | |||
| "authorities": { | |||
| "IP26ybELdYe7p7W8FjvOaeeW1x5O1EwQ/LRIhon3oUQ=": { | |||
| "ildi4hrBzbOHBELHe0w69Yx87bh3nQJw5tTx4vc2fXQ=": { | |||
There was a problem hiding this comment.
Thanks for the context! I expect this would change procedurally generated keys / formats only, correct?
| @@ -41,7 +41,7 @@ fn serialize_deserialize() { | |||
|
|
|||
| let private_key = kpref.private(); | |||
| let bytes = bincode::serialize(&private_key).unwrap(); | |||
| let privkey = bincode::deserialize::<Ed25519PublicKey>(&bytes).unwrap(); | |||
| let privkey = bincode::deserialize::<Ed25519PrivateKey>(&bytes).unwrap(); | |||
There was a problem hiding this comment.
It is indeed worrrisome, I suspect an abuse of ToFromBytes since ed25519-dalek and ed25519-consensus share the same underlying EdwardsPoint representation for the decompressed form of the key. Could we add a test for deserializing Ed25519PublicKey with a point known to not be on curve?
| @@ -43,8 +43,6 @@ Committee: | |||
| - epoch: U64 | |||
| Ed25519PublicKey: | |||
| NEWTYPESTRUCT: STR | |||
| Ed25519Signature: | |||
| NEWTYPESTRUCT: BYTES | |||
There was a problem hiding this comment.
Yes, it lets us set up the binary representation manifest for our project. In fact, this makes me think we should open an issue to inspect the key types and use serde annotations to make sure the OnceCell is elided when serializing, and reset when deserializing. We should open an issue.
joyqvq
force-pushed
the
use-25519-consensus
branch
from
96cd44a
to
d129011
Compare
|
* crypto: replace ed25519-dalek with ed25519-consensus * cargo xclippy and hakari generate * serialize test negative case
…hal#624) * crypto: replace ed25519-dalek with ed25519-consensus * cargo xclippy and hakari generate * serialize test negative case
#535