wire-sysio/crypto_8cpp_source.html

#include <sysio/chain/webassembly/interface.hpp>

#include <sysio/chain/protocol_state_object.hpp>

#include <sysio/chain/transaction_context.hpp>

#include <sysio/chain/apply_context.hpp>

#include <fc/crypto/alt_bn128.hpp>

#include <fc/crypto/modular_arithmetic.hpp>

#include <fc/crypto/blake2.hpp>

#include <fc/crypto/sha3.hpp>

#include <fc/crypto/k1_recover.hpp>


namespace {

    uint32_t ceil_log2(uint32_t n)

    {

        if (n <= 1) {

            return 0;

        }

        return 32 - __builtin_clz(n - 1);

    };

}


namespace sysio { namespace chain { namespace webassembly {


   void interface::assert_recover_key( legacy_ptr<const fc::sha256> digest,

                                       legacy_span<const char> sig,

                                       legacy_span<const char> pub ) const {

      fc::crypto::signature s;

      fc::crypto::public_key p;

      datastream<const char*> ds( sig.data(), sig.size() );

      datastream<const char*> pubds ( pub.data(), pub.size() );


      fc::raw::unpack( ds, s );

      fc::raw::unpack( pubds, p );


      SYS_ASSERT(s.which() < context.db.get<protocol_state_object>().num_supported_key_types, unactivated_signature_type,

        "Unactivated signature type used during assert_recover_key");

      SYS_ASSERT(p.which() < context.db.get<protocol_state_object>().num_supported_key_types, unactivated_key_type,

        "Unactivated key type used when creating assert_recover_key");


      if(context.control.is_producing_block())

         SYS_ASSERT(s.variable_size() <= context.control.configured_subjective_signature_length_limit(),

                    sig_variable_size_limit_exception, "signature variable length component size greater than subjective maximum");


      auto check = fc::crypto::public_key( s, *digest, false );

      SYS_ASSERT( check == p, crypto_api_exception, "Error expected key different than recovered key" );

   }


   int32_t interface::recover_key( legacy_ptr<const fc::sha256> digest,

                                   legacy_span<const char> sig,

                                   legacy_span<char> pub ) const {

      fc::crypto::signature s;

      datastream<const char*> ds( sig.data(), sig.size() );

      fc::raw::unpack(ds, s);


      SYS_ASSERT(s.which() < context.db.get<protocol_state_object>().num_supported_key_types, unactivated_signature_type,

                 "Unactivated signature type used during recover_key");


      if(context.control.is_producing_block())

         SYS_ASSERT(s.variable_size() <= context.control.configured_subjective_signature_length_limit(),

                    sig_variable_size_limit_exception, "signature variable length component size greater than subjective maximum");


      auto recovered = fc::crypto::public_key(s, *digest, false);


      // the key types newer than the first 2 may be varible in length

      if (s.which() >= config::genesis_num_supported_key_types ) {

         SYS_ASSERT(pub.size() >= 33, wasm_execution_error,

                    "destination buffer must at least be able to hold an ECC public key");

         auto packed_pubkey = fc::raw::pack(recovered);

         auto copy_size = std::min<size_t>(pub.size(), packed_pubkey.size());

         std::memcpy(pub.data(), packed_pubkey.data(), copy_size);

         return packed_pubkey.size();

      } else {

         // legacy behavior, key types 0 and 1 always pack to 33 bytes.

         // this will do one less copy for those keys while maintaining the rules of

         //    [0..33) dest sizes: assert (asserts in fc::raw::pack)

         //    [33..inf) dest sizes: return packed size (always 33)

         datastream<char*> out_ds( pub.data(), pub.size() );

         fc::raw::pack(out_ds, recovered);

         return out_ds.tellp();

      }

   }


   void interface::assert_sha256(legacy_span<const char> data, legacy_ptr<const fc::sha256> hash_val) const {

      auto result = context.trx_context.hash_with_checktime<fc::sha256>( data.data(), data.size() );

      SYS_ASSERT( result == *hash_val, crypto_api_exception, "hash mismatch" );

   }


   void interface::assert_sha1(legacy_span<const char> data, legacy_ptr<const fc::sha1> hash_val) const {

      auto result = context.trx_context.hash_with_checktime<fc::sha1>( data.data(), data.size() );

      SYS_ASSERT( result == *hash_val, crypto_api_exception, "hash mismatch" );

   }


   void interface::assert_sha512(legacy_span<const char> data, legacy_ptr<const fc::sha512> hash_val) const {

      auto result = context.trx_context.hash_with_checktime<fc::sha512>( data.data(), data.size() );

      SYS_ASSERT( result == *hash_val, crypto_api_exception, "hash mismatch" );

