multi: change all sha256 as tmhash

contribforks · Jan 31, 2023 · e6f0c0f · e6f0c0f
1 parent 24b245a
commit e6f0c0f
Show file tree

Hide file tree

Showing 9 changed files with 26 additions and 22 deletions.
diff --git a/cmd/tendermint/commands/run_node.go b/cmd/tendermint/commands/run_node.go
@@ -2,14 +2,14 @@ package commands
 
 import (
 	"bytes"
-	"crypto/sha256"
 	"fmt"
 	"io"
 	"os"
 
 	"github.com/spf13/cobra"
 
 	cfg "github.com/tendermint/tendermint/config"
+	"github.com/tendermint/tendermint/crypto/tmhash"
 	tmos "github.com/tendermint/tendermint/libs/os"
 	nm "github.com/tendermint/tendermint/node"
 )
@@ -147,7 +147,7 @@ func checkGenesisHash(config *cfg.Config) error {
 		return fmt.Errorf("can't open genesis file: %w", err)
 	}
 	defer f.Close()
-	h := sha256.New()
+	h := tmhash.New()
 	if _, err := io.Copy(h, f); err != nil {
 		return fmt.Errorf("error when hashing genesis file: %w", err)
 	}

diff --git a/crypto/secp256k1/secp256k1.go b/crypto/secp256k1/secp256k1.go
@@ -2,7 +2,6 @@ package secp256k1
 
 import (
 	"bytes"
-	"crypto/sha256"
 	"crypto/subtle"
 	"fmt"
 	"io"
@@ -12,6 +11,7 @@ import (
 	"golang.org/x/crypto/ripemd160" //nolint: staticcheck // necessary for Bitcoin address format
 
 	"github.com/tendermint/tendermint/crypto"
+	"github.com/tendermint/tendermint/crypto/tmhash"
 	tmjson "github.com/tendermint/tendermint/libs/json"
 )
 
@@ -104,7 +104,7 @@ var one = new(big.Int).SetInt64(1)
 // NOTE: secret should be the output of a KDF like bcrypt,
 // if it's derived from user input.
 func GenPrivKeySecp256k1(secret []byte) PrivKey {
-	secHash := sha256.Sum256(secret)
+	secHash := tmhash.Sum256(secret)
 	// to guarantee that we have a valid field element, we use the approach of:
 	// "Suite B Implementer’s Guide to FIPS 186-3", A.2.1
 	// https://apps.nsa.gov/iaarchive/library/ia-guidance/ia-solutions-for-classified/algorithm-guidance/suite-b-implementers-guide-to-fips-186-3-ecdsa.cfm
@@ -162,7 +162,7 @@ func (pubKey PubKey) Address() crypto.Address {
 	if len(pubKey) != PubKeySize {
 		panic("length of pubkey is incorrect")
 	}
-	hasherSHA256 := sha256.New()
+	hasherSHA256 := tmhash.New()
 	_, _ = hasherSHA256.Write(pubKey) // does not error
 	sha := hasherSHA256.Sum(nil)
 

diff --git a/crypto/tmhash/hash.go b/crypto/tmhash/hash.go
@@ -18,10 +18,14 @@ func New() hash.Hash {
 
 // Sum returns the SHA256 of the bz.
 func Sum(bz []byte) []byte {
-	h := sha256.Sum256(bz)
+	h := Sum256(bz)
 	return h[:]
 }
 
+func Sum256(bz []byte) [Size]byte {
+	return sha256.Sum256(bz)
+}
+
 //-------------------------------------------------------------
 
 const (

diff --git a/mempool/mempool.go b/mempool/mempool.go
@@ -1,12 +1,12 @@
 package mempool
 
 import (
-	"crypto/sha256"
 	"errors"
 	"fmt"
 	"math"
 
 	abci "github.com/tendermint/tendermint/abci/types"
+	"github.com/tendermint/tendermint/crypto/tmhash"
 	"github.com/tendermint/tendermint/types"
 )
 
@@ -146,7 +146,7 @@ func PostCheckMaxGas(maxGas int64) PostCheckFunc {
 var ErrTxInCache = errors.New("tx already exists in cache")
 
 // TxKey is the fixed length array key used as an index.
-type TxKey [sha256.Size]byte
+type TxKey [tmhash.Size]byte
 
 // ErrTxTooLarge defines an error when a transaction is too big to be sent in a
 // message to other peers.

diff --git a/mempool/v0/cache_test.go b/mempool/v0/cache_test.go
@@ -1,13 +1,13 @@
 package v0
 
 import (
-	"crypto/sha256"
 	"testing"
 
 	"github.com/stretchr/testify/require"
 
