projects / rust-lightning / blob
? search:


d4d15cfa3045a9fb09b4400b12302b9984d5d49f
[rust-lightning] / lightning / src / util / crypto.rs
1 use bitcoin::hashes::{Hash, HashEngine};
2 use bitcoin::hashes::hmac::{Hmac, HmacEngine};
3 use bitcoin::hashes::sha256::Hash as Sha256;
4 use bitcoin::secp256k1::{Message, Secp256k1, SecretKey, ecdsa::Signature, Signing};
5
6 use crate::chain::keysinterface::EntropySource;
7
8 use core::ops::Deref;
9
10 macro_rules! hkdf_extract_expand {
11         ($salt: expr, $ikm: expr) => {{
12                 let mut hmac = HmacEngine::<Sha256>::new($salt);
13                 hmac.input($ikm);
14                 let prk = Hmac::from_engine(hmac).into_inner();
15                 let mut hmac = HmacEngine::<Sha256>::new(&prk[..]);
16                 hmac.input(&[1; 1]);
17                 let t1 = Hmac::from_engine(hmac).into_inner();
18                 let mut hmac = HmacEngine::<Sha256>::new(&prk[..]);
19                 hmac.input(&t1);
20                 hmac.input(&[2; 1]);
21                 (t1, Hmac::from_engine(hmac).into_inner(), prk)
22         }};
23         ($salt: expr, $ikm: expr, 2) => {{
24                 let (k1, k2, _) = hkdf_extract_expand!($salt, $ikm);
25                 (k1, k2)
26         }};
27         ($salt: expr, $ikm: expr, 3) => {{
28                 let (k1, k2, prk) = hkdf_extract_expand!($salt, $ikm);
29
30                 let mut hmac = HmacEngine::<Sha256>::new(&prk[..]);
31                 hmac.input(&k2);
32                 hmac.input(&[3; 1]);
33                 (k1, k2, Hmac::from_engine(hmac).into_inner())
34         }}
35 }
36
37 pub fn hkdf_extract_expand_twice(salt: &[u8], ikm: &[u8]) -> ([u8; 32], [u8; 32]) {
38         hkdf_extract_expand!(salt, ikm, 2)
39 }
40
41 pub fn hkdf_extract_expand_thrice(salt: &[u8], ikm: &[u8]) -> ([u8; 32], [u8; 32], [u8; 32]) {
42         hkdf_extract_expand!(salt, ikm, 3)
43 }
44
45 #[inline]
46 pub fn sign<C: Signing>(ctx: &Secp256k1<C>, msg: &Message, sk: &SecretKey) -> Signature {
47         #[cfg(feature = "grind_signatures")]
48         let sig = ctx.sign_ecdsa_low_r(msg, sk);
49         #[cfg(not(feature = "grind_signatures"))]
50         let sig = ctx.sign_ecdsa(msg, sk);
51         sig
52 }
53
54 #[inline]
55 pub fn sign_with_aux_rand<C: Signing, ES: Deref>(
56         ctx: &Secp256k1<C>, msg: &Message, sk: &SecretKey, entropy_source: &ES
57 ) -> Signature where ES::Target: EntropySource {
58         #[cfg(feature = "grind_signatures")]
59         let sig = loop {
60                 let sig = ctx.sign_ecdsa_with_noncedata(msg, sk, &entropy_source.get_secure_random_bytes());
61                 if sig.serialize_compact()[0] < 0x80 {
62                         break sig;
63                 }
64         };
65         #[cfg(not(feature = "grind_signatures"))]
66         let sig = ctx.sign_ecdsa_with_noncedata(msg, sk, &entropy_source.get_secure_random_bytes());
67         sig
68 }
Personal fork of Rust-Lightning. Upstream is https://github.com/rust-bitcoin/rust-lightning