JAV-18 [Github #253] Signature Schema Refactoring

Author: rg911

src/core/crypto/Crypto.ts

@@ -14,11 +14,13 @@
  * limitations under the License.
  */
 
+import { NetworkType } from '../../model/blockchain/NetworkType';
 import { WalletAlgorithm } from '../../model/wallet/WalletAlgorithm';
 import { Convert as convert } from '../format/Convert';
 import { KeyPair } from './KeyPair';
-import * as utility from './Utilities';
 import { SignSchema } from './SignSchema';
+import * as utility from './Utilities';
+// tslint:disable-next-line: no-var-requires
 const CryptoJS = require('crypto-js');
 export class Crypto {
     /**
@@ -219,16 +221,16 @@ export class Crypto {
      * @param {string} msg - A text message
      * @param {Uint8Array} iv - An initialization vector
      * @param {Uint8Array} salt - A salt
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {NetworkType} networkType - Catapult network identifier
      * @return {string} - The encoded message
      */
-    public static _encode = (senderPriv, recipientPub, msg, iv, salt, signSchema: SignSchema = SignSchema.SHA3) => {
+    public static _encode = (senderPriv, recipientPub, msg, iv, salt, networkType: NetworkType) => {
         // Errors
         if (!senderPriv || !recipientPub || !msg || !iv || !salt) { throw new Error('Missing argument !'); }
         // Processing
-        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(senderPriv, signSchema);
+        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(senderPriv, networkType);
         const pk = convert.hexToUint8(recipientPub);
-        const encKey = utility.ua2words(KeyPair.deriveSharedKey(keyPair, pk, salt, signSchema), 32);
+        const encKey = utility.ua2words(KeyPair.deriveSharedKey(keyPair, pk, salt, networkType), 32);
         const encIv = {
             iv: utility.ua2words(iv, 16),
         };
@@ -244,16 +246,16 @@ export class Crypto {
      * @param {string} senderPriv - A sender private key
      * @param {string} recipientPub - A recipient public key
      * @param {string} msg - A text message
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {NetworkType} networkType - Catapult network identifier
      * @return {string} - The encoded message
      */
-    public static encode = (senderPriv, recipientPub, msg, signSchema: SignSchema = SignSchema.SHA3) => {
+    public static encode = (senderPriv, recipientPub, msg, networkType: NetworkType) => {
         // Errors
         if (!senderPriv || !recipientPub || !msg) { throw new Error('Missing argument !'); }
         // Processing
         const iv = Crypto.randomBytes(16);
         const salt = Crypto.randomBytes(32);
-        const encoded = Crypto._encode(senderPriv, recipientPub, msg, iv, salt, signSchema);
+        const encoded = Crypto._encode(senderPriv, recipientPub, msg, iv, salt, networkType);
         // Result
         return encoded;
     }
@@ -264,16 +266,16 @@ export class Crypto {
      * @param {string} recipientPrivate - A recipient private key
      * @param {string} senderPublic - A sender public key
      * @param {Uint8Array} _payload - An encrypted message payload in bytes
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {NetworkType} networkType - Catapult network identifier
      * @return {string} - The decoded payload as hex
      */
-    public static _decode = (recipientPrivate, senderPublic, payload, iv, salt, signSchema: SignSchema = SignSchema.SHA3) => {
+    public static _decode = (recipientPrivate, senderPublic, payload, iv, salt, networkType: NetworkType) => {
         // Error
         if (!recipientPrivate || !senderPublic || !payload) { throw new Error('Missing argument !'); }
         // Processing
-        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(recipientPrivate, signSchema);
+        const keyPair = KeyPair.createKeyPairFromPrivateKeyString(recipientPrivate, networkType);
         const pk = convert.hexToUint8(senderPublic);
-        const encKey = utility.ua2words(KeyPair.deriveSharedKey(keyPair, pk, salt, signSchema), 32);
+        const encKey = utility.ua2words(KeyPair.deriveSharedKey(keyPair, pk, salt, networkType), 32);
         const encIv = {
             iv: utility.ua2words(iv, 16),
         };
@@ -291,18 +293,18 @@ export class Crypto {
      * @param {string} recipientPrivate - A recipient private key
      * @param {string} senderPublic - A sender public key
      * @param {string} _payload - An encrypted message payload
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {NetworkType} networkType - Catapult network identifier
      * @return {string} - The decoded payload as hex
      */
-    public static decode = (recipientPrivate, senderPublic, _payload, signSchema: SignSchema = SignSchema.SHA3) => {
+    public static decode = (recipientPrivate, senderPublic, _payload, networkType: NetworkType) => {
         // Error
         if (!recipientPrivate || !senderPublic || !_payload) { throw new Error('Missing argument !'); }
         // Processing
         const binPayload = convert.hexToUint8(_payload);
         const payload = new Uint8Array(binPayload.buffer, 48);
         const salt = new Uint8Array(binPayload.buffer, 0, 32);
         const iv = new Uint8Array(binPayload.buffer, 32, 16);
-        const decoded = Crypto._decode(recipientPrivate, senderPublic, payload, iv, salt, signSchema);
+        const decoded = Crypto._decode(recipientPrivate, senderPublic, payload, iv, salt, networkType);
         return decoded;
     }
 
