pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-05-31 22:41:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

sp-beefy: align authority id key type with its signature type (#13131)

Browse Source 
Still allows custom message hasher, but ties together the crypto
types used for private+public keys and the signature.

Signed-off-by: acatangiu <adrian@parity.io>
This commit is contained in:
Adrian Catangiu
2023-01-13 14:52:18 +02:00
committed by GitHub
parent b8ebe3dc52
commit 8ac1de8f04
2 changed files with 27 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files
substrate/client/beefy/src/keystore.rs
+2 -2
View File
@@ -25,7 +25,7 @@ use log::warn;
use beefy_primitives::{ use beefy_primitives::{
crypto::{Public, Signature}, crypto::{Public, Signature},
BeefyVerify, KEY_TYPE, BeefyAuthorityId, KEY_TYPE,
}; };
use crate::error; use crate::error;
@@ -99,7 +99,7 @@ impl BeefyKeystore {
/// ///
/// Return `true` if the signature is authentic, `false` otherwise. /// Return `true` if the signature is authentic, `false` otherwise.
pub fn verify(public: &Public, sig: &Signature, message: &[u8]) -> bool { pub fn verify(public: &Public, sig: &Signature, message: &[u8]) -> bool {
BeefyVerify::<Keccak256>::verify(sig, message, public) BeefyAuthorityId::<Keccak256>::verify(public, sig, message)
} }
} }
substrate/primitives/beefy/src/lib.rs
+25 -27
View File
@@ -49,20 +49,14 @@ use sp_std::prelude::*;
/// Key type for BEEFY module. /// Key type for BEEFY module.
pub const KEY_TYPE: sp_application_crypto::KeyTypeId = sp_application_crypto::KeyTypeId(*b"beef"); pub const KEY_TYPE: sp_application_crypto::KeyTypeId = sp_application_crypto::KeyTypeId(*b"beef");
/// Trait representing BEEFY authority id. /// Trait representing BEEFY authority id, including custom signature verification.
pub trait BeefyAuthorityId: RuntimeAppPublic {}
/// Means of verification for a BEEFY authority signature.
/// ///
/// Accepts custom hashing fn for the message and custom convertor fn for the signer. /// Accepts custom hashing fn for the message and custom convertor fn for the signer.
pub trait BeefyVerify<MsgHash: Hash> { pub trait BeefyAuthorityId<MsgHash: Hash>: RuntimeAppPublic {
/// Type of the signer.
type Signer: BeefyAuthorityId;
/// Verify a signature. /// Verify a signature.
/// ///
/// Return `true` if signature is valid for the value. /// Return `true` if signature over `msg` is valid for this id.
fn verify(&self, msg: &[u8], signer: &Self::Signer) -> bool; fn verify(&self, signature: &<Self as RuntimeAppPublic>::Signature, msg: &[u8]) -> bool;
} }
/// BEEFY cryptographic types /// BEEFY cryptographic types
@@ -78,7 +72,7 @@ pub trait BeefyVerify<MsgHash: Hash> {
/// The current underlying crypto scheme used is ECDSA. This can be changed, /// The current underlying crypto scheme used is ECDSA. This can be changed,
/// without affecting code restricted against the above listed crypto types. /// without affecting code restricted against the above listed crypto types.
pub mod crypto { pub mod crypto {
use super::{BeefyAuthorityId, BeefyVerify, Hash}; use super::{BeefyAuthorityId, Hash, RuntimeAppPublic};
use sp_application_crypto::{app_crypto, ecdsa}; use sp_application_crypto::{app_crypto, ecdsa};
use sp_core::crypto::Wraps; use sp_core::crypto::Wraps;
app_crypto!(ecdsa, crate::KEY_TYPE); app_crypto!(ecdsa, crate::KEY_TYPE);
@@ -89,21 +83,17 @@ pub mod crypto {
/// Signature for a BEEFY authority using ECDSA as its crypto. /// Signature for a BEEFY authority using ECDSA as its crypto.
pub type AuthoritySignature = Signature; pub type AuthoritySignature = Signature;
impl BeefyAuthorityId for AuthorityId {} impl<MsgHash: Hash> BeefyAuthorityId<MsgHash> for AuthorityId
impl<MsgHash: Hash> BeefyVerify<MsgHash> for AuthoritySignature
where where
<MsgHash as Hash>::Output: Into<[u8; 32]>, <MsgHash as Hash>::Output: Into<[u8; 32]>,
{ {
type Signer = AuthorityId; fn verify(&self, signature: &<Self as RuntimeAppPublic>::Signature, msg: &[u8]) -> bool {
fn verify(&self, msg: &[u8], signer: &Self::Signer) -> bool {
let msg_hash = <MsgHash as Hash>::hash(msg).into(); let msg_hash = <MsgHash as Hash>::hash(msg).into();
match sp_io::crypto::secp256k1_ecdsa_recover_compressed( match sp_io::crypto::secp256k1_ecdsa_recover_compressed(
self.as_inner_ref().as_ref(), signature.as_inner_ref().as_ref(),
&msg_hash, &msg_hash,
) { ) {
Ok(raw_pubkey) => raw_pubkey.as_ref() == AsRef::<[u8]>::as_ref(signer), Ok(raw_pubkey) => raw_pubkey.as_ref() == AsRef::<[u8]>::as_ref(self),
_ => false, _ => false,
} }
} }
@@ -248,23 +238,31 @@ mod tests {
pair.as_inner_ref().sign_prehashed(&blake2_256(msg)).into(); pair.as_inner_ref().sign_prehashed(&blake2_256(msg)).into();
// Verification works if same hashing function is used when signing and verifying. // Verification works if same hashing function is used when signing and verifying.
assert!(BeefyVerify::<Keccak256>::verify(&keccak_256_signature, msg, &pair.public())); assert!(BeefyAuthorityId::<Keccak256>::verify(&pair.public(), &keccak_256_signature, msg));
assert!(BeefyVerify::<BlakeTwo256>::verify(&blake2_256_signature, msg, &pair.public())); assert!(BeefyAuthorityId::<BlakeTwo256>::verify(
&pair.public(),
&blake2_256_signature,
msg
));
// Verification fails if distinct hashing functions are used when signing and verifying. // Verification fails if distinct hashing functions are used when signing and verifying.
assert!(!BeefyVerify::<Keccak256>::verify(&blake2_256_signature, msg, &pair.public())); assert!(!BeefyAuthorityId::<Keccak256>::verify(&pair.public(), &blake2_256_signature, msg));
assert!(!BeefyVerify::<BlakeTwo256>::verify(&keccak_256_signature, msg, &pair.public())); assert!(!BeefyAuthorityId::<BlakeTwo256>::verify(
&pair.public(),
&keccak_256_signature,
msg
));
// Other public key doesn't work // Other public key doesn't work
let (other_pair, _) = crypto::Pair::generate(); let (other_pair, _) = crypto::Pair::generate();
assert!(!BeefyVerify::<Keccak256>::verify( assert!(!BeefyAuthorityId::<Keccak256>::verify(
&other_pair.public(),
&keccak_256_signature, &keccak_256_signature,
msg, msg,
&other_pair.public()
)); ));
assert!(!BeefyVerify::<BlakeTwo256>::verify( assert!(!BeefyAuthorityId::<BlakeTwo256>::verify(
&other_pair.public(),
&blake2_256_signature, &blake2_256_signature,
msg, msg,
&other_pair.public()
)); ));
} }
} }