diff options
| author | Pedram Fardzadeh <p.fardzadeh@protonmail.com> | 2024-03-11 00:09:47 +0100 |
|---|---|---|
| committer | Pedram Fardzadeh <p.fardzadeh@protonmail.com> | 2024-03-11 00:09:47 +0100 |
| commit | b4a039d3c95a18e38fb2a7f2ec62571c311fd309 (patch) | |
| tree | 194ebd8c3b708fe597d89eb71d60e6a945bf1b31 | |
| parent | b3f53b5b037d255af5c46134d0fdf031267f464c (diff) | |
| download | gnunet-b4a039d3c95a18e38fb2a7f2ec62571c311fd309.tar.gz gnunet-b4a039d3c95a18e38fb2a7f2ec62571c311fd309.zip | |
elligator: code cleanup
| -rw-r--r-- | src/include/gnunet_crypto_lib.h | 138 | ||||
| -rw-r--r-- | src/lib/util/crypto_elligator.c | 81 | ||||
| -rw-r--r-- | src/lib/util/test_crypto_elligator.c | 17 | ||||
| -rw-r--r-- | src/service/transport/gnunet-communicator-udp.c | 5 |
4 files changed, 107 insertions, 134 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 168f934e1..53150bedc 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
| @@ -973,7 +973,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, | |||
| 973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding | 973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
| 974 | */ | 974 | */ |
| 975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ | 975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ |
| 976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) | 976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) |
| 977 | 977 | ||
| 978 | 978 | ||
| 979 | /** | 979 | /** |
| @@ -2215,15 +2215,15 @@ GNUNET_CRYPTO_eddsa_sign_ ( | |||
| 2215 | * @param[out] sig where to write the signature | 2215 | * @param[out] sig where to write the signature |
| 2216 | */ | 2216 | */ |
| 2217 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ | 2217 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ |
| 2218 | /* check size is set correctly */ \ | 2218 | /* check size is set correctly */ \ |
| 2219 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ | 2219 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ |
| 2220 | /* check 'ps' begins with the purpose */ \ | 2220 | /* check 'ps' begins with the purpose */ \ |
| 2221 | GNUNET_static_assert (((void*) (ps)) == \ | 2221 | GNUNET_static_assert (((void*) (ps)) == \ |
| 2222 | ((void*) &(ps)->purpose)); \ | 2222 | ((void*) &(ps)->purpose)); \ |
| 2223 | GNUNET_assert (GNUNET_OK == \ | 2223 | GNUNET_assert (GNUNET_OK == \ |
| 2224 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ | 2224 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ |
| 2225 | &(ps)->purpose, \ | 2225 | &(ps)->purpose, \ |
| 2226 | sig)); \ | 2226 | sig)); \ |
| 2227 | } while (0) | 2227 | } while (0) |
| 2228 | 2228 | ||
| 2229 | 2229 | ||
| @@ -2277,15 +2277,15 @@ GNUNET_CRYPTO_eddsa_sign_raw ( | |||
| 2277 | * @param[out] sig where to write the signature | 2277 | * @param[out] sig where to write the signature |
| 2278 | */ | 2278 | */ |
| 2279 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ | 2279 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ |
| 2280 | /* check size is set correctly */ \ | 2280 | /* check size is set correctly */ \ |
| 2281 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2281 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
| 2282 | /* check 'ps' begins with the purpose */ \ | 2282 | /* check 'ps' begins with the purpose */ \ |
| 2283 | GNUNET_static_assert (((void*) (ps)) == \ | 2283 | GNUNET_static_assert (((void*) (ps)) == \ |
| 2284 | ((void*) &(ps)->purpose)); \ | 2284 | ((void*) &(ps)->purpose)); \ |
| 2285 | GNUNET_assert (GNUNET_OK == \ | 2285 | GNUNET_assert (GNUNET_OK == \ |
| 2286 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ | 2286 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ |
| 2287 | &(ps)->purpose, \ | 2287 | &(ps)->purpose, \ |
| 2288 | sig)); \ | 2288 | sig)); \ |
| 2289 | } while (0) | 2289 | } while (0) |
| 2290 | 2290 | ||
| 2291 | /** | 2291 | /** |
| @@ -2324,15 +2324,15 @@ GNUNET_CRYPTO_edx25519_sign_ ( | |||
| 2324 | * @param[out] sig where to write the signature | 2324 | * @param[out] sig where to write the signature |
| 2325 | */ | 2325 | */ |
| 2326 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ | 2326 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ |
| 2327 | /* check size is set correctly */ \ | 2327 | /* check size is set correctly */ \ |
