diff --git a/libp2p/Cargo.toml b/libp2p/Cargo.toml index ff4488d2..4e952ade 100644 --- a/libp2p/Cargo.toml +++ b/libp2p/Cargo.toml @@ -4,7 +4,8 @@ version = "0.1.0" authors = ["Parity Technologies "] [features] -default = ["libp2p-secio"] +default = ["libp2p-secio", "libp2p-secio-secp256k1"] +libp2p-secio-secp256k1 = ["libp2p-secio/secp256k1"] [dependencies] bytes = "0.4" @@ -24,7 +25,7 @@ tokio-io = "0.1" [target.'cfg(not(target_os = "emscripten"))'.dependencies] libp2p-dns = { path = "../dns" } -libp2p-secio = { path = "../secio", optional = true } +libp2p-secio = { path = "../secio", optional = true, default-features = false } libp2p-tcp-transport = { path = "../tcp-transport" } tokio-core = "0.1" diff --git a/secio/Cargo.toml b/secio/Cargo.toml index 2ee39943..c1e0e929 100644 --- a/secio/Cargo.toml +++ b/secio/Cargo.toml @@ -14,10 +14,13 @@ rand = "0.3.17" ring = { version = "0.12.1", features = ["rsa_signing"] } rust-crypto = "^0.2" rw-stream-sink = { path = "../rw-stream-sink" } -secp256k1 = "0.9" +secp256k1 = { version = "0.9", optional = true } tokio-io = "0.1.0" untrusted = "0.5.1" +[features] +default = ["secp256k1"] + [dev-dependencies] libp2p-tcp-transport = { path = "../tcp-transport" } tokio-core = "0.1.6" diff --git a/secio/src/handshake.rs b/secio/src/handshake.rs index d7853899..484b5fba 100644 --- a/secio/src/handshake.rs +++ b/secio/src/handshake.rs @@ -36,6 +36,7 @@ use ring::rand::SecureRandom; use ring::signature::verify as signature_verify; use ring::signature::{RSASigningState, RSA_PKCS1_2048_8192_SHA256, RSA_PKCS1_SHA256, ED25519}; use ring::{agreement, digest, rand}; +#[cfg(feature = "secp256k1")] use secp256k1; use std::cmp::{self, Ordering}; use std::io::{Error as IoError, ErrorKind as IoErrorKind}; @@ -152,6 +153,7 @@ where SecioKeyPairInner::Ed25519 { .. } => { public_key.set_Type(KeyTypeProtobuf::Ed25519); }, + #[cfg(feature = "secp256k1")] SecioKeyPairInner::Secp256k1 { .. } => { public_key.set_Type(KeyTypeProtobuf::Secp256k1); }, @@ -335,6 +337,7 @@ where let signature = key_pair.sign(&data_to_sign); signature.as_ref().to_owned() }, + #[cfg(feature = "secp256k1")] SecioKeyPairInner::Secp256k1 { ref private } => { let data_to_sign = digest::digest(&digest::SHA256, &data_to_sign); let message = secp256k1::Message::from_slice(data_to_sign.as_ref()) @@ -429,6 +432,7 @@ where }, } }, + #[cfg(feature = "secp256k1")] Some(SecioPublicKey::Secp256k1(ref remote_public_key)) => { let data_to_verify = digest::digest(&digest::SHA256, &data_to_verify); let message = secp256k1::Message::from_slice(data_to_verify.as_ref()) @@ -449,6 +453,11 @@ where return Err(SecioError::SignatureVerificationFailed) } }, + #[cfg(not(feature = "secp256k1"))] + Some(SecioPublicKey::Secp256k1(_)) => { + debug!("support for secp256k1 was disabled at compile-time"); + return Err(SecioError::SignatureVerificationFailed); + }, None => unreachable!("we store a Some in the remote public key before reaching \ this point") }; @@ -618,6 +627,7 @@ mod tests { } #[test] + #[cfg(feature = "secp256k1")] fn handshake_with_self_succeeds_secp256k1() { let key1 = { let key = include_bytes!("../tests/test-secp256k1-private-key.der"); diff --git a/secio/src/lib.rs b/secio/src/lib.rs index 2c7eb279..63f249dd 100644 --- a/secio/src/lib.rs +++ b/secio/src/lib.rs @@ -81,6 +81,7 @@ //! `SecioMiddleware` that implements `Sink` and `Stream` and can be used to send packets of data. //! +#[cfg(feature = "secp256k1")] extern crate asn1_der; extern crate bytes; extern crate crypto; @@ -92,12 +93,14 @@ extern crate protobuf; extern crate rand; extern crate ring; extern crate rw_stream_sink; +#[cfg(feature = "secp256k1")] extern crate secp256k1; extern crate tokio_io; extern crate untrusted; pub use self::error::SecioError; +#[cfg(feature = "secp256k1")] use asn1_der::{DerObject, traits::FromDerEncoded, traits::FromDerObject}; use bytes::{Bytes, BytesMut}; use futures::stream::MapErr as StreamMapErr; @@ -198,6 +201,7 @@ impl SecioKeyPair { } /// Builds a `SecioKeyPair` from a raw secp256k1 32 bytes private key. + #[cfg(feature = "secp256k1")] pub fn secp256k1_raw_key(key: K) -> Result> where K: AsRef<[u8]> { @@ -212,6 +216,7 @@ impl SecioKeyPair { } /// Builds a `SecioKeyPair` from a secp256k1 private key in DER format. + #[cfg(feature = "secp256k1")] pub fn secp256k1_from_der(key: K) -> Result> where K: AsRef<[u8]> { @@ -233,6 +238,7 @@ impl SecioKeyPair { SecioKeyPairInner::Ed25519 { ref key_pair } => { SecioPublicKey::Ed25519(key_pair.public_key_bytes().to_vec()) }, + #[cfg(feature = "secp256k1")] SecioKeyPairInner::Secp256k1 { ref private } => { let secp = secp256k1::Secp256k1::with_caps(secp256k1::ContextFlag::SignOnly); let pubkey = secp256k1::key::PublicKey::from_secret_key(&secp, private) @@ -251,6 +257,7 @@ impl SecioKeyPair { SecioKeyPairInner::Ed25519 { ref key_pair } => { PublicKeyBytesSlice(key_pair.public_key_bytes()).into() }, + #[cfg(feature = "secp256k1")] SecioKeyPairInner::Secp256k1 { ref private } => { let secp = secp256k1::Secp256k1::with_caps(secp256k1::ContextFlag::None); let pubkey = secp256k1::key::PublicKey::from_secret_key(&secp, private) @@ -276,6 +283,7 @@ enum SecioKeyPairInner { // We use an `Arc` so that we can clone the enum. key_pair: Arc, }, + #[cfg(feature = "secp256k1")] Secp256k1 { private: secp256k1::key::SecretKey, },