BREAKING CHANGE: Removed pre-hashing (tagged hash) support for Schnorr signatures, making them BIP-340 compliant.

Author: wolfmcnally

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "bc-crypto"
-version = "0.4.0"
+version = "0.5.0"
 edition = "2021"
 description = "A uniform API for cryptographic primitives used in Blockchain Commons projects"
 authors = ["Blockchain Commons"]
@@ -19,9 +19,12 @@ pbkdf2 = "^0.12.1"
 hkdf = "^0.12.3"
 crc32fast = "^1.3.2"
 chacha20poly1305 = "^0.10.1"
-secp256k1 = "^0.27.0"
+# secp256k1 = {version = "^0.27.0", features = ["bitcoin_hashes"]}
+#secp256k1 = "^0.27.0"
+secp256k1 = { git = "https://github.com/rust-bitcoin/rust-secp256k1/", branch = "master" }
 x25519-dalek = {version = "2.0.0-rc.2", features = ["static_secrets"]}
 thiserror = "^1.0.48"
+hex = "^0.4.3"
 
 [dev-dependencies]
 hex-literal = "^0.4.1"

README.md

@@ -27,9 +27,13 @@
 
 ```toml
 [dependencies]
-bc-crypto = "0.4.0"
+bc-crypto = "0.5.0"
 ```
 
+## Version History
+
+- **0.5.0, September 14, 2024** - BREAKING CHANGE: Removed pre-hashing (tagged hash) support for Schnorr signatures, making them BIP-340 compliant. Signatures produced by previous versions of this crate will now only verify if you pre-hash the image yourself using the BIP-340 method and the tag you previously used, if any.
+
 ## Related Projects
 
 Higher-level Blockchain Commons projects that use this crate include:

src/ecdsa_keys.rs

@@ -1,5 +1,5 @@
 use bc_rand::RandomNumberGenerator;
-use secp256k1::{Secp256k1, SecretKey, PublicKey, KeyPair, constants::{PUBLIC_KEY_SIZE, SECRET_KEY_SIZE, UNCOMPRESSED_PUBLIC_KEY_SIZE}};
+use secp256k1::{Secp256k1, SecretKey, PublicKey, Keypair, constants::{PUBLIC_KEY_SIZE, SECRET_KEY_SIZE, UNCOMPRESSED_PUBLIC_KEY_SIZE}};
 
 use crate::{ECDSA_PRIVATE_KEY_SIZE, hash::hkdf_hmac_sha256, SCHNORR_PUBLIC_KEY_SIZE};
 
@@ -43,7 +43,7 @@ pub fn ecdsa_derive_private_key(key_material: impl AsRef<[u8]>) -> Vec<u8> {
 /// Derives the Schnorr public key from the given private key.
 pub fn schnorr_public_key_from_private_key(private_key: &[u8; ECDSA_PRIVATE_KEY_SIZE]) -> [u8; SCHNORR_PUBLIC_KEY_SIZE] {
     let secp = Secp256k1::new();
-    let kp: KeyPair = KeyPair::from_seckey_slice(&secp, private_key).unwrap();
+    let kp: Keypair = Keypair::from_seckey_slice(&secp, private_key).unwrap();
     let (x, _) = kp.x_only_public_key();
     x.serialize()
 }

src/ecdsa_signing.rs

@@ -6,7 +6,7 @@ pub fn ecdsa_sign(private_key: &[u8; ECDSA_PRIVATE_KEY_SIZE], message: impl AsRe
     let secp = Secp256k1::new();
     let sk = SecretKey::from_slice(private_key).expect("32 bytes, within curve order");
     let hash = double_sha256(message.as_ref());
-    let msg = Message::from_slice(&hash).unwrap();
+    let msg = Message::from_digest(hash);
     let sig = secp.sign_ecdsa(&msg, &sk);
     sig.serialize_compact().to_vec().try_into().unwrap()
 }
@@ -19,8 +19,7 @@ pub fn ecdsa_verify(public_key: &[u8; ECDSA_PUBLIC_KEY_SIZE], signature: &[u8; E
     let pk = PublicKey::from_slice(public_key)
         .expect("33 or 65 bytes, serialized according to the spec");
     let hash = double_sha256(message.as_ref());
-    let msg = Message::from_slice(&hash)
-        .expect("Message hash must be 32 bytes");
+    let msg = Message::from_digest(hash);
     let sig = Signature::from_compact(signature)
         .expect("64 bytes, signature according to the spec");
     secp.verify_ecdsa(&msg, &sig, &pk).is_ok()

src/lib.rs

@@ -1,4 +1,4 @@
-#![doc(html_root_url = "https://docs.rs/bc-crypto/0.4.0")]
+#![doc(html_root_url = "https://docs.rs/bc-crypto/0.5.0")]
 #![warn(rust_2018_idioms)]
 
 //! # Introduction
@@ -24,7 +24,7 @@
 //!
 //! ```toml
 //! [dependencies]
-//! bc-crypto = "0.4.0"
+//! bc-crypto = "0.5.0"
 //! ```
 
 pub const CRC32_SIZE: usize = 4;
@@ -86,6 +86,7 @@ mod schnorr_signing;
 pub use schnorr_signing::{
     schnorr_sign,
     schnorr_sign_using,
+    schnorr_sign_with_aux_rand,
     schnorr_verify,
 };