Get rid of unsafe code in ethkey, propagate incorrect Secret errors. (#4119)

* Implementing secret * Fixing tests
2017-01-11 12:16:47 +01:00
parent 4ecd9da6e4
commit 21006da125
30 changed files with 205 additions and 108 deletions
--- a/ethkey/src/brain.rs
+++ b/ethkey/src/brain.rs
@@ -15,7 +15,7 @@
 // along with Parity.  If not, see <http://www.gnu.org/licenses/>.

 use keccak::Keccak256;
-use super::{KeyPair, Error, Generator};
+use super::{KeyPair, Error, Generator, Secret};

 /// Simple brainwallet.
 pub struct Brain(String);
@@ -34,13 +34,15 @@ impl Generator for Brain {
 		let mut i = 0;
 		loop {
 			secret = secret.keccak256();
-			
+
 			match i > 16384 {
 				false => i += 1,
 				true => {
-					let result = KeyPair::from_secret(secret.clone().into());
-					if result.as_ref().ok().map_or(false, |r| r.address()[0] == 0) {
-						return result;
+					if let Ok(secret) = Secret::from_slice(&secret) {
+						let result = KeyPair::from_secret(secret);
+						if result.as_ref().ok().map_or(false, |r| r.address()[0] == 0) {
+							return result;
+						}
 					}
 				},
 			}
--- a/ethkey/src/keypair.rs
+++ b/ethkey/src/keypair.rs
@@ -60,11 +60,14 @@ impl KeyPair {
 		Ok(keypair)
 	}

+	pub fn from_secret_slice(slice: &[u8]) -> Result<KeyPair, Error> {
+		Self::from_secret(Secret::from_slice(slice)?)
+	}
+
 	pub fn from_keypair(sec: key::SecretKey, publ: key::PublicKey) -> Self {
 		let context = &SECP256K1;
 		let serialized = publ.serialize_vec(context, false);
-		let mut secret = Secret::default();
-		secret.copy_from_slice(&sec[0..32]);
+		let secret = Secret::from(sec);
 		let mut public = Public::default();
 		public.copy_from_slice(&serialized[1..65]);

--- a/ethkey/src/lib.rs
+++ b/ethkey/src/lib.rs
@@ -29,6 +29,7 @@ mod keccak;
 mod prefix;
 mod random;
 mod signature;
+mod secret;

 lazy_static! {
 	pub static ref SECP256K1: secp256k1::Secp256k1 = secp256k1::Secp256k1::new();
@@ -46,10 +47,10 @@ pub use self::keypair::{KeyPair, public_to_address};
 pub use self::prefix::Prefix;
 pub use self::random::Random;
 pub use self::signature::{sign, verify_public, verify_address, recover, Signature};
+pub use self::secret::Secret;

 use bigint::hash::{H160, H256, H512};

 pub type Address = H160;
-pub type Secret = H256;
 pub type Message = H256;
 pub type Public = H512;
--- a/ethkey/src/secret.rs
+++ b/ethkey/src/secret.rs
@@ -0,0 +1,69 @@
+// Copyright 2015, 2016 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+use std::fmt;
+use std::ops::Deref;
+use std::str::FromStr;
+use secp256k1::key;
+use bigint::hash::H256;
+use {Error};
+
+#[derive(Clone, PartialEq, Eq)]
+pub struct Secret {
+	inner: H256,
+}
+
+impl fmt::Debug for Secret {
+	fn fmt(&self, fmt: &mut fmt::Formatter) -> fmt::Result {
+		write!(fmt, "Secret: 0x{:x}{:x}..{:x}{:x}", self.inner[0], self.inner[1], self.inner[30], self.inner[31])
+	}
+}
+
+impl Secret {
+	pub fn from_slice(key: &[u8]) -> Result<Self, Error> {
+		if key.len() != 32 {
+			return Err(Error::InvalidSecret);
+		}
+
+		let mut h = H256::default();
+		h.copy_from_slice(&key[0..32]);
+		Ok(Secret { inner: h })
+	}
+}
+
+impl FromStr for Secret {
+	type Err = Error;
+	fn from_str(s: &str) -> Result<Self, Self::Err> {
+		let hash = H256::from_str(s).map_err(|e| Error::Custom(format!("{:?}", e)))?;
+		Self::from_slice(&hash)
+	}
+}
+
+impl From<key::SecretKey> for Secret {
+	fn from(key: key::SecretKey) -> Self {
+		Self::from_slice(&key[0..32])
+			.expect("`key::SecretKey` is valid (no way to construct invalid one); qed")
+	}
+}
+
+impl Deref for Secret {
+	type Target = H256;
+
+	fn deref(&self) -> &Self::Target {
+		&self.inner
+	}
+}
+
--- a/ethkey/src/signature.rs
+++ b/ethkey/src/signature.rs
@@ -16,7 +16,7 @@

 use std::ops::{Deref, DerefMut};
 use std::cmp::PartialEq;
-use std::{mem, fmt};
+use std::fmt;
 use std::str::FromStr;
 use std::hash::{Hash, Hasher};
 use secp256k1::{Message as SecpMessage, RecoverableSignature, RecoveryId, Error as SecpError};
@@ -169,9 +169,8 @@ impl DerefMut for Signature {

 pub fn sign(secret: &Secret, message: &Message) -> Result<Signature, Error> {
 	let context = &SECP256K1;
-	// no way to create from raw byte array.
-	let sec: &SecretKey = unsafe { mem::transmute(secret) };
-	let s = context.sign_recoverable(&SecpMessage::from_slice(&message[..])?, sec)?;
+	let sec = SecretKey::from_slice(context, &secret)?;
+	let s = context.sign_recoverable(&SecpMessage::from_slice(&message[..])?, &sec)?;
 	let (rec_id, data) = s.serialize_compact(context);
 	let mut data_arr = [0; 65];