| 2328 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2328 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
| 2329 | /* check 'ps' begins with the purpose */ \ | 2329 | /* check 'ps' begins with the purpose */ \ |
| 2330 | GNUNET_static_assert (((void*) (ps)) == \ | 2330 | GNUNET_static_assert (((void*) (ps)) == \ |
| 2331 | ((void*) &(ps)->purpose)); \ | 2331 | ((void*) &(ps)->purpose)); \ |
| 2332 | GNUNET_assert (GNUNET_OK == \ | 2332 | GNUNET_assert (GNUNET_OK == \ |
| 2333 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ | 2333 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ |
| 2334 | &(ps)->purpose, \ | 2334 | &(ps)->purpose, \ |
| 2335 | sig)); \ | 2335 | sig)); \ |
| 2336 | } while (0) | 2336 | } while (0) |
| 2337 | 2337 | ||
| 2338 | 2338 | ||
| @@ -2676,25 +2676,24 @@ GNUNET_CRYPTO_edx25519_public_key_derive ( | |||
| 2676 | * @param high_y destination set to "True" if corresponding y-coordinate is > 2 ^ 254 - 10 | 2676 | * @param high_y destination set to "True" if corresponding y-coordinate is > 2 ^ 254 - 10 |
| 2677 | */ | 2677 | */ |
| 2678 | bool | 2678 | bool |
| 2679 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, bool *high_y, | 2679 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, |
| 2680 | bool *high_y, | ||
| 2680 | uint8_t *representative); | 2681 | uint8_t *representative); |
| 2681 | 2682 | ||
| 2682 | 2683 | ||
| 2683 | /** | 2684 | /** |
| 2684 | * @ingroup crypto | 2685 | * @ingroup crypto |
| 2685 | * Clears the most significant bit and second most significant bit to the serialized representaive before applying elligator direct map. | 2686 | * Clears the most significant bit and second most significant bit of the serialized representaive before applying elligator direct map. |
| 2686 | * | 2687 | * |
| 2687 | * @param serialized_representative serialized version of an element of Curves25519's finite field | 2688 | * @param representative serialized elligator representative of an element of Curves25519's finite field |
| 2688 | * @param point destination for the calculated point on the curve | 2689 | * @param point destination for the calculated point on the curve |
| 2689 | * @param high_y value pointed to will be set to true if corresponding y-coordinate is > 2 ^ 254 - 10, otherwise 0. Can be set to NULL if not needed. | 2690 | * @param high_y value pointed to will be set to true if corresponding y-coordinate is > 2 ^ 254 - 10, otherwise 0. Can be set to NULL if not needed. |
| 2690 | */ | 2691 | */ |
| 2691 | bool | 2692 | bool |
| 2692 | GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | 2693 | GNUNET_CRYPTO_ecdhe_elligator_decoding ( |
| 2693 | GNUNET_CRYPTO_EcdhePublicKey *point, | 2694 | struct GNUNET_CRYPTO_EcdhePublicKey *point, |
| 2694 | bool *high_y, | 2695 | bool *high_y, |
| 2695 | const struct | 2696 | const struct GNUNET_CRYPTO_ElligatorRepresentative *representative); |
| 2696 | GNUNET_CRYPTO_ElligatorRepresentative * | ||
| 2697 | seriliazed_representative); | ||
| 2698 | 2697 | ||
| 2699 | /** | 2698 | /** |
| 2700 | * @ingroup crypto | 2699 | * @ingroup crypto |
| @@ -2706,33 +2705,24 @@ GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | |||
| 2706 | * @param representative destination for the calculated element of the finite field | 2705 | * @param representative destination for the calculated element of the finite field |
| 2707 | */ | 2706 | */ |
| 2708 | bool | 2707 | bool |
| 2709 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, const | 2708 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, |
| 2710 | uint8_t *point, | 2709 | const uint8_t *point, |
| 2711 | bool high_y); | 2710 | bool high_y); |
| 2712 | 2711 | ||
| 2713 | 2712 | ||
| 2714 | /** | 2713 | /** |
| 2715 | * Initializes the elligator library | ||
| 2716 | * THis function is thread safe | ||
| 2717 | */ | ||
| 2718 | void | ||
| 2719 | GNUNET_CRYPTO_ecdhe_elligator_initialize (void); | ||
| 2720 | |||
| 2721 | /** | ||
| 2722 | * @ingroup crypto | 2714 | * @ingroup crypto |
| 2723 | * Generates a valid public key for elligator's inverse map by adding a lower order point to a prime order point. | 2715 | * Generates a valid public key for elligator's inverse map by adding a lower order point to a prime order point |
