diff options
author | Pedram Fardzadeh <p.fardzadeh@protonmail.com> | 2024-03-11 00:09:47 +0100 |
---|---|---|
committer | Pedram Fardzadeh <p.fardzadeh@protonmail.com> | 2024-03-11 00:09:47 +0100 |
commit | b4a039d3c95a18e38fb2a7f2ec62571c311fd309 (patch) | |
tree | 194ebd8c3b708fe597d89eb71d60e6a945bf1b31 | |
parent | b3f53b5b037d255af5c46134d0fdf031267f464c (diff) | |
download | gnunet-b4a039d3c95a18e38fb2a7f2ec62571c311fd309.tar.gz gnunet-b4a039d3c95a18e38fb2a7f2ec62571c311fd309.zip |
elligator: code cleanup
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 138 | ||||
-rw-r--r-- | src/lib/util/crypto_elligator.c | 81 | ||||
-rw-r--r-- | src/lib/util/test_crypto_elligator.c | 17 | ||||
-rw-r--r-- | src/service/transport/gnunet-communicator-udp.c | 5 |
4 files changed, 107 insertions, 134 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 168f934e1..53150bedc 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -973,7 +973,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, | |||
973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding | 973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
974 | */ | 974 | */ |
975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ | 975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ |
976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) | 976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) |
977 | 977 | ||
978 | 978 | ||
979 | /** | 979 | /** |
@@ -2215,15 +2215,15 @@ GNUNET_CRYPTO_eddsa_sign_ ( | |||
2215 | * @param[out] sig where to write the signature | 2215 | * @param[out] sig where to write the signature |
2216 | */ | 2216 | */ |
2217 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ | 2217 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ |
2218 | /* check size is set correctly */ \ | 2218 | /* check size is set correctly */ \ |
2219 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ | 2219 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ |
2220 | /* check 'ps' begins with the purpose */ \ | 2220 | /* check 'ps' begins with the purpose */ \ |
2221 | GNUNET_static_assert (((void*) (ps)) == \ | 2221 | GNUNET_static_assert (((void*) (ps)) == \ |
2222 | ((void*) &(ps)->purpose)); \ | 2222 | ((void*) &(ps)->purpose)); \ |
2223 | GNUNET_assert (GNUNET_OK == \ | 2223 | GNUNET_assert (GNUNET_OK == \ |
2224 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ | 2224 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ |
2225 | &(ps)->purpose, \ | 2225 | &(ps)->purpose, \ |
2226 | sig)); \ | 2226 | sig)); \ |
2227 | } while (0) | 2227 | } while (0) |
2228 | 2228 | ||
2229 | 2229 | ||
@@ -2277,15 +2277,15 @@ GNUNET_CRYPTO_eddsa_sign_raw ( | |||
2277 | * @param[out] sig where to write the signature | 2277 | * @param[out] sig where to write the signature |
2278 | */ | 2278 | */ |
2279 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ | 2279 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ |
2280 | /* check size is set correctly */ \ | 2280 | /* check size is set correctly */ \ |
2281 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2281 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
2282 | /* check 'ps' begins with the purpose */ \ | 2282 | /* check 'ps' begins with the purpose */ \ |
2283 | GNUNET_static_assert (((void*) (ps)) == \ | 2283 | GNUNET_static_assert (((void*) (ps)) == \ |
2284 | ((void*) &(ps)->purpose)); \ | 2284 | ((void*) &(ps)->purpose)); \ |
2285 | GNUNET_assert (GNUNET_OK == \ | 2285 | GNUNET_assert (GNUNET_OK == \ |
2286 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ | 2286 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ |
2287 | &(ps)->purpose, \ | 2287 | &(ps)->purpose, \ |
2288 | sig)); \ | 2288 | sig)); \ |
