ecies: drop randomness parameter from PrivateKey.Decrypt (#16374)

DavidHuie · karalabe · commit 23ac78333201 · 2018-03-26T13:46:18.000+03:00
The parameter `rand` is unused in `PrivateKey.Decrypt`. Decryption in
the ECIES encryption scheme is deterministic, so randomness isn't
needed.
diff --git a/crypto/ecies/ecies.go b/crypto/ecies/ecies.go
@@ -230,7 +230,7 @@ func symEncrypt(rand io.Reader, params *ECIESParams, key, m []byte) (ct []byte,
 
 // symDecrypt carries out CTR decryption using the block cipher specified in
 // the parameters
-func symDecrypt(rand io.Reader, params *ECIESParams, key, ct []byte) (m []byte, err error) {
+func symDecrypt(params *ECIESParams, key, ct []byte) (m []byte, err error) {
 	c, err := params.Cipher(key)
 	if err != nil {
 		return
@@ -292,7 +292,7 @@ func Encrypt(rand io.Reader, pub *PublicKey, m, s1, s2 []byte) (ct []byte, err e
 }
 
 // Decrypt decrypts an ECIES ciphertext.
-func (prv *PrivateKey) Decrypt(rand io.Reader, c, s1, s2 []byte) (m []byte, err error) {
+func (prv *PrivateKey) Decrypt(c, s1, s2 []byte) (m []byte, err error) {
 	if len(c) == 0 {
 		return nil, ErrInvalidMessage
 	}
@@ -361,6 +361,6 @@ func (prv *PrivateKey) Decrypt(rand io.Reader, c, s1, s2 []byte) (m []byte, err
 		return
 	}
 
-	m, err = symDecrypt(rand, params, Ke, c[mStart:mEnd])
+	m, err = symDecrypt(params, Ke, c[mStart:mEnd])
 	return
 }
diff --git a/crypto/ecies/ecies_test.go b/crypto/ecies/ecies_test.go
@@ -270,7 +270,7 @@ func TestEncryptDecrypt(t *testing.T) {
 		t.FailNow()
 	}
 
-	pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)
+	pt, err := prv2.Decrypt(ct, nil, nil)
 	if err != nil {
 		fmt.Println(err.Error())
 		t.FailNow()
@@ -281,7 +281,7 @@ func TestEncryptDecrypt(t *testing.T) {
 		t.FailNow()
 	}
 
-	_, err = prv1.Decrypt(rand.Reader, ct, nil, nil)
+	_, err = prv1.Decrypt(ct, nil, nil)
 	if err == nil {
 		fmt.Println("ecies: encryption should not have succeeded")
 		t.FailNow()
@@ -301,7 +301,7 @@ func TestDecryptShared2(t *testing.T) {
 	}
 
 	// Check that decrypting with correct shared data works.
-	pt, err := prv.Decrypt(rand.Reader, ct, nil, shared2)
+	pt, err := prv.Decrypt(ct, nil, shared2)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -310,10 +310,10 @@ func TestDecryptShared2(t *testing.T) {
 	}
 
 	// Decrypting without shared data or incorrect shared data fails.
-	if _, err = prv.Decrypt(rand.Reader, ct, nil, nil); err == nil {
+	if _, err = prv.Decrypt(ct, nil, nil); err == nil {
 		t.Fatal("ecies: decrypting without shared data didn't fail")
 	}
-	if _, err = prv.Decrypt(rand.Reader, ct, nil, []byte("garbage")); err == nil {
+	if _, err = prv.Decrypt(ct, nil, []byte("garbage")); err == nil {
 		t.Fatal("ecies: decrypting with incorrect shared data didn't fail")
 	}
 }
@@ -381,7 +381,7 @@ func testParamSelection(t *testing.T, c testCase) {
 		t.FailNow()
 	}
 
-	pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)
+	pt, err := prv2.Decrypt(ct, nil, nil)
 	if err != nil {
 		fmt.Printf("%s (%s)\n", err.Error(), c.Name)
 		t.FailNow()
@@ -393,7 +393,7 @@ func testParamSelection(t *testing.T, c testCase) {
 		t.FailNow()
 	}
 
