milksad
/
rust-secp256k1-unsafe-fast
14
0
Fork 0
Code Issues Pull Requests Activity

Merge pull request #151 from elichai/2019-08-Cptr-null 

Explicit checks for ZST + null fallbacks
This commit is contained in:
Andrew Poelstra 2019-08-21 23:03:30 +00:00 committed by GitHub
parent 5ea300a4e0 d7461e4cdc
commit eddfe03dbc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 174 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/context.rs
View File

@ -1,5 +1,5 @@
use core::marker::PhantomData;
use ffi;
use ffi::{self, CPtr};
use types::{c_uint, c_void};
use Error;
use Secp256k1;
@ -181,7 +181,7 @@ impl<'buf, C: Context + 'buf> Secp256k1<C> {
Ok(Secp256k1 {
ctx: unsafe {
ffi::secp256k1_context_preallocated_create(
buf.as_mut_ptr() as *mut c_void,
buf.as_mut_c_ptr() as *mut c_void,
C::FLAGS)
},
phantom: PhantomData,

6
src/ecdh.rs
View File

@ -19,7 +19,7 @@
use core::{ops, ptr};
use key::{SecretKey, PublicKey};
use ffi;
use ffi::{self, CPtr};
/// A tag used for recovering the public key from a compact signature
#[derive(Copy, Clone, PartialEq, Eq, Debug)]
@ -34,8 +34,8 @@ impl SharedSecret {
let res = ffi::secp256k1_ecdh(
ffi::secp256k1_context_no_precomp,
&mut ss,
point.as_ptr(),
scalar.as_ptr(),
point.as_c_ptr(),
scalar.as_c_ptr(),
ffi::secp256k1_ecdh_hash_function_default,
ptr::null_mut(),
);

34
src/ffi.rs
View File

@ -16,7 +16,7 @@
//! # FFI bindings
//! Direct bindings to the underlying C library functions. These should
//! not be needed for most users.
use core::{mem, hash, slice};
use core::{mem, hash, slice, ptr};
use types::*;
/// Flag for context to enable no precomputation
@ -359,6 +359,38 @@ unsafe fn strlen(mut str_ptr: *const c_char) -> usize {
}
/// A trait for producing pointers that will always be valid in C. (assuming NULL pointer is a valid no-op)
/// Rust doesn't promise what pointers does it give to ZST (https://doc.rust-lang.org/nomicon/exotic-sizes.html#zero-sized-types-zsts)
/// In case the type is empty this trait will give a NULL pointer, which should be handled in C.
///
pub(crate) trait CPtr {
type Target;
fn as_c_ptr(&self) -> *const Self::Target;
fn as_mut_c_ptr(&mut self) -> *mut Self::Target;
}
impl<T> CPtr for [T] {
type Target = T;
fn as_c_ptr(&self) -> *const Self::Target {
if self.is_empty() {
ptr::null()
} else {
self.as_ptr()
}
}
fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
if self.is_empty() {
ptr::null::<Self::Target>() as *mut _
} else {
self.as_mut_ptr()
}
}
}
#[cfg(feature = "fuzztarget")]
mod fuzz_dummy {
extern crate std;

