From 18a049b4c49965fbb4efbb394891767dc0fa1fa9 Mon Sep 17 00:00:00 2001 From: Georgios Konstantopoulos Date: Tue, 14 Mar 2023 23:13:46 -0700 Subject: [PATCH] chore: bump crypto deps (#2260) * chore(core): bump k256 * fix: use correct recovery api * fix(signers): use correct apis * chore(signers): bump elliptic curve * feat: use PreHashSigner * feat: bump yubihsm and adjust for breakages * chore: clippy --- Cargo.lock | 283 +++++++++++------------ ethers-core/Cargo.toml | 4 +- ethers-core/src/types/signature.rs | 18 +- ethers-core/src/utils/anvil.rs | 4 +- ethers-core/src/utils/ganache.rs | 4 +- ethers-core/src/utils/mod.rs | 5 +- ethers-core/src/utils/moonbeam.rs | 3 +- ethers-signers/Cargo.toml | 6 +- ethers-signers/src/aws/mod.rs | 15 +- ethers-signers/src/aws/utils.rs | 58 ++--- ethers-signers/src/wallet/hash.rs | 80 ------- ethers-signers/src/wallet/mod.rs | 36 ++- ethers-signers/src/wallet/private_key.rs | 10 +- 13 files changed, 217 insertions(+), 309 deletions(-) delete mode 100644 ethers-signers/src/wallet/hash.rs diff --git a/Cargo.lock b/Cargo.lock index 9b32efd0..34c95667 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -247,6 +247,12 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitflags" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f4f6e5df9abedba5099a01a6567c6086a6fbcff57af07c360d356737f9e0c644" + [[package]] name = "bitvec" version = "0.17.4" @@ -549,7 +555,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "71655c45cb9845d3270c9d6df84ebe72b4dad3c2ba3f7023ad47c144e4e473a5" dependencies = [ "atty", - "bitflags", + "bitflags 1.3.2", "clap_derive", "clap_lex", "indexmap", @@ -612,7 +618,7 @@ dependencies = [ "bs58", "coins-core", "digest 0.10.6", - "getrandom 0.2.8", + "getrandom", "hmac 0.12.1", "k256 0.11.6", "lazy_static", @@ -629,12 +635,12 @@ checksum = "a05ceda6ab4876de899fe23e8a171b200be9a346289bce12d41311e4bce2f104" dependencies = [ "bitvec 0.17.4", "coins-bip32", - "getrandom 0.2.8", + "getrandom", "hex", "hmac 0.12.1", "once_cell", - "pbkdf2", - "rand 0.8.5", + "pbkdf2 0.11.0", + "rand", "sha2 0.10.6", "thiserror", "tracing", @@ -874,7 +880,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ef2b4b23cddf68b89b8f8069890e8c270d54e2d5fe1b143820234805e4cb17ef" dependencies = [ "generic-array 0.14.6", - "rand_core 0.6.4", + "rand_core", "subtle", "zeroize", ] @@ -886,7 +892,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "071c0f5945634bc9ba7a452f492377dd6b1993665ddb58f28704119b32f07a9a" dependencies = [ "generic-array 0.14.6", - "rand_core 0.6.4", + "rand_core", "subtle", "zeroize", ] @@ -898,7 +904,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" dependencies = [ "generic-array 0.14.6", - "rand_core 0.6.4", + "rand_core", "typenum", ] @@ -933,13 +939,15 @@ dependencies = [ [[package]] name = "curve25519-dalek" -version = "3.2.0" +version = "4.0.0-rc.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b9fdf9972b2bd6af2d913799d9ebc165ea4d2e65878e329d9c6b372c4491b61" +checksum = "8d4ba9852b42210c7538b75484f9daa0655e9a3ac04f693747bb0f02cf3cfe16" dependencies = [ - "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", + "cfg-if 1.0.0", + "digest 0.10.6", + "fiat-crypto", + "packed_simd_2", + "platforms", "subtle", "zeroize", ] @@ -1141,24 +1149,25 @@ dependencies = [ [[package]] name = "ed25519" -version = "1.5.2" +version = "2.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1e9c280362032ea4203659fc489832d0204ef09f247a0506f170dafcac08c369" +checksum = "be522bee13fa6d8059f4903a4084aa3bd50725e18150202f0238deb615cd6371" dependencies = [ - "signature 1.6.4", + "pkcs8 0.10.1", + "signature 2.0.0", ] [[package]] name = "ed25519-dalek" -version = "1.0.1" +version = "2.0.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" +checksum = "7bd577ba9d4bcab443cac60003d8fd32c638e7024a3ec92c200d7af5d2c397ed" dependencies = [ "curve25519-dalek", "ed25519", - "rand 0.7.3", + "rand_core", "serde", - "sha2 0.9.9", + "sha2 0.10.6", "zeroize", ] @@ -1182,7 +1191,7 @@ dependencies = [ "generic-array 0.14.6", "group 0.12.1", "pkcs8 0.9.0", - "rand_core 0.6.4", + "rand_core", "sec1 0.3.0", "subtle", "zeroize", @@ -1201,7 +1210,7 @@ dependencies = [ "generic-array 0.14.6", "group 0.13.0", "pkcs8 0.10.1", - "rand_core 0.6.4", + "rand_core", "sec1 0.7.1", "subtle", "zeroize", @@ -1242,7 +1251,7 @@ dependencies = [ "hex", "k256 0.13.0", "log", - "rand 0.8.5", + "rand", "rlp", "serde", "sha3", @@ -1294,8 +1303,8 @@ dependencies = [ "digest 0.10.6", "hex", "hmac 0.12.1", - "pbkdf2", - "rand 0.8.5", + "pbkdf2 0.11.0", + "rand", "scrypt", "serde", "serde_json", @@ -1368,7 +1377,7 @@ dependencies = [ "ethers-solc", "eyre", "hex", - "rand 0.8.5", + "rand", "serde", "serde_json", "tempfile", @@ -1417,7 +1426,7 @@ dependencies = [ "ethers-etherscan", "ethers-solc", "eyre", - "getrandom 0.2.8", + "getrandom", "hex", "prettyplease", "proc-macro2", @@ -1456,18 +1465,18 @@ dependencies = [ "cargo_metadata", "chrono", "convert_case", - "elliptic-curve 0.12.3", + "elliptic-curve 0.13.2", "ethabi", "generic-array 0.14.6", - "getrandom 0.2.8", + "getrandom", "hex", "hex-literal", - "k256 0.11.6", + "k256 0.13.0", "num_enum", "once_cell", "open-fastrlp", "proc-macro2", - "rand 0.8.5", + "rand", "rlp", "rlp-derive", "serde", @@ -1498,7 +1507,7 @@ version = "2.0.0" dependencies = [ "ethers-core", "ethers-solc", - "getrandom 0.2.8", + "getrandom", "reqwest", "semver", "serde", @@ -1529,7 +1538,7 @@ dependencies = [ "hex", "instant", "once_cell", - "rand 0.8.5", + "rand", "reqwest", "serde", "serde_json", @@ -1554,7 +1563,7 @@ dependencies = [ "futures-core", "futures-timer", "futures-util", - "getrandom 0.2.8", + "getrandom", "hashers", "hex", "http", @@ -1588,7 +1597,7 @@ dependencies = [ "coins-bip32", "coins-bip39", "coins-ledger", - "elliptic-curve 0.12.3", + "elliptic-curve 0.13.2", "eth-keystore", "ethers-contract-derive", "ethers-core", @@ -1597,7 +1606,7 @@ dependencies = [ "futures-util", "hex", "home", - "rand 0.8.5", + "rand", "rusoto_core", "rusoto_kms", "semver", @@ -1624,7 +1633,7 @@ dependencies = [ "ethers-core", "fs_extra", "futures-util", - "getrandom 0.2.8", + "getrandom", "glob", "hex", "home", @@ -1633,7 +1642,7 @@ dependencies = [ "once_cell", "path-slash", "pretty_assertions", - "rand 0.8.5", + "rand", "rayon", "regex", "semver", @@ -1811,7 +1820,7 @@ version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d013fc25338cc558c5c2cfbad646908fb23591e2404481826742b651c9af7160" dependencies = [ - "rand_core 0.6.4", + "rand_core", "subtle", ] @@ -1821,10 +1830,16 @@ version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ded41244b729663b1e574f1b4fb731469f69f79c17667b5d776b16cda0479449" dependencies = [ - "rand_core 0.6.4", + "rand_core", "subtle", ] +[[package]] +name = "fiat-crypto" +version = "0.1.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93ace6ec7cc19c8ed33a32eaa9ea692d7faea05006b5356b9e2b668ec4bc3955" + [[package]] name = "fixed-hash" version = "0.8.0" @@ -1832,7 +1847,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "835c052cb0c08c1acf6ffd71c022172e18723949c8282f2b9f27efbc51e64534" dependencies = [ "byteorder", - "rand 0.8.5", + "rand", "rustc-hex", "static_assertions", ] @@ -2039,17 +2054,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "getrandom" -version = "0.1.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" -dependencies = [ - "cfg-if 1.0.0", - "libc", - "wasi 0.9.0+wasi-snapshot-preview1", -] - [[package]] name = "getrandom" version = "0.2.8" @@ -2059,7 +2063,7 @@ dependencies = [ "cfg-if 1.0.0", "js-sys", "libc", - "wasi 0.11.0+wasi-snapshot-preview1", + "wasi", "wasm-bindgen", ] @@ -2076,7 +2080,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5dfbfb3a6cfbd390d5c9564ab283a0349b9b9fcd46a706c1eb10e0db70bfbac7" dependencies = [ "ff 0.12.1", - "rand_core 0.6.4", + "rand_core", "subtle", ] @@ -2087,7 +2091,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f0f9ef7462f7c099f518d754361858f86d8a07af53ba9af0fe635bbccb151a63" dependencies = [ "ff 0.13.0", - "rand_core 0.6.4", + "rand_core", "subtle", ] @@ -2492,7 +2496,6 @@ dependencies = [ "ecdsa 0.14.8", "elliptic-curve 0.12.3", "sha2 0.10.6", - "sha3", ] [[package]] @@ -2562,6 +2565,12 @@ version = "0.2.139" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "201de327520df007757c1f0adce6e827fe8562fbc28bfd9c15571c66ca1f5f79" +[[package]] +name = "libm" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7fc7aa29613bd6a620df431842069224d8bc9011086b1db4c0e0cd47fa03ec9a" + [[package]] name = "libusb1-sys" version = "0.6.4" @@ -2687,7 +2696,7 @@ checksum = "e5d732bc30207a6423068df043e3d02e0735b155ad7ce1a6f76fe2baa5b158de" dependencies = [ "libc", "log", - "wasi 0.11.0+wasi-snapshot-preview1", + "wasi", "windows-sys", ] @@ -2721,7 +2730,7 @@ version = "0.26.