2289 | } while (0) | 2289 | } while (0) |
2290 | 2290 | ||
2291 | /** | 2291 | /** |
@@ -2324,15 +2324,15 @@ GNUNET_CRYPTO_edx25519_sign_ ( | |||
2324 | * @param[out] sig where to write the signature | 2324 | * @param[out] sig where to write the signature |
2325 | */ | 2325 | */ |
2326 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ | 2326 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ |
2327 | /* check size is set correctly */ \ | 2327 | /* check size is set correctly */ \ |
2328 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2328 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
2329 | /* check 'ps' begins with the purpose */ \ | 2329 | /* check 'ps' begins with the purpose */ \ |
2330 | GNUNET_static_assert (((void*) (ps)) == \ | 2330 | GNUNET_static_assert (((void*) (ps)) == \ |
2331 | ((void*) &(ps)->purpose)); \ | 2331 | ((void*) &(ps)->purpose)); \ |
2332 | GNUNET_assert (GNUNET_OK == \ | 2332 | GNUNET_assert (GNUNET_OK == \ |
2333 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ | 2333 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ |
2334 | &(ps)->purpose, \ | 2334 | &(ps)->purpose, \ |
2335 | sig)); \ | 2335 | sig)); \ |
2336 | } while (0) | 2336 | } while (0) |
2337 | 2337 | ||
2338 | 2338 | ||
@@ -2676,25 +2676,24 @@ GNUNET_CRYPTO_edx25519_public_key_derive ( | |||
2676 | * @param high_y destination set to "True" if corresponding y-coordinate is > 2 ^ 254 - 10 | 2676 | * @param high_y destination set to "True" if corresponding y-coordinate is > 2 ^ 254 - 10 |
2677 | */ | 2677 | */ |
2678 | bool | 2678 | bool |
2679 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, bool *high_y, | 2679 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, |
2680 | bool *high_y, | ||
2680 | uint8_t *representative); | 2681 | uint8_t *representative); |
2681 | 2682 | ||
2682 | 2683 | ||
2683 | /** | 2684 | /** |
2684 | * @ingroup crypto | 2685 | * @ingroup crypto |
2685 | * Clears the most significant bit and second most significant bit to the serialized representaive before applying elligator direct map. | 2686 | * Clears the most significant bit and second most significant bit of the serialized representaive before applying elligator direct map. |
2686 | * | 2687 | * |
2687 | * @param serialized_representative serialized version of an element of Curves25519's finite field | 2688 | * @param representative serialized elligator representative of an element of Curves25519's finite field |
2688 | * @param point destination for the calculated point on the curve | 2689 | * @param point destination for the calculated point on the curve |
2689 | * @param high_y value pointed to will be set to true if corresponding y-coordinate is > 2 ^ 254 - 10, otherwise 0. Can be set to NULL if not needed. | 2690 | * @param high_y value pointed to will be set to true if corresponding y-coordinate is > 2 ^ 254 - 10, otherwise 0. Can be set to NULL if not needed. |
2690 | */ | 2691 | */ |
2691 | bool | 2692 | bool |
2692 | GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | 2693 | GNUNET_CRYPTO_ecdhe_elligator_decoding ( |
2693 | GNUNET_CRYPTO_EcdhePublicKey *point, | 2694 | struct GNUNET_CRYPTO_EcdhePublicKey *point, |
2694 | bool *high_y, | 2695 | bool *high_y, |
2695 | const struct | 2696 | const struct GNUNET_CRYPTO_ElligatorRepresentative *representative); |
2696 | GNUNET_CRYPTO_ElligatorRepresentative * | ||
2697 | seriliazed_representative); | ||
2698 | 2697 | ||
2699 | /** | 2698 | /** |
2700 | * @ingroup crypto | 2699 | * @ingroup crypto |
@@ -2706,33 +2705,24 @@ GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | |||
2706 | * @param representative destination for the calculated element of the finite field | 2705 | * @param representative destination for the calculated element of the finite field |
