gnosis/lighthouse
1
0
Fork 0
mirror of https://github.com/sigp/lighthouse.git synced 2026-03-03 00:31:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update direct libsecp256k1 dependencies (#2456)

Browse Source 
## Proposed Changes

* Remove direct dependencies on vulnerable `libsecp256k1 0.3.5`
* Ignore the RUSTSEC issue until it is resolved in #2389
This commit is contained in:
Michael Sproul
2021-07-14 05:24:10 +00:00
parent fc4c611476
commit 8fa6e463ca
6 changed files with 72 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
validator_client/src/http_api/api_secret.rs
View File

@@ -1,7 +1,7 @@
use eth2::lighthouse_vc::{PK_LEN, SECRET_PREFIX as PK_PREFIX};
use libsecp256k1::{Message, PublicKey, SecretKey};
use rand::thread_rng;
use ring::digest::{digest, SHA256};
use secp256k1::{Message, PublicKey, SecretKey};
use std::fs;
use std::path::Path;
use warp::Filter;
@@ -173,11 +173,11 @@ impl ApiSecret {
/// Returns a closure which produces a signature over some bytes using the secret key in
/// `self`. The signature is a 32-byte hash formatted as a 0x-prefixed string.
pub fn signer(&self) -> impl Fn(&[u8]) -> String + Clone {
let sk = self.sk.clone();
let sk = self.sk;
move |input: &[u8]| -> String {
let message =
Message::parse_slice(digest(&SHA256, input).as_ref()).expect("sha256 is 32 bytes");
let (signature, _) = secp256k1::sign(&message, &sk);
let (signature, _) = libsecp256k1::sign(&message, &sk);
serde_utils::hex::encode(signature.serialize_der().as_ref())
}
}