update crypto

chain33.para.toml

@@ -3,6 +3,8 @@ TestNet=false
 CoinSymbol="para"
 EnableParaFork=true
 
+[crypto]
+
 [log]
 # 日志级别，支持debug(dbug)/info/warn/error(eror)/crit
 loglevel = "debug"

chain33.toml

@@ -3,6 +3,7 @@ TestNet=true
 FixTime=false
 version="6.3.0"
 
+[crypto]
 
 [log]
 # 日志级别，支持debug(dbug)/info/warn/error(eror)/crit

plugin/consensus/tendermint/types/const.go

@@ -40,7 +40,7 @@ var (
 	SignMap = map[string]int{
 		"secp256k1": types.SECP256K1,
 		"ed25519":   types.ED25519,
-		"sm2":       types.SM2,
+		"sm2":       types.AuthSM2,
 		"bls":       AuthBLS,
 	}
 )

plugin/crypto/bls/bls.go

@@ -70,6 +70,11 @@ func (d Driver) SignatureFromBytes(b []byte) (sig crypto.Signature, err error) {
 	return SignatureBLS(*sigBytes), nil
 }
 
+// Validate validate msg and signature
+func (d Driver) Validate(msg, pub, sig []byte) error {
+	return crypto.BasicValidation(d, msg, pub, sig)
+}
+
 //Aggregate aggregates signatures together into a new signature.
 func (d Driver) Aggregate(sigs []crypto.Signature) (crypto.Signature, error) {
 	if len(sigs) == 0 {
@@ -304,6 +309,5 @@ const Name = "bls"
 const ID = 259
 
 func init() {
-	crypto.Register(Name, &Driver{}, false)
-	crypto.RegisterType(Name, ID)
+	crypto.Register(Name, &Driver{}, crypto.WithOptionTypeID(ID))
 }