   }


   void interface::assert_ripemd160(legacy_span<const char> data, legacy_ptr<const fc::ripemd160> hash_val) const {

      auto result = context.trx_context.hash_with_checktime<fc::ripemd160>( data.data(), data.size() );

      SYS_ASSERT( result == *hash_val, crypto_api_exception, "hash mismatch" );

   }


   void interface::sha1(legacy_span<const char> data, legacy_ptr<fc::sha1> hash_val) const {

      *hash_val = context.trx_context.hash_with_checktime<fc::sha1>( data.data(), data.size() );

   }


   void interface::sha256(legacy_span<const char> data, legacy_ptr<fc::sha256> hash_val) const {

      *hash_val = context.trx_context.hash_with_checktime<fc::sha256>( data.data(), data.size() );

   }


   void interface::sha512(legacy_span<const char> data, legacy_ptr<fc::sha512> hash_val) const {

      *hash_val = context.trx_context.hash_with_checktime<fc::sha512>( data.data(), data.size() );

   }


   void interface::ripemd160(legacy_span<const char> data, legacy_ptr<fc::ripemd160> hash_val) const {

      *hash_val = context.trx_context.hash_with_checktime<fc::ripemd160>( data.data(), data.size() );

   }


   int32_t interface::alt_bn128_add(span<const char> op1, span<const char> op2, span<char> result ) const {

      bytes bop1(op1.data(), op1.data() + op1.size());

      bytes bop2(op2.data(), op2.data() + op2.size());


      auto maybe_err = fc::alt_bn128_add(bop1, bop2);

      if(std::holds_alternative<fc::alt_bn128_error>(maybe_err)) {

         return return_code::failure;

      }


      const auto& res = std::get<bytes>(maybe_err);


      if( result.size() < res.size() )

         return return_code::failure;


      std::memcpy( result.data(), res.data(), res.size() );

      return return_code::success;

   }


   int32_t interface::alt_bn128_mul(span<const char> g1_point, span<const char> scalar, span<char> result) const {

      bytes bg1_point(g1_point.data(), g1_point.data() + g1_point.size());

      bytes bscalar(scalar.data(), scalar.data() + scalar.size());


      auto maybe_err = fc::alt_bn128_mul(bg1_point, bscalar);

      if(std::holds_alternative<fc::alt_bn128_error>(maybe_err)) {

         return return_code::failure;

      }


      const auto& res = std::get<bytes>(maybe_err);


      if( result.size() < res.size() )

         return return_code::failure;


      std::memcpy( result.data(), res.data(), res.size() );

      return return_code::success;

   }


   int32_t interface::alt_bn128_pair(span<const char> g1_g2_pairs) const {

      bytes bg1_g2_pairs(g1_g2_pairs.data(), g1_g2_pairs.data() + g1_g2_pairs.size());


      auto checktime = [this]() { context.trx_context.checktime(); };

      auto res = fc::alt_bn128_pair(bg1_g2_pairs, checktime);

      if(std::holds_alternative<fc::alt_bn128_error>(res)) {

         return return_code::failure;

      }


      return !std::get<bool>(res);

   }


   int32_t interface::mod_exp(span<const char> base,

                              span<const char> exp,

                              span<const char> modulus,

                              span<char> out) const {

      if (context.control.is_producing_block()) {

         unsigned int base_modulus_size = std::max(base.size(), modulus.size());


         if (base_modulus_size < exp.size()) {

            SYS_THROW(subjective_block_production_exception,

                      "mod_exp restriction: exponent bit size cannot exceed bit size of either base or modulus");

         }


         static constexpr uint64_t bit_calc_limit = 106;


         uint64_t bit_calc = 5 * ceil_log2(exp.size()) + 8 * ceil_log2(base_modulus_size);


         if (bit_calc_limit < bit_calc) {

            SYS_THROW(subjective_block_production_exception,

                      "mod_exp restriction: bit size too large for input arguments");

         }

      }


      bytes bbase(base.data(), base.data() + base.size());

      bytes bexp(exp.data(), exp.data() + exp.size());

      bytes bmod(modulus.data(), modulus.data() + modulus.size());


      auto maybe_err = fc::modexp(bbase, bexp, bmod);

      if(std::holds_alternative<fc::modular_arithmetic_error>(maybe_err)) {

         return return_code::failure;

      }


      const auto& res = std::get<bytes>(maybe_err);


      if( out.size() < res.size() )

         return return_code::failure;


      std::memcpy( out.data(), res.data(), res.size() );

      return return_code::success;

