aboutsummaryrefslogtreecommitdiff
path: root/src/crypto.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/crypto.h')
-rw-r--r--src/crypto.h386
1 files changed, 386 insertions, 0 deletions
diff --git a/src/crypto.h b/src/crypto.h
new file mode 100644
index 0000000..2fbf745
--- /dev/null
+++ b/src/crypto.h
@@ -0,0 +1,386 @@
+#ifndef _HOTSTUFF_CRYPTO_H
+#define _HOTSTUFF_CRYPTO_H
+
+#include "salticidae/crypto.h"
+#include "salticidae/ref.h"
+#include "secp256k1.h"
+#include <openssl/rand.h>
+#include "type.h"
+
+using salticidae::RcObj;
+using salticidae::BoxObj;
+
+namespace hotstuff {
+
+using salticidae::SHA256;
+
+class PubKey: public Serializable, Cloneable {
+ public:
+ virtual ~PubKey() = default;
+ virtual PubKey *clone() override = 0;
+};
+
+using pubkey_bt = BoxObj<PubKey>;
+
+class PrivKey: public Serializable {
+ public:
+ virtual ~PrivKey() = default;
+ virtual pubkey_bt get_pubkey() const = 0;
+ virtual void from_rand() = 0;
+};
+
+using privkey_bt = BoxObj<PrivKey>;
+
+class PartCert: public Serializable, public Cloneable {
+ public:
+ virtual ~PartCert() = default;
+ virtual bool verify(const PubKey &pubkey) = 0;
+ virtual const uint256_t &get_blk_hash() const = 0;
+ virtual PartCert *clone() override = 0;
+};
+
+class ReplicaConfig;
+
+class QuorumCert: public Serializable, public Cloneable {
+ public:
+ virtual ~QuorumCert() = default;
+ virtual void add_part(ReplicaID replica, const PartCert &pc) = 0;
+ virtual void compute() = 0;
+ virtual bool verify(const ReplicaConfig &config) = 0;
+ virtual const uint256_t &get_blk_hash() const = 0;
+ virtual QuorumCert *clone() override = 0;
+};
+
+using part_cert_bt = BoxObj<PartCert>;
+using quorum_cert_bt = BoxObj<QuorumCert>;
+
+class PubKeyDummy: public PubKey {
+ PubKeyDummy *clone() override { return new PubKeyDummy(*this); }
+ void serialize(DataStream &) const override {}
+ void unserialize(DataStream &) override {}
+};
+
+class PrivKeyDummy: public PrivKey {
+ pubkey_bt get_pubkey() const override { return new PubKeyDummy(); }
+ void serialize(DataStream &) const override {}
+ void unserialize(DataStream &) override {}
+ void from_rand() override {}
+};
+
+class PartCertDummy: public PartCert {
+ uint256_t blk_hash;
+ public:
+ PartCertDummy() {}
+ PartCertDummy(const uint256_t &blk_hash):
+ blk_hash(blk_hash) {}
+
+ void serialize(DataStream &s) const override {
+ s << (uint32_t)0 << blk_hash;
+ }
+
+ void unserialize(DataStream &s) override {
+ uint32_t tmp;
+ s >> tmp >> blk_hash;
+ }
+
+ PartCert *clone() override {
+ return new PartCertDummy(blk_hash);
+ }
+
+ bool verify(const PubKey &) override { return true; }
+
+ const uint256_t &get_blk_hash() const override { return blk_hash; }
+};
+
+class QuorumCertDummy: public QuorumCert {
+ uint256_t blk_hash;
+ public:
+ QuorumCertDummy() {}
+ QuorumCertDummy(const ReplicaConfig &, const uint256_t &blk_hash):
+ blk_hash(blk_hash) {}
+
+ void serialize(DataStream &s) const override {
+ s << (uint32_t)1 << blk_hash;
+ }
+
+ void unserialize(DataStream &s) override {
+ uint32_t tmp;
+ s >> tmp >> blk_hash;
+ }
+
+ QuorumCert *clone() override {
+ return new QuorumCertDummy(*this);
+ }
+
+ void add_part(ReplicaID, const PartCert &) override {}
+ void compute() override {}
+ bool verify(const ReplicaConfig &) override { return true; }
+
+ const uint256_t &get_blk_hash() const override { return blk_hash; }
+};
+
+
+class Secp256k1Context {
+ secp256k1_context *ctx;