plugin/crypto/ecdsa/ecdsa.go

-// Copyright Fuzamei Corp. 2018 All Rights Reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ecdsa
-
-import (
-	"bytes"
-	"errors"
-	"fmt"
-
-	"crypto/ecdsa"
-	"crypto/elliptic"
-	"crypto/rand"
-	"encoding/asn1"
-	"math/big"
-
-	"github.com/33cn/chain33/common/crypto"
-)
-
-const (
-	privateKeyECDSALength = 32
-	publicKeyECDSALength  = 65
-)
-
-// Driver driver
-type Driver struct{}
-
-// GenKey create private key
-func (d Driver) GenKey() (crypto.PrivKey, error) {
-	privKeyBytes := [privateKeyECDSALength]byte{}
-	copy(privKeyBytes[:], crypto.CRandBytes(privateKeyECDSALength))
-	priv, _ := privKeyFromBytes(elliptic.P256(), privKeyBytes[:])
-	copy(privKeyBytes[:], SerializePrivateKey(priv))
-	return PrivKeyECDSA(privKeyBytes), nil
-}
-
-// PrivKeyFromBytes create private key from bytes
-func (d Driver) PrivKeyFromBytes(b []byte) (privKey crypto.PrivKey, err error) {
-	if len(b) != privateKeyECDSALength {
-		return nil, errors.New("invalid priv key byte")
-	}
-
-	privKeyBytes := new([privateKeyECDSALength]byte)
-	copy(privKeyBytes[:], b[:privateKeyECDSALength])
-	priv, _ := privKeyFromBytes(elliptic.P256(), privKeyBytes[:])
-
-	copy(privKeyBytes[:], SerializePrivateKey(priv))
-	return PrivKeyECDSA(*privKeyBytes), nil
-}
-
-// PubKeyFromBytes create public key from bytes
-func (d Driver) PubKeyFromBytes(b []byte) (pubKey crypto.PubKey, err error) {
-	if len(b) != publicKeyECDSALength {
-		return nil, errors.New("invalid pub key byte")
-	}
-	pubKeyBytes := new([publicKeyECDSALength]byte)
-	copy(pubKeyBytes[:], b[:])
-	return PubKeyECDSA(*pubKeyBytes), nil
-}
-
-// SignatureFromBytes create signature from bytes
-func (d Driver) SignatureFromBytes(b []byte) (sig crypto.Signature, err error) {
-	var certSignature crypto.CertSignature
-	_, err = asn1.Unmarshal(b, &certSignature)
-	if err != nil {
-		return SignatureECDSA(b), nil
-	}
-
-	if len(certSignature.Cert) == 0 {
-		return SignatureECDSA(b), nil
-	}
-
-	return SignatureECDSA(certSignature.Signature), nil
-}
-
-// PrivKeyECDSA PrivKey
-type PrivKeyECDSA [privateKeyECDSALength]byte
-
-// Bytes convert to bytes
-func (privKey PrivKeyECDSA) Bytes() []byte {
-	s := make([]byte, privateKeyECDSALength)
-	copy(s, privKey[:])
-	return s
-}
-
-// Sign create signature
-func (privKey PrivKeyECDSA) Sign(msg []byte) crypto.Signature {
-	priv, pub := privKeyFromBytes(elliptic.P256(), privKey[:])
-	r, s, err := ecdsa.Sign(rand.Reader, priv, crypto.Sha256(msg))
-	if err != nil {
-		return nil
-	}
-
-	s = ToLowS(pub, s)
-	ecdsaSigByte, _ := MarshalECDSASignature(r, s)
-	return SignatureECDSA(ecdsaSigByte)
-}
-
-// PubKey convert to public key
-func (privKey PrivKeyECDSA) PubKey() crypto.PubKey {
-	_, pub := privKeyFromBytes(elliptic.P256(), privKey[:])
-	var pubECDSA PubKeyECDSA
-	copy(pubECDSA[:], SerializePublicKey(pub))
-	return pubECDSA
-}
-
-// Equals check privkey is equal
-func (privKey PrivKeyECDSA) Equals(other crypto.PrivKey) bool {