2707 | */ | 2706 | */ |
2708 | bool | 2707 | bool |
2709 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, const | 2708 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, |
2710 | uint8_t *point, | 2709 | const uint8_t *point, |
2711 | bool high_y); | 2710 | bool high_y); |
2712 | 2711 | ||
2713 | 2712 | ||
2714 | /** | 2713 | /** |
2715 | * Initializes the elligator library | ||
2716 | * THis function is thread safe | ||
2717 | */ | ||
2718 | void | ||
2719 | GNUNET_CRYPTO_ecdhe_elligator_initialize (void); | ||
2720 | |||
2721 | /** | ||
2722 | * @ingroup crypto | 2714 | * @ingroup crypto |
2723 | * Generates a valid public key for elligator's inverse map by adding a lower order point to a prime order point. | 2715 | * Generates a valid public key for elligator's inverse map by adding a lower order point to a prime order point |
2716 | * following Method 1 in description https://elligator.org/key-exchange section Step 2: Generate a “special” public key | ||
2724 | * | 2717 | * |
2725 | * @param pub valid public key for elligator inverse map | 2718 | * @param pub valid public key for elligator inverse map |
2726 | * @param pk private key for generating valid public key | 2719 | * @param pk private key for generating valid public key |
2720 | * @return GNUNET_OK on success | ||
2727 | */ | 2721 | */ |
2728 | int | 2722 | enum GNUNET_GenericReturnValue |
2729 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (unsigned char | 2723 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key ( |
2730 | pub[ | 2724 | struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
2731 | crypto_scalarmult_SCALARBYTES | 2725 | struct GNUNET_CRYPTO_EcdhePrivateKey *pk); |
2732 | ], | ||
2733 | struct | ||
2734 | GNUNET_CRYPTO_EcdhePrivateKey | ||
2735 | *pk); | ||
2736 | 2726 | ||
2737 | 2727 | ||
2738 | /** | 2728 | /** |
@@ -2758,12 +2748,10 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
2758 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | 2748 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success |
2759 | */ | 2749 | */ |
2760 | enum GNUNET_GenericReturnValue | 2750 | enum GNUNET_GenericReturnValue |
2761 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | 2751 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps ( |
2762 | GNUNET_CRYPTO_EddsaPublicKey *pub, | 2752 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, |
2763 | struct | 2753 | struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
2764 | GNUNET_CRYPTO_ElligatorRepresentative | 2754 | struct GNUNET_HashCode *key_material); |
2765 | *r, | ||
2766 | struct GNUNET_HashCode *key_material); | ||
2767 | 2755 | ||
2768 | /** | 2756 | /** |
2769 | * @ingroup crypto | 2757 | * @ingroup crypto |
@@ -2776,12 +2764,10 @@ GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | |||
2776 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | 2764 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success |
2777 | */ | 2765 | */ |
2778 | enum GNUNET_GenericReturnValue | 2766 | enum GNUNET_GenericReturnValue |
2779 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps (const struct | 2767 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps ( |
2780 | GNUNET_CRYPTO_EddsaPrivateKey *priv, | 2768 | const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, |
2781 | const struct | 2769 | const struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
2782 | GNUNET_CRYPTO_ElligatorRepresentative | 2770 | struct GNUNET_HashCode *key_material); |
2783 | *r, | ||
2784 | struct GNUNET_HashCode *key_material); | ||
2785 | 2771 | ||
2786 | 2772 | ||
2787 | /** | 2773 | /** |
@@ -4267,15 +4253,15 @@ GNUNET_CRYPTO_sign_raw_ ( | |||
