Remove init_and_check_sodium from crypto/common.h

This removes the last implicit dependency on libsodium from libzcashconsensus. The test code no longer asserts that the linked libsodium enforces that s < L in signatures, but zcashd itself still does.
ZcashFoundation · Jul 17, 2020 · 6272d92 · 6272d92
1 parent f6a5273
commit 6272d92
Show file tree

Hide file tree

Showing 4 changed files with 44 additions and 45 deletions.
diff --git a/src/crypto/common.h b/src/crypto/common.h
@@ -13,7 +13,6 @@
 #include <assert.h>
 #include <string.h>
 
-#include "sodium.h"
 #include "compat/endian.h"
 
 #if defined(NDEBUG)
@@ -85,42 +84,4 @@ void static inline WriteBE64(unsigned char* ptr, uint64_t x)
     memcpy(ptr, (char*)&v, 8);
 }
 
-int inline init_and_check_sodium()
-{
-    if (sodium_init() == -1) {
-        return -1;
-    }
-
-    // What follows is a runtime test that ensures the version of libsodium
-    // we're linked against checks that signatures are canonical (s < L).
-    const unsigned char message[1] = { 0 };
-
-    unsigned char pk[crypto_sign_PUBLICKEYBYTES];
-    unsigned char sk[crypto_sign_SECRETKEYBYTES];
-    unsigned char sig[crypto_sign_BYTES];
-
-    crypto_sign_keypair(pk, sk);
-    crypto_sign_detached(sig, NULL, message, sizeof(message), sk);
-
-    assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) == 0);
-
-    // Copied from libsodium/crypto_sign/ed25519/ref10/open.c
-    static const unsigned char L[32] =
-      { 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
-        0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 };
-
-    // Add L to S, which starts at sig[32].
-    unsigned int s = 0;
-    for (size_t i = 0; i < 32; i++) {
-        s = sig[32 + i] + L[i] + (s >> 8);
-        sig[32 + i] = s & 0xff;
-    }
-
-    assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) != 0);
-
-    return 0;
-}
-
 #endif // BITCOIN_CRYPTO_COMMON_H
diff --git a/src/gtest/main.cpp b/src/gtest/main.cpp
@@ -1,10 +1,10 @@
 #include "gmock/gmock.h"
-#include "crypto/common.h"
 #include "key.h"
 #include "pubkey.h"
 #include "util.h"
 
 #include "librustzcash.h"
+#include <sodium.h>
 
 struct ECCryptoClosure
 {
@@ -14,7 +14,7 @@ struct ECCryptoClosure
 ECCryptoClosure instance_of_eccryptoclosure;
 
 int main(int argc, char **argv) {
-  assert(init_and_check_sodium() != -1);
+  assert(sodium_init() != -1);
   ECC_Start();
 
   boost::filesystem::path sapling_spend = ZC_GetParamsDir() / "sapling-spend.params";

diff --git a/src/init.cpp b/src/init.cpp
@@ -8,7 +8,6 @@
 #endif
 
 #include "init.h"
-#include "crypto/common.h"
 #include "addrman.h"
 #include "amount.h"
 #include "checkpoints.h"
@@ -60,6 +59,7 @@
 #include <boost/interprocess/sync/file_lock.hpp>
 #include <boost/thread.hpp>
 #include <openssl/crypto.h>
+#include <sodium.h>
 
 #if ENABLE_ZMQ
 #include "zmq/zmqnotificationinterface.h"
@@ -686,6 +686,45 @@ bool InitSanityCheck(void)
 }
 
 
+int inline init_and_check_sodium()
+{
+    if (sodium_init() == -1) {
+        return -1;
+    }
+
+    // What follows is a runtime test that ensures the version of libsodium
+    // we're linked against checks that signatures are canonical (s < L).
+    const unsigned char message[1] = { 0 };
+
+    unsigned char pk[crypto_sign_PUBLICKEYBYTES];
+    unsigned char sk[crypto_sign_SECRETKEYBYTES];
+    unsigned char sig[crypto_sign_BYTES];
+
+    crypto_sign_keypair(pk, sk);
+    crypto_sign_detached(sig, NULL, message, sizeof(message), sk);
+
+    assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) == 0);
+
+    // Copied from libsodium/crypto_sign/ed25519/ref10/open.c
+    static const unsigned char L[32] =
+      { 0xed, 0xd3, 0xf5, 0x5c, 0x1a, 0x63, 0x12, 0x58,
+        0xd6, 0x9c, 0xf7, 0xa2, 0xde, 0xf9, 0xde, 0x14,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10 };
+
+    // Add L to S, which starts at sig[32].
+    unsigned int s = 0;
+    for (size_t i = 0; i < 32; i++) {
+        s = sig[32 + i] + L[i] + (s >> 8);
+        sig[32 + i] = s & 0xff;
+    }
+
+    assert(crypto_sign_verify_detached(sig, message, sizeof(message), pk) != 0);
+
+    return 0;
+}
+
+
 static void ZC_LoadParams(
     const CChainParams& chainparams
 )

diff --git a/src/test/test_bitcoin.cpp b/src/test/test_bitcoin.cpp
@@ -6,8 +6,6 @@
 
 #include "test_bitcoin.h"
 
-#include "crypto/common.h"
-
 #include "chainparams.h"
 #include "consensus/consensus.h"
 #include "consensus/validation.h"
@@ -28,6 +26,7 @@
 #include <boost/filesystem.hpp>
 #include <boost/test/unit_test.hpp>
 #include <boost/thread.hpp>
+#include <sodium.h>
 
 #include "librustzcash.h"
 
@@ -69,7 +68,7 @@ JoinSplitTestingSetup::~JoinSplitTestingSetup()
 
 BasicTestingSetup::BasicTestingSetup(const std::string& chainName)
 {
-    assert(init_and_check_sodium() != -1);
+    assert(sodium_init() != -1);
     ECC_Start();
     SetupEnvironment();
     SetupNetworking();