-	if otherSecp, ok := other.(PrivKeyECDSA); ok {
-		return bytes.Equal(privKey[:], otherSecp[:])
-	}
-
-	return false
-}
-
-// String convert to string
-func (privKey PrivKeyECDSA) String() string {
-	return fmt.Sprintf("PrivKeyECDSA{*****}")
-}
-
-// PubKeyECDSA PubKey
-// prefixed with 0x02 or 0x03, depending on the y-cord.
-type PubKeyECDSA [publicKeyECDSALength]byte
-
-// Bytes convert to bytes
-func (pubKey PubKeyECDSA) Bytes() []byte {
-	s := make([]byte, publicKeyECDSALength)
-	copy(s, pubKey[:])
-	return s
-}
-
-// VerifyBytes verify signature
-func (pubKey PubKeyECDSA) VerifyBytes(msg []byte, sig crypto.Signature) bool {
-	// unwrap if needed
-	if wrap, ok := sig.(SignatureS); ok {
-		sig = wrap.Signature
-	}
-	// and assert same algorithm to sign and verify
-	sigECDSA, ok := sig.(SignatureECDSA)
-	if !ok {
-		return false
-	}
-
-	pub, err := parsePubKey(pubKey[:], elliptic.P256())
-	if err != nil {
-		return false
-	}
-
-	r, s, err := UnmarshalECDSASignature(sigECDSA)
-	if err != nil {
-		return false
-	}
-
-	lowS := IsLowS(s)
-	if !lowS {
-		return false
-	}
-	return ecdsa.Verify(pub, crypto.Sha256(msg), r, s)
-}
-
-// String convert to string
-func (pubKey PubKeyECDSA) String() string {
-	return fmt.Sprintf("PubKeyECDSA{%X}", pubKey[:])
-}
-
-// KeyString Must return the full bytes in hex.
-// Used for map keying, etc.
-func (pubKey PubKeyECDSA) KeyString() string {
-	return fmt.Sprintf("%X", pubKey[:])
-}
-
-// Equals check public key is equal
-func (pubKey PubKeyECDSA) Equals(other crypto.PubKey) bool {
-	if otherSecp, ok := other.(PubKeyECDSA); ok {
-		return bytes.Equal(pubKey[:], otherSecp[:])
-	}
-	return false
-}
-
-type signatureECDSA struct {
-	R, S *big.Int
-}
-
-// SignatureECDSA Signature
-type SignatureECDSA []byte
-
-// SignatureS signature struct
-type SignatureS struct {
-	crypto.Signature
-}
-
-// Bytes convert signature to bytes
-func (sig SignatureECDSA) Bytes() []byte {
-	s := make([]byte, len(sig))
-	copy(s, sig[:])
-	return s
-}
-
-// IsZero check signature is zero
-func (sig SignatureECDSA) IsZero() bool { return len(sig) == 0 }
-
-// String convert signature to string
-func (sig SignatureECDSA) String() string {
-	fingerprint := make([]byte, len(sig[:]))
-	copy(fingerprint, sig[:])
-	return fmt.Sprintf("/%X.../", fingerprint)
-
-}
-
-// Equals check signature equals
-func (sig SignatureECDSA) Equals(other crypto.Signature) bool {
-	if otherEd, ok := other.(SignatureECDSA); ok {
-		return bytes.Equal(sig[:], otherEd[:])
-	}
-	return false
-}
-
-// Name name
-const Name = "auth_ecdsa"
-
-// ID id
-const ID = 257
-
-func init() {
-	crypto.Register(Name, &Driver{}, false)
-	crypto.RegisterType(Name, ID)
-}
-
-func privKeyFromBytes(curve elliptic.Curve, pk []byte) (*ecdsa.PrivateKey, *ecdsa.PublicKey) {
-	x, y := curve.ScalarBaseMult(pk)
-
-	priv := &ecdsa.PrivateKey{
-		PublicKey: ecdsa.PublicKey{
-			Curve: curve,
-			X:     x,
-			Y:     y,
-		},
-		D: new(big.Int).SetBytes(pk),
-	}
-
-	return priv, &priv.PublicKey
-}

