0
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2024-10-30 09:08:00 -04:00

chore: use pure rust secp256k1 crate (#21154)

Saves ~40s in fresh debug build
This commit is contained in:
Divy Srivastava 2023-11-10 09:29:01 -08:00 committed by Yoshiya Hinosawa
parent 862edad5ae
commit 59b1e7d235
No known key found for this signature in database
GPG key ID: 9017DB4559488785
3 changed files with 40 additions and 42 deletions

35
Cargo.lock generated
View file

@ -1454,6 +1454,7 @@ dependencies = [
"http",
"idna 0.3.0",
"indexmap 2.0.2",
"k256",
"lazy-regex",
"libc",
"libz-sys",
@ -1476,7 +1477,6 @@ dependencies = [
"ripemd",
"rsa",
"scrypt",
"secp256k1",
"serde",
"sha-1",
"sha2",
@ -3014,6 +3014,20 @@ dependencies = [
"winapi",
]
[[package]]
name = "k256"
version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cadb76004ed8e97623117f3df85b17aaa6626ab0b0831e6573f104df16cd1bcc"
dependencies = [
"cfg-if",
"ecdsa",
"elliptic-curve",
"once_cell",
"sha2",
"signature",
]
[[package]]
name = "kqueue"
version = "1.0.8"
@ -4601,25 +4615,6 @@ dependencies = [
"zeroize",
]
[[package]]
name = "secp256k1"
version = "0.28.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2acea373acb8c21ecb5a23741452acd2593ed44ee3d343e72baaa143bc89d0d5"
dependencies = [
"rand",
"secp256k1-sys",
]
[[package]]
name = "secp256k1-sys"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "09e67c467c38fd24bd5499dc9a18183b31575c12ee549197e3e20d57aa4fe3b7"
dependencies = [
"cc",
]
[[package]]
name = "security-framework"
version = "2.9.2"

View file

@ -38,6 +38,7 @@ hkdf.workspace = true
http.workspace = true
idna = "0.3.0"
indexmap.workspace = true
k256 = "0.13.1"
lazy-regex.workspace = true
libc.workspace = true
libz-sys = { version = "1.1.8", features = ["static"] }
@ -60,7 +61,6 @@ ring.workspace = true
ripemd = "0.1.3"
rsa.workspace = true
scrypt = "0.11.0"
secp256k1 = { version = "0.28.0", features = ["rand-std"] }
serde = "1.0.149"
sha-1 = "0.10.0"
sha2.workspace = true

View file

@ -39,9 +39,6 @@ use rsa::Oaep;
use rsa::Pkcs1v15Encrypt;
use rsa::RsaPrivateKey;
use rsa::RsaPublicKey;
use secp256k1::ecdh::SharedSecret;
use secp256k1::Secp256k1;
use secp256k1::SecretKey;
mod cipher;
mod dh;
@ -1012,10 +1009,11 @@ pub fn op_node_ecdh_generate_keys(
let mut rng = rand::thread_rng();
match curve {
"secp256k1" => {
let secp = Secp256k1::new();
let (privkey, pubkey) = secp.generate_keypair(&mut rng);
pubbuf.copy_from_slice(&pubkey.serialize_uncompressed());
privbuf.copy_from_slice(&privkey.secret_bytes());
let privkey =
elliptic_curve::SecretKey::<k256::Secp256k1>::random(&mut rng);
let pubkey = privkey.public_key();
pubbuf.copy_from_slice(pubkey.to_sec1_bytes().as_ref());
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());
Ok(0)
}
@ -1053,16 +1051,22 @@ pub fn op_node_ecdh_compute_secret(
) -> Result<(), AnyError> {
match curve {
"secp256k1" => {
let this_secret_key = SecretKey::from_slice(
this_priv.expect("no private key provided?").as_ref(),
)
.unwrap();
let their_public_key =
secp256k1::PublicKey::from_slice(their_pub).unwrap();
let shared_secret =
SharedSecret::new(&their_public_key, &this_secret_key);
elliptic_curve::PublicKey::<k256::Secp256k1>::from_sec1_bytes(
their_pub,
)
.expect("bad public key");
let this_private_key =
elliptic_curve::SecretKey::<k256::Secp256k1>::from_slice(
&this_priv.expect("must supply private key"),
)
.expect("bad private key");
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
this_private_key.to_nonzero_scalar(),
their_public_key.as_affine(),
);
secret.copy_from_slice(shared_secret.raw_secret_bytes());
secret.copy_from_slice(&shared_secret.secret_bytes());
Ok(())
}
"prime256v1" | "secp256r1" => {
@ -1125,12 +1129,11 @@ pub fn op_node_ecdh_compute_public_key(
) -> Result<(), AnyError> {
match curve {
"secp256k1" => {
let secp = Secp256k1::new();
let secret_key = SecretKey::from_slice(privkey).unwrap();
let public_key =
secp256k1::PublicKey::from_secret_key(&secp, &secret_key);
pubkey.copy_from_slice(&public_key.serialize_uncompressed());
let this_private_key =
elliptic_curve::SecretKey::<k256::Secp256k1>::from_slice(privkey)
.expect("bad private key");
let public_key = this_private_key.public_key();
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());
Ok(())
}