78
src/key.rs
View File

@ -24,7 +24,7 @@ use super::Error::{self, InvalidPublicKey, InvalidSecretKey};
use Signing;
use Verification;
use constants;
use ffi;
use ffi::{self, CPtr};
/// Secret 256-bit key used as `x` in an ECDSA signature
pub struct SecretKey([u8; constants::SECRET_KEY_SIZE]);
@ -117,7 +117,7 @@ impl SecretKey {
unsafe {
while ffi::secp256k1_ec_seckey_verify(
ffi::secp256k1_context_no_precomp,
data.as_ptr(),
data.as_c_ptr(),
) == 0
{
data = random_32_bytes(rng);
@ -135,7 +135,7 @@ impl SecretKey {
unsafe {
if ffi::secp256k1_ec_seckey_verify(
ffi::secp256k1_context_no_precomp,
data.as_ptr(),
data.as_c_ptr(),
) == 0
{
return Err(InvalidSecretKey);
@ -162,8 +162,8 @@ impl SecretKey {
unsafe {
if ffi::secp256k1_ec_privkey_tweak_add(
ffi::secp256k1_context_no_precomp,
self.as_mut_ptr(),
other.as_ptr(),
self.as_mut_c_ptr(),
other.as_c_ptr(),
) != 1
{
Err(Error::InvalidTweak)
@ -187,8 +187,8 @@ impl SecretKey {
unsafe {
if ffi::secp256k1_ec_privkey_tweak_mul(
ffi::secp256k1_context_no_precomp,
self.as_mut_ptr(),
other.as_ptr(),
self.as_mut_c_ptr(),
other.as_c_ptr(),
) != 1
{
Err(Error::InvalidTweak)
@ -223,7 +223,7 @@ impl PublicKey {
unsafe {
// We can assume the return value because it's not possible to construct
// an invalid `SecretKey` without transmute trickery or something
let res = ffi::secp256k1_ec_pubkey_create(secp.ctx, &mut pk, sk.as_ptr());
let res = ffi::secp256k1_ec_pubkey_create(secp.ctx, &mut pk, sk.as_c_ptr());
debug_assert_eq!(res, 1);
}
PublicKey(pk)
@ -232,12 +232,14 @@ impl PublicKey {
/// Creates a public key directly from a slice
#[inline]
pub fn from_slice(data: &[u8]) -> Result<PublicKey, Error> {
if data.is_empty() {return Err(Error::InvalidPublicKey);}
let mut pk = ffi::PublicKey::new();
unsafe {
if ffi::secp256k1_ec_pubkey_parse(
ffi::secp256k1_context_no_precomp,
&mut pk,
data.as_ptr(),
data.as_c_ptr(),
data.len() as usize,
) == 1
{
@ -259,9 +261,9 @@ impl PublicKey {
let mut ret_len = constants::PUBLIC_KEY_SIZE as usize;
let err = ffi::secp256k1_ec_pubkey_serialize(
ffi::secp256k1_context_no_precomp,
ret.as_mut_ptr(),
ret.as_mut_c_ptr(),
&mut ret_len,
self.as_ptr(),
self.as_c_ptr(),
ffi::SECP256K1_SER_COMPRESSED,
);
debug_assert_eq!(err, 1);
@ -278,9 +280,9 @@ impl PublicKey {
let mut ret_len = constants::UNCOMPRESSED_PUBLIC_KEY_SIZE as usize;
let err = ffi::secp256k1_ec_pubkey_serialize(
ffi::secp256k1_context_no_precomp,
ret.as_mut_ptr(),
ret.as_mut_c_ptr(),
&mut ret_len,
self.as_ptr(),
self.as_c_ptr(),
ffi::SECP256K1_SER_UNCOMPRESSED,
);
debug_assert_eq!(err, 1);
@ -303,7 +305,7 @@ impl PublicKey {
}
unsafe {
if ffi::secp256k1_ec_pubkey_tweak_add(secp.ctx, &mut self.0 as *mut _,
other.as_ptr()) == 1 {
other.as_c_ptr()) == 1 {
Ok(())
} else {
Err(Error::InvalidTweak)
@ -325,7 +327,7 @@ impl PublicKey {
}
unsafe {
if ffi::secp256k1_ec_pubkey_tweak_mul(secp.ctx, &mut self.0 as *mut _,
other.as_ptr()) == 1 {
other.as_c_ptr()) == 1 {
Ok(())
} else {
Err(Error::InvalidTweak)
@ -339,11 +341,11 @@ impl PublicKey {
pub fn combine(&self, other: &PublicKey) -> Result<PublicKey, Error> {
unsafe {
let mut ret = ffi::PublicKey::new();
let ptrs = [self.as_ptr(), other.as_ptr()];
let ptrs = [self.as_c_ptr(), other.as_c_ptr()];
if ffi::secp256k1_ec_pubkey_combine(
ffi::secp256k1_context_no_precomp,
&mut ret,
ptrs.as_ptr(),
ptrs.as_c_ptr(),
2
) == 1
{
@ -355,6 +357,18 @@ impl PublicKey {
}
}
impl CPtr for PublicKey {
type Target = ffi::PublicKey;
fn as_c_ptr(&self) -> *const Self::Target {
self.as_ptr()
}
fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
self.as_mut_ptr()
}
}
/// Creates a new public key from a FFI public key
impl From<ffi::PublicKey> for PublicKey {
#[inline]
@ -562,6 +576,36 @@ mod test {
PublicKey::from_slice(&[0x55; constants::PUBLIC_KEY_SIZE]),
Err(InvalidPublicKey)
);
assert_eq!(
PublicKey::from_slice(&[]),
Err(InvalidPublicKey)
);
}
#[test]
fn test_seckey_from_bad_slice() {
// Bad sizes
assert_eq!(
SecretKey::from_slice(&[0; constants::SECRET_KEY_SIZE - 1]),
Err(InvalidSecretKey)
);
assert_eq!(
SecretKey::from_slice(&[0; constants::SECRET_KEY_SIZE + 1]),
Err(InvalidSecretKey)
);
// Bad parse
assert_eq!(
SecretKey::from_slice(&[0xff; constants::SECRET_KEY_SIZE]),
Err(InvalidSecretKey)
);
assert_eq!(
SecretKey::from_slice(&[0x00; constants::SECRET_KEY_SIZE]),
Err(InvalidSecretKey)
);
assert_eq!(
SecretKey::from_slice(&[]),
Err(InvalidSecretKey)
);
}
#[test]

