From 794ee98049f546d39923b7f34ffcb7e719ae349d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 18 Nov 2023 13:58:16 +0200
Subject: [PATCH] Bump secp256k1 from 0.24.3 to 0.28.0 (#2357)
Bumps [secp256k1](https://github.com/rust-bitcoin/rust-secp256k1) from
0.24.3 to 0.28.0.
Changelog
Sourced from secp256k1's
changelog.
0.28.0 - 2023-10-23
- Add bindings to the ElligatorSwift implementation #627
- Depend on recent release of
bitcoin_hashes v0.13.0 #621
- Add a verify function to
PublicKey #618
- Add serialize function for schnorr::Signature #607
- Bump MSRV to 1.48 #595
- Remove implementations of
PartialEq, Eq,
PartialOrd, Ord, and Hash from
the
impl_array_newtype macro. Users will now need to derive
these traits if they are wanted.
0.27.0 - 2023-03-15
0.26.0 - 2202-12-19
- Update libsecp25k1 to v0.2.0
0.25.0 - 2022-12-07
0.24.1 - 2022-10-25
0.24.0 - 2022-07-20
0.23.4 - 2022-07-14
0.23.3 - 2022-06-29
0.23.2 - 2022-06-27
... (truncated)
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore ` will
remove the ignore condition of the specified dependency and ignore
conditions
---------
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Liam Aharon
---
Cargo.lock | 8 ++++----
substrate/primitives/core/Cargo.toml | 2 +-
substrate/primitives/core/src/ecdsa.rs | 13 ++++---------
substrate/primitives/io/Cargo.toml | 2 +-
substrate/primitives/io/src/lib.rs | 4 ++--
5 files changed, 12 insertions(+), 17 deletions(-)
diff --git a/Cargo.lock b/Cargo.lock
index ed9997101f..ac64e65ee0 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -16602,18 +16602,18 @@ dependencies = [
[[package]]
name = "secp256k1"
-version = "0.24.3"
+version = "0.28.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6b1629c9c557ef9b293568b338dddfc8208c98a18c59d722a9d53f859d9c9b62"
+checksum = "2acea373acb8c21ecb5a23741452acd2593ed44ee3d343e72baaa143bc89d0d5"
dependencies = [
"secp256k1-sys",
]
[[package]]
name = "secp256k1-sys"
-version = "0.6.1"
+version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "83080e2c2fc1006e625be82e5d1eb6a43b7fd9578b617fcc55814daf286bba4b"
+checksum = "09e67c467c38fd24bd5499dc9a18183b31575c12ee549197e3e20d57aa4fe3b7"
dependencies = [
"cc",
]
diff --git a/substrate/primitives/core/Cargo.toml b/substrate/primitives/core/Cargo.toml
index 25478bed2d..34485c72ab 100644
--- a/substrate/primitives/core/Cargo.toml
+++ b/substrate/primitives/core/Cargo.toml
@@ -49,7 +49,7 @@ blake2 = { version = "0.10.4", default-features = false, optional = true }
libsecp256k1 = { version = "0.7", default-features = false, features = ["static-context"], optional = true }
schnorrkel = { version = "0.9.1", features = ["preaudit_deprecated", "u64_backend"], default-features = false }
merlin = { version = "2.0", default-features = false }
-secp256k1 = { version = "0.24.0", default-features = false, features = ["recovery", "alloc"], optional = true }
+secp256k1 = { version = "0.28.0", default-features = false, features = ["recovery", "alloc"], optional = true }
sp-core-hashing = { path = "hashing", default-features = false, optional = true }
sp-runtime-interface = { path = "../runtime-interface", default-features = false}
diff --git a/substrate/primitives/core/src/ecdsa.rs b/substrate/primitives/core/src/ecdsa.rs
index 603fa515a3..471714582a 100644
--- a/substrate/primitives/core/src/ecdsa.rs