 	"github.com/tendermint/tendermint/abci/example/kvstore"
 	abci "github.com/tendermint/tendermint/abci/types"
+	"github.com/tendermint/tendermint/crypto/tmhash"
 	"github.com/tendermint/tendermint/mempool"
 	"github.com/tendermint/tendermint/proxy"
 	"github.com/tendermint/tendermint/types"
@@ -61,7 +61,7 @@ func TestCacheAfterUpdate(t *testing.T) {
 				"cache larger than expected on testcase %d", tcIndex)
 
 			nodeVal := node.Value.(types.TxKey)
-			expectedBz := sha256.Sum256([]byte{byte(tc.txsInCache[len(tc.txsInCache)-counter-1])})
+			expectedBz := tmhash.Sum256([]byte{byte(tc.txsInCache[len(tc.txsInCache)-counter-1])})
 			// Reference for reading the errors:
 			// >>> sha256('\x00').hexdigest()
 			// '6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d'

diff --git a/p2p/conn/secret_connection.go b/p2p/conn/secret_connection.go
@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"crypto/cipher"
 	crand "crypto/rand"
-	"crypto/sha256"
 	"encoding/binary"
 	"errors"
 	"fmt"
@@ -24,6 +23,7 @@ import (
 	"github.com/tendermint/tendermint/crypto"
 	"github.com/tendermint/tendermint/crypto/ed25519"
 	cryptoenc "github.com/tendermint/tendermint/crypto/encoding"
+	"github.com/tendermint/tendermint/crypto/tmhash"
 	"github.com/tendermint/tendermint/libs/async"
 	"github.com/tendermint/tendermint/libs/protoio"
 	tmsync "github.com/tendermint/tendermint/libs/sync"
@@ -338,7 +338,7 @@ func deriveSecrets(
 	dhSecret *[32]byte,
 	locIsLeast bool,
 ) (recvSecret, sendSecret *[aeadKeySize]byte) {
-	hash := sha256.New
+	hash := tmhash.New
 	hkdf := hkdf.New(hash, dhSecret[:], nil, secretConnKeyAndChallengeGen)
 	// get enough data for 2 aead keys, and a 32 byte challenge
 	res := new([2*aeadKeySize + 32]byte)

diff --git a/statesync/snapshots.go b/statesync/snapshots.go
@@ -1,17 +1,17 @@
 package statesync
 
 import (
-	"crypto/sha256"
 	"fmt"
 	"math/rand"
 	"sort"
 
+	"github.com/tendermint/tendermint/crypto/tmhash"
 	tmsync "github.com/tendermint/tendermint/libs/sync"
 	"github.com/tendermint/tendermint/p2p"
 )
 
 // snapshotKey is a snapshot key used for lookups.
-type snapshotKey [sha256.Size]byte
+type snapshotKey [tmhash.Size]byte
 
 // snapshot contains data about a snapshot.
 type snapshot struct {
@@ -29,7 +29,7 @@ type snapshot struct {
 // non-deterministic manner. All fields must be equal for the snapshot to be considered the same.
 func (s *snapshot) Key() snapshotKey {
 	// Hash.Write() never returns an error.
-	hasher := sha256.New()
+	hasher := tmhash.New()
 	hasher.Write([]byte(fmt.Sprintf("%v:%v:%v", s.Height, s.Format, s.Chunks)))
 	hasher.Write(s.Hash)
 	hasher.Write(s.Metadata)

diff --git a/test/e2e/app/state.go b/test/e2e/app/state.go
@@ -1,14 +1,15 @@
 package app
 
 import (
-	"crypto/sha256"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"os"
 	"path/filepath"
 	"sort"
 	"sync"
+
+	"github.com/tendermint/tendermint/crypto/tmhash"
 )
 
 const (
@@ -180,7 +181,7 @@ func hashItems(items map[string]string) []byte {
 	}
 	sort.Strings(keys)
 
-	hasher := sha256.New()
+	hasher := tmhash.New()
 	for _, key := range keys {
 		_, _ = hasher.Write([]byte(key))
 		_, _ = hasher.Write([]byte{0})

diff --git a/types/tx.go b/types/tx.go
@@ -2,7 +2,6 @@ package types
 
 import (
 	"bytes"
-	"crypto/sha256"
 	"errors"
 	"fmt"
 
@@ -15,7 +14,7 @@ import (
 )
 
 // TxKeySize is the size of the transaction key index
-const TxKeySize = sha256.Size
+const TxKeySize = tmhash.Size
 
 type (
 	// Tx is an arbitrary byte array.
@@ -43,12 +42,12 @@ func (tx Tx) Hash() []byte {
 // unwrap the transaction if it is a BlobTx or a IndexWrapper.
 func (tx Tx) Key() TxKey {
 	if blobTx, isBlobTx := UnmarshalBlobTx(tx); isBlobTx {
-		return sha256.Sum256(blobTx.Tx)
+		return tmhash.Sum256(blobTx.Tx)
 	}
 	if indexWrapper, isIndexWrapper := UnmarshalIndexWrapper(tx); isIndexWrapper {
-		return sha256.Sum256(indexWrapper.Tx)
+		return tmhash.Sum256(indexWrapper.Tx)
 	}
-	return sha256.Sum256(tx)
+	return tmhash.Sum256(tx)
 }
 
 // String returns the hex-encoded transaction as a string.