-	_, err = prv1.Decrypt(rand.Reader, ct, nil, nil)
+	_, err = prv1.Decrypt(ct, nil, nil)
 	if err == nil {
 		fmt.Printf("ecies: encryption should not have succeeded (%s)\n",
 			c.Name)
@@ -422,7 +422,7 @@ func TestBasicKeyValidation(t *testing.T) {
 
 	for _, b := range badBytes {
 		ct[0] = b
-		_, err := prv.Decrypt(rand.Reader, ct, nil, nil)
+		_, err := prv.Decrypt(ct, nil, nil)
 		if err != ErrInvalidPublicKey {
 			fmt.Println("ecies: validated an invalid key")
 			t.FailNow()
@@ -441,14 +441,14 @@ func TestBox(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)
+	pt, err := prv2.Decrypt(ct, nil, nil)
 	if err != nil {
 		t.Fatal(err)
 	}
 	if !bytes.Equal(pt, message) {
 		t.Fatal("ecies: plaintext doesn't match message")
 	}
-	if _, err = prv1.Decrypt(rand.Reader, ct, nil, nil); err == nil {
+	if _, err = prv1.Decrypt(ct, nil, nil); err == nil {
 		t.Fatal("ecies: encryption should not have succeeded")
 	}
 }
diff --git a/p2p/rlpx.go b/p2p/rlpx.go
@@ -491,7 +491,7 @@ func readHandshakeMsg(msg plainDecoder, plainSize int, prv *ecdsa.PrivateKey, r
 	}
 	// Attempt decoding pre-EIP-8 "plain" format.
 	key := ecies.ImportECDSA(prv)
-	if dec, err := key.Decrypt(rand.Reader, buf, nil, nil); err == nil {
+	if dec, err := key.Decrypt(buf, nil, nil); err == nil {
 		msg.decodePlain(dec)
 		return buf, nil
 	}
@@ -505,7 +505,7 @@ func readHandshakeMsg(msg plainDecoder, plainSize int, prv *ecdsa.PrivateKey, r
 	if _, err := io.ReadFull(r, buf[plainSize:]); err != nil {
 		return buf, err
 	}
-	dec, err := key.Decrypt(rand.Reader, buf[2:], nil, prefix)
+	dec, err := key.Decrypt(buf[2:], nil, prefix)
 	if err != nil {
 		return buf, err
 	}
diff --git a/whisper/whisperv5/message.go b/whisper/whisperv5/message.go
@@ -277,7 +277,7 @@ func (msg *ReceivedMessage) decryptSymmetric(key []byte, nonce []byte) error {
 
 // decryptAsymmetric decrypts an encrypted payload with a private key.
 func (msg *ReceivedMessage) decryptAsymmetric(key *ecdsa.PrivateKey) error {
-	decrypted, err := ecies.ImportECDSA(key).Decrypt(crand.Reader, msg.Raw, nil, nil)
+	decrypted, err := ecies.ImportECDSA(key).Decrypt(msg.Raw, nil, nil)
 	if err == nil {
 		msg.Raw = decrypted
 	}
diff --git a/whisper/whisperv6/message.go b/whisper/whisperv6/message.go
@@ -289,7 +289,7 @@ func (msg *ReceivedMessage) decryptSymmetric(key []byte) error {
 
 // decryptAsymmetric decrypts an encrypted payload with a private key.
 func (msg *ReceivedMessage) decryptAsymmetric(key *ecdsa.PrivateKey) error {
-	decrypted, err := ecies.ImportECDSA(key).Decrypt(crand.Reader, msg.Raw, nil, nil)
+	decrypted, err := ecies.ImportECDSA(key).Decrypt(msg.Raw, nil, nil)
 	if err == nil {
 		msg.Raw = decrypted
 	}

