Skip to content

Commit

Permalink
Deprecate ThirtyTwoByteHash
Browse files Browse the repository at this point in the history
The implementations of `ThirtyTwoByteHash` for types from the `hashes`
crate are problematic during upgrades because both `bitcoin` and
`secp256k1` depend on `hashes` and when the versions of `hashes` get
out of sync usage of the trait breaks.

Deprecate the `ThirtyTwoByteHash` trait and remove the impls for types
from `bitcoin_hashes`.

Add an explanation in the changelog because its too long to go in the
deprecation message.
  • Loading branch information
tcharding committed Apr 1, 2024
1 parent d279c13 commit 4663198
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 92 deletions.
9 changes: 9 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,14 @@
# Unreleased

* Deprecate `ThirtyTwoByteHash`

This trait turned out to be problematic during upgrade because we support a ranged dependency for
`bitcoin_hashes`. Consider implementing `From<T> for Message` for your type iff your type is a 32
byte hash (ie, output from a hash algorithm that produces a 32 byte digest like sha256). When
using the impl, consider using `Message::from` instead of `hash.into()` because we will be
introducing generics in a future version and the compiler will not be able to work out the target
type.

* Bump MSRV to Rust `v1.56.1`
* Upgrade `hashes` using range dependency `version = ">= 0.12, <= 0.14"`.

Expand Down
28 changes: 3 additions & 25 deletions src/key.rs
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,8 @@ use crate::{
constants, ecdsa, from_hex, schnorr, Message, Scalar, Secp256k1, Signing, Verification,
};
#[cfg(feature = "hashes")]
use crate::{hashes, ThirtyTwoByteHash};
#[allow(deprecated)]
use crate::ThirtyTwoByteHash;

/// Secret key - a 256-bit key used to create ECDSA and Taproot signatures.
///
Expand Down Expand Up @@ -257,30 +258,6 @@ impl SecretKey {
SecretKey(sk)
}

/// Constructs a [`SecretKey`] by hashing `data` with hash algorithm `H`.
///
/// Requires the feature `hashes` to be enabled.
///
/// # Examples
///
/// ```
/// # #[cfg(feature="hashes")] {
/// use secp256k1::hashes::{sha256, Hash};
/// use secp256k1::SecretKey;
///
/// let sk1 = SecretKey::from_hashed_data::<sha256::Hash>("Hello world!".as_bytes());
/// // is equivalent to
/// let sk2 = SecretKey::from(sha256::Hash::hash("Hello world!".as_bytes()));
///
/// assert_eq!(sk1, sk2);
/// # }
/// ```
#[cfg(feature = "hashes")]
#[inline]
pub fn from_hashed_data<H: ThirtyTwoByteHash + hashes::Hash>(data: &[u8]) -> Self {
<H as hashes::Hash>::hash(data).into()
}

/// Returns the secret key as a byte value.
#[inline]
pub fn secret_bytes(&self) -> [u8; constants::SECRET_KEY_SIZE] { self.0 }
Expand Down Expand Up @@ -373,6 +350,7 @@ impl SecretKey {
}

#[cfg(feature = "hashes")]
#[allow(deprecated)]
impl<T: ThirtyTwoByteHash> From<T> for SecretKey {
/// Converts a 32-byte hash directly to a secret key without error paths.
fn from(t: T) -> SecretKey {
Expand Down
76 changes: 9 additions & 67 deletions src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -31,11 +31,12 @@
//! # #[cfg(all(feature = "rand-std", feature = "hashes-std"))] {
//! use secp256k1::rand::rngs::OsRng;
//! use secp256k1::{Secp256k1, Message};
//! use secp256k1::hashes::sha256;
//! use secp256k1::hashes::{sha256, Hash};
//!
//! let secp = Secp256k1::new();
//! let (secret_key, public_key) = secp.generate_keypair(&mut OsRng);
//! let message = Message::from_hashed_data::<sha256::Hash>("Hello World!".as_bytes());
//! let digest = sha256::hash("Hello World!".as_bytes());
//! let message = Message::from_digest(digest);
//!
//! let sig = secp.sign_ecdsa(&message, &secret_key);
//! assert!(secp.verify_ecdsa(&message, &sig, &public_key).is_ok());
Expand All @@ -47,10 +48,11 @@
//! ```rust
//! # #[cfg(all(feature = "global-context", feature = "hashes-std", feature = "rand-std"))] {
//! use secp256k1::{generate_keypair, Message};
//! use secp256k1::hashes::sha256;
//! use secp256k1::hashes::{sha256, Hash};
//!
//! let (secret_key, public_key) = generate_keypair(&mut rand::thread_rng());
//! let message = Message::from_hashed_data::<sha256::Hash>("Hello World!".as_bytes());
//! let digest = sha256::hash("Hello World!".as_bytes());
//! let message = Message::from_digest(digest);
//!
//! let sig = secret_key.sign_ecdsa(message);
//! assert!(sig.verify(&message, &public_key).is_ok());
Expand Down Expand Up @@ -176,8 +178,6 @@ use core::{fmt, mem, str};