4267 | * @param[out] sig where to write the signature | 4253 | * @param[out] sig where to write the signature |
4268 | */ | 4254 | */ |
4269 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ | 4255 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ |
4270 | /* check size is set correctly */ \ | 4256 | /* check size is set correctly */ \ |
4271 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 4257 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
4272 | /* check 'ps' begins with the purpose */ \ | 4258 | /* check 'ps' begins with the purpose */ \ |
4273 | GNUNET_static_assert (((void*) (ps)) == \ | 4259 | GNUNET_static_assert (((void*) (ps)) == \ |
4274 | ((void*) &(ps)->purpose)); \ | 4260 | ((void*) &(ps)->purpose)); \ |
4275 | GNUNET_assert (GNUNET_OK == \ | 4261 | GNUNET_assert (GNUNET_OK == \ |
4276 | GNUNET_CRYPTO_sign_ (priv, \ | 4262 | GNUNET_CRYPTO_sign_ (priv, \ |
4277 | &(ps)->purpose, \ | 4263 | &(ps)->purpose, \ |
4278 | sig)); \ | 4264 | sig)); \ |
4279 | } while (0) | 4265 | } while (0) |
4280 | 4266 | ||
4281 | 4267 | ||
diff --git a/src/lib/util/crypto_elligator.c b/src/lib/util/crypto_elligator.c index b46d30d6f..11bc086a9 100644 --- a/src/lib/util/crypto_elligator.c +++ b/src/lib/util/crypto_elligator.c | |||
@@ -218,8 +218,8 @@ encode_bytes (uint8_t *bytes, mp_limb_t *number) | |||
218 | } | 218 | } |
219 | 219 | ||
220 | 220 | ||
221 | void | 221 | void __attribute__ ((constructor)) |
222 | GNUNET_CRYPTO_ecdhe_elligator_initialize (void) | 222 | GNUNET_CRYPTO_ecdhe_elligator_initialize () |
223 | { | 223 | { |
224 | static bool initialized = false; | 224 | static bool initialized = false; |
225 | 225 | ||
@@ -294,7 +294,8 @@ GNUNET_CRYPTO_ecdhe_elligator_initialize (void) | |||
294 | // Returns trash if the number is a quadratic non-residue | 294 | // Returns trash if the number is a quadratic non-residue |
295 | 295 | ||
296 | static void | 296 | static void |
297 | least_square_root (mp_limb_t *root, const mp_limb_t *number, | 297 | least_square_root (mp_limb_t *root, |
298 | const mp_limb_t *number, | ||
298 | mp_limb_t *scratch_space) | 299 | mp_limb_t *scratch_space) |
299 | { | 300 | { |
300 | mp_limb_t a[P_LIMBS + P_LIMBS]; | 301 | mp_limb_t a[P_LIMBS + P_LIMBS]; |
@@ -331,8 +332,8 @@ least_square_root (mp_limb_t *root, const mp_limb_t *number, | |||
331 | 332 | ||
332 | 333 | ||
333 | bool | 334 | bool |
334 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, const | 335 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, |
335 | uint8_t *point, | 336 | const uint8_t *point, |
336 | bool high_y) | 337 | bool high_y) |
337 | { | 338 | { |
338 | mp_limb_t scratch_space[scratch_space_length]; | 339 | mp_limb_t scratch_space[scratch_space_length]; |
@@ -384,7 +385,8 @@ GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, const | |||
384 | 385 | ||
385 | 386 | ||
386 | bool | 387 | bool |
387 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, bool *high_y, | 388 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, |
389 | bool *high_y, | ||
388 | uint8_t *representative) | 390 | uint8_t *representative) |
389 | { | 391 | { |
390 | mp_limb_t scratch_space[scratch_space_length]; | 392 | mp_limb_t scratch_space[scratch_space_length]; |
@@ -442,14 +444,11 @@ GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, bool *high_y, | |||
442 | } | 444 | } |
443 | 445 | ||
444 | 446 | ||
445 | // Removes most significant bit and second most significant bit before applying elligator direct map | ||
446 | bool | 447 | bool |
447 | GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | 448 | GNUNET_CRYPTO_ecdhe_elligator_decoding ( |
448 | GNUNET_CRYPTO_EcdhePublicKey *point, | 449 | struct GNUNET_CRYPTO_EcdhePublicKey *point, |