| 2716 | * following Method 1 in description https://elligator.org/key-exchange section Step 2: Generate a “special” public key | ||
| 2724 | * | 2717 | * |
| 2725 | * @param pub valid public key for elligator inverse map | 2718 | * @param pub valid public key for elligator inverse map |
| 2726 | * @param pk private key for generating valid public key | 2719 | * @param pk private key for generating valid public key |
| 2720 | * @return GNUNET_OK on success | ||
| 2727 | */ | 2721 | */ |
| 2728 | int | 2722 | enum GNUNET_GenericReturnValue |
| 2729 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (unsigned char | 2723 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key ( |
| 2730 | pub[ | 2724 | struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
| 2731 | crypto_scalarmult_SCALARBYTES | 2725 | struct GNUNET_CRYPTO_EcdhePrivateKey *pk); |
| 2732 | ], | ||
| 2733 | struct | ||
| 2734 | GNUNET_CRYPTO_EcdhePrivateKey | ||
| 2735 | *pk); | ||
| 2736 | 2726 | ||
| 2737 | 2727 | ||
| 2738 | /** | 2728 | /** |
| @@ -2758,12 +2748,10 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
| 2758 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | 2748 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success |
| 2759 | */ | 2749 | */ |
| 2760 | enum GNUNET_GenericReturnValue | 2750 | enum GNUNET_GenericReturnValue |
| 2761 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | 2751 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps ( |
| 2762 | GNUNET_CRYPTO_EddsaPublicKey *pub, | 2752 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, |
| 2763 | struct | 2753 | struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
| 2764 | GNUNET_CRYPTO_ElligatorRepresentative | 2754 | struct GNUNET_HashCode *key_material); |
| 2765 | *r, | ||
| 2766 | struct GNUNET_HashCode *key_material); | ||
| 2767 | 2755 | ||
| 2768 | /** | 2756 | /** |
| 2769 | * @ingroup crypto | 2757 | * @ingroup crypto |
| @@ -2776,12 +2764,10 @@ GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | |||
| 2776 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | 2764 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success |
| 2777 | */ | 2765 | */ |
| 2778 | enum GNUNET_GenericReturnValue | 2766 | enum GNUNET_GenericReturnValue |
| 2779 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps (const struct | 2767 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps ( |
| 2780 | GNUNET_CRYPTO_EddsaPrivateKey *priv, | 2768 | const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, |
| 2781 | const struct | 2769 | const struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
| 2782 | GNUNET_CRYPTO_ElligatorRepresentative | 2770 | struct GNUNET_HashCode *key_material); |
| 2783 | *r, | ||
| 2784 | struct GNUNET_HashCode *key_material); | ||
| 2785 | 2771 | ||
| 2786 | 2772 | ||
| 2787 | /** | 2773 | /** |
| @@ -4267,15 +4253,15 @@ GNUNET_CRYPTO_sign_raw_ ( | |||
| 4267 | * @param[out] sig where to write the signature | 4253 | * @param[out] sig where to write the signature |
| 4268 | */ | 4254 | */ |
| 4269 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ | 4255 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ |
| 4270 | /* check size is set correctly */ \ | 4256 | /* check size is set correctly */ \ |
| 4271 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 4257 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
| 4272 | /* check 'ps' begins with the purpose */ \ | 4258 | /* check 'ps' begins with the purpose */ \ |
| 4273 | GNUNET_static_assert (((void*) (ps)) == \ | 4259 | GNUNET_static_assert (((void*) (ps)) == \ |
| 4274 | ((void*) &(ps)->purpose)); \ | 4260 | ((void*) &(ps)->purpose)); \ |
| 4275 | GNUNET_assert (GNUNET_OK == \ | 4261 | GNUNET_assert (GNUNET_OK == \ |
| 4276 | GNUNET_CRYPTO_sign_ (priv, \ | 4262 | GNUNET_CRYPTO_sign_ (priv, \ |
| 4277 | &(ps)->purpose, \ | 4263 | &(ps)->purpose, \ |
| 4278 | sig)); \ | 4264 | sig)); \ |
| 4279 | } while (0) | 4265 | } while (0) |
| 4280 | 4266 | ||
| 4281 | 4267 | ||
diff --git a/src/lib/util/crypto_elligator.c b/src/lib/util/crypto_elligator.c index b46d30d6f..11bc086a9 100644 --- a/src/lib/util/crypto_elligator.c +++ b/src/lib/util/crypto_elligator.c | |||
| @@ -218,8 +218,8 @@ encode_bytes (uint8_t *bytes, mp_limb_t *number) | |||
| 218 | } | 218 | } |
