milksad
/
rust-secp256k1-unsafe-fast
14
0
Fork 0
Code Issues Pull Requests Activity
rust-secp256k1-unsafe-fast/src/secret.rs

186 lines
6.5 KiB
Rust
Raw Normal View History

Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
// Bitcoin secp256k1 bindings
// Written in 2021 by
// Maxim Orlovsky <orlovsky@pandoracore.com>
//
// To the extent possible under law, the author(s) have dedicated all
// copyright and related and neighboring rights to this software to
// the public domain worldwide. This software is distributed without
// any warranty.
//
// You should have received a copy of the CC0 Public Domain Dedication
// along with this software.
// If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
//
//! Helpers for displaying secret values
use ::core::fmt;
Move `KeyPair` to `key` module The `KeyPair` type is semantically unrelated to the schnorr signature algorithm.
2021-09-09 09:34:48 +00:00
use ::{SecretKey, KeyPair, to_hex};
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
use constants::SECRET_KEY_SIZE;
macro_rules! impl_display_secret {
// Default hasher exists only in standard library and not alloc
($thing:ident) => {
#[cfg(feature = "std")]
impl ::core::fmt::Debug for $thing {
fn fmt(&self, f: &mut ::core::fmt::Formatter) -> ::core::fmt::Result {
use ::core::hash::Hasher;
const DEBUG_HASH_TAG: &[u8] = &[
0x66, 0xa6, 0x77, 0x1b, 0x9b, 0x6d, 0xae, 0xa1, 0xb2, 0xee, 0x4e, 0x07, 0x49,
0x4a, 0xac, 0x87, 0xa9, 0xb8, 0x5b, 0x4b, 0x35, 0x02, 0xaa, 0x6d, 0x0f, 0x79,
0xcb, 0x63, 0xe6, 0xf8, 0x66, 0x22
]; // =SHA256(b"rust-secp256k1DEBUG");
let mut hasher = ::std::collections::hash_map::DefaultHasher::new();
hasher.write(DEBUG_HASH_TAG);
hasher.write(DEBUG_HASH_TAG);
hasher.write(&self.serialize_secret());
let hash = hasher.finish();
f.debug_tuple(stringify!($thing))
.field(&format_args!("#{:016x}", hash))
.finish()
}
}
Add multiple implementations of Debug for secrets The `Debug` implementation for secrets is feature gated on `std` because it uses a hasher from `std`. If `bitcoin_hashes` is enabled we can use it for hashing. If neither `std` nor `bitcoin_hashes` is enabled fall back to outputting: <secret requires std or bitcoin_hashes feature to display> Remove the docs conditional since we now implement `Debug` always.
2022-02-01 03:50:21 +00:00
#[cfg(all(not(feature = "std"), feature = "bitcoin_hashes"))]
impl ::core::fmt::Debug for $thing {
fn fmt(&self, f: &mut ::core::fmt::Formatter) -> ::core::fmt::Result {
use hashes::{sha256, Hash, HashEngine};
let tag = "rust-secp256k1DEBUG";
let mut engine = sha256::Hash::engine();
let tag_hash = sha256::Hash::hash(tag.as_bytes());
engine.input(&tag_hash[..]);
engine.input(&tag_hash[..]);
engine.input(&self.serialize_secret());
let hash = sha256::Hash::from_engine(engine);
f.debug_tuple(stringify!($thing))
.field(&format_args!("#{:016x}", hash))
.finish()
}
}
#[cfg(all(not(feature = "std"), not(feature = "bitcoin_hashes")))]
impl ::core::fmt::Debug for $thing {
fn fmt(&self, f: &mut ::core::fmt::Formatter) -> ::core::fmt::Result {
Mention bitcoin_hashes in obfuscated secret msg Hashing the debug output for secrets can be done with `bitcoin_hashes` not just `std`. Mention this in the obfuscated string output when neither are available.
2022-02-08 08:32:17 +00:00
write!(f, "<secret requires std or bitcoin_hashes feature to display>")
Add multiple implementations of Debug for secrets The `Debug` implementation for secrets is feature gated on `std` because it uses a hasher from `std`. If `bitcoin_hashes` is enabled we can use it for hashing. If neither `std` nor `bitcoin_hashes` is enabled fall back to outputting: <secret requires std or bitcoin_hashes feature to display> Remove the docs conditional since we now implement `Debug` always.
2022-02-01 03:50:21 +00:00
}
}
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
}
}
/// Helper struct for safely printing secrets (like [`SecretKey`] value).
/// Formats the explicit byte value of the secret kept inside the type as a
/// little-endian hexadecimal string using the provided formatter.
///
/// Secrets should not implement neither [`Debug`] and [`Display`] traits directly,
/// and instead provide `fn display_secret<'a>(&'a self) -> DisplaySecret<'a>`
/// function to be used in different display contexts (see "examples" below).
///
/// [`Display`]: fmt::Display
/// [`Debug`]: fmt::Debug
Add lints to catch missing traits Rustc can warn us when we forget to add `Copy` and `Deubg` trait implementations to types. Add lint directives to enable warnings for missing `Copy` and `Debug` implementations. Use the newly emitted warnings to find types that do not implement our 'standard' traits. These 'standard' traits are defined as the set of attributes that it has been found beneficial to opportunistically add to all types, these are - Copy - Clone - Debug - PartialEq and Eq - PartialOrd and Ord - Hash
2022-01-06 23:01:11 +00:00
#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
pub struct DisplaySecret {
secret: [u8; SECRET_KEY_SIZE]
}
impl fmt::Debug for DisplaySecret {
#[inline]
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
Remove magic number In array initialisation we use magic number 64, this is the secret bytes length multiplied by 2. Please note; we still use the magic number 32, left as such because it is used in various ways and its not immediately clear that using a single const would be any more descriptive. Use `SECRET_KEY_SIZE * 2` instead of magic number 64.