449 | bool *high_y, | 450 | bool *high_y, |
450 | const struct | 451 | const struct GNUNET_CRYPTO_ElligatorRepresentative *representative) |
451 | GNUNET_CRYPTO_ElligatorRepresentative * | ||
452 | representative) | ||
453 | { | 452 | { |
454 | // if sign of direct map transformation not needed throw it away | 453 | // if sign of direct map transformation not needed throw it away |
455 | bool high_y_local; | 454 | bool high_y_local; |
@@ -470,8 +469,8 @@ GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | |||
470 | 469 | ||
471 | 470 | ||
472 | static bool | 471 | static bool |
473 | Elligator_2_Curve25519_convert_from_Ed25519 (uint8_t *point, const | 472 | convert_from_ed_to_curve (uint8_t *point, |
474 | uint8_t *source) | 473 | const uint8_t *source) |
475 | { | 474 | { |
476 | mp_limb_t scratch_space[scratch_space_length]; | 475 | mp_limb_t scratch_space[scratch_space_length]; |
477 | 476 | ||
@@ -535,16 +534,10 @@ Elligator_2_Curve25519_convert_from_Ed25519 (uint8_t *point, const | |||
535 | } | 534 | } |
536 | 535 | ||
537 | 536 | ||
538 | // Would call GNUNET_CRYPTO_ecdhe_key_create (struct GNUNET_CRYPTO_EcdhePrivateKey *pk) for pk which is not clamped | 537 | enum GNUNET_GenericReturnValue |
539 | // Following Method 1 in description https://elligator.org/key-exchange section Step 2: Generate a “special” public key | 538 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key ( |
540 | int | 539 | struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
541 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (unsigned char | 540 | struct GNUNET_CRYPTO_EcdhePrivateKey *pk) |
542 | pub[ | ||
543 | crypto_scalarmult_SCALARBYTES | ||
544 | ], | ||
545 | struct | ||
546 | GNUNET_CRYPTO_EcdhePrivateKey | ||
547 | *pk) | ||
548 | { | 541 | { |
549 | // eHigh | 542 | // eHigh |
550 | // crypto_scalarmult_ed25519_base clamps the scalar pk->d and return only 0 if pk->d is zero | 543 | // crypto_scalarmult_ed25519_base clamps the scalar pk->d and return only 0 if pk->d is zero |
@@ -563,7 +556,7 @@ GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (unsigned char | |||
563 | return GNUNET_SYSERR; | 556 | return GNUNET_SYSERR; |
564 | } | 557 | } |
565 | 558 | ||
566 | if (Elligator_2_Curve25519_convert_from_Ed25519 (pub, edPub) == false) | 559 | if (convert_from_ed_to_curve (pub->q_y, edPub) == false) |
567 | { | 560 | { |
568 | return GNUNET_SYSERR; | 561 | return GNUNET_SYSERR; |
569 | } | 562 | } |
@@ -578,7 +571,7 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
578 | { | 571 | { |
579 | // inverse map can fail for some public keys generated by GNUNET_CRYPTO_ecdhe_elligator_generate_public_key | 572 | // inverse map can fail for some public keys generated by GNUNET_CRYPTO_ecdhe_elligator_generate_public_key |
580 | bool validKey = 0; | 573 | bool validKey = 0; |
581 | unsigned char pub[crypto_scalarmult_SCALARBYTES]; | 574 | struct GNUNET_CRYPTO_EcdhePublicKey pub = {0}; |
582 | int8_t random_tweak; | 575 | int8_t random_tweak; |
583 | bool high_y; | 576 | bool high_y; |
584 | bool msb_set; | 577 | bool msb_set; |
@@ -592,7 +585,7 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
592 | 585 | ||
593 | // Continue if generate_public_key fails | 586 | // Continue if generate_public_key fails |
594 | if (GNUNET_SYSERR == | 587 | if (GNUNET_SYSERR == |
595 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (pub, pk)) | 588 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (&pub, pk)) |
596 | { | 589 | { |
597 | continue; | 590 | continue; |
598 | } | 591 | } |
@@ -602,12 +595,12 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
602 | sizeof(int8_t)); | 595 | sizeof(int8_t)); |
603 | high_y = random_tweak & 1; | 596 | high_y = random_tweak & 1; |