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfdda3d196821d6af13126e40375cdf7da646a96114af134d5f417a9a1dc8e1a" dependencies = [ - "bitflags", + "bitflags 1.3.2", "cfg-if 1.0.0", "libc", "memoffset", @@ -2850,7 +2859,7 @@ version = "0.10.45" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b102428fd03bc5edf97f62620f7298614c45cedf287c271e7ed450bbaf83f2e1" dependencies = [ - "bitflags", + "bitflags 1.3.2", "cfg-if 1.0.0", "foreign-types", "libc", @@ -2912,26 +2921,38 @@ checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39" [[package]] name = "p256" -version = "0.11.1" +version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "51f44edd08f51e2ade572f141051021c5af22677e42b7dd28a88155151c33594" +checksum = "7270da3e5caa82afd3deb054cc237905853813aea3859544bc082c3fe55b8d47" dependencies = [ - "ecdsa 0.14.8", - "elliptic-curve 0.12.3", + "ecdsa 0.16.1", + "elliptic-curve 0.13.2", + "primeorder", "sha2 0.10.6", ] [[package]] name = "p384" -version = "0.11.2" +version = "0.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dfc8c5bf642dde52bb9e87c0ecd8ca5a76faac2eeed98dedb7c717997e1080aa" +checksum = "70786f51bcc69f6a4c0360e063a4cac5419ef7c5cd5b3c99ad70f3be5ba79209" dependencies = [ - "ecdsa 0.14.8", - "elliptic-curve 0.12.3", + "ecdsa 0.16.1", + "elliptic-curve 0.13.2", + "primeorder", "sha2 0.10.6", ] +[[package]] +name = "packed_simd_2" +version = "0.3.8" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a1914cd452d8fccd6f9db48147b29fd4ae05bea9dc5d9ad578509f72415de282" +dependencies = [ + "cfg-if 1.0.0", + "libm", +] + [[package]] name = "parity-scale-codec" version = "3.2.1" @@ -3013,7 +3034,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7676374caaee8a325c9e7a2ae557f216c5563a171d6997b0ef8a65af35147700" dependencies = [ "base64ct", - "rand_core 0.6.4", + "rand_core", "subtle", ] @@ -3035,6 +3056,16 @@ dependencies = [ "sha2 0.10.6", ] +[[package]] +name = "pbkdf2" +version = "0.12.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f0ca0b5a68607598bf3bad68f32227a8164f6254833f84eafaac409cd6746c31" +dependencies = [ + "digest 0.10.6", + "hmac 0.12.1", +] + [[package]] name = "percent-encoding" version = "2.2.0" @@ -3078,7 +3109,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b1181c94580fa345f50f19d738aaa39c0ed30a600d95cb2d3e23f94266f14fbf" dependencies = [ "phf_shared 0.11.1", - "rand 0.8.5", + "rand", ] [[package]] @@ -3176,6 +3207,12 @@ version = "0.3.26" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6ac9a59f73473f1b8d852421e59e64809f025994837ef743615c6d0c5b305160" +[[package]] +name = "platforms" +version = "3.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e3d7ddaed09e0eb771a79ab0fd64609ba0afb0a8366421957936ad14cbd13630" + [[package]] name = "plotters" version = "0.3.4" @@ -3238,6 +3275,15 @@ dependencies = [ "syn", ] +[[package]] +name = "primeorder" +version = "0.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7613fdcc0831c10060fa69833ea8fa2caa94b6456f51e25356a885b530a2e3d0" +dependencies = [ + "elliptic-curve 0.13.2", +] + [[package]] name = "primitive-types" version = "0.12.1" @@ -3323,19 +3369,6 @@ version = "0.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dc33ff2d4973d518d823d61aa239014831e521c75da58e3df4840d3f47749d09" -[[package]] -name = "rand" -version = "0.7.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" -dependencies = [ - "getrandom 0.1.16", - "libc", - "rand_chacha 0.2.2", - "rand_core 0.5.1", - "rand_hc", -] - [[package]] name = "rand" version = "0.8.5" @@ -3343,18 +3376,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" dependencies = [ "libc", - "rand_chacha 0.3.1", - "rand_core 0.6.4", -] - -[[package]] -name = "rand_chacha" -version = "0.2.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" -dependencies = [ - "ppv-lite86", - "rand_core 0.5.1", + "rand_chacha", + "rand_core", ] [[package]] @@ -3364,16 +3387,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" dependencies = [ "ppv-lite86", - "rand_core 0.6.4", -] - -[[package]] -name = "rand_core" -version = "0.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" -dependencies = [ - "getrandom 0.1.16", + "rand_core", ] [[package]] @@ -3382,16 +3396,7 @@ version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ - "getrandom 0.2.8", -] - -[[package]] -name = "rand_hc" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" -dependencies = [ - "rand_core 0.5.1", + "getrandom", ] [[package]] @@ -3422,7 +3427,7 @@ version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" dependencies = [ - "bitflags", + "bitflags 1.3.2", ] [[package]] @@ -3431,7 +3436,7 @@ version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b033d837a7cf162d7993aded9304e30a83213c648b6e389db233191f891e5c2b" dependencies = [ - "getrandom 0.2.8", + "getrandom", "redox_syscall", "thiserror", ] @@ -3684,7 +3689,7 @@ version = "0.36.6" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4feacf7db682c6c329c4ede12649cd36ecab0f3be5b7d74e6a20304725db4549" dependencies = [ - "bitflags", + "bitflags 1.3.2", "errno", "io-lifetimes", "libc", @@ -3813,7 +3818,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9f9e24d2b632954ded8ab2ef9fea0a0c769ea56ea98bddbafbad22caeeadf45d" dependencies = [ "hmac 0.12.1", - "pbkdf2", + "pbkdf2 0.11.0", "salsa20", "sha2 0.10.6", ] @@ -3862,7 +3867,7 @@ version = "2.