Skip to content

chore(crypto): CRP-2436 Reduce usage of basic_sig crates #8583

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
randombit merged 37 commits into from
Feb 3, 2026
Merged

chore(crypto): CRP-2436 Reduce usage of basic_sig crates #8583

randombit merged 37 commits into from
Feb 3, 2026

Conversation

@randombit
Copy link
Contributor

@randombit randombit commented Jan 28, 2026

No description provided.

@github-actions github-actions bot added the chore label Jan 28, 2026
@randombit randombit marked this pull request as ready for review January 29, 2026 21:50
@randombit randombit requested a review from a team as a code owner January 29, 2026 21:50
@randombit randombit requested review from Copilot and fspreiss January 30, 2026 15:12
Copilot AI reviewed Jan 30, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR refactors several crypto components to reduce direct usage of internal basic_sig crates in favor of the shared ic-ed25519, ic-secp256k1, and ic-secp256r1 packages, and tightens DER/canonical encoding handling across the stack.

Changes:

  • Switched Ed25519, secp256k1, and secp256r1 public‑key and signature verification logic from internal basic_sig_* crates to the shared ic-* packages, including in the standalone signature verifier and key‑conversion utilities.
  • Updated node key and TLS certificate validation code (and associated tests) to use ic-ed25519 directly, explicitly validate algorithm IDs, key lengths, torsion properties, and improved error reporting.
  • Simplified DER utilities (der_utils), reimplemented ICCSA public‑key parsing on top of lower‑level DER parsing, and adjusted Bazel/Cargo dependencies accordingly.