+++ b/substrate/primitives/core/src/ecdsa.rs
@@ -336,7 +336,7 @@ impl Signature {
pub fn recover_prehashed(&self, message: &[u8; 32]) -> Option {
let rid = RecoveryId::from_i32(self.0[64] as i32).ok()?;
let sig = RecoverableSignature::from_compact(&self.0[..64], rid).ok()?;
- let message = Message::from_slice(message).expect("Message is 32 bytes; qed");
+ let message = Message::from_digest_slice(message).expect("Message is 32 bytes; qed");
#[cfg(feature = "std")]
let context = SECP256K1;
@@ -458,7 +458,7 @@ impl Pair {
/// Sign a pre-hashed message
pub fn sign_prehashed(&self, message: &[u8; 32]) -> Signature {
- let message = Message::from_slice(message).expect("Message is 32 bytes; qed");
+ let message = Message::from_digest_slice(message).expect("Message is 32 bytes; qed");
#[cfg(feature = "std")]
let context = SECP256K1;
@@ -508,12 +508,7 @@ impl Pair {
#[cfg(feature = "full_crypto")]
impl Drop for Pair {
fn drop(&mut self) {
- let ptr = self.secret.as_mut_ptr();
- for off in 0..self.secret.len() {
- unsafe {
- core::ptr::write_volatile(ptr.add(off), 0);
- }
- }
+ self.secret.non_secure_erase()
}
}
@@ -760,7 +755,7 @@ mod test {
let msg = [0u8; 32];
let sig1 = pair.sign_prehashed(&msg);
let sig2: Signature = {
- let message = Message::from_slice(&msg).unwrap();
+ let message = Message::from_digest_slice(&msg).unwrap();
SECP256K1.sign_ecdsa_recoverable(&message, &pair.secret).into()
};
assert_eq!(sig1, sig2);
diff --git a/substrate/primitives/io/Cargo.toml b/substrate/primitives/io/Cargo.toml
index 445104b736..59df8895bb 100644
--- a/substrate/primitives/io/Cargo.toml
+++ b/substrate/primitives/io/Cargo.toml
@@ -28,7 +28,7 @@ sp-trie = { path = "../trie", default-features = false, optional = true}
sp-externalities = { path = "../externalities", default-features = false}
sp-tracing = { path = "../tracing", default-features = false}
log = { version = "0.4.17", optional = true }
-secp256k1 = { version = "0.24.0", features = ["recovery", "global-context"], optional = true }
+secp256k1 = { version = "0.28.0", features = ["recovery", "global-context"], optional = true }
tracing = { version = "0.1.29", default-features = false }
tracing-core = { version = "0.1.28", default-features = false}
diff --git a/substrate/primitives/io/src/lib.rs b/substrate/primitives/io/src/lib.rs
index c4182d6ab3..a300152ee6 100644
--- a/substrate/primitives/io/src/lib.rs
+++ b/substrate/primitives/io/src/lib.rs
@@ -1139,7 +1139,7 @@ pub trait Crypto {
.map_err(|_| EcdsaVerifyError::BadV)?;
let sig = RecoverableSignature::from_compact(&sig[..64], rid)
.map_err(|_| EcdsaVerifyError::BadRS)?;
- let msg = Message::from_slice(msg).expect("Message is 32 bytes; qed");
+ let msg = Message::from_digest_slice(msg).expect("Message is 32 bytes; qed");
let pubkey = SECP256K1
.recover_ecdsa(&msg, &sig)
.map_err(|_| EcdsaVerifyError::BadSignature)?;
@@ -1185,7 +1185,7 @@ pub trait Crypto {
.map_err(|_| EcdsaVerifyError::BadV)?;
let sig = RecoverableSignature::from_compact(&sig[..64], rid)
.map_err(|_| EcdsaVerifyError::BadRS)?;
- let msg = Message::from_slice(msg).expect("Message is 32 bytes; qed");
+ let msg = Message::from_digest_slice(msg).expect("Message is 32 bytes; qed");
let pubkey = SECP256K1
.recover_ecdsa(&msg, &sig)
.map_err(|_| EcdsaVerifyError::BadSignature)?;