604 | 597 | ||
605 | validKey = GNUNET_CRYPTO_ecdhe_elligator_inverse_map ((unsigned | 598 | validKey = GNUNET_CRYPTO_ecdhe_elligator_inverse_map ( |
606 | char*) &(repr->r), | 599 | (unsigned char*) &(repr->r), |
607 | (unsigned char*) pub, | 600 | (unsigned char*) pub.q_y, |
608 | high_y ? | 601 | high_y ? |
609 | GNUNET_YES : | 602 | GNUNET_YES : |
610 | GNUNET_NO); | 603 | GNUNET_NO); |
611 | } | 604 | } |
612 | 605 | ||
613 | // Setting most significant bit and second most significant bit randomly | 606 | // Setting most significant bit and second most significant bit randomly |
@@ -625,12 +618,10 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
625 | 618 | ||
626 | 619 | ||
627 | enum GNUNET_GenericReturnValue | 620 | enum GNUNET_GenericReturnValue |
628 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | 621 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps ( |
629 | GNUNET_CRYPTO_EddsaPublicKey *pub, | 622 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, |
630 | struct | 623 | struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
631 | GNUNET_CRYPTO_ElligatorRepresentative | 624 | struct GNUNET_HashCode *key_material) |
632 | *r, | ||
633 | struct GNUNET_HashCode *key_material) | ||
634 | { | 625 | { |
635 | struct GNUNET_CRYPTO_EcdhePrivateKey sk; | 626 | struct GNUNET_CRYPTO_EcdhePrivateKey sk; |
636 | 627 | ||
@@ -641,12 +632,10 @@ GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | |||
641 | 632 | ||
642 | 633 | ||
643 | enum GNUNET_GenericReturnValue | 634 | enum GNUNET_GenericReturnValue |
644 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps (const struct | 635 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps ( |
645 | GNUNET_CRYPTO_EddsaPrivateKey *priv, | 636 | const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, |
646 | const struct | 637 | const struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
647 | GNUNET_CRYPTO_ElligatorRepresentative | 638 | struct GNUNET_HashCode *key_material) |
648 | *r, | ||
649 | struct GNUNET_HashCode *key_material) | ||
650 | { | 639 | { |
651 | struct GNUNET_CRYPTO_EcdhePublicKey pub; | 640 | struct GNUNET_CRYPTO_EcdhePublicKey pub; |
652 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&pub, NULL, r); | 641 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&pub, NULL, r); |
diff --git a/src/lib/util/test_crypto_elligator.c b/src/lib/util/test_crypto_elligator.c index bd357a259..8fd4d4093 100644 --- a/src/lib/util/test_crypto_elligator.c +++ b/src/lib/util/test_crypto_elligator.c | |||
@@ -94,11 +94,11 @@ testGeneratePkScalarMult (void) | |||
94 | &pk, | 94 | &pk, |
95 | sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); | 95 | sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); |
96 | 96 | ||
97 | unsigned char pubWholeCurve[crypto_scalarmult_SCALARBYTES]; | 97 | struct GNUNET_CRYPTO_EcdhePublicKey pubWholeCurve = {0}; |
98 | unsigned char pubPrimeCurve[crypto_scalarmult_SCALARBYTES]; | 98 | unsigned char pubPrimeCurve[crypto_scalarmult_SCALARBYTES]; |
99 | 99 | ||
100 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (pubWholeCurve, &pk) == | 100 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (&pubWholeCurve, |
101 | -1) | 101 | &pk) == -1) |
102 | { | 102 | { |
103 | return GNUNET_SYSERR; | 103 | return GNUNET_SYSERR; |
104 | } | 104 | } |
@@ -111,9 +111,9 @@ testGeneratePkScalarMult (void) | |||
111 | // TODO: Currently utilizing ecdsa function for ecdhe testing, due to clamping. Clean this part later. | 111 | // TODO: Currently utilizing ecdsa function for ecdhe testing, due to clamping. Clean this part later. |
112 | struct GNUNET_CRYPTO_EcdsaPrivateKey clampedPk; | 112 | struct GNUNET_CRYPTO_EcdsaPrivateKey clampedPk; |