Reviewed changes

Copilot reviewed 30 out of 31 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
rs/validator/http_request_test_utils/src/tests.rs Test helpers and assertions now verify Ed25519 signatures using ic_ed25519::PublicKey directly instead of internal basic_sig types.
rs/validator/http_request_test_utils/Cargo.toml Replaces dev‑dependency on internal ed25519 basic_sig crate with ic-ed25519 package.
rs/validator/http_request_test_utils/BUILD.bazel Updates dev Bazel dep from internal ed25519 crate to //packages/ic-ed25519.
rs/crypto/standalone-sig-verifier/src/sign_utils.rs Reworks user public‑key parsing to use algo_id_and_public_key_bytes_from_der plus the ic-* key packages and adds new helpers using those crates (Ed25519 DER conversion, P‑256 signature DER decoding).
rs/crypto/standalone-sig-verifier/src/lib.rs Reimplements verify_basic_sig_by_public_key for Ed25519, P‑256, and secp256k1 using the new key packages, with explicit length checks and richer CryptoError reporting.
rs/crypto/standalone-sig-verifier/Cargo.toml Adds ic-ed25519, ic-secp256k1, and ic-secp256r1 deps and drops the older internal basic_sig and p256/sha2 deps.
rs/crypto/standalone-sig-verifier/BUILD.bazel Mirrors Cargo changes by depending on the new key packages and dropping the internal basic_sig crates.
rs/crypto/src/sign/canister_threshold_sig/idkg/dealing/tests.rs Updates a test to use the shared ic_ed25519::SIGNATURE_BYTES constant instead of an internal signature‑size constant.
rs/crypto/node_key_validation/tls_cert_validation/src/tests.rs Refactors helpers to mutate raw Ed25519 public‑key bytes directly (via curve25519‑dalek) instead of going through basic_sig wrappers.
rs/crypto/node_key_validation/tls_cert_validation/src/lib.rs Switches TLS cert Ed25519 key extraction/verification to ic-ed25519::PublicKey, using torsion‑free checks and direct signature verification with detailed CryptoErrors.
rs/crypto/node_key_validation/tls_cert_validation/Cargo.toml Replaces internal ed25519 basic_sig dependency with ic-ed25519.
rs/crypto/node_key_validation/tls_cert_validation/BUILD.bazel Bazel dependency moved from internal ed25519 basic_sig crate to //packages/ic-ed25519.
rs/crypto/node_key_validation/src/tests.rs Updates node‑signing key validation tests and invalid‑pubkey helpers to use ic-ed25519 and new error messages (unexpected length, torsion component).
rs/crypto/node_key_validation/src/lib.rs Reimplements ValidNodeSigningPublicKey using ic-ed25519::PublicKey, with explicit algorithm/length checks, torsion‑freeness, and a new DER‑based derive_node_id.
rs/crypto/node_key_validation/Cargo.toml Adds ic-ed25519 dependency and removes internal ed25519 basic_sig.
rs/crypto/node_key_validation/BUILD.bazel Bazel dependency switched to //packages/ic-ed25519.
rs/crypto/internal/crypto_service_provider/src/vault/local_csp_vault/public_and_secret_key_store/tests.rs Adjusts expected error strings for invalid node signing keys to match the new validation paths (but currently expects a shorter string than the implementation actually produces).
rs/crypto/internal/crypto_lib/basic_sig/ed25519/src/api.rs Routes Ed25519 keygen, DER conversion, signing, verification, and public‑key verification through ic-ed25519 instead of hand‑rolled logic.
rs/crypto/internal/crypto_lib/basic_sig/ed25519/BUILD.bazel Narrows visibility by removing the validator http_request_test_utils subpackage export (now using ic-ed25519).
rs/crypto/internal/crypto_lib/basic_sig/ecdsa_secp256r1/tests/api_tests.rs Updates test expectations to the new “Non‑canonical encoding” error wording coming from ic-secp256r1.
rs/crypto/internal/crypto_lib/basic_sig/ecdsa_secp256r1/src/api.rs Uses ic-secp256r1::PublicKey::deserialize_canonical_der, delegating canonicality checks to the shared package and simplifying public‑key parsing.
rs/crypto/internal/crypto_lib/basic_sig/der_utils/src/lib.rs Removes the higher‑level parse_public_key helper and its ic-types dependency, keeping only DER parsing of algorithm ID and public‑key bytes.
rs/crypto/internal/crypto_lib/basic_sig/der_utils/Cargo.toml Drops ic-types dependency, since DER utilities no longer construct CryptoErrors directly.
rs/crypto/internal/crypto_lib/basic_sig/der_utils/BUILD.bazel Removes the //rs/types/types Bazel dependency accordingly.
rs/crypto/iccsa/src/api.rs Reimplements ICCSA public_key_bytes_from_der on top of algo_id_and_public_key_bytes_from_der and explicit OID comparison, returning clearer MalformedPublicKey errors.
rs/crypto/Cargo.toml Moves the dependency on the internal Ed25519 basic_sig crate from the main dependencies to dev‑dependencies, reflecting its reduced usage.
rs/crypto/BUILD.bazel Mirrors Cargo changes by only depending on internal basic_sig Ed25519 in dev dependencies.
packages/ic-secp256r1/src/lib.rs Adds canonical‑DER public‑key deserialization and a helper to decode DER‑encoded P‑256 signatures to raw 64‑byte form.
packages/ic-secp256k1/src/lib.rs Adds canonical‑DER public‑key deserialization analogous to the P‑256 helper.
packages/ic-ed25519/src/lib.rs Introduces SIGNATURE_BYTES, refactors DER conversion into convert_raw32_to_der, and uses the constant for signature size checks and signers.
Cargo.lock Synchronizes lockfile with the new crate dependencies and the removal of now‑unused ones.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

fspreiss
fspreiss approved these changes Feb 2, 2026
View reviewed changes
Copy link
Contributor

@fspreiss fspreiss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very nice cleanup, @randombit! Thanks!

@randombit randombit enabled auto-merge February 2, 2026 17:49
fspreiss
fspreiss approved these changes Feb 3, 2026
View reviewed changes
Copy link
Contributor

@fspreiss fspreiss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for addressing the feedback, @randombit!

@randombit randombit disabled auto-merge February 3, 2026 12:50
@randombit randombit enabled auto-merge February 3, 2026 20:56
@randombit randombit added this pull request to the merge queue Feb 3, 2026
Merged via the queue into master with commit 1b595e4 Feb 3, 2026
67 of 68 checks passed
@randombit randombit deleted the jack/crp-2436-part2 branch February 3, 2026 21:25
kpop-dfinity pushed a commit that referenced this pull request Feb 5, 2026
@randombit @kpop-dfinity
chore(crypto): CRP-2436 Reduce usage of basic_sig crates (#8583)
6b1c33d 
Co-authored-by: IDX GitHub Automation <infra+github-automation@dfinity.org>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@fspreiss fspreiss fspreiss approved these changes

Assignees

No one assigned

Labels

chore @consensus

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@randombit @fspreiss