crypto/secp256k1: Remove btcsuite intermediary.

This updates the crypto/secp256k1 code to make use of the dcrec/secp256k1/v4 module directly instead of using btcec/v2 which itself is now just a shim around dcrec/secp256k1/v4 anyway. This has the benefit of removing the additional github.com/btcsuite/btcd/chaincfg/chainhash dependency since dcrec/secp256k1/v4 is its own module and does rely on it. It also updates to the latest v4.1.0 release which implements direct key generation and has some other nice optimizations that speed up signature verification as compared to the v4.0.1 release.
2025-04-28 17:10:14 +08:00 · 2022-08-17 23:14:34 -05:00 · 2022-08-17 23:14:34 -05:00 · fd327edcb2
commit fd327edcb2
parent 1185a08119
6 changed files with 29 additions and 36 deletions
--- a/crypto/key_not_openssl.go
+++ b/crypto/key_not_openssl.go
@ -9,7 +9,7 @@ import (
 	"crypto/ed25519"
 	"crypto/rsa"

-	btcec "github.com/btcsuite/btcd/btcec/v2"
+	dcrec "github.com/decred/dcrd/dcrec/secp256k1/v4"
 )

 // KeyPairFromStdKey wraps standard library (and secp256k1) private keys in libp2p/go-libp2p-core/crypto keys
@ -30,7 +30,7 @@ func KeyPairFromStdKey(priv crypto.PrivateKey) (PrivKey, PubKey, error) {
 		pub, _ := pubIfc.(ed25519.PublicKey)
 		return &Ed25519PrivateKey{*p}, &Ed25519PublicKey{pub}, nil

-	case *btcec.PrivateKey:
+	case *dcrec.PrivateKey:
 		sPriv := Secp256k1PrivateKey(*p)
 		sPub := Secp256k1PublicKey(*p.PubKey())
 		return &sPriv, &sPub, nil
--- a/crypto/key_openssl.go
+++ b/crypto/key_openssl.go
@ -10,7 +10,7 @@ import (
 	"crypto/rsa"
 	"crypto/x509"

-	btcec "github.com/btcsuite/btcd/btcec/v2"
+	dcrec "github.com/decred/dcrd/dcrec/secp256k1/v4"
 	openssl "github.com/libp2p/go-openssl"

 	"github.com/libp2p/go-libp2p-core/internal/catch"
@ -40,7 +40,7 @@ func KeyPairFromStdKey(priv crypto.PrivateKey) (_priv PrivKey, _pub PubKey, err
 		pub, _ := pubIfc.(ed25519.PublicKey)
 		return &Ed25519PrivateKey{*p}, &Ed25519PublicKey{pub}, nil

-	case *btcec.PrivateKey:
+	case *dcrec.PrivateKey:
 		sPriv := Secp256k1PrivateKey(*p)
 		sPub := Secp256k1PublicKey(*p.PubKey())
 		return &sPriv, &sPub, nil
--- a/crypto/key_test.go
+++ b/crypto/key_test.go
@ -13,8 +13,8 @@ import (
 	"reflect"
 	"testing"

-	btcec "github.com/btcsuite/btcd/btcec/v2"
-	btcececdsa "github.com/btcsuite/btcd/btcec/v2/ecdsa"
+	dcrec "github.com/decred/dcrd/dcrec/secp256k1/v4"
+	dcrececdsa "github.com/decred/dcrd/dcrec/secp256k1/v4/ecdsa"
 	. "github.com/libp2p/go-libp2p-core/crypto"
 	pb "github.com/libp2p/go-libp2p-core/crypto/pb"
 	"github.com/libp2p/go-libp2p-core/test"
@ -33,11 +33,11 @@ func TestKeyPairFromKey(t *testing.T) {
 		hashed = sha256.Sum256(data)
 	)

-	privk, err := btcec.NewPrivateKey()
+	privk, err := dcrec.GeneratePrivateKey()
 	if err != nil {
-		t.Fatalf("err generating btcec priv key:\n%v", err)
+		t.Fatalf("err generating dcrec priv key:\n%v", err)
 	}
-	sigK := btcececdsa.Sign(privk, hashed[:])
+	sigK := dcrececdsa.Sign(privk, hashed[:])

 	eKey, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
 	if err != nil {
--- a/crypto/secp256k1.go
+++ b/crypto/secp256k1.go
@ -7,20 +7,20 @@ import (
 	pb "github.com/libp2p/go-libp2p-core/crypto/pb"
 	"github.com/libp2p/go-libp2p-core/internal/catch"

