secp256r1: Deprecate openssl types in public API #126
Conversation
#### Problem This is anza-xyz#114, but for secp256r1 instead, removing external types from the public interface. #### Summary of changes This one was a bit more complicated because it uses openssl types, which aren't as straightforward as simple bytes, so it uses bytes encoded in DER as the interface. This seemed like the most standard format from simple web searching, but I'm certainly no expert in this area. There seemed to also be a lot of vecs in the new instruction implementation, which shouldn't be necessary, so I changed those to arrays.
secp256r1-program/src/lib.rs
Outdated
|
|
||
| pub fn sign_message( | ||
| message: &[u8], | ||
| der: &[u8], |
There was a problem hiding this comment.
This looks fine, but should we rename the der variable to priv_key_bytes_der or priv_key_der to be more specific? der can mean an encoding for signatures as well, so it might be worth making it clear from just the function syntax (though we immediately parse as a signing key below).
There was a problem hiding this comment.
Makes sense to me! I went with priv_key_bytes_der
| } | ||
|
|
||
| assert_eq!(pubkey.len(), COMPRESSED_PUBKEY_SERIALIZED_SIZE); | ||
| assert_eq!(signature.len(), SIGNATURE_SERIALIZED_SIZE); |
There was a problem hiding this comment.
It seems that the pubkey length check was added above, but the signature length check was removed. Is this intended?
There was a problem hiding this comment.
That's correct -- signing_key.public_key().to_bytes() returns Vec<u8>, so we aren't 100% sure the size is correct, whereas sign_message returns [u8; SIGNATURE_SERIALIZED_SIZE], so we already know statically that the size is correct, which means it's unnecessary to check the size.
* secp256r1: Deprecate openssl types in public API #### Problem This is anza-xyz#114, but for secp256r1 instead, removing external types from the public interface. #### Summary of changes This one was a bit more complicated because it uses openssl types, which aren't as straightforward as simple bytes, so it uses bytes encoded in DER as the interface. This seemed like the most standard format from simple web searching, but I'm certainly no expert in this area. There seemed to also be a lot of vecs in the new instruction implementation, which shouldn't be necessary, so I changed those to arrays. * Rename variable
Problem
This is #114, but for secp256r1 instead, removing external types from the public interface.
Summary of changes
This one was a bit more complicated because it uses openssl types, which aren't as straightforward as simple bytes, so it uses bytes encoded in DER as the interface. This seemed like the most standard format from simple web searching, but I'm certainly no expert in this area.
There seemed to also be a lot of vecs in the new instruction implementation, which shouldn't be necessary, so I changed those to arrays.