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2bc1bb97804af6631813c55739f771071e0f2ed33ee20b68c86ec505d906356c" dependencies = [ - "bitflags", + "bitflags 1.3.2", "core-foundation", "core-foundation-sys", "libc", @@ -4091,8 +4096,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c" dependencies = [ "digest 0.10.6", - "rand_core 0.6.4", - "signature_derive", + "rand_core", ] [[package]] @@ -4102,14 +4106,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8fe458c98333f9c8152221191a77e2a44e8325d0193484af2e9421a53019e57d" dependencies = [ "digest 0.10.6", - "rand_core 0.6.4", + "rand_core", + "signature_derive", ] [[package]] name = "signature_derive" -version = "1.0.0-pre.7" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "96e6310f022b5c02b3bba689166e833f6b96994a6ce1f138b653d2fd0519920f" +checksum = "ede930749cca4e3a3df7e37b5f0934a55693e01d028d7a4e506b44cbc059d95a" dependencies = [ "proc-macro2", "quote", @@ -4256,7 +4261,7 @@ dependencies = [ "indicatif", "itertools", "once_cell", - "rand 0.8.5", + "rand", "reqwest", "semver", "serde", @@ -4679,7 +4684,7 @@ dependencies = [ "httparse", "log", "native-tls", - "rand 0.8.5", + "rand", "rustls", "sha1", "thiserror", @@ -4774,7 +4779,7 @@ version = "0.8.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bc5cf98d8186244414c848017f0e2676b3fcb46807f6668a97dfe67359a3c4b7" dependencies = [ - "getrandom 0.2.8", + "getrandom", "serde", ] @@ -4826,12 +4831,6 @@ dependencies = [ "try-lock", ] -[[package]] -name = "wasi" -version = "0.9.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" - [[package]] name = "wasi" version = "0.11.0+wasi-snapshot-preview1" @@ -5125,31 +5124,31 @@ checksum = "09041cd90cf85f7f8b2df60c646f853b7f535ce68f85244eb6731cf89fa498ec" [[package]] name = "yubihsm" -version = "0.41.0" +version = "0.42.0-pre.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d479bdaa16917b3ff94bd09e72536369cdb2e167126ec908dae4cf934c19eb01" +checksum = "f6a89568917376ff46a3de7bd0abdac47e9cc8ded4e1018e4a36d071d43a54ad" dependencies = [ "aes 0.8.2", - "bitflags", + "bitflags 2.0.0", "cbc", "ccm", "cmac", "digest 0.10.6", - "ecdsa 0.14.8", + "ecdsa 0.16.1", "ed25519", "ed25519-dalek", "hmac 0.12.1", - "k256 0.11.6", + "k256 0.13.0", "log", "p256", "p384", - "pbkdf2", - "rand_core 0.6.4", + "pbkdf2 0.12.1", + "rand_core", "rusb", "serde", "serde_json", "sha2 0.10.6", - "signature 1.6.4", + "signature 2.0.0", "subtle", "thiserror", "time", @@ -5192,7 +5191,7 @@ dependencies = [ "crossbeam-utils", "flate2", "hmac 0.12.1", - "pbkdf2", + "pbkdf2 0.11.0", "sha1", "time", "zstd", diff --git a/ethers-core/Cargo.toml b/ethers-core/Cargo.toml index 7b17ac68..dc8eaced 100644 --- a/ethers-core/Cargo.toml +++ b/ethers-core/Cargo.toml @@ -18,9 +18,9 @@ arrayvec = { version = "0.7.2", default-features = false } rlp-derive = { version = "0.1.0", default-features = false } # crypto -elliptic-curve = { version = "0.12.3", default-features = false } +elliptic-curve = { version = "0.13.2", default-features = false } generic-array = { version = "0.14.6", default-features = false } -k256 = { version = "0.11", default-features = false, features = ["keccak256", "ecdsa", "std"] } +k256 = { version = "0.13.0", default-features = false, features = ["ecdsa", "std"] } rand = { version = "0.8.5", default-features = false } tiny-keccak = { version = "2.0.2", default-features = false } diff --git a/ethers-core/src/types/signature.rs b/ethers-core/src/types/signature.rs index 886f2b77..47ac9cfd 100644 --- a/ethers-core/src/types/signature.rs +++ b/ethers-core/src/types/signature.rs @@ -7,8 +7,8 @@ use elliptic_curve::{consts::U32, sec1::ToEncodedPoint}; use generic_array::GenericArray; use k256::{ ecdsa::{ - recoverable::{Id as RecoveryId, Signature as RecoverableSignature}, - Error as K256SignatureError, Signature as K256Signature, + Error as K256SignatureError, RecoveryId, Signature as RecoverableSignature, + Signature as K256Signature, VerifyingKey, }, PublicKey as K256PublicKey, }; @@ -115,9 +115,12 @@ impl Signature { RecoveryMessage::Hash(hash) => hash, }; - let (recoverable_sig, _recovery_id) = self.as_signature()?; - let verify_key = recoverable_sig - .recover_verifying_key_from_digest_bytes(message_hash.as_ref().into())?; + let (recoverable_sig, recovery_id) = self.as_signature()?; + let verify_key = VerifyingKey::recover_from_prehash( + message_hash.as_ref(), + &recoverable_sig, + recovery_id, + )?; let public_key = K256PublicKey::from(&verify_key); let public_key = public_key.to_encoded_point(/* compress = */ false); @@ -137,8 +140,7 @@ impl Signature { self.s.to_big_endian(&mut s_bytes); let gar: &GenericArray = GenericArray::from_slice(&r_bytes); let gas: &GenericArray = GenericArray::from_slice(&s_bytes); - let sig = K256Signature::from_scalars(*gar, *gas)?; - RecoverableSignature::new(&sig, recovery_id)? + K256Signature::from_scalars(*gar, *gas)? }; Ok((signature, recovery_id)) @@ -147,7 +149,7 @@ impl Signature { /// Retrieve the recovery ID. pub fn recovery_id(&self) -> Result { let standard_v = normalize_recovery_id(self.v); - Ok(RecoveryId::new(standard_v)?) + Ok(RecoveryId::from_byte(standard_v).expect("normalized recovery id always valid")) } /// Copies and serializes `self` into a new `Vec` with the recovery id included diff --git a/ethers-core/src/utils/anvil.rs b/ethers-core/src/utils/anvil.rs index b0194275..26612aac 100644 --- a/ethers-core/src/utils/anvil.rs +++ b/ethers-core/src/utils/anvil.rs @@ -2,6 +2,7 @@ use crate::{ types::{Address, Chain}, utils::{secret_key_to_address, unused_ports}, }; +use generic_array::GenericArray; use k256::{ecdsa::SigningKey, SecretKey as K256SecretKey}; use std::{ io::{BufRead, BufReader}, @@ -278,7 +279,8 @@ impl Anvil { if is_private_key && line.starts_with('(') { let key_str = &line[6..line.len() - 1]; let key_hex = hex::decode(key_str).expect("could not parse as hex"); - let key = K256SecretKey::from_be_bytes(&key_hex).expect("did not get private key"); + let key = K256SecretKey::from_bytes(&GenericArray::clone_from_slice(&key_hex)) + .expect("did not get private key"); addresses.push(secret_key_to_address(&SigningKey::from(&key))); private_keys.push(key); } diff --git a/ethers-core/src/utils/ganache.rs b/ethers-core/src/utils/ganache.rs index 0a4f4e11..d1300e78 100644 --- a/ethers-core/src/utils/ganache.rs +++ b/ethers-core/src/utils/ganache.rs @@ -2,6 +2,7 @@ use crate::{ types::Address, utils::{secret_key_to_address, unused_ports}, }; +use generic_array::GenericArray; use k256::{ecdsa::SigningKey, SecretKey as K256SecretKey}; use std::{ io::{BufRead, BufReader}, @@ -205,7 +206,8 @@ impl Ganache { if is_private_key && line.starts_with('(') { let key_str = &line[6..line.len() - 1]; let key_hex = hex::decode(key_str).expect("could not parse as hex"); - let key = K256SecretKey::from_be_bytes(&key_hex).expect("did not get private key"); + let key = K256SecretKey::from_bytes(&GenericArray::clone_from_slice(&key_hex)) + .expect("did not get private key"); addresses.push(secret_key_to_address(&SigningKey::from(&key))); private_keys.push(key); } diff --git a/ethers-core/src/utils/mod.rs b/ethers-core/src/utils/mod.rs index cb35b893..bda3e97e 100644 --- a/ethers-core/src/utils/mod.rs +++ b/ethers-core/src/utils/mod.rs @@ -37,9 +37,8 @@ pub use rlp; pub use hex; use crate::types::{Address, Bytes, ParseI256Error, H256, I256, U256, U64}; -use elliptic_curve::sec1::ToEncodedPoint; use ethabi::ethereum_types::FromDecStrErr; -use k256::{ecdsa::SigningKey, PublicKey as K256PublicKey}; +use k256::ecdsa::SigningKey; use std::{ collections::HashMap, convert::{TryFrom, TryInto}, @@ -385,7 +384,7 @@ pub fn get_create2_address_from_hash( /// Converts a K256 SigningKey to an Ethereum Address pub fn secret_key_to_address(secret_key: &SigningKey) -> Address { - let public_key = K256PublicKey::from(&secret_key.verifying_key()); + let public_key = secret_key.verifying_key(); let public_key = public_key.to_encoded_point(/* compress = */ false); let public_key = public_key.as_bytes(); debug_assert_eq!