Original file line number	Diff line number	Diff line change
`@@ -230,7 +230,7 @@ func symEncrypt(rand io.Reader, params *ECIESParams, key, m []byte) (ct []byte,`
`230`	`230`
`231`	`231`	`// symDecrypt carries out CTR decryption using the block cipher specified in`
`232`	`232`	`// the parameters`
`233`		`-func symDecrypt(rand io.Reader, params *ECIESParams, key, ct []byte) (m []byte, err error) {`
	`233`	`+func symDecrypt(params *ECIESParams, key, ct []byte) (m []byte, err error) {`
`234`	`234`	`c, err := params.Cipher(key)`
`235`	`235`	`if err != nil {`
`236`	`236`	`return`
`@@ -292,7 +292,7 @@ func Encrypt(rand io.Reader, pub *PublicKey, m, s1, s2 []byte) (ct []byte, err e`
`292`	`292`	`}`
`293`	`293`
`294`	`294`	`// Decrypt decrypts an ECIES ciphertext.`
`295`		`-func (prv *PrivateKey) Decrypt(rand io.Reader, c, s1, s2 []byte) (m []byte, err error) {`
	`295`	`+func (prv *PrivateKey) Decrypt(c, s1, s2 []byte) (m []byte, err error) {`
`296`	`296`	`if len(c) == 0 {`
`297`	`297`	`return nil, ErrInvalidMessage`
`298`	`298`	`}`
`@@ -361,6 +361,6 @@ func (prv *PrivateKey) Decrypt(rand io.Reader, c, s1, s2 []byte) (m []byte, err`
`361`	`361`	`return`
`362`	`362`	`}`
`363`	`363`
`364`		`- m, err = symDecrypt(rand, params, Ke, c[mStart:mEnd])`
	`364`	`+ m, err = symDecrypt(params, Ke, c[mStart:mEnd])`
`365`	`365`	`return`
`366`	`366`	`}`
Original file line number	Diff line number	Diff line change
`@@ -270,7 +270,7 @@ func TestEncryptDecrypt(t *testing.T) {`
`270`	`270`	`t.FailNow()`
`271`	`271`	`}`
`272`	`272`
`273`		`- pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)`
	`273`	`+ pt, err := prv2.Decrypt(ct, nil, nil)`
`274`	`274`	`if err != nil {`
`275`	`275`	`fmt.Println(err.Error())`
`276`	`276`	`t.FailNow()`
`@@ -281,7 +281,7 @@ func TestEncryptDecrypt(t *testing.T) {`
`281`	`281`	`t.FailNow()`
`282`	`282`	`}`
`283`	`283`
`284`		`- _, err = prv1.Decrypt(rand.Reader, ct, nil, nil)`
	`284`	`+ _, err = prv1.Decrypt(ct, nil, nil)`
`285`	`285`	`if err == nil {`
`286`	`286`	`fmt.Println("ecies: encryption should not have succeeded")`
`287`	`287`	`t.FailNow()`
`@@ -301,7 +301,7 @@ func TestDecryptShared2(t *testing.T) {`
`301`	`301`	`}`
`302`	`302`
`303`	`303`	`// Check that decrypting with correct shared data works.`
`304`		`- pt, err := prv.Decrypt(rand.Reader, ct, nil, shared2)`
	`304`	`+ pt, err := prv.Decrypt(ct, nil, shared2)`
`305`	`305`	`if err != nil {`
`306`	`306`	`t.Fatal(err)`
`307`	`307`	`}`
`@@ -310,10 +310,10 @@ func TestDecryptShared2(t *testing.T) {`
`310`	`310`	`}`
`311`	`311`
`312`	`312`	`// Decrypting without shared data or incorrect shared data fails.`
`313`		`- if _, err = prv.Decrypt(rand.Reader, ct, nil, nil); err == nil {`
	`313`	`+ if _, err = prv.Decrypt(ct, nil, nil); err == nil {`
`314`	`314`	`t.Fatal("ecies: decrypting without shared data didn't fail")`
`315`	`315`	`}`
`316`		`- if _, err = prv.Decrypt(rand.Reader, ct, nil, []byte("garbage")); err == nil {`
	`316`	`+ if _, err = prv.Decrypt(ct, nil, []byte("garbage")); err == nil {`
`317`	`317`	`t.Fatal("ecies: decrypting with incorrect shared data didn't fail")`
`318`	`318`	`}`
`319`	`319`	`}`
`@@ -381,7 +381,7 @@ func testParamSelection(t *testing.T, c testCase) {`
`381`	`381`	`t.FailNow()`
`382`	`382`	`}`
`383`	`383`
`384`		`- pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)`
	`384`	`+ pt, err := prv2.Decrypt(ct, nil, nil)`
`385`	`385`	`if err != nil {`
`386`	`386`	`fmt.Printf("%s (%s)\n", err.Error(), c.Name)`
`387`	`387`	`t.FailNow()`