@@ -316,4 +318,18 @@ export class Crypto {
         const crypto = require('crypto');
         return crypto.randomBytes(length);
     }
+
+    /**
+     * Resolve signature schema from given network type
+     *
+     * @param {NetworkType} networkType - Network type
+     *
+     * @return {SignSchema}
+     */
+    public static resolveNetworkType(networkType: NetworkType): SignSchema {
+        if (networkType === NetworkType.MAIN_NET || networkType === NetworkType.TEST_NET) {
+            return SignSchema.KECCAK;
+        }
+        return SignSchema.SHA3;
+    }
 }

src/core/crypto/KeyPair.ts

@@ -13,26 +13,23 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import { NetworkType } from '../../model/blockchain/NetworkType';
 import { Convert as convert } from '../format';
-import { SignSchema } from './SignSchema';
 import * as Utility from './Utilities';
 
 export class KeyPair {
     /**
      * Creates a key pair from a private key string.
      * @param {string} privateKeyString A hex encoded private key string.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {networkType} networkType Catapult network identifier
      * @returns {module:crypto/keyPair~KeyPair} The key pair.
      */
-    public static createKeyPairFromPrivateKeyString = (privateKeyString, signSchema = SignSchema.SHA3) => {
+    public static createKeyPairFromPrivateKeyString = (privateKeyString: string, networkType: NetworkType) => {
         const privateKey = convert.hexToUint8(privateKeyString);
-
-        // KECCAK_REVERSED_KEY uses reversed private key.
-        const secretKey = signSchema === SignSchema.SHA3 ? privateKey : convert.hexToUint8Reverse(privateKeyString);
         if (Utility.Key_Size !== privateKey.length) {
             throw Error(`private key has unexpected size: ${privateKey.length}`);
         }
-        const publicKey = Utility.catapult_crypto.extractPublicKey(secretKey, Utility.catapult_hash.func, signSchema);
+        const publicKey = Utility.catapult_crypto.extractPublicKey(privateKey, Utility.catapult_hash.func, networkType);
         return {
             privateKey,
             publicKey,
@@ -43,29 +40,24 @@ export class KeyPair {
      * Signs a data buffer with a key pair.
      * @param {module:crypto/keyPair~KeyPair} keyPair The key pair to use for signing.
      * @param {Uint8Array} data The data to sign.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {networkType} networkType Catapult network identifier
      * @returns {Uint8Array} The signature.
      */
-    public static sign = (keyPair, data, signSchema = SignSchema.SHA3) => {
-        let secretKey = keyPair.privateKey;
-        // KECCAK_REVERSED_KEY uses reversed private key.
-        if (signSchema === SignSchema.KECCAK_REVERSED_KEY) {
-            secretKey = convert.hexToUint8Reverse(convert.uint8ToHex(secretKey));
-        }
-        return Utility.catapult_crypto.sign(data, keyPair.publicKey, secretKey,
-                Utility.catapult_hash.createHasher(64, signSchema));
+    public static sign = (keyPair, data: Uint8Array, networkType: NetworkType) => {
+        return Utility.catapult_crypto.sign(data, keyPair.publicKey, keyPair.privateKey,
+                Utility.catapult_hash.createHasher(64, networkType));
     }
 