plugin/crypto/ecdsa/utils.go

-// Copyright Fuzamei Corp. 2018 All Rights Reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ecdsa
-
-import (
-	"crypto/ecdsa"
-	"crypto/elliptic"
-	"encoding/asn1"
-	"errors"
-	"fmt"
-	"math/big"
-)
-
-// MarshalECDSASignature marshal ECDSA signature
-func MarshalECDSASignature(r, s *big.Int) ([]byte, error) {
-	return asn1.Marshal(signatureECDSA{r, s})
-}
-
-// UnmarshalECDSASignature unmarshal ECDSA signature
-func UnmarshalECDSASignature(raw []byte) (*big.Int, *big.Int, error) {
-	sig := new(signatureECDSA)
-	_, err := asn1.Unmarshal(raw, sig)
-	if err != nil {
-		return nil, nil, fmt.Errorf("failed unmashalling signature [%s]", err)
-	}
-
-	if sig.R == nil {
-		return nil, nil, errors.New("invalid signature, R must be different from nil")
-	}
-	if sig.S == nil {
-		return nil, nil, errors.New("invalid signature, S must be different from nil")
-	}
-
-	if sig.R.Sign() != 1 {
-		return nil, nil, errors.New("invalid signature, R must be larger than zero")
-	}
-	if sig.S.Sign() != 1 {
-		return nil, nil, errors.New("invalid signature, S must be larger than zero")
-	}
-
-	return sig.R, sig.S, nil
-}
-
-// ToLowS convert to low int
-func ToLowS(k *ecdsa.PublicKey, s *big.Int) *big.Int {
-	lowS := IsLowS(s)
-	if !lowS {
-		s.Sub(k.Params().N, s)
-
-		return s
-	}
-
-	return s
-}
-
-// IsLowS check is low int
-func IsLowS(s *big.Int) bool {
-	return s.Cmp(new(big.Int).Rsh(elliptic.P256().Params().N, 1)) != 1
-}
-
-func parsePubKey(pubKeyStr []byte, curve elliptic.Curve) (key *ecdsa.PublicKey, err error) {
-	pubkey := ecdsa.PublicKey{}
-	pubkey.Curve = curve
-
-	if len(pubKeyStr) == 0 {
-		return nil, errors.New("pubkey string is empty")
-	}
-
-	pubkey.X = new(big.Int).SetBytes(pubKeyStr[1:33])
-	pubkey.Y = new(big.Int).SetBytes(pubKeyStr[33:])
-	if pubkey.X.Cmp(pubkey.Curve.Params().P) >= 0 {
-		return nil, fmt.Errorf("pubkey X parameter is >= to P")
-	}
-	if pubkey.Y.Cmp(pubkey.Curve.Params().P) >= 0 {
-		return nil, fmt.Errorf("pubkey Y parameter is >= to P")
-	}
-	if !pubkey.Curve.IsOnCurve(pubkey.X, pubkey.Y) {
-		return nil, fmt.Errorf("pubkey isn't on secp256k1 curve")
-	}
-	return &pubkey, nil
-}
-
-// SerializePublicKey serialize public key
-func SerializePublicKey(p *ecdsa.PublicKey) []byte {
-	b := make([]byte, 0, publicKeyECDSALength)
-	b = append(b, 0x4)
-	b = paddedAppend(32, b, p.X.Bytes())
-	return paddedAppend(32, b, p.Y.Bytes())
-}
-
-// SerializePrivateKey serialize private key
-func SerializePrivateKey(p *ecdsa.PrivateKey) []byte {
-	b := make([]byte, 0, privateKeyECDSALength)
-	return paddedAppend(privateKeyECDSALength, b, p.D.Bytes())
-}
-
-func paddedAppend(size uint, dst, src []byte) []byte {
-	for i := 0; i < int(size)-len(src); i++ {
-		dst = append(dst, 0)
-	}
-	return append(dst, src...)
-}