`@@ -393,7 +393,7 @@ func testParamSelection(t *testing.T, c testCase) {`
`393`	`393`	`t.FailNow()`
`394`	`394`	`}`
`395`	`395`
`396`		`- _, err = prv1.Decrypt(rand.Reader, ct, nil, nil)`
	`396`	`+ _, err = prv1.Decrypt(ct, nil, nil)`
`397`	`397`	`if err == nil {`
`398`	`398`	`fmt.Printf("ecies: encryption should not have succeeded (%s)\n",`
`399`	`399`	`c.Name)`
`@@ -422,7 +422,7 @@ func TestBasicKeyValidation(t *testing.T) {`
`422`	`422`
`423`	`423`	`for _, b := range badBytes {`
`424`	`424`	`ct[0] = b`
`425`		`- _, err := prv.Decrypt(rand.Reader, ct, nil, nil)`
	`425`	`+ _, err := prv.Decrypt(ct, nil, nil)`
`426`	`426`	`if err != ErrInvalidPublicKey {`
`427`	`427`	`fmt.Println("ecies: validated an invalid key")`
`428`	`428`	`t.FailNow()`
`@@ -441,14 +441,14 @@ func TestBox(t *testing.T) {`
`441`	`441`	`t.Fatal(err)`
`442`	`442`	`}`
`443`	`443`
`444`		`- pt, err := prv2.Decrypt(rand.Reader, ct, nil, nil)`
	`444`	`+ pt, err := prv2.Decrypt(ct, nil, nil)`
`445`	`445`	`if err != nil {`
`446`	`446`	`t.Fatal(err)`
`447`	`447`	`}`
`448`	`448`	`if !bytes.Equal(pt, message) {`
`449`	`449`	`t.Fatal("ecies: plaintext doesn't match message")`
`450`	`450`	`}`
`451`		`- if _, err = prv1.Decrypt(rand.Reader, ct, nil, nil); err == nil {`
	`451`	`+ if _, err = prv1.Decrypt(ct, nil, nil); err == nil {`
`452`	`452`	`t.Fatal("ecies: encryption should not have succeeded")`
`453`	`453`	`}`
`454`	`454`	`}`
Original file line number	Diff line number	Diff line change
`@@ -491,7 +491,7 @@ func readHandshakeMsg(msg plainDecoder, plainSize int, prv *ecdsa.PrivateKey, r`
`491`	`491`	`}`
`492`	`492`	`// Attempt decoding pre-EIP-8 "plain" format.`
`493`	`493`	`key := ecies.ImportECDSA(prv)`
`494`		`- if dec, err := key.Decrypt(rand.Reader, buf, nil, nil); err == nil {`
	`494`	`+ if dec, err := key.Decrypt(buf, nil, nil); err == nil {`
`495`	`495`	`msg.decodePlain(dec)`
`496`	`496`	`return buf, nil`
`497`	`497`	`}`
`@@ -505,7 +505,7 @@ func readHandshakeMsg(msg plainDecoder, plainSize int, prv *ecdsa.PrivateKey, r`
`505`	`505`	`if _, err := io.ReadFull(r, buf[plainSize:]); err != nil {`
`506`	`506`	`return buf, err`
`507`	`507`	`}`
`508`		`- dec, err := key.Decrypt(rand.Reader, buf[2:], nil, prefix)`
	`508`	`+ dec, err := key.Decrypt(buf[2:], nil, prefix)`
`509`	`509`	`if err != nil {`
`510`	`510`	`return buf, err`
`511`	`511`	`}`
Original file line number	Diff line number	Diff line change
`@@ -277,7 +277,7 @@ func (msg *ReceivedMessage) decryptSymmetric(key []byte, nonce []byte) error {`
`277`	`277`
`278`	`278`	`// decryptAsymmetric decrypts an encrypted payload with a private key.`
`279`	`279`	`func (msg ReceivedMessage) decryptAsymmetric(key ecdsa.PrivateKey) error {`
`280`		`- decrypted, err := ecies.ImportECDSA(key).Decrypt(crand.Reader, msg.Raw, nil, nil)`
	`280`	`+ decrypted, err := ecies.ImportECDSA(key).Decrypt(msg.Raw, nil, nil)`
`281`	`281`	`if err == nil {`
`282`	`282`	`msg.Raw = decrypted`
`283`	`283`	`}`
Original file line number	Diff line number	Diff line change
`@@ -289,7 +289,7 @@ func (msg *ReceivedMessage) decryptSymmetric(key []byte) error {`
`289`	`289`
`290`	`290`	`// decryptAsymmetric decrypts an encrypted payload with a private key.`
`291`	`291`	`func (msg ReceivedMessage) decryptAsymmetric(key ecdsa.PrivateKey) error {`
`292`		`- decrypted, err := ecies.ImportECDSA(key).Decrypt(crand.Reader, msg.Raw, nil, nil)`
	`292`	`+ decrypted, err := ecies.ImportECDSA(key).Decrypt(msg.Raw, nil, nil)`
`293`	`293`	`if err == nil {`
`294`	`294`	`msg.Raw = decrypted`
`295`	`295`	`}`