2022-02-08 08:41:43 +00:00
let mut slice = [0u8; SECRET_KEY_SIZE * 2];
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
let hex = to_hex(&self.secret, &mut slice).expect("fixed-size hex serializer failed");
f.debug_tuple("DisplaySecret")
.field(&hex)
.finish()
}
}
impl fmt::Display for DisplaySecret {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
Use byte instead of i The identifier `i` is predominantly used for indexing an array but we are using it as a place holder for the iterated value of an array that is then printed. The identifier `byte` is more descriptive. Done in preparation for adding similar code to the `ecdh` module.
2022-02-09 06:56:42 +00:00
for byte in &self.secret {
write!(f, "{:02x}", byte)?;
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
}
Ok(())
}
}
impl SecretKey {
/// Formats the explicit byte value of the secret key kept inside the type as a
/// little-endian hexadecimal string using the provided formatter.
///
/// This is the only method that outputs the actual secret key value, and, thus,
/// should be used with extreme precaution.
///
/// # Example
///
/// ```
Add multiple implementations of Debug for secrets The `Debug` implementation for secrets is feature gated on `std` because it uses a hasher from `std`. If `bitcoin_hashes` is enabled we can use it for hashing. If neither `std` nor `bitcoin_hashes` is enabled fall back to outputting: <secret requires std or bitcoin_hashes feature to display> Remove the docs conditional since we now implement `Debug` always.
2022-02-01 03:50:21 +00:00
/// # #[cfg(all(feature = "std", not(feature = "bitcoin_hashes")))] {
Make `key` module private We re-export all structs residing in that module. There is no reason to expose the internal module structure of the library publicly.
2021-09-09 08:49:47 +00:00
/// use secp256k1::ONE_KEY;
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
/// let key = ONE_KEY;
/// // Normal display hides value
/// assert_eq!(
/// "SecretKey(#2518682f7819fb2d)",
/// format!("{:?}", key)
/// );
/// // Here we explicitly display the secret value:
/// assert_eq!(
/// "0000000000000000000000000000000000000000000000000000000000000001",
/// format!("{}", key.display_secret())
/// );
/// assert_eq!(
/// "DisplaySecret(\"0000000000000000000000000000000000000000000000000000000000000001\")",
/// format!("{:?}", key.display_secret())
/// );
Add multiple implementations of Debug for secrets The `Debug` implementation for secrets is feature gated on `std` because it uses a hasher from `std`. If `bitcoin_hashes` is enabled we can use it for hashing. If neither `std` nor `bitcoin_hashes` is enabled fall back to outputting: <secret requires std or bitcoin_hashes feature to display> Remove the docs conditional since we now implement `Debug` always.
2022-02-01 03:50:21 +00:00
/// # }
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
/// ```
#[inline]
pub fn display_secret(&self) -> DisplaySecret {
DisplaySecret { secret: self.serialize_secret() }
}
}
impl KeyPair {
/// Formats the explicit byte value of the secret key kept inside the type as a
/// little-endian hexadecimal string using the provided formatter.
///
/// This is the only method that outputs the actual secret key value, and, thus,
/// should be used with extreme precaution.
///
/// # Example
///
/// ```
Add multiple implementations of Debug for secrets The `Debug` implementation for secrets is feature gated on `std` because it uses a hasher from `std`. If `bitcoin_hashes` is enabled we can use it for hashing. If neither `std` nor `bitcoin_hashes` is enabled fall back to outputting: <secret requires std or bitcoin_hashes feature to display> Remove the docs conditional since we now implement `Debug` always.
2022-02-01 03:50:21 +00:00
/// # #[cfg(all(feature = "std", not(feature = "bitcoin_hashes")))] {
Make `key` module private We re-export all structs residing in that module. There is no reason to expose the internal module structure of the library publicly.
2021-09-09 08:49:47 +00:00
/// use secp256k1::ONE_KEY;
Move `KeyPair` to `key` module The `KeyPair` type is semantically unrelated to the schnorr signature algorithm.
2021-09-09 09:34:48 +00:00
/// use secp256k1::KeyPair;
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
/// use secp256k1::Secp256k1;
///
/// let secp = Secp256k1::new();
/// let key = ONE_KEY;
/// let key = KeyPair::from_secret_key(&secp, key);
///
/// // Normal display hides value
/// assert_eq!(
/// "KeyPair(#2518682f7819fb2d)",
/// format!("{:?}", key)
/// );
/// // Here we explicitly display the secret value:
/// assert_eq!(
/// "0000000000000000000000000000000000000000000000000000000000000001",
/// format!("{}", key.display_secret())
/// );
/// assert_eq!(
/// "DisplaySecret(\"0000000000000000000000000000000000000000000000000000000000000001\")",
/// format!("{:?}", key.display_secret())
/// );
Add multiple implementations of Debug for secrets The `Debug` implementation for secrets is feature gated on `std` because it uses a hasher from `std`. If `bitcoin_hashes` is enabled we can use it for hashing. If neither `std` nor `bitcoin_hashes` is enabled fall back to outputting: <secret requires std or bitcoin_hashes feature to display> Remove the docs conditional since we now implement `Debug` always.
2022-02-01 03:50:21 +00:00
/// # }
/// ```
Dedicated display_secret fn for secret-containing types Debug-print secrets as tagged hashes Refactoring Display/Debug for secret values with display_secret
2021-08-09 15:06:05 +00:00
#[inline]
pub fn display_secret(&self) -> DisplaySecret {
DisplaySecret { secret: self.serialize_secret() }
}
}