plugin/crypto/init/init.go

 package init
 
 import (
-	_ "github.com/33cn/plugin/plugin/crypto/bls"   //auto gen
-	_ "github.com/33cn/plugin/plugin/crypto/ecdsa" //auto gen
-	_ "github.com/33cn/plugin/plugin/crypto/sm2"   //auto gen
+	_ "github.com/33cn/plugin/plugin/crypto/bls" //auto gen
 )

plugin/crypto/sm2/sm2.go

-// Copyright Fuzamei Corp. 2018 All Rights Reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package sm2 带证书交易的签名
-package sm2
-
-import (
-	"bytes"
-	"crypto/elliptic"
-	"errors"
-	"fmt"
-	"math/big"
-
-	"github.com/33cn/chain33/types"
-	pkt "github.com/33cn/plugin/plugin/dapp/cert/types"
-
-	"github.com/33cn/chain33/common/crypto"
-	"github.com/tjfoc/gmsm/sm2"
-)
-
-//const
-const (
-	SM2PrivateKeyLength    = 32
-	SM2PublicKeyLength     = 65
-	SM2PublicKeyCompressed = 33
-)
-
-//Driver 驱动
-type Driver struct{}
-
-//GenKey 生成私钥
-func (d Driver) GenKey() (crypto.PrivKey, error) {
-	privKeyBytes := [SM2PrivateKeyLength]byte{}
-	copy(privKeyBytes[:], crypto.CRandBytes(SM2PrivateKeyLength))
-	priv, _ := privKeyFromBytes(sm2.P256Sm2(), privKeyBytes[:])
-	copy(privKeyBytes[:], SerializePrivateKey(priv))
-	return PrivKeySM2(privKeyBytes), nil
-}
-
-//PrivKeyFromBytes 字节转为私钥
-func (d Driver) PrivKeyFromBytes(b []byte) (privKey crypto.PrivKey, err error) {
-	if len(b) != SM2PrivateKeyLength {
-		return nil, errors.New("invalid priv key byte")
-	}
-	privKeyBytes := new([SM2PrivateKeyLength]byte)
-	copy(privKeyBytes[:], b[:SM2PrivateKeyLength])
-
-	priv, _ := privKeyFromBytes(sm2.P256Sm2(), privKeyBytes[:])
-
-	copy(privKeyBytes[:], SerializePrivateKey(priv))
-	return PrivKeySM2(*privKeyBytes), nil
-}
-
-//PubKeyFromBytes 字节转为公钥
-func (d Driver) PubKeyFromBytes(b []byte) (pubKey crypto.PubKey, err error) {
-	if len(b) != SM2PublicKeyLength && len(b) != SM2PublicKeyCompressed {
-		return nil, errors.New("invalid pub key byte")
-	}
-	pubKeyBytes := new([SM2PublicKeyLength]byte)
-	copy(pubKeyBytes[:], b[:])
-	return PubKeySM2(*pubKeyBytes), nil
-}
-
-//SignatureFromBytes 字节转为签名
-func (d Driver) SignatureFromBytes(b []byte) (sig crypto.Signature, err error) {
-	var certSignature pkt.CertSignature
-	err = types.Decode(b, &certSignature)
-	if err != nil {
-		return SignatureSM2(b), nil
-	}
-
-	return &SignatureS{
-		Signature: SignatureSM2(certSignature.Signature),
-		uid:       certSignature.Uid,
-	}, nil
-}
-
-//PrivKeySM2 私钥
-type PrivKeySM2 [SM2PrivateKeyLength]byte
-
-//Bytes 字节格式
-func (privKey PrivKeySM2) Bytes() []byte {
-	s := make([]byte, SM2PrivateKeyLength)
-	copy(s, privKey[:])
-	return s
-}
-
-//Sign 签名
-func (privKey PrivKeySM2) Sign(msg []byte) crypto.Signature {
-	priv, _ := privKeyFromBytes(sm2.P256Sm2(), privKey[:])
-	r, s, err := sm2.Sm2Sign(priv, msg, nil)
-	if err != nil {
-		return nil
-	}
-	//sm2不需要LowS转换
-	//s = ToLowS(pub, s)
-	return SignatureSM2(Serialize(r, s))
-}
-
-//PubKey 私钥生成公钥
-func (privKey PrivKeySM2) PubKey() crypto.PubKey {
-	_, pub := privKeyFromBytes(sm2.P256Sm2(), privKey[:])
-	var pubSM2 PubKeySM2
-	copy(pubSM2[:], sm2.Compress(pub))
-	return pubSM2
-}
-
-//Equals 公钥
-func (privKey PrivKeySM2) Equals(other crypto.PrivKey) bool {