     /**
      * Verifies a signature.
      * @param {module:crypto/keyPair~PublicKey} publicKey The public key to use for verification.
      * @param {Uint8Array} data The data to verify.
      * @param {Uint8Array} signature The signature to verify.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {networkType} networkType Catapult network identifier
      * @returns {boolean} true if the signature is verifiable, false otherwise.
      */
-    public static verify = (publicKey, data, signature, signSchema = SignSchema.SHA3) => {
-        return Utility.catapult_crypto.verify(publicKey, data, signature, Utility.catapult_hash.createHasher(64, signSchema));
+    public static verify = (publicKey, data: Uint8Array, signature: Uint8Array, networkType: NetworkType) => {
+        return Utility.catapult_crypto.verify(publicKey, data, signature, Utility.catapult_hash.createHasher(64, networkType));
     }
 
     /**
@@ -74,21 +66,16 @@ export class KeyPair {
      * @param {module:crypto/keyPair~KeyPair} keyPair The key pair for which to create the shared key.
      * @param {Uint8Array} publicKey The public key for which to create the shared key.
      * @param {Uint8Array} salt A salt that should be applied to the shared key.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {networkType} networkType Catapult network identifier
      * @returns {Uint8Array} The shared key.
      */
-    public static deriveSharedKey = (keyPair, publicKey, salt, signSchema = SignSchema.SHA3) => {
+    public static deriveSharedKey = (keyPair, publicKey: Uint8Array, salt: Uint8Array, networkType: NetworkType) => {
         if (Utility.Key_Size !== salt.length) {
             throw Error(`salt has unexpected size: ${salt.length}`);
         }
         if (Utility.Key_Size !== publicKey.length) {
             throw Error(`public key has unexpected size: ${salt.length}`);
         }
-        let secretKey = keyPair.privateKey;
-        // KECCAK_REVERSED_KEY uses reversed private key.
-        if (signSchema === SignSchema.KECCAK_REVERSED_KEY) {
-            secretKey = convert.hexToUint8Reverse(convert.uint8ToHex(secretKey));
-        }
-        return Utility.catapult_crypto.deriveSharedKey(salt, secretKey, publicKey, Utility.catapult_hash.func, signSchema);
+        return Utility.catapult_crypto.deriveSharedKey(salt, keyPair.privateKey, publicKey, Utility.catapult_hash.func, networkType);
     }
 }

src/core/crypto/SHA3Hasher.ts

@@ -15,7 +15,9 @@
  */
 
 import { keccak256, keccak512, sha3_256, sha3_512 } from 'js-sha3';
+import { NetworkType } from '../../model/blockchain/NetworkType';
 import { Convert as convert, RawArray as array } from '../format';
+import { Crypto } from './Crypto';
 import { SignSchema } from './SignSchema';
 
 export class SHA3Hasher {
@@ -24,25 +26,25 @@ export class SHA3Hasher {
      * @param {Uint8Array} dest The computed hash destination.
      * @param {Uint8Array} data The data to hash.
      * @param {numeric} length The hash length in bytes.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {NetworkType} networkType Catapult network identifier
      */
-    public static func = (dest, data, length, signSchema = SignSchema.SHA3) => {
-        const hasher = SHA3Hasher.getHasher(length, signSchema);
+    public static func = (dest, data, length, networkType: NetworkType) => {
+        const hasher = SHA3Hasher.getHasher(length, networkType);
         const hash = hasher.arrayBuffer(data);
         array.copy(dest, array.uint8View(hash));
     }
 
     /**
      * Creates a hasher object.
      * @param {numeric} length The hash length in bytes.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {NetworkType} networkType Catapult network identifier
      * @returns {object} The hasher.
      */
-    public static createHasher = (length = 64, signSchema = SignSchema.SHA3) => {
+    public static createHasher = (length = 64, networkType: NetworkType) => {
         let hash;
         return {
             reset: () => {
-                hash = SHA3Hasher.getHasher(length, signSchema).create();
+                hash = SHA3Hasher.getHasher(length, networkType).create();
             },
             update: (data: any) => {
                 if (data instanceof Uint8Array) {
@@ -62,13 +64,25 @@ export class SHA3Hasher {
     /**
      * Get a hasher instance.
      * @param {numeric} length The hash length in bytes.
-     * @param {SignSchema} signSchema The Sign Schema. (KECCAK_REVERSED_KEY / SHA3)
+     * @param {NetworkType} networkType Catapult network identifier
      * @returns {object} The hasher.
      */
-    public static getHasher = (length = 64, signSchema = SignSchema.SHA3) => {
+    public static getHasher = (length = 64, networkType: NetworkType) => {
+        const signSchema = Crypto.resolveNetworkType(networkType);
         return {
             32: signSchema === SignSchema.SHA3 ? sha3_256 : keccak256,
             64: signSchema === SignSchema.SHA3 ? sha3_512 : keccak512 ,
         } [length];
     }
+
+    /**
+     * Create a hasher instance with given payload bytes and return hash array buffer.
+     * @param {Uint8Array} payload Payload in bytes.
+     * @param {NetworkType} networkType Catapult network identifier
+     * @returns {ArrayBuffer}
+     */
+    public static getHashArrayBuffer(payload: Uint8Array, networkType: NetworkType): ArrayBuffer {
+        const signSchema = Crypto.resolveNetworkType(networkType);
+        return signSchema === SignSchema.SHA3 ? sha3_256.arrayBuffer(payload) : keccak256.arrayBuffer(payload);
+    }
 }

