From 9c1de8e00bcf8cf110066fc2a5aff93625fdf9d1 Mon Sep 17 00:00:00 2001 From: Markus Triska Date: Sat, 3 Sep 2022 13:30:57 +0200 Subject: [PATCH] ENHANCED: Eliminate the OpenSSL dependency of library(crypto). This is achieved by using the newly available crrl crate by @pornin to implement crypto_curve_scalar_mult/4 for secp256k1. Many thanks! --- Cargo.lock | 124 +++++++++++++++++++++++++++------ Cargo.toml | 2 +- build/instructions_template.rs | 2 +- src/lib/crypto.pl | 22 +++--- src/machine/system_calls.rs | 66 ++++-------------- 5 files changed, 128 insertions(+), 88 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 05adcc7e..102402da 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -78,10 +78,19 @@ checksum = "94cb07b0da6a73955f8fb85d24c466778e70cda767a568229b104f0264089330" dependencies = [ "byte-tools", "crypto-mac", - "digest", + "digest 0.8.1", "opaque-debug", ] +[[package]] +name = "blake2" +version = "0.10.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b9cf849ee05b2ee5fba5e36f97ff8ec2533916700fc0758d40d92136a42f3388" +dependencies = [ + "digest 0.10.3", +] + [[package]] name = "block-buffer" version = "0.7.3" @@ -91,7 +100,16 @@ dependencies = [ "block-padding", "byte-tools", "byteorder", - "generic-array", + "generic-array 0.12.4", +] + +[[package]] +name = "block-buffer" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0bf7fe51849ea569fd452f37822f606a5cabb684dc918707a0193fd4664ff324" +dependencies = [ + "generic-array 0.14.6", ] [[package]] @@ -209,6 +227,15 @@ dependencies = [ "winapi", ] +[[package]] +name = "cpufeatures" +version = "0.2.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc948ebb96241bb40ab73effeb80d9f93afaad49359d159a5e61be51619fe813" +dependencies = [ + "libc", +] + [[package]] name = "crossterm" version = "0.20.0" @@ -234,14 +261,35 @@ dependencies = [ "winapi", ] +[[package]] +name = "crrl" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2db40892a506901e4e8281f00e42687df82d1d3448cb0289ae9183a60cb42ec1" +dependencies = [ + "blake2 0.10.4", + "rand_core 0.6.3", + "sha2", +] + +[[package]] +name = "crypto-common" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" +dependencies = [ + "generic-array 0.14.6", + "typenum", +] + [[package]] name = "crypto-mac" version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4434400df11d95d556bac068ddfedd482915eb18fe8bea89bc80b6e4b1c179e5" dependencies = [ - "generic-array", - "subtle", + "generic-array 0.12.4", + "subtle 1.0.0", ] [[package]] @@ -266,7 +314,18 @@ version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f3d0c8c8752312f9713efd397ff63acb9f85585afbf179282e720e7704954dd5" dependencies = [ - "generic-array", + "generic-array 0.12.4", +] + +[[package]] +name = "digest" +version = "0.10.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506" +dependencies = [ + "block-buffer 0.10.2", + "crypto-common", + "subtle 2.4.1", ] [[package]] @@ -518,6 +577,16 @@ dependencies = [ "typenum", ] +[[package]] +name = "generic-array" +version = "0.14.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" +dependencies = [ + "typenum", + "version_check", +] + [[package]] name = "getrandom" version = "0.2.6" @@ -1087,15 +1156,6 @@ version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" -[[package]] -name = "openssl-src" -version = "111.18.0+1.1.1n" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7897a926e1e8d00219127dc020130eca4292e5ca666dd592480d72c3eca2ff6c" -dependencies = [ - "cc", -] - [[package]] name = "openssl-sys" version = "0.9.72" @@ -1105,7 +1165,6 @@ dependencies = [ "autocfg 1.1.0", "cc", "libc", - "openssl-src", "pkg-config", "vcpkg", ] @@ -1565,8 +1624,8 @@ version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ad5112e0dbbb87577bfbc56c42450235e3012ce336e29c5befd7807bd626da4a" dependencies = [ - "block-buffer", - "digest", + "block-buffer 0.7.3", + "digest 0.8.1", "opaque-debug", ] @@ -1671,10 +1730,11 @@ version = "0.9.0" dependencies = [ "assert_cmd", "base64", - "blake2", + "blake2 0.8.1", "chrono", "cpu-time", "crossterm", + "crrl", "ctrlc", "dirs-next", "divrem", @@ -1691,7 +1751,6 @@ dependencies = [ "modular-bitfield", "native-tls", "num-rug-adapter", - "openssl", "ordered-float", "phf 0.9.0", "predicates-core", @@ -1802,15 +1861,26 @@ dependencies = [ "syn 1.0.90", ] +[[package]] +name = "sha2" +version = "0.10.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cf9db03534dff993187064c4e0c05a5708d2a9728ace9a8959b77bedf415dac5" +dependencies = [ + "cfg-if", + "cpufeatures", + "digest 0.10.3", +] + [[package]] name = "sha3" version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dd26bc0e7a2e3a7c959bc494caf58b72ee0c71d67704e9520f736ca7e4853ecf" dependencies = [ - "block-buffer", + "block-buffer 0.7.3", "byte-tools", - "digest", + "digest 0.8.1", "keccak", "opaque-debug", ] @@ -1974,6 +2044,12 @@ version = "1.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2d67a5a62ba6e01cb2192ff309324cb4875d0c451d55fe2319433abe7a05a8ee" +[[package]] +name = "subtle" +version = "2.4.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" + [[package]] name = "syn" version = "0.15.44" @@ -2219,6 +2295,12 @@ version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" +[[package]] +name = "version_check" +version = "0.9.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f" + [[package]] name = "wait-timeout" version = "0.2.0" diff --git a/Cargo.toml b/Cargo.toml index 6ccdf314..93293e76 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -54,7 +54,7 @@ ring = "0.16.13" ripemd160 = "0.8.0" sha3 = "0.8.2" blake2 = "0.8.1" -openssl = { version = "0.10.29", features = ["vendored"] } +crrl ="0.2.0" native-tls = "0.2.4" chrono = "0.4.11" select = "0.4.3" diff --git a/build/instructions_template.rs b/build/instructions_template.rs index 9725178c..3622074e 100644 --- a/build/instructions_template.rs +++ b/build/instructions_template.rs @@ -492,7 +492,7 @@ enum SystemClauseType { CryptoDataEncrypt, #[strum_discriminants(strum(props(Arity = "6", Name = "$crypto_data_decrypt")))] CryptoDataDecrypt, - #[strum_discriminants(strum(props(Arity = "5", Name = "$crypto_curve_scalar_mult")))] + #[strum_discriminants(strum(props(Arity = "4", Name = "$crypto_curve_scalar_mult")))] CryptoCurveScalarMult, #[strum_discriminants(strum(props(Arity = "4", Name = "$ed25519_sign")))] Ed25519Sign, diff --git a/src/lib/crypto.pl b/src/lib/crypto.pl index d5ade670..25b5ebb6 100644 --- a/src/lib/crypto.pl +++ b/src/lib/crypto.pl @@ -763,10 +763,14 @@ crypto_curve_scalar_mult(Curve, Scalar, point(X,Y), point(RX, RY)) :- curve_field_length(Curve, L0), L #= 2*L0, % for hex encoding phrase(format_("04~|~`0t~16r~*+~`0t~16r~*+", [X,L,Y,L]), Hex), - hex_bytes(Hex, Bytes), - '$crypto_curve_scalar_mult'(Name, Scalar, Bytes, SX, SY), - number_chars(RX, SX), - number_chars(RY, SY). + hex_bytes(Hex, PointBytes), + once(bytes_integer(ScalarBytes, Scalar)), + '$crypto_curve_scalar_mult'(Name, ScalarBytes, PointBytes, [_|Us]), + maplist(char_code, Us, Bs), + length(BXs0, 32), + append(BXs0, BYs0, Bs), + maplist(reverse, [BXs0,BYs0], Rs), + maplist(bytes_integer, Rs, [RX,RY]). /* - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ?- crypto_name_curve(secp256k1, Curve), @@ -818,16 +822,6 @@ fitting_exponent(N, E0, E) :- fitting_exponent(N, E1, E) ). -crypto_name_curve(secp112r1, - curve(secp112r1, - 0x00db7c2abf62e35e668076bead208b, - 0x00db7c2abf62e35e668076bead2088, - 0x659ef8ba043916eede8911702b22, - point(0x09487239995a5ee76b55f9c2f098, - 0xa89ce5af8724c0a23e0e0ff77500), - 0x00db7c2abf62e35e7628dfac6561c5, - 14, - 1)). crypto_name_curve(secp256k1, curve(secp256k1, 0x00fffffffffffffffffffffffffffffffffffffffffffffffffffffffefffffc2f, diff --git a/src/machine/system_calls.rs b/src/machine/system_calls.rs index 7690c37f..aaeb13dd 100644 --- a/src/machine/system_calls.rs +++ b/src/machine/system_calls.rs @@ -69,9 +69,7 @@ use ring::{ use ripemd160::{Digest, Ripemd160}; use sha3::{Sha3_224, Sha3_256, Sha3_384, Sha3_512}; -use openssl::bn::{BigNum, BigNumContext}; -use openssl::ec::{EcGroup, EcPoint}; -use openssl::nid::Nid; +use crrl::secp256k1; use sodiumoxide::crypto::scalarmult::curve25519::*; @@ -6348,60 +6346,26 @@ impl Machine { #[inline(always)] pub(crate) fn crypto_curve_scalar_mult(&mut self) { - let curve = cell_as_atom!(self.machine_st.registers[1]); - let curve_id = match curve { - atom!("secp112r1") => Nid::SECP112R1, - atom!("secp256k1") => Nid::SECP256K1, - _ => { - unreachable!() - } - }; - - let scalar = self.machine_st.store(self.machine_st.deref(self.machine_st.registers[2])); - - let scalar = match Number::try_from(scalar) { - Ok(Number::Fixnum(n)) => Integer::from(n.get_num()), - Ok(Number::Integer(n)) => Integer::from(&*n), - _ => { - unreachable!() - } - }; - - let stub_gen = || functor_stub(atom!("crypto_curve_scalar_mult"), 5); - let qbytes = self.machine_st.integers_to_bytevec(self.machine_st.registers[3], stub_gen); - - let mut bnctx = BigNumContext::new().unwrap(); - let group = EcGroup::from_curve_name(curve_id).unwrap(); - let mut point = EcPoint::from_bytes(&group, &qbytes, &mut bnctx).unwrap(); - let scalar_bn = BigNum::from_dec_str(&scalar.to_string()).unwrap(); - let mut result = EcPoint::new(&group).unwrap(); + let stub_gen = || functor_stub(atom!("crypto_curve_scalar_mult"), 4); + let scalar_bytes = self.machine_st.integers_to_bytevec(self.machine_st.registers[2], stub_gen); + let point_bytes = self.machine_st.integers_to_bytevec(self.machine_st.registers[3], stub_gen); - result.mul(&group, &mut point, &scalar_bn, &mut bnctx).ok(); + let mut point = secp256k1::Point::decode(&point_bytes).unwrap(); + let scalar = secp256k1::Scalar::decode_reduce(&scalar_bytes); + point *= scalar; - let mut rx = BigNum::new().unwrap(); - let mut ry = BigNum::new().unwrap(); + let uncompressed = { + let buffer = String::from_iter(point.encode_uncompressed().iter().map(|b| *b as char)); - result - .affine_coordinates_gfp(&group, &mut rx, &mut ry, &mut bnctx) - .ok(); - - let sx = rx.to_dec_str().unwrap(); - let sx = if sx.len() == 0 { - empty_list_as_cell!() - } else { - atom_as_cstr_cell!(self.machine_st.atom_tbl.build_with(&sx)) - }; - - let sy = ry.to_dec_str().unwrap(); - let sy = if sy.len() == 0 { - empty_list_as_cell!() - } else { - atom_as_cstr_cell!(self.machine_st.atom_tbl.build_with(&sy)) + if buffer.len() == 0 { + empty_list_as_cell!() + } else { + atom_as_cstr_cell!(self.machine_st.atom_tbl.build_with(&buffer)) + } }; - unify!(self.machine_st, self.machine_st.registers[4], sx); - unify!(self.machine_st, self.machine_st.registers[5], sy); + unify!(self.machine_st, self.machine_st.registers[4], uncompressed); } #[inline(always)] -- 2.54.0