prysm-pulse/shared/bls/blst/secret_key.go

// +build linux,amd64 linux,arm64
// +build blst_enabled

package blst

import (
	"fmt"

	"github.com/pkg/errors"
	"github.com/prysmaticlabs/prysm/shared/bls/iface"
	"github.com/prysmaticlabs/prysm/shared/featureconfig"
	"github.com/prysmaticlabs/prysm/shared/params"
	"github.com/prysmaticlabs/prysm/shared/rand"
	blst "github.com/supranational/blst/bindings/go"
)

// bls12SecretKey used in the BLS signature scheme.
type bls12SecretKey struct {
	p *blst.SecretKey
}

// RandKey creates a new private key using a random method provided as an io.Reader.
func RandKey() iface.SecretKey {
	// Generate 32 bytes of randomness
	var ikm [32]byte
	_, err := rand.NewGenerator().Read(ikm[:])
	if err != nil {
		return nil
	}
	return &bls12SecretKey{blst.KeyGen(ikm[:])}
}

// SecretKeyFromBytes creates a BLS private key from a BigEndian byte slice.
func SecretKeyFromBytes(privKey []byte) (iface.SecretKey, error) {
	if len(privKey) != params.BeaconConfig().BLSSecretKeyLength {
		return nil, fmt.Errorf("secret key must be %d bytes", params.BeaconConfig().BLSSecretKeyLength)
	}

	secKey := new(blst.SecretKey).Deserialize(privKey)
	if secKey == nil {
		return nil, errors.New("could not unmarshal bytes into secret key")
	}

	return &bls12SecretKey{p: secKey}, nil
}

// PublicKey obtains the public key corresponding to the BLS secret key.
func (s *bls12SecretKey) PublicKey() iface.PublicKey {
	return &PublicKey{p: new(blstPublicKey).From(s.p)}
}

// Sign a message using a secret key - in a beacon/validator client.
//
// In IETF draft BLS specification:
// Sign(SK, message) -> signature: a signing algorithm that generates
//      a deterministic signature given a secret key SK and a message.
//
// In ETH2.0 specification:
// def Sign(SK: int, message: Bytes) -> BLSSignature
func (s *bls12SecretKey) Sign(msg []byte) iface.Signature {
	if featureconfig.Get().SkipBLSVerify {
		return &Signature{}
	}
	signature := new(blstSignature).Sign(s.p, msg, dst)
	return &Signature{s: signature}
}

// Marshal a secret key into a LittleEndian byte slice.
func (s *bls12SecretKey) Marshal() []byte {
	keyBytes := s.p.Serialize()
	if len(keyBytes) < params.BeaconConfig().BLSSecretKeyLength {
		emptyBytes := make([]byte, params.BeaconConfig().BLSSecretKeyLength-len(keyBytes))
		keyBytes = append(emptyBytes, keyBytes...)
	}
	return keyBytes
}
Add blst for BLS (#6539) * Add blst third party dep * initial build * add init * blst passing tests * add feature flag * blst and herumi for spec tests * maybe this works for mac * Actually set feature flag * Add stub for VerifyMultipleSignatures for blst * verifyCompressed * use correct cores sizes * aggregate public keys * add multi-sig verification * encode not hash * revert back * go mod tidy * update blst to latest commit * add batch decompress * fix * add test * gofmt * update blst * go mod tidy * remove kubesec, fix * mod tidy * disable some remote cache * disable some remote cache * disable some remote cache * disable some remote cache * Switch to -D__ADX__ * update * tidy * fix build * Make blst for only linux,amd64 * gofmt * lint * lint * gazelle * fix build tag * more stub methods * shift adx instructions to x86 * fix arm64 * Revert "fix arm64" This reverts commit 4d34ac21b7509a1b385374e3039efecfcab614c1. * add one more in * Revert "Revert "fix arm64"" This reverts commit 1c8ae24ad16ff9811590f1058b9d98c90b63251a. * try darwin now * Revert "try darwin now" This reverts commit 6f884714b8e14a7a803b72157672b6e942047f37. * Add sha256 * remove TODO * checkpoint * finally builds * fix up * add tag * try again * explicit disabling * remove * select properly * fix * better * make CI happy too * Update .bazelrc * Update .bazelrc * fix tests * revert back * Update shared/bls/blst/public_key.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * Update shared/bls/blst/public_key.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * clean up tests * more clean up * clean up * add * Update shared/bls/blst/signature.go * Update shared/bls/blst/signature.go * Update .buildkite-bazelrc Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * try again * remove go tag * revert change * gaz * gazelle ignore Co-authored-by: nisdas <nishdas93@gmail.com> Co-authored-by: Victor Farazdagi <simple.square@gmail.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> 2020-09-16 13:28:28 +00:00			`// +build linux,amd64 linux,arm64`
fix blst build tag (#7443) * fix blst build tag * fix fuzz build * remove buildkite specific bazelrc line * remove conflicting kafka gotag in CI * fix again Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> Co-authored-by: Raul Jordan <raul@prysmaticlabs.com> 2020-10-08 18:37:12 +00:00			`// +build blst_enabled`
Add blst for BLS (#6539) * Add blst third party dep * initial build * add init * blst passing tests * add feature flag * blst and herumi for spec tests * maybe this works for mac * Actually set feature flag * Add stub for VerifyMultipleSignatures for blst * verifyCompressed * use correct cores sizes * aggregate public keys * add multi-sig verification * encode not hash * revert back * go mod tidy * update blst to latest commit * add batch decompress * fix * add test * gofmt * update blst * go mod tidy * remove kubesec, fix * mod tidy * disable some remote cache * disable some remote cache * disable some remote cache * disable some remote cache * Switch to -D__ADX__ * update * tidy * fix build * Make blst for only linux,amd64 * gofmt * lint * lint * gazelle * fix build tag * more stub methods * shift adx instructions to x86 * fix arm64 * Revert "fix arm64" This reverts commit 4d34ac21b7509a1b385374e3039efecfcab614c1. * add one more in * Revert "Revert "fix arm64"" This reverts commit 1c8ae24ad16ff9811590f1058b9d98c90b63251a. * try darwin now * Revert "try darwin now" This reverts commit 6f884714b8e14a7a803b72157672b6e942047f37. * Add sha256 * remove TODO * checkpoint * finally builds * fix up * add tag * try again * explicit disabling * remove * select properly * fix * better * make CI happy too * Update .bazelrc * Update .bazelrc * fix tests * revert back * Update shared/bls/blst/public_key.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * Update shared/bls/blst/public_key.go Co-authored-by: Victor Farazdagi <simple.square@gmail.com> * clean up tests * more clean up * clean up * add * Update shared/bls/blst/signature.go * Update shared/bls/blst/signature.go * Update .buildkite-bazelrc Co-authored-by: Preston Van Loon <preston@prysmaticlabs.com> * try again * remove go tag * revert change * gaz * gazelle ignore Co-authored-by: nisdas <nishdas93@gmail.com> Co-authored-by: Victor Farazdagi <simple.square@gmail.com> Co-authored-by: prylabs-bulldozer[bot] <58059840+prylabs-bulldozer[bot]@users.noreply.github.com> 2020-09-16 13:28:28 +00:00
			`package blst`