113 | GNUNET_CRYPTO_ecdsa_key_create (&clampedPk); | 113 | GNUNET_CRYPTO_ecdsa_key_create (&clampedPk); |
114 | crypto_scalarmult_base (pubWholeCurve, clampedPk.d); | 114 | crypto_scalarmult_base (pubWholeCurve.q_y, clampedPk.d); |
115 | crypto_scalarmult_base (pubPrimeCurve, clampedPk.d); | 115 | crypto_scalarmult_base (pubPrimeCurve, clampedPk.d); |
116 | if (memcmp (pubWholeCurve, pubPrimeCurve, sizeof(pubWholeCurve)) != 0) | 116 | if (memcmp (pubWholeCurve.q_y, pubPrimeCurve, sizeof(pubWholeCurve)) != 0) |
117 | { | 117 | { |
118 | return GNUNET_SYSERR; | 118 | return GNUNET_SYSERR; |
119 | } | 119 | } |
@@ -133,15 +133,15 @@ testInverseDirect (void) | |||
133 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | 133 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; |
134 | GNUNET_CRYPTO_ecdhe_elligator_key_create (&repr, &pk); | 134 | GNUNET_CRYPTO_ecdhe_elligator_key_create (&repr, &pk); |
135 | 135 | ||
136 | unsigned char pub[crypto_scalarmult_SCALARBYTES]; | 136 | struct GNUNET_CRYPTO_EcdhePublicKey pub = {0}; |
137 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (pub, &pk) == -1) | 137 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (&pub, &pk) == -1) |
138 | { | 138 | { |
139 | return GNUNET_SYSERR; | 139 | return GNUNET_SYSERR; |
140 | } | 140 | } |
141 | 141 | ||
142 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&point, NULL, &repr); | 142 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&point, NULL, &repr); |
143 | 143 | ||
144 | if (memcmp (pub, point.q_y, sizeof(point.q_y)) != 0) | 144 | if (memcmp (pub.q_y, point.q_y, sizeof(point.q_y)) != 0) |
145 | { | 145 | { |
146 | return GNUNET_SYSERR; | 146 | return GNUNET_SYSERR; |
147 | } | 147 | } |
@@ -263,7 +263,6 @@ elligatorKEM () | |||
263 | int | 263 | int |
264 | main (int argc, char *argv[]) | 264 | main (int argc, char *argv[]) |
265 | { | 265 | { |
266 | GNUNET_CRYPTO_ecdhe_elligator_initialize (); | ||
267 | 266 | ||
268 | int failure_count = 0; | 267 | int failure_count = 0; |
269 | 268 | ||
diff --git a/src/service/transport/gnunet-communicator-udp.c b/src/service/transport/gnunet-communicator-udp.c index 3d8e980ed..28729bb73 100644 --- a/src/service/transport/gnunet-communicator-udp.c +++ b/src/service/transport/gnunet-communicator-udp.c | |||
@@ -67,7 +67,7 @@ | |||
67 | * How often do we scan for changes to our network interfaces? | 67 | * How often do we scan for changes to our network interfaces? |
68 | */ | 68 | */ |
69 | #define INTERFACE_SCAN_FREQUENCY \ | 69 | #define INTERFACE_SCAN_FREQUENCY \ |
70 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5) | 70 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5) |
71 | 71 | ||
72 | /** | 72 | /** |
73 | * How long do we believe our addresses to remain up (before | 73 | * How long do we believe our addresses to remain up (before |
@@ -76,7 +76,7 @@ | |||
76 | #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS | 76 | #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS |
77 | 77 | ||
78 | #define WORKING_QUEUE_INTERVALL \ | 78 | #define WORKING_QUEUE_INTERVALL \ |
79 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1) | 79 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1) |
80 | 80 | ||
81 | /** | 81 | /** |
82 | * AES key size. | 82 | * AES key size. |
@@ -3529,7 +3529,6 @@ run (void *cls, | |||
3529 | int | 3529 | int |
3530 | main (int argc, char *const *argv) | 3530 | main (int argc, char *const *argv) |
3531 | { | 3531 | { |
3532 | GNUNET_CRYPTO_ecdhe_elligator_initialize (); | ||
3533 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { | 3532 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { |
3534 | GNUNET_GETOPT_OPTION_END | 3533 | GNUNET_GETOPT_OPTION_END |
3535 | }; | 3534 | }; |