Skip to content

Commit

Permalink
chore: use pure rust secp256k1 crate (#21154)
Browse files Browse the repository at this point in the history 
Saves ~40s in fresh debug build
  • Loading branch information
@littledivy
littledivy committed Nov 10, 2023
1 parent 9f2e56b commit 05704fb
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 42 deletions.
35 changes: 15 additions & 20 deletions Cargo.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion ext/node/Cargo.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 38,7 @@ hkdf.workspace = true
http.workspace = true
idna = "0.3.0"
indexmap.workspace = true
k256 = "0.13.1"
lazy-regex.workspace = true
libc.workspace = true
libz-sys = { version = "1.1.8", features = ["static"] }
Expand All @@ -60,7 61,6 @@ ring.workspace = true
ripemd = "0.1.3"
rsa.workspace = true
scrypt = "0.11.0"
secp256k1 = { version = "0.28.0", features = ["rand-std"] }
serde = "1.0.149"
sha-1 = "0.10.0"
sha2.workspace = true
Expand Down
45 changes: 24 additions & 21 deletions ext/node/ops/crypto/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,9 39,6 @@ use rsa::Oaep;
use rsa::Pkcs1v15Encrypt;
use rsa::RsaPrivateKey;
use rsa::RsaPublicKey;
use secp256k1::ecdh::SharedSecret;
use secp256k1::Secp256k1;
use secp256k1::SecretKey;

mod cipher;
mod dh;
Expand Down Expand Up @@ -1012,10 1009,11 @@ pub fn op_node_ecdh_generate_keys(
let mut rng = rand::thread_rng();
match curve {
"secp256k1" => {
let secp = Secp256k1::new();
let (privkey, pubkey) = secp.generate_keypair(&mut rng);
pubbuf.copy_from_slice(&pubkey.serialize_uncompressed());
privbuf.copy_from_slice(&privkey.secret_bytes());
let privkey =
elliptic_curve::SecretKey::<k256::Secp256k1>::random(&mut rng);
let pubkey = privkey.public_key();
pubbuf.copy_from_slice(pubkey.to_sec1_bytes().as_ref());
privbuf.copy_from_slice(privkey.to_nonzero_scalar().to_bytes().as_ref());

Ok(0)
}
Expand Down Expand Up @@ -1053,16 1051,22 @@ pub fn op_node_ecdh_compute_secret(
) -> Result<(), AnyError> {
match curve {
"secp256k1" => {
let this_secret_key = SecretKey::from_slice(
this_priv.expect("no private key provided?").as_ref(),
)
.unwrap();
let their_public_key =
secp256k1::PublicKey::from_slice(their_pub).unwrap();
let shared_secret =
SharedSecret::new(&their_public_key, &this_secret_key);
elliptic_curve::PublicKey::<k256::Secp256k1>::from_sec1_bytes(
their_pub,
)
.expect("bad public key");
let this_private_key =
elliptic_curve::SecretKey::<k256::Secp256k1>::from_slice(
&this_priv.expect("must supply private key"),
)
.expect("bad private key");
let shared_secret = elliptic_curve::ecdh::diffie_hellman(
this_private_key.to_nonzero_scalar(),
their_public_key.as_affine(),
);
secret.copy_from_slice(shared_secret.raw_secret_bytes());

secret.copy_from_slice(&shared_secret.secret_bytes());
Ok(())
}
"prime256v1" | "secp256r1" => {
Expand Down Expand Up @@ -1125,12 1129,11 @@ pub fn op_node_ecdh_compute_public_key(
) -> Result<(), AnyError> {
match curve {
"secp256k1" => {
let secp = Secp256k1::new();
let secret_key = SecretKey::from_slice(privkey).unwrap();
let public_key =
secp256k1::PublicKey::from_secret_key(&secp, &secret_key);

pubkey.copy_from_slice(&public_key.serialize_uncompressed());
let this_private_key =
elliptic_curve::SecretKey::<k256::Secp256k1>::from_slice(privkey)
.expect("bad private key");
let public_key = this_private_key.public_key();
pubkey.copy_from_slice(public_key.to_sec1_bytes().as_ref());

Ok(())
}
Expand Down

0 comments on commit 05704fb

Please sign in to comment.