   }


   int32_t interface::blake2_f( uint32_t rounds,

                                span<const char> state,

                                span<const char> message,

                                span<const char> t0_offset,

                                span<const char> t1_offset,

                                int32_t final,

                                span<char> out) const {


      bool _final = final == 1;

      bytes bstate(state.data(), state.data() + state.size());

      bytes bmessage(message.data(), message.data() + message.size());

      bytes bt0_offset(t0_offset.data(), t0_offset.data() + t0_offset.size());

      bytes bt1_offset(t1_offset.data(), t1_offset.data() + t1_offset.size());


      auto checktime = [this]() { context.trx_context.checktime(); };


      auto maybe_err = fc::blake2b(rounds, bstate, bmessage, bt0_offset, bt1_offset, _final, checktime);

      if(std::holds_alternative<fc::blake2b_error>(maybe_err)) {

         return return_code::failure;

      }


      const auto& res = std::get<bytes>(maybe_err);


      if( out.size() < res.size() )

         return return_code::failure;


      std::memcpy( out.data(), res.data(), res.size() );

      return return_code::success;

   }


   void interface::sha3( span<const char> input, span<char> output, int32_t keccak ) const {

      bool _keccak = keccak == 1;

      const size_t bs = sysio::chain::config::hashing_checktime_block_size;

      const char* data = input.data();

      uint32_t datalen = input.size();

      fc::sha3::encoder enc;

      while ( datalen > bs ) {

         enc.write( data, bs);

         data    += bs;

         datalen -= bs;

         context.trx_context.checktime();

      }

      enc.write( data, datalen);

      auto res = enc.result(!_keccak);


      auto copy_size = std::min( output.size(), res.data_size() );

      std::memcpy( output.data(), res.data(), copy_size );

   }


   int32_t interface::k1_recover( span<const char> signature, span<const char> digest, span<char> pub) const {

      bytes bsignature(signature.data(), signature.data() + signature.size());

      bytes bdigest(digest.data(), digest.data() + digest.size());


      auto maybe_err = fc::k1_recover(bsignature, bdigest);

      if( std::holds_alternative<fc::k1_recover_error>(maybe_err)) {

         return return_code::failure;

      }


      const auto& res = std::get<bytes>(maybe_err);


      if( pub.size() < res.size() )

         return return_code::failure;


      std::memcpy( pub.data(), res.data(), res.size() );

      return return_code::success;

   }


}}} // ns sysio::chain::webassembly

alt_bn128.hpp

apply_context.hpp

blake2.hpp

p
const mie::Vuint & p
Definition bn.cpp:27

SYS_THROW
#define SYS_THROW(exc_type, FORMAT,...)
Definition exceptions.hpp:13

SYS_ASSERT
#define SYS_ASSERT(expr, exc_type, FORMAT,...)
Definition exceptions.hpp:7

fc::crypto::public_key
Definition public_key.hpp:24

fc::crypto::signature
Definition signature.hpp:22

fc::datastream
Definition datastream.hpp:18

fc::ripemd160
Definition ripemd160.hpp:12

fc::sha1
Definition sha1.hpp:8

fc::sha256
Definition sha256.hpp:12

fc::sha256::data
const char * data() const
Definition sha256.cpp:31

fc::sha3::encoder
Definition sha3.hpp:43

fc::sha3::encoder::result
sha3 result(bool is_nist=true)
Definition sha3.cpp:217

fc::sha3::encoder::write
void write(const char *d, uint32_t dlen)
Definition sha3.cpp:213

fc::sha512
Definition sha512.hpp:9

fc::vector< char >

sysio::chain::protocol_state_object
Maintains global state information about consensus protocol rules.
Definition protocol_state_object.hpp:18

sysio::chain::protocol_state_object::num_supported_key_types
uint32_t num_supported_key_types
Definition protocol_state_object.hpp:43

sysio::chain::webassembly::interface::assert_recover_key
void assert_recover_key(legacy_ptr< const fc::sha256 > digest, legacy_span< const char > sig, legacy_span< const char > pub) const
Definition crypto.cpp:23

sysio::chain::webassembly::interface::recover_key
int32_t recover_key(legacy_ptr< const fc::sha256 > digest, legacy_span< const char > sig, legacy_span< char > pub) const
Definition crypto.cpp:47

sysio::chain::webassembly::interface::sha3
void sha3(span< const char > data, span< char > hash_val, int32_t keccak) const
Definition crypto.cpp:237

sysio::chain::webassembly::interface::sha1
void sha1(legacy_span< const char > data, legacy_ptr< fc::sha1 > hash_val) const
Definition crypto.cpp:103

sysio::chain::webassembly::interface::sha256
void sha256(legacy_span< const char > data, legacy_ptr< fc::sha256 > hash_val) const
Definition crypto.cpp:107

sysio::chain::webassembly::interface::alt_bn128_mul
int32_t alt_bn128_mul(span< const char > g1_point, span< const char > scalar, span< char > result) const
Definition crypto.cpp:137

sysio::chain::webassembly::interface::alt_bn128_add
int32_t alt_bn128_add(span< const char > op1, span< const char > op2, span< char > result) const
Definition crypto.cpp:119