-	if otherSecp, ok := other.(PrivKeySM2); ok {
-		return bytes.Equal(privKey[:], otherSecp[:])
-	}
-
-	return false
-}
-
-func (privKey PrivKeySM2) String() string {
-	return fmt.Sprintf("PrivKeySM2{*****}")
-}
-
-//PubKeySM2 公钥
-type PubKeySM2 [SM2PublicKeyLength]byte
-
-//Bytes 字节格式
-func (pubKey PubKeySM2) Bytes() []byte {
-	length := SM2PublicKeyLength
-	if pubKey.isCompressed() {
-		length = SM2PublicKeyCompressed
-	}
-	s := make([]byte, length)
-	copy(s, pubKey[0:length])
-	return s
-}
-
-func (pubKey PubKeySM2) isCompressed() bool {
-	return pubKey[0] != pubkeyUncompressed
-}
-
-//VerifyBytes 验证字节
-func (pubKey PubKeySM2) VerifyBytes(msg []byte, sig crypto.Signature) bool {
-	var uid []byte
-	if wrap, ok := sig.(*SignatureS); ok {
-		sig = wrap.Signature
-		uid = wrap.uid
-	}
-	sigSM2, ok := sig.(SignatureSM2)
-	if !ok {
-		fmt.Printf("convert failed\n")
-		return false
-	}
-	var pub *sm2.PublicKey
-	if pubKey.isCompressed() {
-		pub = sm2.Decompress(pubKey[0:SM2PublicKeyCompressed])
-	} else {
-		var err error
-		pub, err = parsePubKey(pubKey[:], sm2.P256Sm2())
-		if err != nil {
-			fmt.Printf("parse pubkey failed\n")
-			return false
-		}
-	}
-	r, s, err := Deserialize(sigSM2)
-	if err != nil {
-		fmt.Printf("unmarshal sign failed")
-		return false
-	}
-	//国密签名算法和ecdsa不一样，-s验签不通过，所以不需要LowS检查
-	//fmt.Printf("verify:%x, r:%d, s:%d\n", crypto.Sm3Hash(msg), r, s)
-	//lowS := IsLowS(s)
-	//if !lowS {
-	//	fmt.Printf("lowS check failed")
-	//	return false
-	//}
-
-	return sm2.Sm2Verify(pub, msg, uid, r, s)
-}
-
-func (pubKey PubKeySM2) String() string {
-	return fmt.Sprintf("PubKeySM2{%X}", pubKey[:])
-}
-
-//KeyString Must return the full bytes in hex.
-// Used for map keying, etc.
-func (pubKey PubKeySM2) KeyString() string {
-	return fmt.Sprintf("%X", pubKey[:])
-}
-
-//Equals 相等
-func (pubKey PubKeySM2) Equals(other crypto.PubKey) bool {
-	if otherSecp, ok := other.(PubKeySM2); ok {
-		return bytes.Equal(pubKey[:], otherSecp[:])
-	}
-	return false
-}
-
-//SignatureSM2 签名
-type SignatureSM2 []byte
-
-//SignatureS 签名
-type SignatureS struct {
-	crypto.Signature
-	uid []byte
-}
-
-//Bytes 字节格式
-func (sig SignatureSM2) Bytes() []byte {
-	s := make([]byte, len(sig))
-	copy(s, sig[:])
-	return s
-}
-
-//IsZero 是否为0
-func (sig SignatureSM2) IsZero() bool { return len(sig) == 0 }
-
-func (sig SignatureSM2) String() string {
-	fingerprint := make([]byte, len(sig[:]))
-	copy(fingerprint, sig[:])
-	return fmt.Sprintf("/%X.../", fingerprint)
-
-}
-
-//Equals 相等
-func (sig SignatureSM2) Equals(other crypto.Signature) bool {
-	if otherEd, ok := other.(SignatureSM2); ok {
-		return bytes.Equal(sig[:], otherEd[:])
-	}
-	return false
-}
-
-//const
-const (
-	Name = "auth_sm2"
-	ID   = 258
-)
-
-func init() {
-	crypto.Register(Name, &Driver{}, false)
-	crypto.RegisterType(Name, ID)
-}
-
-func privKeyFromBytes(curve elliptic.Curve, pk []byte) (*sm2.PrivateKey, *sm2.PublicKey) {
-	x, y := curve.ScalarBaseMult(pk)
-
-	priv := &sm2.PrivateKey{
-		PublicKey: sm2.PublicKey{
-			Curve: curve,
-			X:     x,
-			Y:     y,
-		},
-		D: new(big.Int).SetBytes(pk),
-	}
-
-	return priv, &priv.PublicKey
-}