#[cfg(all(feature = "global-context", feature = "std"))]
pub use context::global::{self, SECP256K1};
#[cfg(feature = "hashes")]
use hashes::Hash;
#[cfg(feature = "rand")]
pub use rand;
pub use secp256k1_sys as ffi;
Expand All @@ -198,34 +198,20 @@ pub use crate::scalar::Scalar;
/// Trait describing something that promises to be a 32-byte random number; in particular,
/// it has negligible probability of being zero or overflowing the group order. Such objects
/// may be converted to `Message`s without any error paths.
#[deprecated(since = "0.29.0", note = "Please see v0.29.0 rust-secp256k1/CHANGELOG.md for suggestion")]
pub trait ThirtyTwoByteHash {
/// Converts the object into a 32-byte array
fn into_32(self) -> [u8; 32];
}

#[cfg(feature = "hashes")]
impl ThirtyTwoByteHash for hashes::sha256::Hash {
fn into_32(self) -> [u8; 32] { self.to_byte_array() }
}

#[cfg(feature = "hashes")]
impl ThirtyTwoByteHash for hashes::sha256d::Hash {
fn into_32(self) -> [u8; 32] { self.to_byte_array() }
}

#[cfg(feature = "hashes")]
impl<T: hashes::sha256t::Tag> ThirtyTwoByteHash for hashes::sha256t::Hash<T> {
fn into_32(self) -> [u8; 32] { self.to_byte_array() }
}

/// A (hashed) message input to an ECDSA signature.
#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
pub struct Message([u8; constants::MESSAGE_SIZE]);
impl_array_newtype!(Message, u8, constants::MESSAGE_SIZE);
impl_pretty_debug!(Message);

impl Message {
/// **If you just want to sign an arbitrary message use `Message::from_hashed_data` instead.**
/// Creates a [`Message`] from a 32 byte slice `digest`.
///
/// Converts a `MESSAGE_SIZE`-byte slice to a message object. **WARNING:** the slice has to be a
/// cryptographically secure hash of the actual message that's going to be signed. Otherwise
Expand All @@ -239,8 +225,6 @@ impl Message {

/// Creates a [`Message`] from a `digest`.
///
/// **If you just want to sign an arbitrary message use `Message::from_hashed_data` instead.**
///
/// The `digest` array has to be a cryptographically secure hash of the actual message that's
/// going to be signed. Otherwise the result of signing isn't a [secure signature].
///
Expand All @@ -250,8 +234,6 @@ impl Message {

/// Creates a [`Message`] from a 32 byte slice `digest`.
///
/// **If you just want to sign an arbitrary message use `Message::from_hashed_data` instead.**
///
/// The slice has to be 32 bytes long and be a cryptographically secure hash of the actual
/// message that's going to be signed. Otherwise the result of signing isn't a [secure
/// signature].
Expand All @@ -272,31 +254,9 @@ impl Message {
_ => Err(Error::InvalidMessage),
}
}

/// Constructs a [`Message`] by hashing `data` with hash algorithm `H`.
///
/// Requires the feature `hashes` to be enabled.
///
/// # Examples
///
/// ```
/// # #[cfg(feature = "hashes")] {
/// use secp256k1::hashes::{sha256, Hash};
/// use secp256k1::Message;
///
/// let m1 = Message::from_hashed_data::<sha256::Hash>("Hello world!".as_bytes());
/// // is equivalent to
/// let m2 = Message::from(sha256::Hash::hash("Hello world!".as_bytes()));
///
/// assert_eq!(m1, m2);
/// # }
/// ```
#[cfg(feature = "hashes")]
pub fn from_hashed_data<H: ThirtyTwoByteHash + hashes::Hash>(data: &[u8]) -> Self {
<H as hashes::Hash>::hash(data).into()
}
}

#[allow(deprecated)]
impl<T: ThirtyTwoByteHash> From<T> for Message {
/// Converts a 32-byte hash directly to a message without error paths.
fn from(t: T) -> Message { Message(t.into_32()) }
Expand Down Expand Up @@ -1043,24 +1003,6 @@ mod tests {
let sig = SECP256K1.sign_ecdsa(&msg, &sk);
assert!(SECP256K1.verify_ecdsa(&msg, &sig, &pk).is_ok());
}

#[cfg(feature = "hashes")]
#[test]
fn test_from_hash() {
use hashes::{sha256, sha256d, Hash};

let test_bytes = "Hello world!".as_bytes();

let hash = sha256::Hash::hash(test_bytes);
let msg = Message::from(hash);
assert_eq!(msg.0, hash.to_byte_array());
assert_eq!(msg, Message::from_hashed_data::<hashes::sha256::Hash>(test_bytes));

let hash = sha256d::Hash::hash(test_bytes);
let msg = Message::from(hash);
assert_eq!(msg.0, hash.to_byte_array());
assert_eq!(msg, Message::from_hashed_data::<hashes::sha256d::Hash>(test_bytes));
}
}

#[cfg(bench)]
Expand Down

0 comments on commit 4663198

Please sign in to comment.