Added ECDSA; Added RSA tests; Fixed linting errors; Handling all un-handled errors #35
Conversation
|
I think the build is failing because it's pulling If you clone and |
ecdsa.go
Outdated
|
|
||
| sha256 "gx/ipfs/QmXTpwq2AkzQsPjKqFQDNY2bMdsAT53hUBETeyj8QRHTZU/sha256-simd" | ||
|
|
||
| "github.com/ethereum/go-ethereum/rlp" |
There was a problem hiding this comment.
This is going to be a bit of a problem. Pulling down all of go ethereum just to build this package isn't really an option and go ethereum is LGPL licensed (while this package is MIT licensed).
There was a problem hiding this comment.
Also, looking at the RLP format documentation, I'd rather not touch that. If users need ethereum compatibility, they can convert between that format and whatever sane format we choose in this package.
There was a problem hiding this comment.
We should probably use ASN.1 (that's what most systems use).
ecdsa.go
Outdated
| return false | ||
| } | ||
|
|
||
| return reflect.DeepEqual(ePub, oPub) |
There was a problem hiding this comment.
It's probably a better idea to just implement this manually. This assumes that two equivalent bigints always have the same internal structure.
ed25519.go
Outdated
| pb "github.com/libp2p/go-libp2p-crypto/pb" | ||
|
|
||
| "gx/ipfs/QmQ51pHe6u7CWodkUGDLqaCEMchkbMt7VEZnECF5mp6tVb/ed25519" |
There was a problem hiding this comment.
We leave this in the unrewritten state (except for in go-ipfs). Run gx-go rw --fix to undo this.
key.go
Outdated
| @@ -207,15 +219,21 @@ func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedK | |||
| } | |||
|
|
|||
| m := hmac.New(h, secret) | |||
| m.Write(seed) | |||
| if _, err := m.Write(seed); err != nil { | |||
There was a problem hiding this comment.
This is guaranteed to never return an error.
key.go
Outdated
| // (myIV, theirIV, myCipherKey, theirCipherKey, myMACKey, theirMACKey) | ||
| func KeyStretcher(cipherType string, hashType string, secret []byte) (StretchedKeys, StretchedKeys) { | ||
| func KeyStretcher(cipherType string, hashType string, secret []byte) (*StretchedKeys, *StretchedKeys, error) { |
There was a problem hiding this comment.
This is a public interface so we probably shouldn't change it (unless there's a very good reason).
There was a problem hiding this comment.
I agree, but there are quite a few errors that are being ignored in the function. Rather than ignoring them, I think we should return the error. For example, here.
There was a problem hiding this comment.
See my comment below (above?). Writes to hmac's can't fail (according to the documentation). We should probably have a comment stating this...
In this comment, I was referring to the switch to return by pointer instead of return by value (although I guess you probably figured that we might as well make that change along with the change to return errors).
There was a problem hiding this comment.
My apologies! Didn't see your other comment and didn't know that about HMAC writes! TY!
I'll leave this function definition unchanged, then.
There was a problem hiding this comment.
Np, no need to apologize. This is definitely non-obvious (I had to go check the docs thinking "we can't have been that lazy...").
|
While you're at it, could you rebase on master and cleanup the git history a bit? Reverse merges get really messy and it would be nice to have all of the documentation/cleanup (thanks, by the way) changes in separate commits. |
|
Thanks for the detailed comments! I'll get working on them! |
c0b8eee to
9fc17fa
Compare
secp256k1.go
Outdated
| func (k *Secp256k1PrivateKey) Equals(o Key) bool { | ||
| sk, ok := o.(*Secp256k1PrivateKey) | ||
| k, ok := o.(*Secp256k1PrivateKey) |
secp256k1.go
Outdated
| func (k *Secp256k1PublicKey) Equals(o Key) bool { | ||
| sk, ok := o.(*Secp256k1PublicKey) | ||
| k, ok := o.(*Secp256k1PublicKey) |
key.go
Outdated
|
|
||
| "github.com/gogo/protobuf/proto" | ||
| pb "github.com/libp2p/go-libp2p-crypto/pb" |
There was a problem hiding this comment.
FYI, we usually order our imports:
- stdlib
- local repo
- external repos
(with newlines in-between)
However, the separation between the crypto and non-crypto imports was non-idiomatic.
ecdsa.go
Outdated
| } | ||
|
|
||
| // GenerateECDSAKeyPairFromKey generates a new ecdsa private and public key from an input private key | ||
| func GenerateECDSAKeyPairFromKey(priv *ecdsa.PrivateKey) (PrivKey, PubKey, error) { |
There was a problem hiding this comment.
Maybe drop the Generate (we're not really generating a new key)?
ecdsa.go
Outdated
|
|
||
| // GenerateECDSAKeyPair generates a new ecdsa private and public key | ||
| func GenerateECDSAKeyPair(src io.Reader) (PrivKey, PubKey, error) { | ||
| priv, err := ecdsa.GenerateKey(ECDSACurve, src) |
There was a problem hiding this comment.
Can replace with return GenerateECDSAKeyPairWithCurve(ECDSACurve, src).
|
@Stebalien thanks, I'm on it! |
1. Added ECDSA Keys 2. Removed GX import refs 3. Added RSA tests 4. Fixed linting warnings
|
@Stebalien, thanks again for all of your help, and sorry for introducing that bug. Great catch! I just incorporated your latest round of feedback... |
|
I'd like to get @dignifiedquire to take a look at this before merging as he maintains the JS version. I also noticed that "secp256k1" is also ECDSA (with a specific curve, maybe some bitcoin-specific key formats?). Hopefully @dignifiedquire will know more. |
|
I've discussed this and, well, we do support a variant of ECDSA (Secp256k1) but we use a hard-coded curve and a minimal key format. The upside is that keys in that format are small. The downside, is that it's a bit less flexible. The downside of this format is that keys are large. However, it supports all "standard" keys so it should help with interoperability with existing systems. Given that, we've (@dignifiedquire and I) have decided to merge this. |
|
Thanks @adam-hanna for bearing with this! |
|
Thanks for everything!
…On Fri, Sep 28, 2018, 7:31 PM Steven Allen ***@***.***> wrote:
Thanks @adam-hanna <https://github.com/adam-hanna> for bearing with this!
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#35 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AFL2FjDVZnZrcynjD2oppLvUJd0x5WDeks5ufl0NgaJpZM4VQDm2>
.
|
| "hash": "QmdxUuburamoF6zF9qjeQC4WYcWGbWuRmdLacMEsW8ioD8", | ||
| "name": "gogo-protobuf", | ||
| "version": "0.0.0" | ||
| }, |
KeyStretcherfunction. Every timem.Write(..)gets called (for example, here), the number of bytes written and an error gets returned. These returned values were just being ignored.