40
src/lib.rs
View File

@ -161,6 +161,7 @@ pub use key::PublicKey;
pub use context::*;
use core::marker::PhantomData;
use core::ops::Deref;
use ffi::CPtr;
/// An ECDSA signature
#[derive(Copy, Clone, PartialEq, Eq)]
@ -246,13 +247,15 @@ impl Signature {
#[inline]
/// Converts a DER-encoded byte slice to a signature
pub fn from_der(data: &[u8]) -> Result<Signature, Error> {
if data.is_empty() {return Err(Error::InvalidSignature);}
let mut ret = ffi::Signature::new();
unsafe {
if ffi::secp256k1_ecdsa_signature_parse_der(
ffi::secp256k1_context_no_precomp,
&mut ret,
data.as_ptr(),
data.as_c_ptr(),
data.len() as usize,
) == 1
{
@ -274,7 +277,7 @@ impl Signature {
if ffi::secp256k1_ecdsa_signature_parse_compact(
ffi::secp256k1_context_no_precomp,
&mut ret,
data.as_ptr(),
data.as_c_ptr(),
) == 1
{
Ok(Signature(ret))
@ -289,12 +292,14 @@ impl Signature {
/// 2016. It should never be used in new applications. This library does not
/// support serializing to this "format"
pub fn from_der_lax(data: &[u8]) -> Result<Signature, Error> {
if data.is_empty() {return Err(Error::InvalidSignature);}
unsafe {
let mut ret = ffi::Signature::new();
if ffi::ecdsa_signature_parse_der_lax(
ffi::secp256k1_context_no_precomp,
&mut ret,
data.as_ptr(),
data.as_c_ptr(),
data.len() as usize,
) == 1
{
@ -328,8 +333,8 @@ impl Signature {
// was already normalized. We don't care.
ffi::secp256k1_ecdsa_signature_normalize(
ffi::secp256k1_context_no_precomp,
self.as_mut_ptr(),
self.as_ptr(),
self.as_mut_c_ptr(),
self.as_c_ptr(),
);
}
}
@ -356,7 +361,7 @@ impl Signature {
ffi::secp256k1_context_no_precomp,
ret.get_data_mut_ptr(),
&mut len,
self.as_ptr(),
self.as_c_ptr(),
);
debug_assert!(err == 1);
ret.set_len(len);
@ -371,8 +376,8 @@ impl Signature {
unsafe {
let err = ffi::secp256k1_ecdsa_signature_serialize_compact(
ffi::secp256k1_context_no_precomp,
ret.as_mut_ptr(),
self.as_ptr(),
ret.as_mut_c_ptr(),
self.as_c_ptr(),
);
debug_assert!(err == 1);
}
@ -380,6 +385,17 @@ impl Signature {
}
}
impl CPtr for Signature {
type Target = ffi::Signature;
fn as_c_ptr(&self) -> *const Self::Target {
self.as_ptr()
}
fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
self.as_mut_ptr()
}
}
/// Creates a new signature from a FFI signature
impl From<ffi::Signature> for Signature {
#[inline]
@ -583,7 +599,7 @@ impl<C: Context> Secp256k1<C> {
let mut seed = [0; 32];
rng.fill_bytes(&mut seed);
unsafe {
let err = ffi::secp256k1_context_randomize(self.ctx, seed.as_ptr());
let err = ffi::secp256k1_context_randomize(self.ctx, seed.as_c_ptr());
// This function cannot fail; it has an error return for future-proofing.
// We do not expose this error since it is impossible to hit, and we have
// precedent for not exposing impossible errors (for example in
@ -609,8 +625,8 @@ impl<C: Signing> Secp256k1<C> {
unsafe {
// We can assume the return value because it's not possible to construct
// an invalid signature from a valid `Message` and `SecretKey`
assert_eq!(ffi::secp256k1_ecdsa_sign(self.ctx, &mut ret, msg.as_ptr(),
sk.as_ptr(), ffi::secp256k1_nonce_function_rfc6979,
assert_eq!(ffi::secp256k1_ecdsa_sign(self.ctx, &mut ret, msg.as_c_ptr(),
sk.as_c_ptr(), ffi::secp256k1_nonce_function_rfc6979,
ptr::null()), 1);
}
@ -640,7 +656,7 @@ impl<C: Verification> Secp256k1<C> {
#[inline]
pub fn verify(&self, msg: &Message, sig: &Signature, pk: &key::PublicKey) -> Result<(), Error> {
unsafe {
if ffi::secp256k1_ecdsa_verify(self.ctx, sig.as_ptr(), msg.as_ptr(), pk.as_ptr()) == 0 {
if ffi::secp256k1_ecdsa_verify(self.ctx, sig.as_c_ptr(), msg.as_c_ptr(), pk.as_c_ptr()) == 0 {
Err(Error::IncorrectSignature)
} else {
Ok(())