src/core/crypto/SignSchema.ts

@@ -15,10 +15,10 @@
  */
 
  /**
-  * [KECCAK_REVERSED_KEY]: Keccak hash algorithm with reversed private keys.
+  * [KECCAK]: Keccak hash algorithm.
   * [SHA3]: SHA3 hash algorithm without key reversal
   */
 export enum SignSchema {
-    KECCAK_REVERSED_KEY = 1,
+    KECCAK = 1,
     SHA3 = 2,
 }

src/core/crypto/Utilities.ts

@@ -13,10 +13,10 @@
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import { NetworkType } from '../../model/blockchain/NetworkType';
 import { RawArray as array } from '../format';
 import * as nacl from './nacl_catapult';
 import { SHA3Hasher as sha3Hasher } from './SHA3Hasher';
-import { SignSchema } from './SignSchema';
 export const CryptoJS = require('crypto-js');
 export const Key_Size = 32;
 export const Signature_Size = 64;
@@ -74,9 +74,9 @@ export const catapult_crypto = (function() {
         d[31] |= 64;
     }
 
-    function prepareForScalarMult(sk, hashfunc, signSchema: SignSchema) {
+    function prepareForScalarMult(sk, hashfunc, networkType: NetworkType) {
         const d = new Uint8Array(Hash_Size);
-        hashfunc(d, sk, Hash_Size, signSchema);
+        hashfunc(d, sk, Hash_Size, networkType);
         clamp(d);
         return d;
     }
@@ -108,9 +108,9 @@ export const catapult_crypto = (function() {
     })();
 
     return {
-        extractPublicKey: (sk, hashfunc, signSchema: SignSchema) => {
+        extractPublicKey: (sk, hashfunc, networkType: NetworkType) => {
             const c = nacl;
-            const d = prepareForScalarMult(sk, hashfunc, signSchema);
+            const d = prepareForScalarMult(sk, hashfunc, networkType);
 
             const p = [c.gf(), c.gf(), c.gf(), c.gf()];
             const pk = new Uint8Array(Key_Size);
@@ -201,9 +201,9 @@ export const catapult_crypto = (function() {
             return 0 === c.crypto_verify_32(signature, 0, t, 0);
         },
 
-        deriveSharedKey: (salt, sk, pk, hashfunc, signSchema: SignSchema) => {
+        deriveSharedKey: (salt, sk, pk, hashfunc, networkType: NetworkType) => {
             const c = nacl;
-            const d = prepareForScalarMult(sk, hashfunc, signSchema);
+            const d = prepareForScalarMult(sk, hashfunc, networkType);
 
             // sharedKey = pack(p = d (derived from sk) * q (derived from pk))
             const q = [c.gf(), c.gf(), c.gf(), c.gf()];
@@ -218,7 +218,7 @@ export const catapult_crypto = (function() {
             }
             // return the hash of the result
             const sharedKeyHash = new Uint8Array(Key_Size);
-            hashfunc(sharedKeyHash, sharedKey, Key_Size, signSchema);
+            hashfunc(sharedKeyHash, sharedKey, Key_Size, networkType);
             return sharedKeyHash;
         },
     };

src/core/crypto/nacl_catapult.ts

@@ -672,11 +672,11 @@ export const cleanup = (arr) => {
     }
 };
 
-export const crypto_shared_key_hash = (shared, pk, sk, hashfunc, signSchema) => {
+export const crypto_shared_key_hash = (shared, pk, sk, hashfunc, networkType) => {
     const d = new Uint8Array(64);
     const p = [gf(), gf(), gf(), gf()];
 
-    hashfunc(d, sk, 32, signSchema);
+    hashfunc(d, sk, 32, networkType);
     d[0] &= 248;
     d[31] &= 127;
     d[31] |= 64;