sign/verify DkgPublicShares and DkgPrivateShares

stacks-network · Aug 23, 2023 · 11de007 · 11de007
1 parent 8cf431b
commit 11de007
Showing 1 changed file with 18 additions and 16 deletions.
diff --git a/testnet/stacks-node/src/tests/neon_integrations.rs b/testnet/stacks-node/src/tests/neon_integrations.rs
@@ -11177,11 +11177,7 @@ pub fn make_shared_secret(private_key: &Scalar, public_key: &Point) -> [u8; 32]
     hasher.update("DH_SHARED_SECRET_KEY/".as_bytes());
     hasher.update(shared_key.compress().as_bytes());
 
-    let hash = hasher.finalize();
-    let mut bytes = [0u8; 32];
-
-    bytes.clone_from_slice(hash.as_slice());
-    bytes
+    hasher.finalize().into()
 }
 
 pub const AES_GCM_NONCE_SIZE: usize = 12;
@@ -11401,14 +11397,14 @@ for i in 0..num_signers {
             break;
         }
         let party_shares = signers[i as usize].get_poly_commitments(&mut rng).iter().map(|pc| (pc.id.id.get_u32(), pc.clone())).collect::<Vec<(u32, PolyCommitment)>>();
-        let dkg_public_shares = MessageTypes::DkgPublicShares(DkgPublicShares {
-                dkg_id: DKG_ID,
-                dkg_public_id: DKG_PUBLIC_ID,
-                party_shares,
-        });
+        let dkg_public_shares = DkgPublicShares {
+            dkg_id: DKG_ID,
+            dkg_public_id: DKG_PUBLIC_ID,
+            party_shares,
+        };
         let dkg_public_shares = Message {
-            msg: dkg_public_shares,
-            sig: vec![],
+            sig: dkg_public_shares.sign(&signer_ecdsa_private_keys[i as usize]).unwrap(),
+            msg: MessageTypes::DkgPublicShares(dkg_public_shares),
         };
         let dkg_public_bytes = bincode::serialize(&dkg_public_shares).unwrap();
         let ack = post_stackerdb_chunk(
@@ -11433,13 +11429,13 @@ for i in 0..num_signers {
             }
             key_shares.push((key_id, encrypted_shares));
         }
-        let dkg_private_shares = MessageTypes::DkgPrivateShares(DkgPrivateShares {
+        let dkg_private_shares = DkgPrivateShares {
             dkg_id: DKG_ID,
             key_shares,
-        });
+        };
         let dkg_private_shares = Message {
-            msg: dkg_private_shares,
-            sig: vec![],
+            sig: dkg_private_shares.sign(&signer_ecdsa_private_keys[i as usize]).unwrap(),
+            msg: MessageTypes::DkgPrivateShares(dkg_private_shares),
         };
         let dkg_private_bytes = bincode::serialize(&dkg_private_shares).unwrap();
         let ack = post_stackerdb_chunk(
@@ -11466,6 +11462,9 @@ for i in 0..num_signers {
             };
             match msg.msg {
                 MessageTypes::DkgPublicShares(dkg_public_shares) => {
+                    if !dkg_public_shares.verify(&msg.sig, &signer_ecdsa_public_keys[j as usize]) {
+                        panic!("DkgPublicShares failed to verify with the sending signer public key");
+                    }
                     for (key_id, poly) in dkg_public_shares.party_shares {
                         info!("insert poly for key_id {}", key_id);
                         polymap.insert(key_id-1, poly);
@@ -11489,6 +11488,9 @@ for i in 0..num_signers {
             };
             match msg.msg {
                 MessageTypes::DkgPrivateShares(dkg_private_shares) => {
+                    if !dkg_private_shares.verify(&msg.sig, &signer_ecdsa_public_keys[j as usize]) {
+                        panic!("DkgPrivateShares failed to verify with the sending signer public key");
+                    }
                     // iterate over all of the key_ids this signer controls, then grab the shares for key_id
                     for (src_key_id, share_map) in &dkg_private_shares.key_shares {
                         let mut decrypted_shares: hashbrown::HashMap<u32, Scalar> = hashbrown::HashMap::new();