don't use csiphash. use pynacl.

decred · Apr 1, 2020 · 2969231 · 2969231
1 parent f99be5f
commit 2969231
Show file tree

Hide file tree

Showing 4 changed files with 103 additions and 104 deletions.
diff --git a/decred/decred/crypto/gcs.py b/decred/decred/crypto/gcs.py
@@ -4,7 +4,7 @@
 """
 
 from blake256.blake256 import blake_hash
-from csiphash import siphash24
+from nacl.hash import siphash24
 
 from decred import DecredError
 from decred.dcr.wire import wire
@@ -26,6 +26,17 @@
 KeySize = 16
 
 
+class SiphashEncoder:
+    """
+    PyNaCl's siphash 24 takes an encoder argument, which must have an encode
+    method.
+    """
+
+    @staticmethod
+    def encode(b):
+        return ByteArray(b)
+
+
 class EncodingError(DecredError):
     pass
 
@@ -196,7 +207,11 @@ def match(self, key, data):
             raise DecredError(f"key length {len(key)} != 16 not allowed")
 
         # Hash the search term with the same parameters as the filter.
-        term = ByteArray(siphash24(key.bytes(), data.bytes())).littleEndian().int()
+        term = (
+            siphash24(data.bytes(), key=key.bytes(), encoder=SiphashEncoder)
+            .littleEndian()
+            .int()
+        )
         term = (term * self.modulusNM) >> 64
 
         # Go through the search filter and look for the desired value.
@@ -244,7 +259,11 @@ def matchAny(self, key, data):
         for d in data:
             if len(d) == 0:
                 continue
-            v = ByteArray(siphash24(keyB, d.bytes())).littleEndian().int()
+            v = (
+                siphash24(d.bytes(), key=keyB, encoder=SiphashEncoder)
+                .littleEndian()
+                .int()
+            )
             values.append((v * mod) >> 64)
 
         if len(values) == 0:

diff --git a/decred/pyproject.toml b/decred/pyproject.toml
@@ -28,7 +28,6 @@ base58 = "^2.0.0"
 blake256 = "^0.1.1"
 pynacl = "^1.3.0"
 websocket_client = "^0.57.0"
-csiphash = "^0.0.5"
 
 [tool.poetry.dev-dependencies]
 pytest = "^5.3"