Subkey supports 24-word phrases (#2827)

* Revamp crypto API and make seeds work better in subkey * Final tweaks * Update tests * line spacing * Avoid escapes in hex constants * Fix build * Another fix * More fixes * Minor nits
2026-06-13 07:01:05 +00:00 · 2019-06-13 11:06:30 +02:00
parent 68f4d11df3
commit f4afdd2f0b
11 changed files with 204 additions and 211 deletions
@@ -21,8 +21,6 @@
 //! for this to work.
 // end::description[]

-#[cfg(feature = "std")]
-use rand::rngs::OsRng;
 #[cfg(feature = "std")]
 use schnorrkel::{signing_context, Keypair, SecretKey, MiniSecretKey, PublicKey,
 	derive::{Derivation, ChainCode, CHAIN_CODE_LENGTH}
@@ -377,23 +375,14 @@ impl TraitPair for Pair {
 	type Signature = Signature;
 	type DeriveError = Infallible;

-	/// Generate new secure (random) key pair.
-	fn generate() -> Pair {
-		let mut csprng: OsRng = OsRng::new().expect("os random generator works; qed");
-		let key_pair: Keypair = Keypair::generate(&mut csprng);
-		Pair(key_pair)
-	}
-
 	/// Make a new key pair from raw secret seed material.
 	///
 	/// This is generated using schnorrkel's Mini-Secret-Keys.
 	///
 	/// A MiniSecretKey is literally what Ed25519 calls a SecretKey, which is just 32 random bytes.
-	fn from_seed(seed: Seed) -> Pair {
-		let mini_key: MiniSecretKey = MiniSecretKey::from_bytes(&seed[..])
-			.expect("32 bytes can always build a key; qed");
-		let kp = mini_key.expand_to_keypair();
-		Pair(kp)
+	fn from_seed(seed: &Seed) -> Pair {
+		Self::from_seed_slice(&seed[..])
+			.expect("32 bytes can always build a key; qed")
 	}

 	/// Get the public key.
@@ -420,22 +409,29 @@ impl TraitPair for Pair {
 	}

 	/// Generate a key from the phrase, password and derivation path.
-	fn from_standard_components<I: Iterator<Item=DeriveJunction>>(phrase: &str, password: Option<&str>, path: I) -> Result<Pair, SecretStringError> {
-		Self::from_phrase(phrase, password)?
+	fn from_standard_components<I: Iterator<Item=DeriveJunction>>(
+		phrase: &str,
+		password: Option<&str>,
+		path: I
+	) -> Result<Pair, SecretStringError> {
+		Self::from_phrase(phrase, password)?.0
 			.derive(path)
 			.map_err(|_| SecretStringError::InvalidPath)
 	}

-	fn generate_with_phrase(password: Option<&str>) -> (Pair, String) {
+	fn generate_with_phrase(password: Option<&str>) -> (Pair, String, Seed) {
 		let mnemonic = Mnemonic::new(MnemonicType::Words12, Language::English);
 		let phrase = mnemonic.phrase();
+		let (pair, seed) = Self::from_phrase(phrase, password)
+			.expect("All phrases generated by Mnemonic are valid; qed");
 		(
-			Self::from_phrase(phrase, password).expect("All phrases generated by Mnemonic are valid; qed"),
+			pair,
 			phrase.to_owned(),
+			seed,
 		)
 	}

-	fn from_phrase(phrase: &str, password: Option<&str>) -> Result<Pair, SecretStringError> {
+	fn from_phrase(phrase: &str, password: Option<&str>) -> Result<(Pair, Seed), SecretStringError> {
 		Mnemonic::from_phrase(phrase, Language::English)
 			.map_err(|_| SecretStringError::InvalidPhrase)
 			.map(|m| Self::from_entropy(m.entropy(), password))
@@ -490,11 +486,12 @@ impl Pair {
 	///
 	/// This uses a key derivation function to convert the entropy into a seed, then returns
 	/// the pair generated from it.
-	pub fn from_entropy(entropy: &[u8], password: Option<&str>) -> Pair {
+	pub fn from_entropy(entropy: &[u8], password: Option<&str>) -> (Pair, Seed) {
 		let mini_key: MiniSecretKey = mini_secret_from_entropy(entropy, password.unwrap_or(""))
 			.expect("32 bytes can always build a key; qed");
+
 		let kp = mini_key.expand_to_keypair();
-		Pair(kp)
+		(Pair(kp), mini_key.to_bytes())
 	}
 }

