temporary: using sha256 from bitcoin core for equivalency

dhruv · Apr 9, 2022 · 60346ff · 60346ff
1 parent 2a2cbfc
commit 60346ff
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 11 deletions.
diff --git a/src/bench/ecdh.cpp b/src/bench/ecdh.cpp
@@ -22,7 +22,7 @@ static void ECDH(benchmark::Bench& bench)
     auto other_pubkey = other_privkey.GetPubKey();
     ECDHSecret ecdh_secret;
     bench.batch(1).unit("ecdh").run([&] {
-        privkey.ComputeECDHSecret(other_pubkey, ecdh_secret);
+        privkey.ComputeBIP324ECDHSecret(other_pubkey, ecdh_secret);
     });
     ECC_Stop();
 }

diff --git a/src/key.cpp b/src/key.cpp
@@ -7,6 +7,7 @@
 
 #include <crypto/common.h>
 #include <crypto/hmac_sha512.h>
+#include <crypto/sha256.h>
 #include <hash.h>
 #include <random.h>
 
@@ -333,7 +334,18 @@ bool CKey::Derive(CKey& keyChild, ChainCode &ccChild, unsigned int nChild, const
     return ret;
 }
 
-bool CKey::ComputeECDHSecret(const CPubKey& pubkey, ECDHSecret& secret) const
+static int bip324_ecdh_hash(unsigned char *output, const unsigned char *x32, const unsigned char *y32, void *data) {
+    unsigned char version = (y32[31] & 0x01) | 0x02;
+    CSHA256 sha;
+
+    sha.Write(&version, 1);
+    sha.Write(x32, 32);
+    sha.Finalize(output);
+
+    return 1;
+}
+
+bool CKey::ComputeBIP324ECDHSecret(const CPubKey& pubkey, ECDHSecret& secret) const
 {
     secp256k1_pubkey pubkey_internal;
     if (!secp256k1_ec_pubkey_parse(secp256k1_context_sign, &pubkey_internal, pubkey.data(), pubkey.size())) {
@@ -342,7 +354,7 @@ bool CKey::ComputeECDHSecret(const CPubKey& pubkey, ECDHSecret& secret) const
 
     secret.resize(ECDH_SECRET_SIZE);
     assert(secp256k1_ecdh(secp256k1_context_sign, secret.data(), &pubkey_internal,
-                          keydata.data(), secp256k1_ecdh_hash_function_default, NULL));
+                          keydata.data(), bip324_ecdh_hash, NULL));
     return true;
 }
 

diff --git a/src/key.h b/src/key.h
@@ -163,7 +163,7 @@ class CKey
     bool Load(const CPrivKey& privkey, const CPubKey& vchPubKey, bool fSkipCheck);
 
     // Returns false if an invalid public key is provided
-    bool ComputeECDHSecret(const CPubKey& pubkey, ECDHSecret& secret) const;
+    bool ComputeBIP324ECDHSecret(const CPubKey& pubkey, ECDHSecret& secret) const;
 };
 
 struct CExtKey {

diff --git a/src/test/fuzz/key.cpp b/src/test/fuzz/key.cpp
@@ -332,8 +332,8 @@ FUZZ_TARGET_INIT(ecdh, initialize_key)
     CPubKey k1_pubkey = k1.GetPubKey();
     CPubKey k2_pubkey = k2.GetPubKey();
     ECDHSecret ecdh_secret_1, ecdh_secret_2;
-    assert(k1.ComputeECDHSecret(k2_pubkey, ecdh_secret_1));
-    assert(k2.ComputeECDHSecret(k1_pubkey, ecdh_secret_2));
+    assert(k1.ComputeBIP324ECDHSecret(k2_pubkey, ecdh_secret_1));
+    assert(k2.ComputeBIP324ECDHSecret(k1_pubkey, ecdh_secret_2));
     assert(ecdh_secret_1.size() == ECDH_SECRET_SIZE);
     assert(ecdh_secret_2.size() == ECDH_SECRET_SIZE);
     assert(memcmp(ecdh_secret_1.data(), ecdh_secret_2.data(), ECDH_SECRET_SIZE) == 0);

diff --git a/src/test/key_tests.cpp b/src/test/key_tests.cpp
@@ -350,8 +350,8 @@ BOOST_AUTO_TEST_CASE(ecdh)
     CKey responder_key = DecodeSecret(strSecret2C);
 
     ECDHSecret initiator_secret, responder_secret;
-    BOOST_CHECK(initiator_key.ComputeECDHSecret(responder_key.GetPubKey(), initiator_secret));
-    BOOST_CHECK(responder_key.ComputeECDHSecret(initiator_key.GetPubKey(), responder_secret));
+    BOOST_CHECK(initiator_key.ComputeBIP324ECDHSecret(responder_key.GetPubKey(), initiator_secret));
+    BOOST_CHECK(responder_key.ComputeBIP324ECDHSecret(initiator_key.GetPubKey(), responder_secret));
     BOOST_CHECK_EQUAL(initiator_secret.size(), ECDH_SECRET_SIZE);
     BOOST_CHECK_EQUAL(responder_secret.size(), ECDH_SECRET_SIZE);
     BOOST_CHECK_EQUAL(0, memcmp(initiator_secret.data(), responder_secret.data(), ECDH_SECRET_SIZE));
@@ -364,7 +364,7 @@ BOOST_AUTO_TEST_CASE(ecdh)
     pubkeydata.insert(pubkeydata.end(), responder_pubkey.begin(), responder_pubkey.end());
     pubkeydata[0] = 0xFF;
     CPubKey invalid_responder_pubkey(pubkeydata);
-    BOOST_CHECK(!initiator_key.ComputeECDHSecret(invalid_responder_pubkey, initiator_secret));
+    BOOST_CHECK(!initiator_key.ComputeBIP324ECDHSecret(invalid_responder_pubkey, initiator_secret));
 }
 
 BOOST_AUTO_TEST_SUITE_END()
diff --git a/src/test/net_tests.cpp b/src/test/net_tests.cpp
@@ -933,8 +933,8 @@ BOOST_AUTO_TEST_CASE(bip324_derivation_test)
     auto responder_pubkey = responder_key.GetPubKey();
 
     ECDHSecret initiator_secret, responder_secret;
-    BOOST_CHECK(initiator_key.ComputeECDHSecret(responder_pubkey, initiator_secret));
-    BOOST_CHECK(responder_key.ComputeECDHSecret(initiator_pubkey, responder_secret));
+    BOOST_CHECK(initiator_key.ComputeBIP324ECDHSecret(responder_pubkey, initiator_secret));
+    BOOST_CHECK(responder_key.ComputeBIP324ECDHSecret(initiator_pubkey, responder_secret));
 
     BOOST_CHECK_EQUAL(ECDH_SECRET_SIZE, initiator_secret.size());
     BOOST_CHECK_EQUAL(ECDH_SECRET_SIZE, responder_secret.size());