Skip to content
This repository was archived by the owner on Feb 8, 2018. It is now read-only.

Use uECC instead of Crypto++ for ECDH #11

Closed
arkpar wants to merge 2 commits into from
Closed

Use uECC instead of Crypto++ for ECDH #11

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
5c034dd
use uECC for ECDH
arkpar Sep 22, 2015
88b7e54
use SecureFixedHash properly
arkpar Sep 25, 2015
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions libdevcrypto/Common.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -275,8 +275,8 @@ bytesSec dev::scrypt(std::string const& _pass, bytes const& _salt, uint64_t _n,
void KeyPair::populateFromSecret(Secret const& _sec)
{
m_secret = _sec;
if (s_secp256k1pp.verifySecret(m_secret, m_public))
m_address = toAddress(m_public);
m_public = toPublic(_sec);
Copy link
Copy Markdown
Member

@subtly subtly Sep 23, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think we should remove this check and/or may need to add a flag (default to verify) for toPublic.

Copy link
Copy Markdown
Contributor Author

@arkpar arkpar Sep 24, 2015

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The check is done in toPublic anyway, it will return zero in case of invalid key. As far as I understand crypto++ validate() checks for curve validity, which is not needed for libsecp256k1 anyway and also checks that the point is valid on the curve, which secp256k1_ec_pubkey_create also does.
The previous behavior of this function for invalid secret was to set m_secret to invalid key, but leave m_public and m_address to the previous value. With this change m_public and m_address will be set to zero, which is better since these don't throw anyway.

m_address = toAddress(m_public);
}

KeyPair KeyPair::create()
Expand Down
6 changes: 4 additions & 2 deletions libdevcrypto/ECDHE.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@

#include "ECDHE.h"
#include <libdevcore/SHA3.h>

#include "uECC.h"
#include "CryptoPP.h"

using namespace std;
Expand All @@ -31,7 +33,7 @@ static Secp256k1PP s_secp256k1;

void dev::crypto::ecdh::agree(Secret const& _s, Public const& _r, Secret& o_s)
{
s_secp256k1.agree(_s, _r, o_s);
uECC_shared_secret(_r.data(), _s.data(), o_s.writable().data());
}

void ECDHE::agree(Public const& _remote, Secret& o_sharedSecret) const
Expand All @@ -41,6 +43,6 @@ void ECDHE::agree(Public const& _remote, Secret& o_sharedSecret) const
BOOST_THROW_EXCEPTION(InvalidState());

m_remoteEphemeral = _remote;
s_secp256k1.agree(m_ephemeral.sec(), m_remoteEphemeral, o_sharedSecret);
uECC_shared_secret(m_remoteEphemeral.data(), m_ephemeral.sec().data(), o_sharedSecret.writable().data());
}

Loading