+ friend class PubKeySecp256k1;
+ friend class SigSecp256k1;
+ public:
+ Secp256k1Context(bool sign = false):
+ ctx(secp256k1_context_create(
+ sign ? SECP256K1_CONTEXT_SIGN :
+ SECP256K1_CONTEXT_VERIFY)) {}
+
+ Secp256k1Context(const Secp256k1Context &) = delete;
+
+ Secp256k1Context(Secp256k1Context &&other): ctx(other.ctx) {
+ other.ctx = nullptr;
+ }
+
+ ~Secp256k1Context() {
+ if (ctx) secp256k1_context_destroy(ctx);
+ }
+};
+
+using secp256k1_context_t = RcObj<Secp256k1Context>;
+
+extern secp256k1_context_t secp256k1_default_sign_ctx;
+extern secp256k1_context_t secp256k1_default_verify_ctx;
+
+class PrivKeySecp256k1;
+
+class PubKeySecp256k1: public PubKey {
+ static const auto _olen = 33;
+ friend class SigSecp256k1;
+ secp256k1_pubkey data;
+ secp256k1_context_t ctx;
+
+ public:
+ PubKeySecp256k1(const secp256k1_context_t &ctx =
+ secp256k1_default_sign_ctx):
+ PubKey(), ctx(ctx) {}
+
+ PubKeySecp256k1(const bytearray_t &raw_bytes,
+ const secp256k1_context_t &ctx =
+ secp256k1_default_sign_ctx):
+ PubKeySecp256k1(ctx) { from_bytes(raw_bytes); }
+
+ inline PubKeySecp256k1(const PrivKeySecp256k1 &priv_key,
+ const secp256k1_context_t &ctx =
+ secp256k1_default_sign_ctx);
+
+ void serialize(DataStream &s) const override {
+ static uint8_t output[_olen];
+ size_t olen = _olen;
+ (void)secp256k1_ec_pubkey_serialize(
+ ctx->ctx, (unsigned char *)output,
+ &olen, &data, SECP256K1_EC_COMPRESSED);
+ s.put_data(output, output + _olen);
+ }
+
+ void unserialize(DataStream &s) override {
+ static const auto _exc = std::invalid_argument("ill-formed public key");
+ try {
+ if (!secp256k1_ec_pubkey_parse(
+ ctx->ctx, &data, s.get_data_inplace(_olen), _olen))
+ throw _exc;
+ } catch (std::ios_base::failure &) {
+ throw _exc;
+ }
+ }
+
+ PubKeySecp256k1 *clone() override {
+ return new PubKeySecp256k1(*this);
+ }
+};
+
+class PrivKeySecp256k1: public PrivKey {
+ static const auto nbytes = 32;
+ friend class PubKeySecp256k1;
+ friend class SigSecp256k1;
+ uint8_t data[nbytes];
+ secp256k1_context_t ctx;
+
+ public:
+ PrivKeySecp256k1(const secp256k1_context_t &ctx =
+ secp256k1_default_sign_ctx):
+ PrivKey(), ctx(ctx) {}
+
+ PrivKeySecp256k1(const bytearray_t &raw_bytes,
+ const secp256k1_context_t &ctx =
+ secp256k1_default_sign_ctx):
+ PrivKeySecp256k1(ctx) { from_bytes(raw_bytes); }
+
+ void serialize(DataStream &s) const override {
+ s.put_data(data, data + nbytes);
+ }
+
+ void unserialize(DataStream &s) override {
+ static const auto _exc = std::invalid_argument("ill-formed private key");
+ try {
+ memmove(data, s.get_data_inplace(nbytes), nbytes);
+ } catch (std::ios_base::failure &) {
+ throw _exc;
+ }
+ }
+
+ void from_rand() override {
+ if (!RAND_bytes(data, nbytes))
+ throw std::runtime_error("cannot get rand bytes from openssl");
+ }
+
+ inline pubkey_bt get_pubkey() const override;
+};
+
+pubkey_bt PrivKeySecp256k1::get_pubkey() const {
+ return new PubKeySecp256k1(*this, ctx);
+}
+
+PubKeySecp256k1::PubKeySecp256k1(
+ const PrivKeySecp256k1 &priv_key,
+ const secp256k1_context_t &ctx): PubKey(), ctx(ctx) {
+ if (!secp256k1_ec_pubkey_create(ctx->ctx, &data, priv_key.data))
+ throw std::invalid_argument("invalid secp256k1 private key");
+}
+
+class SigSecp256k1: public Serializable {
+ secp256k1_ecdsa_signature data;
+ secp256k1_context_t ctx;
+
+ void check_msg_length(const bytearray_t &msg) {
+ if (msg.size() != 32)
+ throw std::invalid_argument("the message should be 32-bytes");