(public_key[0], 0x04); diff --git a/ethers-core/src/utils/moonbeam.rs b/ethers-core/src/utils/moonbeam.rs index 761a6e4c..63576386 100644 --- a/ethers-core/src/utils/moonbeam.rs +++ b/ethers-core/src/utils/moonbeam.rs @@ -2,6 +2,7 @@ use std::collections::BTreeMap; +use generic_array::GenericArray; use k256::SecretKey; /// Returns the private developer keys @@ -47,7 +48,7 @@ impl MoonbeamDev { } fn to_secret_key(s: &str) -> SecretKey { - SecretKey::from_be_bytes(&hex::decode(s).unwrap()).unwrap() + SecretKey::from_bytes(&GenericArray::clone_from_slice(&hex::decode(s).unwrap())).unwrap() } impl Default for MoonbeamDev { diff --git a/ethers-signers/Cargo.toml b/ethers-signers/Cargo.toml index b5f1d77e..46e1e99b 100644 --- a/ethers-signers/Cargo.toml +++ b/ethers-signers/Cargo.toml @@ -23,10 +23,10 @@ coins-bip39 = "0.8.1" coins-ledger = { version = "0.7.1", default-features = false, optional = true } hex = { version = "0.4.3", default-features = false, features = ["std"] } async-trait = { version = "0.1.50", default-features = false } -elliptic-curve = { version = "0.12.3", default-features = false } +elliptic-curve = { version = "0.13.2", default-features = false } sha2 = { version = "0.10.6", default-features = false } rand = { version = "0.8.5", default-features = false } -yubihsm = { version = "0.41.0", features = ["secp256k1", "http", "usb"], optional = true } +yubihsm = { version = "0.42.0-pre.0", features = ["secp256k1", "http", "usb"], optional = true } futures-util = { version = "^0.3", optional = true } futures-executor = { version = "^0.3", optional = true } semver = { version = "1.0.17", optional = true } @@ -49,7 +49,7 @@ ethers-contract-derive = { version = "^2.0.0", path = "../ethers-contract/ethers ethers-derive-eip712 = { version = "^2.0.0", path = "../ethers-core/ethers-derive-eip712" } serde_json = { version = "1.0.64" } -yubihsm = { version = "0.41.0", features = ["secp256k1", "usb", "mockhsm"] } +yubihsm = { version = "0.42.0-pre.0", features = ["secp256k1", "usb", "mockhsm"] } tokio = { version = "1.18", default-features = false, features = ["macros", "rt"] } tempfile = "3.4.0" tracing-subscriber = "0.3.16" diff --git a/ethers-signers/src/aws/mod.rs b/ethers-signers/src/aws/mod.rs index 4d9c0565..2d988252 100644 --- a/ethers-signers/src/aws/mod.rs +++ b/ethers-signers/src/aws/mod.rs @@ -15,7 +15,7 @@ use rusoto_kms::{ use tracing::{debug, instrument, trace}; mod utils; -use utils::{apply_eip155, rsig_to_ethsig, verifying_key_to_address}; +use utils::{apply_eip155, verifying_key_to_address}; /// An ethers Signer that uses keys held in Amazon AWS KMS. /// @@ -57,7 +57,7 @@ impl std::fmt::Debug for AwsSigner { f.debug_struct("AwsSigner") .field("key_id", &self.key_id) .field("chain_id", &self.chain_id) - .field("pubkey", &hex::encode(self.pubkey.to_bytes())) + .field("pubkey", &hex::encode(self.pubkey.to_sec1_bytes())) .field("address", &self.address) .finish() } @@ -165,7 +165,7 @@ impl AwsSigner { debug!( "Instantiated AWS signer with pubkey 0x{} and address 0x{}", - hex::encode(pubkey.to_bytes()), + hex::encode(pubkey.to_sec1_bytes()), hex::encode(address) ); @@ -211,10 +211,8 @@ impl AwsSigner { chain_id: u64, ) -> Result { let sig = self.sign_digest(digest.into()).await?; - - let sig = utils::rsig_from_digest_bytes_trial_recovery(&sig, digest.into(), &self.pubkey); - - let mut sig = rsig_to_ethsig(&sig); + let mut sig = + utils::sig_from_digest_bytes_trial_recovery(&sig, digest.into(), &self.pubkey); apply_eip155(&mut sig, chain_id); Ok(sig) } @@ -255,8 +253,7 @@ impl super::Signer for AwsSigner { payload.encode_eip712().map_err(|e| Self::Error::Eip712Error(e.to_string()))?; let sig = self.sign_digest(digest).await?; - let sig = utils::rsig_from_digest_bytes_trial_recovery(&sig, digest, &self.pubkey); - let sig = rsig_to_ethsig(&sig); + let sig = utils::sig_from_digest_bytes_trial_recovery(&sig, digest.into(), &self.pubkey); Ok(sig) } diff --git a/ethers-signers/src/aws/utils.rs b/ethers-signers/src/aws/utils.rs index ad5c4fa4..ed45d8c1 100644 --- a/ethers-signers/src/aws/utils.rs +++ b/ethers-signers/src/aws/utils.rs @@ -6,11 +6,7 @@ use std::convert::TryFrom; use ethers_core::{ k256::{ - ecdsa::{ - recoverable::{Id, Signature as RSig}, - Signature as KSig, VerifyingKey, - }, - elliptic_curve::sec1::ToEncodedPoint, + ecdsa::{RecoveryId, Signature as RSig, Signature as KSig, VerifyingKey}, FieldBytes, }, types::{Address, Signature as EthSig, U256}, @@ -20,40 +16,34 @@ use rusoto_kms::{GetPublicKeyResponse, SignResponse}; use crate::aws::AwsSignerError; -/// Converts a recoverable signature to an ethers signature -pub(super) fn rsig_to_ethsig(sig: &RSig) -> EthSig { - let v: u8 = sig.recovery_id().into(); - let v = (v + 27) as u64; +/// Makes a trial recovery to check whether an RSig corresponds to a known +/// `VerifyingKey` +fn check_candidate( + sig: &RSig, + recovery_id: RecoveryId, + digest: [u8; 32], + vk: &VerifyingKey, +) -> bool { + VerifyingKey::recover_from_prehash(digest.as_slice(), sig, recovery_id) + .map(|key| key == *vk) + .unwrap_or(false) +} + +/// Recover an rsig from a signature under a known key by trial/error +pub(super) fn sig_from_digest_bytes_trial_recovery( + sig: &KSig, + digest: [u8; 32], + vk: &VerifyingKey, +) -> EthSig { let r_bytes: FieldBytes = sig.r().into(); let s_bytes: FieldBytes = sig.s().into(); let r = U256::from_big_endian(r_bytes.as_slice()); let s = U256::from_big_endian(s_bytes.as_slice()); - EthSig { r, s, v } -} -/// Makes a trial recovery to check whether an RSig corresponds to a known -/// `VerifyingKey` -fn check_candidate(sig: &RSig, digest: [u8; 32], vk: &VerifyingKey) -> bool { - if let Ok(key) = sig.recover_verifying_key_from_digest_bytes(digest.as_ref().into()) { - key == *vk - } else { - false - } -} - -/// Recover an rsig from a signature under a known key by trial/error -pub(super) fn rsig_from_digest_bytes_trial_recovery( - sig: &KSig, - digest: [u8; 32], - vk: &VerifyingKey, -) -> RSig { - let sig_0 = RSig::new(sig, Id::new(0).unwrap()).unwrap(); - let sig_1 = RSig::new(sig, Id::new(1).unwrap()).unwrap(); - - if check_candidate(&sig_0, digest, vk) { - sig_0 - } else if check_candidate(&sig_1, digest, vk) { - sig_1 + if check_candidate(&sig, RecoveryId::from_byte(0).unwrap(), digest, vk) { + EthSig { r, s, v: 0 } + } else if check_candidate(&sig, RecoveryId::from_byte(1).unwrap(), digest, vk) { + EthSig { r, s, v: 1 } } else { panic!("bad sig"); } diff --git a/ethers-signers/src/wallet/hash.rs b/ethers-signers/src/wallet/hash.rs deleted file mode 100644 index ddb2a5fb..00000000 --- a/ethers-signers/src/wallet/hash.rs +++ /dev/null @@ -1,80 +0,0 @@ -//! This is a helper module used to pass the pre-hashed message for signing to the -//! `sign_digest` methods of K256. -use ethers_core::{ - k256::ecdsa::signature::digest::{ - generic_array::GenericArray, Digest, FixedOutput, FixedOutputReset, HashMarker, Output, - OutputSizeUser, Reset, Update, - }, - types::H256, -}; - -pub type Sha256Proxy = ProxyDigest; - -#[derive(Clone)] -pub enum ProxyDigest { - Proxy(Output), - Digest(D), -} - -impl From for ProxyDigest -where - GenericArray::OutputSize>: Copy, -{ - fn from(src: H256) -> Self { - ProxyDigest::Proxy(*GenericArray::from_slice(src.as_bytes())) - } -} - -impl Default for ProxyDigest { - fn default() -> Self { - ProxyDigest::Digest(D::new()) - } -} - -impl Update for ProxyDigest { - // we update only if we are digest - fn update(&mut self, data: &[u8]) { - match self { - ProxyDigest::Digest(ref mut d) => { - d.update(data); - } - ProxyDigest::Proxy(..) => { - unreachable!("can not update if we are proxy"); - } - } - } -} - -impl HashMarker for ProxyDigest {} - -impl Reset for ProxyDigest { - // make new one - fn reset(&mut self) { - *self = Self::default(); - } -} - -impl OutputSizeUser for ProxyDigest { - // we default to the output of the original digest - type OutputSize = ::OutputSize; -} - -impl FixedOutput for ProxyDigest { - fn finalize_into(self, out: &mut GenericArray) { - match self { - ProxyDigest::Digest(d) => { - *out = d.finalize(); - } - ProxyDigest::Proxy(p) => { - *out = p; - } - } - } -} - -impl FixedOutputReset for ProxyDigest { - fn finalize_into_reset(&mut self, out: &mut Output) { - let s = std::mem::take(self); - Digest::finalize_into(s, out) - } -} diff --git a/ethers-signers/src/wallet/mod.rs b/ethers-signers/src/wallet/mod.rs index e96db26d..95429ce4 100644 --- a/ethers-signers/src/wallet/mod.rs +++ b/ethers-signers/src/wallet/mod.rs @@ -1,5 +1,3 @@ -mod hash; - mod mnemonic; pub use mnemonic::{MnemonicBuilder, MnemonicBuilderError}; @@ -12,7 +10,7 @@ mod yubi; use crate::{to_eip155_v, Signer}; use ethers_core::{ k256::{ - ecdsa::{recoverable::Signature as RecoverableSignature, signature::DigestSigner}, + ecdsa::{signature::hazmat::PrehashSigner, RecoveryId, Signature as RecoverableSignature}, elliptic_curve::FieldBytes, Secp256k1, }, @@ -22,7 +20,6 @@ use ethers_core::{ }, utils::hash_message, }; -use hash::Sha256Proxy; use async_trait::async_trait; use std::fmt; @@ -64,7 +61,7 @@ use std::fmt; /// [`Signature`]: ethers_core::types::Signature /// [`hash_message`]: fn@ethers_core::utils::hash_message #[derive(Clone)] -pub struct Wallet> { +pub struct Wallet> { /// The Wallet's private Key pub(crate) signer: D, /// The wallet's address @@ -73,7 +70,7 @@ pub struct Wallet> { pub(crate) chain_id: u64, } -impl> Wallet { +impl> Wallet { /// Construct a new wallet with an external Signer pub fn new_with_signer(signer: D, address: Address, chain_id: u64) -> Self { Wallet { signer, address, chain_id } @@ -82,7 +79,7 @@ impl> Wallet { #[cfg_attr(target_arch = "wasm32", async_trait(?Send))] #[cfg_attr(not(target_arch = "wasm32"), async_trait)] -impl> Signer for Wallet { +impl> Signer