plugin/crypto/sm2/utils.go

-// Copyright Fuzamei Corp. 2018 All Rights Reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package sm2
-
-import (
-	"crypto/elliptic"
-	"errors"
-	"fmt"
-	"math/big"
-
-	"github.com/btcsuite/btcd/btcec"
-	"github.com/tjfoc/gmsm/sm2"
-)
-
-const (
-	pubkeyUncompressed byte = 0x4 // x coord + y coord
-)
-
-func canonicalizeInt(val *big.Int) []byte {
-	b := val.Bytes()
-	if len(b) == 0 {
-		b = []byte{0x00}
-	}
-	if b[0]&0x80 != 0 {
-		paddedBytes := make([]byte, len(b)+1)
-		copy(paddedBytes[1:], b)
-		b = paddedBytes
-	}
-	return b
-}
-
-//Serialize 序列化
-func Serialize(r, s *big.Int) []byte {
-	rb := canonicalizeInt(r)
-	sb := canonicalizeInt(s)
-
-	length := 6 + len(rb) + len(sb)
-	b := make([]byte, length)
-
-	b[0] = 0x30
-	b[1] = byte(length - 2)
-	b[2] = 0x02
-	b[3] = byte(len(rb))
-	offset := copy(b[4:], rb) + 4
-	b[offset] = 0x02
-	b[offset+1] = byte(len(sb))
-	copy(b[offset+2:], sb)
-
-	return b
-}
-
-//Deserialize 反序列化
-func Deserialize(sigStr []byte) (*big.Int, *big.Int, error) {
-	sig, err := btcec.ParseDERSignature(sigStr, sm2.P256Sm2())
-	if err != nil {
-		return nil, nil, err
-	}
-
-	return sig.R, sig.S, nil
-}
-
-func parsePubKey(pubKeyStr []byte, curve elliptic.Curve) (key *sm2.PublicKey, err error) {
-	pubkey := sm2.PublicKey{}
-	pubkey.Curve = curve
-
-	if len(pubKeyStr) == 0 {
-		return nil, errors.New("pubkey string is empty")
-	}
-
-	pubkey.X = new(big.Int).SetBytes(pubKeyStr[1:33])
-	pubkey.Y = new(big.Int).SetBytes(pubKeyStr[33:])
-	if pubkey.X.Cmp(pubkey.Curve.Params().P) >= 0 {
-		return nil, fmt.Errorf("pubkey X parameter is >= to P")
-	}
-	if pubkey.Y.Cmp(pubkey.Curve.Params().P) >= 0 {
-		return nil, fmt.Errorf("pubkey Y parameter is >= to P")
-	}
-	if !pubkey.Curve.IsOnCurve(pubkey.X, pubkey.Y) {
-		return nil, fmt.Errorf("pubkey isn't on secp256k1 curve")
-	}
-	return &pubkey, nil
-}
-
-//SerializePublicKey 公钥序列化
-func SerializePublicKey(p *sm2.PublicKey, isCompress bool) []byte {
-	if isCompress {
-		return sm2.Compress(p)
-	}
-
-	b := make([]byte, 0, SM2PublicKeyLength)
-	b = append(b, pubkeyUncompressed)
-	b = paddedAppend(32, b, p.X.Bytes())
-	return paddedAppend(32, b, p.Y.Bytes())
-}
-
-//SerializePrivateKey 私钥序列化
-func SerializePrivateKey(p *sm2.PrivateKey) []byte {
-	b := make([]byte, 0, SM2PrivateKeyLength)
-	return paddedAppend(SM2PrivateKeyLength, b, p.D.Bytes())
-}
-
-func paddedAppend(size uint, dst, src []byte) []byte {
-	for i := 0; i < int(size)-len(src); i++ {
-		dst = append(dst, 0)
-	}
-	return append(dst, src...)
-}

plugin/dapp/cert/authority/core/cert.go

@@ -14,7 +14,7 @@ import (
 	"math/big"
 	"time"
 
-	ecdsa_util "github.com/33cn/plugin/plugin/crypto/ecdsa"
+	ecdsa_util "github.com/33cn/chain33/system/crypto/secp256r1"
 	"github.com/tjfoc/gmsm/sm2"
 )
 

plugin/dapp/cert/authority/core/ecdsaimpl.go

@@ -19,8 +19,8 @@ import (
 	"crypto/ecdsa"
 
 	log "github.com/33cn/chain33/common/log/log15"
+	ecdsa_util "github.com/33cn/chain33/system/crypto/secp256r1"
 	"github.com/33cn/chain33/types"
-	ecdsa_util "github.com/33cn/plugin/plugin/crypto/ecdsa"
 	"github.com/33cn/plugin/plugin/dapp/cert/authority/utils"
 )
 