18
src/macros.rs
View File

@ -122,6 +122,24 @@ macro_rules! impl_array_newtype {
&dat[..]
}
}
impl ::ffi::CPtr for $thing {
type Target = $ty;
fn as_c_ptr(&self) -> *const Self::Target {
if self.is_empty() {
::core::ptr::null()
} else {
self.as_ptr()
}
}
fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
if self.is_empty() {
::core::ptr::null::<Self::Target>() as *mut _
} else {
self.as_mut_ptr()
}
}
}
}
}

2
src/recovery/ffi.rs
View File

@ -17,7 +17,7 @@
use core::mem;
use types::*;
use ffi::{Context, NonceFn, PublicKey, Signature};
use ffi::{Context, NonceFn, PublicKey, Signature, CPtr};
/// Library-internal representation of a Secp256k1 signature + recovery ID
#[repr(C)]

35
src/recovery/mod.rs
View File

@ -23,6 +23,7 @@ use super::{Secp256k1, Message, Error, Signature, Verification, Signing};
use super::ffi as super_ffi;
pub use key::SecretKey;
pub use key::PublicKey;
use self::super_ffi::CPtr;
mod ffi;
@ -57,6 +58,8 @@ impl RecoverableSignature {
/// representation is nonstandard and defined by the libsecp256k1
/// library.
pub fn from_compact(data: &[u8], recid: RecoveryId) -> Result<RecoverableSignature, Error> {
if data.is_empty() {return Err(Error::InvalidSignature);}
let mut ret = ffi::RecoverableSignature::new();
unsafe {
@ -65,7 +68,7 @@ impl RecoverableSignature {
} else if ffi::secp256k1_ecdsa_recoverable_signature_parse_compact(
super_ffi::secp256k1_context_no_precomp,
&mut ret,
data.as_ptr(),
data.as_c_ptr(),
recid.0,
) == 1
{
@ -82,6 +85,12 @@ impl RecoverableSignature {
&self.0 as *const _
}
/// Obtains a raw mutable pointer suitable for use with FFI functions
#[inline]
pub fn as_mut_ptr(&mut self) -> *mut ffi::RecoverableSignature {
&mut self.0 as *mut _
}
#[inline]
/// Serializes the recoverable signature in compact format
pub fn serialize_compact(&self) -> (RecoveryId, [u8; 64]) {
@ -90,9 +99,9 @@ impl RecoverableSignature {
unsafe {
let err = ffi::secp256k1_ecdsa_recoverable_signature_serialize_compact(
super_ffi::secp256k1_context_no_precomp,
ret.as_mut_ptr(),
ret.as_mut_c_ptr(),
&mut recid,
self.as_ptr(),
self.as_c_ptr(),
);
assert!(err == 1);
}
@ -108,7 +117,7 @@ impl RecoverableSignature {
let err = ffi::secp256k1_ecdsa_recoverable_signature_convert(
super_ffi::secp256k1_context_no_precomp,
&mut ret,
self.as_ptr(),
self.as_c_ptr(),
);
assert!(err == 1);
}
@ -116,6 +125,18 @@ impl RecoverableSignature {
}
}
impl CPtr for RecoverableSignature {
type Target = ffi::RecoverableSignature;
fn as_c_ptr(&self) -> *const Self::Target {
self.as_ptr()
}
fn as_mut_c_ptr(&mut self) -> *mut Self::Target {
self.as_mut_ptr()
}
}
/// Creates a new recoverable signature from a FFI one
impl From<ffi::RecoverableSignature> for RecoverableSignature {
#[inline]
@ -138,8 +159,8 @@ impl<C: Signing> Secp256k1<C> {
ffi::secp256k1_ecdsa_sign_recoverable(
self.ctx,
&mut ret,
msg.as_ptr(),
sk.as_ptr(),
msg.as_c_ptr(),
sk.as_c_ptr(),
super_ffi::secp256k1_nonce_function_rfc6979,
ptr::null()
),
@ -161,7 +182,7 @@ impl<C: Verification> Secp256k1<C> {
unsafe {
if ffi::secp256k1_ecdsa_recover(self.ctx, &mut pk,
sig.as_ptr(), msg.as_ptr()) != 1 {
sig.as_c_ptr(), msg.as_c_ptr()) != 1 {
return Err(Error::InvalidSignature);
}
};