for Wallet { type Error = WalletError; async fn sign_message>( @@ -92,7 +89,7 @@ impl> Signer fo let message = message.as_ref(); let message_hash = hash_message(message); - Ok(self.sign_hash(message_hash)) + self.sign_hash(message_hash) } async fn sign_transaction(&self, tx: &TypedTransaction) -> Result { @@ -101,7 +98,7 @@ impl> Signer fo // in the case we don't have a chain_id, let's use the signer chain id instead tx_with_chain.set_chain_id(self.chain_id); } - Ok(self.sign_transaction_sync(&tx_with_chain)) + self.sign_transaction_sync(&tx_with_chain) } async fn sign_typed_data( @@ -111,7 +108,7 @@ impl> Signer fo let encoded = payload.encode_eip712().map_err(|e| Self::Error::Eip712Error(e.to_string()))?; - Ok(self.sign_hash(H256::from(encoded))) + self.sign_hash(H256::from(encoded)) } fn address(&self) -> Address { @@ -130,37 +127,36 @@ impl> Signer fo } } -impl> Wallet { +impl> Wallet { /// Synchronously signs the provided transaction, normalizing the signature `v` value with /// EIP-155 using the transaction's `chain_id`, or the signer's `chain_id` if the transaction /// does not specify one. - pub fn sign_transaction_sync(&self, tx: &TypedTransaction) -> Signature { + pub fn sign_transaction_sync(&self, tx: &TypedTransaction) -> Result { // rlp (for sighash) must have the same chain id as v in the signature let chain_id = tx.chain_id().map(|id| id.as_u64()).unwrap_or(self.chain_id); let mut tx = tx.clone(); tx.set_chain_id(chain_id); let sighash = tx.sighash(); - let mut sig = self.sign_hash(sighash); + let mut sig = self.sign_hash(sighash)?; // sign_hash sets `v` to recid + 27, so we need to subtract 27 before normalizing sig.v = to_eip155_v(sig.v as u8 - 27, chain_id); - sig + Ok(sig) } /// Signs the provided hash. - pub fn sign_hash(&self, hash: H256) -> Signature { - let recoverable_sig: RecoverableSignature = - self.signer.sign_digest(Sha256Proxy::from(hash)); + pub fn sign_hash(&self, hash: H256) -> Result { + let (recoverable_sig, recovery_id) = self.signer.sign_prehash(hash.as_ref())?; - let v = u8::from(recoverable_sig.recovery_id()) as u64 + 27; + let v = u8::from(recovery_id) as u64 + 27; let r_bytes: FieldBytes = recoverable_sig.r().into(); let s_bytes: FieldBytes = recoverable_sig.s().into(); let r = U256::from_big_endian(r_bytes.as_slice()); let s = U256::from_big_endian(s_bytes.as_slice()); - Signature { r, s, v } + Ok(Signature { r, s, v }) } /// Gets the wallet's signer @@ -170,7 +166,7 @@ impl> Wallet { } // do not log the signer -impl> fmt::Debug for Wallet { +impl> fmt::Debug for Wallet { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { f.debug_struct("Wallet") .field("address", &self.address) diff --git a/ethers-signers/src/wallet/private_key.rs b/ethers-signers/src/wallet/private_key.rs index ca2e7aa7..1d9823a2 100644 --- a/ethers-signers/src/wallet/private_key.rs +++ b/ethers-signers/src/wallet/private_key.rs @@ -66,7 +66,7 @@ impl Wallet { S: AsRef<[u8]>, { let (secret, uuid) = eth_keystore::new(dir, rng, password, name)?; - let signer = SigningKey::from_bytes(secret.as_slice())?; + let signer = SigningKey::from_bytes(secret.as_slice().into())?; let address = secret_key_to_address(&signer); Ok((Self { signer, address, chain_id: 1 }, uuid)) } @@ -79,7 +79,7 @@ impl Wallet { S: AsRef<[u8]>, { let secret = eth_keystore::decrypt_key(keypath, password)?; - let signer = SigningKey::from_bytes(secret.as_slice())?; + let signer = SigningKey::from_bytes(secret.as_slice().into())?; let address = secret_key_to_address(&signer); Ok(Self { signer, address, chain_id: 1 }) } @@ -93,7 +93,7 @@ impl Wallet { /// Creates a new Wallet instance from a raw scalar value (big endian). pub fn from_bytes(bytes: &[u8]) -> Result { - let signer = SigningKey::from_bytes(bytes)?; + let signer = SigningKey::from_bytes(bytes.into())?; let address = secret_key_to_address(&signer); Ok(Self { signer, address, chain_id: 1 }) } @@ -132,7 +132,7 @@ impl FromStr for Wallet { fn from_str(src: &str) -> Result { let src = src.strip_prefix("0x").or_else(|| src.strip_prefix("0X")).unwrap_or(src); let src = hex::decode(src)?; - let sk = SigningKey::from_bytes(&src)?; + let sk = SigningKey::from_bytes(src.as_slice().into())?; Ok(sk.into()) } } @@ -297,7 +297,7 @@ mod tests { // this should populate the tx chain_id as the signer's chain_id (1337) before signing and // normalize the v - let sig = wallet.sign_transaction_sync(&tx); + let sig = wallet.sign_transaction_sync(&tx).unwrap(); // ensure correct v given the chain - first extract recid let recid = (sig.v - 35) % 2;