-	btcec "github.com/btcsuite/btcd/btcec/v2"
-	btcececdsa "github.com/btcsuite/btcd/btcec/v2/ecdsa"
+	dcrec "github.com/decred/dcrd/dcrec/secp256k1/v4"
+	dcrececdsa "github.com/decred/dcrd/dcrec/secp256k1/v4/ecdsa"
 	"github.com/minio/sha256-simd"
 )

 // Secp256k1PrivateKey is an Secp256k1 private key
-type Secp256k1PrivateKey btcec.PrivateKey
+type Secp256k1PrivateKey dcrec.PrivateKey

 // Secp256k1PublicKey is an Secp256k1 public key
-type Secp256k1PublicKey btcec.PublicKey
+type Secp256k1PublicKey dcrec.PublicKey

 // GenerateSecp256k1Key generates a new Secp256k1 private and public key pair
 func GenerateSecp256k1Key(src io.Reader) (PrivKey, PubKey, error) {
-	privk, err := btcec.NewPrivateKey()
+	privk, err := dcrec.GeneratePrivateKey()
 	if err != nil {
 		return nil, nil, err
 	}
@ -31,19 +31,19 @@ func GenerateSecp256k1Key(src io.Reader) (PrivKey, PubKey, error) {

 // UnmarshalSecp256k1PrivateKey returns a private key from bytes
 func UnmarshalSecp256k1PrivateKey(data []byte) (k PrivKey, err error) {
-	if len(data) != btcec.PrivKeyBytesLen {
-		return nil, fmt.Errorf("expected secp256k1 data size to be %d", btcec.PrivKeyBytesLen)
+	if len(data) != dcrec.PrivKeyBytesLen {
+		return nil, fmt.Errorf("expected secp256k1 data size to be %d", dcrec.PrivKeyBytesLen)
 	}
 	defer func() { catch.HandlePanic(recover(), &err, "secp256k1 private-key unmarshal") }()

-	privk, _ := btcec.PrivKeyFromBytes(data)
+	privk := dcrec.PrivKeyFromBytes(data)
 	return (*Secp256k1PrivateKey)(privk), nil
 }

 // UnmarshalSecp256k1PublicKey returns a public key from bytes
 func UnmarshalSecp256k1PublicKey(data []byte) (_k PubKey, err error) {
 	defer func() { catch.HandlePanic(recover(), &err, "secp256k1 public-key unmarshal") }()
-	k, err := btcec.ParsePubKey(data)
+	k, err := dcrec.ParsePubKey(data)
 	if err != nil {
 		return nil, err
 	}
@ -58,7 +58,7 @@ func (k *Secp256k1PrivateKey) Type() pb.KeyType {

 // Raw returns the bytes of the key
 func (k *Secp256k1PrivateKey) Raw() ([]byte, error) {
-	return (*btcec.PrivateKey)(k).Serialize(), nil
+	return (*dcrec.PrivateKey)(k).Serialize(), nil
 }

 // Equals compares two private keys
@ -74,16 +74,16 @@ func (k *Secp256k1PrivateKey) Equals(o Key) bool {
 // Sign returns a signature from input data
 func (k *Secp256k1PrivateKey) Sign(data []byte) (_sig []byte, err error) {
 	defer func() { catch.HandlePanic(recover(), &err, "secp256k1 signing") }()
-	key := (*btcec.PrivateKey)(k)
+	key := (*dcrec.PrivateKey)(k)
 	hash := sha256.Sum256(data)
-	sig := btcececdsa.Sign(key, hash[:])
+	sig := dcrececdsa.Sign(key, hash[:])

 	return sig.Serialize(), nil
 }

 // GetPublic returns a public key
 func (k *Secp256k1PrivateKey) GetPublic() PubKey {
-	return (*Secp256k1PublicKey)((*btcec.PrivateKey)(k).PubKey())
+	return (*Secp256k1PublicKey)((*dcrec.PrivateKey)(k).PubKey())
 }