@@ -148,7 +148,7 @@ func (validator *ecdsaValidator) Validate(certByte []byte, pubKey []byte) error
 		return fmt.Errorf("Error publick key type in transaction. expect ECDSA")
 	}
 
-	if !bytes.Equal(pubKey, ecdsa_util.SerializePublicKey(certPubKey)) {
+	if !bytes.Equal(pubKey, ecdsa_util.SerializePublicKeyCompressed(certPubKey)) {
 		return fmt.Errorf("Invalid public key")
 	}
 

plugin/dapp/cert/authority/tools/cryptogen/factory/csp/ecdsa.go

@@ -12,7 +12,7 @@ import (
 	"fmt"
 	"math/big"
 
-	auth "github.com/33cn/plugin/plugin/crypto/ecdsa"
+	auth "github.com/33cn/chain33/system/crypto/secp256r1"
 )
 
 type ecdsaSigner struct{}

plugin/dapp/cert/authority/tools/cryptogen/factory/utils/keys.go

@@ -13,8 +13,8 @@ import (
 	"encoding/pem"
 	"fmt"
 
-	pkecdsa "github.com/33cn/plugin/plugin/crypto/ecdsa"
-	pkesm2 "github.com/33cn/plugin/plugin/crypto/sm2"
+	pkecdsa "github.com/33cn/chain33/system/crypto/secp256r1"
+	pkesm2 "github.com/33cn/chain33/system/crypto/sm2"
 	"github.com/33cn/plugin/plugin/dapp/evm/executor/vm/common"
 	"github.com/pkg/errors"
 	"github.com/tjfoc/gmsm/sm2"

plugin/dapp/cert/authority/utils/keys.go

@@ -17,8 +17,8 @@ import (
 
 	"fmt"
 
+	ecdsa_util "github.com/33cn/chain33/system/crypto/secp256r1"
 	sm2_util "github.com/33cn/chain33/system/crypto/sm2"
-	ecdsa_util "github.com/33cn/plugin/plugin/crypto/ecdsa"
 	ty "github.com/33cn/plugin/plugin/dapp/cert/types"
 	"github.com/pkg/errors"
 	"github.com/tjfoc/gmsm/sm2"

plugin/dapp/privacy/crypto/onetimeed25519.go

@@ -16,7 +16,7 @@ import (
 type oneTimeEd25519 struct{}
 
 func init() {
-	crypto.Register(privacytypes.SignNameOnetimeED25519, &oneTimeEd25519{}, false)
+	crypto.Register(privacytypes.SignNameOnetimeED25519, &oneTimeEd25519{})
 }
 
 func (onetime *oneTimeEd25519) GenKey() (crypto.PrivKey, error) {
@@ -73,3 +73,8 @@ func (onetime *oneTimeEd25519) SignatureFromBytes(b []byte) (sig crypto.Signatur
 	copy(sigBytes[:], b[:])
 	return SignatureOnetime(*sigBytes), nil
 }
+
+// Validate validate msg and signature
+func (onetime *oneTimeEd25519) Validate(msg, pub, sig []byte) error {
+	return crypto.BasicValidation(onetime, msg, pub, sig)
+}

plugin/dapp/privacy/crypto/ring_signature_crypto.go

@@ -21,8 +21,7 @@ import (
 )
 
 func init() {
-	crypto.Register(privacytypes.SignNameRing, &RingSignED25519{}, false)
-	crypto.RegisterType(privacytypes.SignNameRing, privacytypes.RingBaseonED25519)
+	crypto.Register(privacytypes.SignNameRing, &RingSignED25519{}, crypto.WithOptionTypeID(privacytypes.RingBaseonED25519))
 }
 
 // RingSignature 环签名中对于crypto.Signature接口实现
@@ -256,3 +255,8 @@ func (r *RingSignED25519) SignatureFromBytes(b []byte) (crypto.Signature, error)
 	}
 	return sign, nil
 }
+
+// Validate validate msg and signature
+func (r *RingSignED25519) Validate(msg, pub, sig []byte) error {
+	return crypto.BasicValidation(r, msg, pub, sig)
+}