			`import (`
			`"fmt"`

			`"github.com/pkg/errors"`
			`"github.com/prysmaticlabs/prysm/shared/bls/iface"`
			`"github.com/prysmaticlabs/prysm/shared/featureconfig"`
			`"github.com/prysmaticlabs/prysm/shared/params"`
			`"github.com/prysmaticlabs/prysm/shared/rand"`
			`blst "github.com/supranational/blst/bindings/go"`
			`)`

			`// bls12SecretKey used in the BLS signature scheme.`
			`type bls12SecretKey struct {`
			`p *blst.SecretKey`
			`}`

			`// RandKey creates a new private key using a random method provided as an io.Reader.`
			`func RandKey() iface.SecretKey {`
			`// Generate 32 bytes of randomness`
			`var ikm [32]byte`
			`_, err := rand.NewGenerator().Read(ikm[:])`
			`if err != nil {`
			`return nil`
			`}`
			`return &bls12SecretKey{blst.KeyGen(ikm[:])}`
			`}`

			`// SecretKeyFromBytes creates a BLS private key from a BigEndian byte slice.`
			`func SecretKeyFromBytes(privKey []byte) (iface.SecretKey, error) {`
			`if len(privKey) != params.BeaconConfig().BLSSecretKeyLength {`
			`return nil, fmt.Errorf("secret key must be %d bytes", params.BeaconConfig().BLSSecretKeyLength)`
			`}`

			`secKey := new(blst.SecretKey).Deserialize(privKey)`
			`if secKey == nil {`
			`return nil, errors.New("could not unmarshal bytes into secret key")`
			`}`

			`return &bls12SecretKey{p: secKey}, nil`
			`}`

			`// PublicKey obtains the public key corresponding to the BLS secret key.`
			`func (s *bls12SecretKey) PublicKey() iface.PublicKey {`
			`return &PublicKey{p: new(blstPublicKey).From(s.p)}`
			`}`

			`// Sign a message using a secret key - in a beacon/validator client.`
			`//`
			`// In IETF draft BLS specification:`
			`// Sign(SK, message) -> signature: a signing algorithm that generates`
			`// a deterministic signature given a secret key SK and a message.`
			`//`
			`// In ETH2.0 specification:`
			`// def Sign(SK: int, message: Bytes) -> BLSSignature`
			`func (s *bls12SecretKey) Sign(msg []byte) iface.Signature {`
			`if featureconfig.Get().SkipBLSVerify {`
			`return &Signature{}`
			`}`
			`signature := new(blstSignature).Sign(s.p, msg, dst)`
			`return &Signature{s: signature}`
			`}`

			`// Marshal a secret key into a LittleEndian byte slice.`
			`func (s *bls12SecretKey) Marshal() []byte {`
			`keyBytes := s.p.Serialize()`
			`if len(keyBytes) < params.BeaconConfig().BLSSecretKeyLength {`
			`emptyBytes := make([]byte, params.BeaconConfig().BLSSecretKeyLength-len(keyBytes))`
			`keyBytes = append(emptyBytes, keyBytes...)`
			`}`
			`return keyBytes`
			`}`