sysio::chain::webassembly::interface::sha512
void sha512(legacy_span< const char > data, legacy_ptr< fc::sha512 > hash_val) const
Definition crypto.cpp:111

sysio::chain::webassembly::interface::blake2_f
int32_t blake2_f(uint32_t rounds, span< const char > state, span< const char > message, span< const char > t0_offset, span< const char > t1_offset, int32_t final, span< char > result) const
Definition crypto.cpp:207

sysio::chain::webassembly::interface::assert_sha512
void assert_sha512(legacy_span< const char > data, legacy_ptr< const fc::sha512 > hash_val) const
Definition crypto.cpp:93

sysio::chain::webassembly::interface::k1_recover
int32_t k1_recover(span< const char > signature, span< const char > digest, span< char > pub) const
Definition crypto.cpp:256

sysio::chain::webassembly::interface::assert_sha1
void assert_sha1(legacy_span< const char > data, legacy_ptr< const fc::sha1 > hash_val) const
Definition crypto.cpp:88

sysio::chain::webassembly::interface::assert_ripemd160
void assert_ripemd160(legacy_span< const char > data, legacy_ptr< const fc::ripemd160 > hash_val) const
Definition crypto.cpp:98

sysio::chain::webassembly::interface::ripemd160
void ripemd160(legacy_span< const char > data, legacy_ptr< fc::ripemd160 > hash_val) const
Definition crypto.cpp:115

sysio::chain::webassembly::interface::mod_exp
int32_t mod_exp(span< const char > base, span< const char > exp, span< const char > modulus, span< char > out) const
Definition crypto.cpp:167

sysio::chain::webassembly::interface::alt_bn128_pair
int32_t alt_bn128_pair(span< const char > g1_g2_pairs) const
Definition crypto.cpp:155

sysio::chain::webassembly::interface::assert_sha256
void assert_sha256(legacy_span< const char > data, legacy_ptr< const fc::sha256 > hash_val) const
Definition crypto.cpp:83

sysio::vm::span
Definition span.hpp:14

sysio::vm::span::size
constexpr std::size_t size() const noexcept
Definition span.hpp:73

sysio::vm::span::data
constexpr T * data() const noexcept
Definition span.hpp:72

interface.hpp

k1_recover.hpp

modular_arithmetic.hpp

fc::raw::unpack
void unpack(Stream &s, std::deque< T > &value)
Definition raw.hpp:540

fc::raw::pack
void pack(Stream &s, const std::deque< T > &value)
Definition raw.hpp:531

fc::digest
fc::sha256 digest(const T &value)
Definition digest.hpp:9

fc::modexp
std::variant< modular_arithmetic_error, bytes > modexp(const bytes &_base, const bytes &_exponent, const bytes &_modulus)
Definition modular_arithmetic.cpp:7

fc::blake2b
std::variant< blake2b_error, bytes > blake2b(uint32_t _rounds, const bytes &_h, const bytes &_m, const bytes &_t0_offset, const bytes &_t1_offset, bool _f, const yield_function_t &yield)
Definition blake2.cpp:105

fc::signature
bytes signature
Definition pke.hpp:17

fc::alt_bn128_add
std::variant< alt_bn128_error, bytes > alt_bn128_add(const bytes &op1, const bytes &op2)
Definition alt_bn128.cpp:142

fc::k1_recover
std::variant< k1_recover_error, bytes > k1_recover(const bytes &signature, const bytes &digest)
Definition k1_recover.cpp:13

fc::alt_bn128_mul
std::variant< alt_bn128_error, bytes > alt_bn128_mul(const bytes &g1_point, const bytes &scalar)
Definition alt_bn128.cpp:162

fc::alt_bn128_pair
std::variant< alt_bn128_error, bool > alt_bn128_pair(const bytes &g1_g2_pairs, const yield_function_t &yield)
Definition alt_bn128.cpp:184

sysio::chain::webassembly::success
@ success
Definition return_codes.hpp:8

sysio::chain::webassembly::failure
@ failure
Definition return_codes.hpp:7

sysio
Definition abi_serializer.cpp:8

protocol_state_object.hpp

sha3.hpp

uint32_t
unsigned int uint32_t
Definition stdint.h:126

int32_t
signed int int32_t
Definition stdint.h:123

uint64_t
unsigned __int64 uint64_t
Definition stdint.h:136

context
Definition yubihsm_winhttp.c:52

state
Definition yubihsm_curl.c:28

sysio::vm::argument_proxy
Definition argument_proxy.hpp:16

transaction_context.hpp

datalen
CK_ULONG datalen
Definition yubihsm_pkcs11.c:2428

pub
bool pub
Definition yubihsm_pkcs11.c:1928

s
char * s
Definition yubihsm_pkcs11.c:524