 // Type returns the public key type
@ -94,7 +94,7 @@ func (k *Secp256k1PublicKey) Type() pb.KeyType {
 // Raw returns the bytes of the key
 func (k *Secp256k1PublicKey) Raw() (res []byte, err error) {
 	defer func() { catch.HandlePanic(recover(), &err, "secp256k1 public key marshaling") }()
-	return (*btcec.PublicKey)(k).SerializeCompressed(), nil
+	return (*dcrec.PublicKey)(k).SerializeCompressed(), nil
 }

 // Equals compares two public keys
@ -104,7 +104,7 @@ func (k *Secp256k1PublicKey) Equals(o Key) bool {
 		return basicEquals(k, o)
 	}

-	return (*btcec.PublicKey)(k).IsEqual((*btcec.PublicKey)(sk))
+	return (*dcrec.PublicKey)(k).IsEqual((*dcrec.PublicKey)(sk))
 }

 // Verify compares a signature against the input data
@ -117,11 +117,11 @@ func (k *Secp256k1PublicKey) Verify(data []byte, sigStr []byte) (success bool, e
 			success = false
 		}
 	}()
-	sig, err := btcececdsa.ParseDERSignature(sigStr)
+	sig, err := dcrececdsa.ParseDERSignature(sigStr)
 	if err != nil {
 		return false, err
 	}

 	hash := sha256.Sum256(data)
-	return sig.Verify(hash[:], (*btcec.PublicKey)(k)), nil
+	return sig.Verify(hash[:], (*dcrec.PublicKey)(k)), nil
 }
--- a/go.mod
+++ b/go.mod
@ -4,7 +4,7 @@ go 1.17

 require (
 	github.com/benbjohnson/clock v1.3.0
-	github.com/btcsuite/btcd/btcec/v2 v2.1.3
+	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0
 	github.com/gogo/protobuf v1.3.1
 	github.com/ipfs/go-cid v0.2.0
 	github.com/ipfs/go-log/v2 v2.5.1
@ -22,9 +22,7 @@ require (
 )

 require (
-	github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 // indirect
 	github.com/klauspost/cpuid/v2 v2.0.4 // indirect
 	github.com/mattn/go-isatty v0.0.14 // indirect
 	github.com/minio/blake2b-simd v0.0.0-20160723061019-3f5f724cb5b1 // indirect
--- a/go.sum
+++ b/go.sum
@ -1,18 +1,13 @@
 github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
 github.com/benbjohnson/clock v1.3.0 h1:ip6w0uFQkncKQ979AypyG0ER7mqUSBdKLOgAle/AT8A=
 github.com/benbjohnson/clock v1.3.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
-github.com/btcsuite/btcd/btcec/v2 v2.1.3 h1:xM/n3yIhHAhHy04z4i43C8p4ehixJZMsnrVJkgl+MTE=
-github.com/btcsuite/btcd/btcec/v2 v2.1.3/go.mod h1:ctjw4H1kknNJmRN4iP1R7bTQ+v3GJkZBd6mui8ZsAZE=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.0/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1 h1:q0rUy8C/TYNBQS1+CGKw68tLOFYSNEs0TFnxxnS9+4U=
-github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1/go.mod h1:7SFka0XMvUgj3hfZtydOrQY2mwhPclbT2snogU7SQQc=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/decred/dcrd/crypto/blake256 v1.0.0 h1:/8DMNYp9SGi5f0w7uCm6d6M4OU2rGFK09Y2A4Xv7EE0=
 github.com/decred/dcrd/crypto/blake256 v1.0.0/go.mod h1:sQl2p6Y26YV+ZOcSTP6thNdn47hh8kt6rqSlvmrXFAc=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1 h1:YLtO71vCjJRCBcrPMtQ9nqBsqpA1m5sE92cU+pd5Mcc=
-github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.1/go.mod h1:hyedUtir6IdtD/7lIxGeCxkaw7y45JueMRL4DIyJDKs=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0 h1:HbphB4TFFXpv7MNrT52FGrrgVXF1owhMVTHFZIlnvd4=
+github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0/go.mod h1:DZGJHZMqrU4JJqFAWUS2UO1+lbSKsdiOoYi9Zzey7Fc=
 github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls=
 github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
 github.com/ipfs/go-cid v0.0.7/go.mod h1:6Ux9z5e+HpkQdckYoX1PG/6xqKspzlEIR5SDmgqgC/I=