@@ -538,7 +535,7 @@ mod test {

 	#[test]
 	fn derive_soft_should_work() {
-		let pair: Pair = Pair::from_seed(hex!(
+		let pair = Pair::from_seed(&hex!(
 			"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
 		));
 		let derive_1 = pair.derive(Some(DeriveJunction::soft(1)).into_iter()).unwrap();
@@ -550,7 +547,7 @@ mod test {

 	#[test]
 	fn derive_hard_should_work() {
-		let pair: Pair = Pair::from_seed(hex!(
+		let pair = Pair::from_seed(&hex!(
 			"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
 		));
 		let derive_1 = pair.derive(Some(DeriveJunction::hard(1)).into_iter()).unwrap();
@@ -562,7 +559,7 @@ mod test {

 	#[test]
 	fn derive_soft_public_should_work() {
-		let pair: Pair = Pair::from_seed(hex!(
+		let pair = Pair::from_seed(&hex!(
 			"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
 		));
 		let path = Some(DeriveJunction::soft(1));
@@ -573,7 +570,7 @@ mod test {

 	#[test]
 	fn derive_hard_public_should_fail() {
-		let pair: Pair = Pair::from_seed(hex!(
+		let pair = Pair::from_seed(&hex!(
 			"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
 		));
 		let path = Some(DeriveJunction::hard(1));
@@ -582,7 +579,7 @@ mod test {

 	#[test]
 	fn sr_test_vector_should_work() {
-		let pair: Pair = Pair::from_seed(hex!(
+		let pair = Pair::from_seed(&hex!(
 			"9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"
 		));
 		let public = pair.public();
@@ -599,7 +596,7 @@ mod test {

 	#[test]
 	fn generated_pair_should_work() {
-		let pair = Pair::generate();
+		let (pair, _) = Pair::generate();
 		let public = pair.public();
 		let message = b"Something important";
 		let signature = pair.sign(&message[..]);
@@ -609,7 +606,7 @@ mod test {
 	#[test]
 	fn seeded_pair_should_work() {

-		let pair = Pair::from_seed(*b"12345678901234567890123456789012");
+		let pair = Pair::from_seed(b"12345678901234567890123456789012");
 		let public = pair.public();
 		assert_eq!(
 			public,
@@ -624,7 +621,7 @@ mod test {

 	#[test]
 	fn ss58check_roundtrip_works() {
-		let pair = Pair::generate();
+		let (pair, _) = Pair::generate();
 		let public = pair.public();
 		let s = public.to_ss58check();
 		println!("Correct: {}", s);
@@ -637,9 +634,13 @@ mod test {
 		// The values in this test case are compared to the output of `node-test.js` in schnorrkel-js.
 		//
 		// This is to make sure that the wasm library is compatible.
-		let pk = Pair::from_seed(hex!("0000000000000000000000000000000000000000000000000000000000000000"));
+		let pk = Pair::from_seed(
+			&hex!("0000000000000000000000000000000000000000000000000000000000000000")
+		);
 		let public = pk.public();
-		let js_signature = Signature::from_raw(hex!("28a854d54903e056f89581c691c1f7d2ff39f8f896c9e9c22475e60902cc2b3547199e0e91fa32902028f2ca2355e8cdd16cfe19ba5e8b658c94aa80f3b81a00"));
+		let js_signature = Signature::from_raw(
+			hex!("28a854d54903e056f89581c691c1f7d2ff39f8f896c9e9c22475e60902cc2b3547199e0e91fa32902028f2ca2355e8cdd16cfe19ba5e8b658c94aa80f3b81a00")
+		);
 		assert!(Pair::verify(&js_signature, b"SUBSTRATE", public));
 	}
 }