secure: replace x/crypto/curve25519 with crypto/ecdh

cmd/pgcli/curve25519/curve25519.go

@@ -1,17 +1,19 @@
 package curve25519
 
 import (
+	"crypto/ecdh"
+	"crypto/rand"
 	"fmt"
 
-	"github.com/sigcn/pg/secure"
+	"storj.io/common/base58"
 )
 
 func Run() error {
-	priv, err := secure.GenerateCurve25519()
+	priv, err := ecdh.X25519().GenerateKey(rand.Reader)
 	if err != nil {
 		return err
 	}
-	fmt.Printf("priv\t%s\n", priv.String())
-	fmt.Printf("pub\t%s\n", priv.PublicKey.String())
+	fmt.Printf("priv\t%s\n", base58.Encode(priv.Bytes()))
+	fmt.Printf("pub\t%s\n", base58.Encode(priv.PublicKey().Bytes()))
 	return nil
 }

p2p/config.go

@@ -1,6 +1,8 @@
 package p2p
 
 import (
+	"crypto/ecdh"
+	"crypto/rand"
 	"errors"
 	"net/url"
 	"time"
@@ -8,6 +10,7 @@ import (
 	"github.com/sigcn/pg/disco"
 	"github.com/sigcn/pg/secure"
 	"github.com/sigcn/pg/secure/chacha20poly1305"
+	"storj.io/common/base58"
 )
 
 var defaultSymmAlgo func(secure.ProvideSecretKey) secure.SymmAlgo = chacha20poly1305.New
@@ -58,11 +61,11 @@ func ListenPeerID(id string) Option {
 
 func ListenPeerSecure() Option {
 	return func(cfg *Config) error {
-		priv, err := secure.GenerateCurve25519()
+		priv, err := ecdh.X25519().GenerateKey(rand.Reader)
 		if err != nil {
 			return err
 		}
-		return ListenPeerCurve25519(priv.String())(cfg)
+		return ListenPeerCurve25519(base58.Encode(priv.Bytes()))(cfg)
 	}
 }
 
@@ -71,12 +74,19 @@ func ListenPeerCurve25519(privateKey string) Option {
 		if cfg.SymmAlgo != nil {
 			return errors.New("repeat secure options")
 		}
-		priv, err := secure.Curve25519PrivateKey(privateKey)
+		curve := ecdh.X25519()
+		priv, err := curve.NewPrivateKey(base58.Decode(privateKey))
 		if err != nil {
 			return err
 		}
-		cfg.SymmAlgo = defaultSymmAlgo(priv.SharedKey)
-		cfg.PeerInfo.ID = disco.PeerID(priv.PublicKey.String())
+		cfg.SymmAlgo = defaultSymmAlgo(func(pubKey string) ([]byte, error) {
+			pub, err := curve.NewPublicKey(base58.Decode(pubKey))
+			if err != nil {
+				return nil, err
+			}
+			return priv.ECDH(pub)
+		})
+		cfg.PeerInfo.ID = disco.PeerID(base58.Encode(priv.PublicKey().Bytes()))
 		return nil
 	}
 }

secure/curve25519.go

@@ -1,57 +0,0 @@
-package secure
-
-import (
-	"crypto/rand"
-
-	"golang.org/x/crypto/curve25519"
-	"storj.io/common/base58"
-)
-
-type PrivateKey struct {
-	PublicKey
-	b []byte
-}
-
-func (key *PrivateKey) String() string {
-	return base58.Encode(key.b)
-}
-
-func (key *PrivateKey) SharedKey(pubKey string) ([]byte, error) {
-	b := base58.Decode(pubKey)
-	secret, err := curve25519.X25519(key.b, b)
-	if err != nil {
-		return nil, err
-	}
-	return secret, nil
-}
-
-type PublicKey struct {
-	b []byte
-}
-
-func (key *PublicKey) String() string {
-	return base58.Encode(key.b)
-}
-
-func GenerateCurve25519() (*PrivateKey, error) {
-	var priv, pub [32]byte
-	_, err := rand.Read(priv[:])
-	if err != nil {
-		return nil, err
-	}
-
-	priv[0] &= 248
-	priv[31] &= 127
-	priv[31] |= 64
-
-	curve25519.ScalarBaseMult(&pub, &priv)
-
-	return &PrivateKey{b: priv[:], PublicKey: PublicKey{b: pub[:]}}, nil
-}
-
-func Curve25519PrivateKey(privateKey string) (*PrivateKey, error) {
-	priv := base58.Decode(privateKey)
-	var pub [32]byte
-	curve25519.ScalarBaseMult(&pub, (*[32]byte)(priv))
-	return &PrivateKey{b: priv, PublicKey: PublicKey{b: pub[:]}}, nil
-}