+ }
+
+ public:
+ SigSecp256k1(const secp256k1_context_t &ctx =
+ secp256k1_default_sign_ctx):
+ Serializable(), ctx(ctx) {}
+ SigSecp256k1(const uint256_t &digest,
+ const PrivKeySecp256k1 &priv_key,
+ secp256k1_context_t &ctx =
+ secp256k1_default_sign_ctx):
+ Serializable(), ctx(ctx) {
+ sign(digest, priv_key);
+ }
+
+ void serialize(DataStream &s) const override {
+ static uint8_t output[64];
+ (void)secp256k1_ecdsa_signature_serialize_compact(
+ ctx->ctx, (unsigned char *)output,
+ &data);
+ s.put_data(output, output + 64);
+ }
+
+ void unserialize(DataStream &s) override {
+ static const auto _exc = std::invalid_argument("ill-formed signature");
+ try {
+ if (!secp256k1_ecdsa_signature_parse_compact(
+ ctx->ctx, &data, s.get_data_inplace(64)))
+ throw _exc;
+ } catch (std::ios_base::failure &) {
+ throw _exc;
+ }
+ }
+
+ void sign(const bytearray_t &msg, const PrivKeySecp256k1 &priv_key) {
+ check_msg_length(msg);
+ if (!secp256k1_ecdsa_sign(
+ ctx->ctx, &data,
+ (unsigned char *)&*msg.begin(),
+ (unsigned char *)priv_key.data,
+ NULL, // default nonce function
+ NULL))
+ throw std::invalid_argument("failed to create secp256k1 signature");
+ }
+
+ bool verify(const bytearray_t &msg, const PubKeySecp256k1 &pub_key,
+ const secp256k1_context_t &_ctx) {
+ check_msg_length(msg);
+ return secp256k1_ecdsa_verify(
+ _ctx->ctx, &data,
+ (unsigned char *)&*msg.begin(),
+ &pub_key.data) == 1;
+ }
+
+ bool verify(const bytearray_t &msg, const PubKeySecp256k1 &pub_key) {
+ return verify(msg, pub_key, ctx);
+ }
+};
+
+class PartCertSecp256k1: public SigSecp256k1, public PartCert {
+ uint256_t blk_hash;
+
+ public:
+ PartCertSecp256k1() = default;
+ PartCertSecp256k1(const PrivKeySecp256k1 &priv_key, const uint256_t &blk_hash):
+ SigSecp256k1(blk_hash, priv_key),
+ PartCert(),
+ blk_hash(blk_hash) {}
+
+ bool verify(const PubKey &pub_key) override {
+ return SigSecp256k1::verify(blk_hash,
+ static_cast<const PubKeySecp256k1 &>(pub_key),
+ secp256k1_default_verify_ctx);
+ }
+
+ const uint256_t &get_blk_hash() const override { return blk_hash; }
+
+ PartCertSecp256k1 *clone() override {
+ return new PartCertSecp256k1(*this);
+ }
+
+ void serialize(DataStream &s) const override {
+ s << blk_hash;
+ this->SigSecp256k1::serialize(s);
+ }
+
+ void unserialize(DataStream &s) override {
+ s >> blk_hash;
+ this->SigSecp256k1::unserialize(s);
+ }
+};
+
+class QuorumCertSecp256k1: public QuorumCert {
+ uint256_t blk_hash;
+ salticidae::Bits rids;
+ std::vector<SigSecp256k1> sigs;
+
+ public:
+ QuorumCertSecp256k1() = default;
+ QuorumCertSecp256k1(const ReplicaConfig &config, const uint256_t &blk_hash);
+
+ void add_part(ReplicaID rid, const PartCert &pc) override {
+ if (pc.get_blk_hash() != blk_hash)
+ throw std::invalid_argument("PartCert does match the block hash");
+ if (!rids.get(rid))
+ {
+ rids.set(rid);
+ sigs.push_back(static_cast<const PartCertSecp256k1 &>(pc));
+ }
+ }
+
+ void compute() override {}
+
+ bool verify(const ReplicaConfig &config) override;
+
+ const uint256_t &get_blk_hash() const override { return blk_hash; }
+
+ QuorumCertSecp256k1 *clone() override {
+ return new QuorumCertSecp256k1(*this);
+ }
+
+ void serialize(DataStream &s) const override {
+ s << blk_hash << rids;
+ for (const auto &sig: sigs) s << sig;
+ }
+
+ void unserialize(DataStream &s) override {
+ s >> blk_hash >> rids;
+ sigs.resize(rids.size());
+ for (auto &sig: sigs) s >> sig;
+ }
+};
+
+}
+
+#endif