| 219 | 219 | ||
| 220 | 220 | ||
| 221 | void | 221 | void __attribute__ ((constructor)) |
| 222 | GNUNET_CRYPTO_ecdhe_elligator_initialize (void) | 222 | GNUNET_CRYPTO_ecdhe_elligator_initialize () |
| 223 | { | 223 | { |
| 224 | static bool initialized = false; | 224 | static bool initialized = false; |
| 225 | 225 | ||
| @@ -294,7 +294,8 @@ GNUNET_CRYPTO_ecdhe_elligator_initialize (void) | |||
| 294 | // Returns trash if the number is a quadratic non-residue | 294 | // Returns trash if the number is a quadratic non-residue |
| 295 | 295 | ||
| 296 | static void | 296 | static void |
| 297 | least_square_root (mp_limb_t *root, const mp_limb_t *number, | 297 | least_square_root (mp_limb_t *root, |
| 298 | const mp_limb_t *number, | ||
| 298 | mp_limb_t *scratch_space) | 299 | mp_limb_t *scratch_space) |
| 299 | { | 300 | { |
| 300 | mp_limb_t a[P_LIMBS + P_LIMBS]; | 301 | mp_limb_t a[P_LIMBS + P_LIMBS]; |
| @@ -331,8 +332,8 @@ least_square_root (mp_limb_t *root, const mp_limb_t *number, | |||
| 331 | 332 | ||
| 332 | 333 | ||
| 333 | bool | 334 | bool |
| 334 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, const | 335 | GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, |
| 335 | uint8_t *point, | 336 | const uint8_t *point, |
| 336 | bool high_y) | 337 | bool high_y) |
| 337 | { | 338 | { |
| 338 | mp_limb_t scratch_space[scratch_space_length]; | 339 | mp_limb_t scratch_space[scratch_space_length]; |
| @@ -384,7 +385,8 @@ GNUNET_CRYPTO_ecdhe_elligator_inverse_map (uint8_t *representative, const | |||
| 384 | 385 | ||
| 385 | 386 | ||
| 386 | bool | 387 | bool |
| 387 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, bool *high_y, | 388 | GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, |
| 389 | bool *high_y, | ||
| 388 | uint8_t *representative) | 390 | uint8_t *representative) |
| 389 | { | 391 | { |
| 390 | mp_limb_t scratch_space[scratch_space_length]; | 392 | mp_limb_t scratch_space[scratch_space_length]; |
| @@ -442,14 +444,11 @@ GNUNET_CRYPTO_ecdhe_elligator_direct_map (uint8_t *point, bool *high_y, | |||
| 442 | } | 444 | } |
| 443 | 445 | ||
| 444 | 446 | ||
| 445 | // Removes most significant bit and second most significant bit before applying elligator direct map | ||
| 446 | bool | 447 | bool |
| 447 | GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | 448 | GNUNET_CRYPTO_ecdhe_elligator_decoding ( |
| 448 | GNUNET_CRYPTO_EcdhePublicKey *point, | 449 | struct GNUNET_CRYPTO_EcdhePublicKey *point, |
| 449 | bool *high_y, | 450 | bool *high_y, |
| 450 | const struct | 451 | const struct GNUNET_CRYPTO_ElligatorRepresentative *representative) |
| 451 | GNUNET_CRYPTO_ElligatorRepresentative * | ||
| 452 | representative) | ||
| 453 | { | 452 | { |
| 454 | // if sign of direct map transformation not needed throw it away | 453 | // if sign of direct map transformation not needed throw it away |
| 455 | bool high_y_local; | 454 | bool high_y_local; |
| @@ -470,8 +469,8 @@ GNUNET_CRYPTO_ecdhe_elligator_decoding (struct | |||
| 470 | 469 | ||
| 471 | 470 | ||
| 472 | static bool | 471 | static bool |
| 473 | Elligator_2_Curve25519_convert_from_Ed25519 (uint8_t *point, const | 472 | convert_from_ed_to_curve (uint8_t *point, |
| 474 | uint8_t *source) | 473 | const uint8_t *source) |
| 475 | { | 474 | { |
| 476 | mp_limb_t scratch_space[scratch_space_length]; | 475 | mp_limb_t scratch_space[scratch_space_length]; |
| 477 | 476 | ||
| @@ -535,16 +534,10 @@ Elligator_2_Curve25519_convert_from_Ed25519 (uint8_t *point, const | |||
| 535 | } | 534 | } |
| 536 | 535 | ||
| 537 | 536 | ||
| 538 | // Would call GNUNET_CRYPTO_ecdhe_key_create (struct GNUNET_CRYPTO_EcdhePrivateKey *pk) for pk which is not clamped | 537 | enum GNUNET_GenericReturnValue |
| 539 | // Following Method 1 in description https://elligator.org/key-exchange section Step 2: Generate a “special” public key | 538 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key ( |
| 540 | int | 539 | struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
| 541 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (unsigned char | 540 | struct GNUNET_CRYPTO_EcdhePrivateKey *pk) |
| 542 | pub[ | ||
| 543 | crypto_scalarmult_SCALARBYTES | ||
| 544 | ], | ||
| 545 | struct | ||
| 546 | GNUNET_CRYPTO_EcdhePrivateKey | ||
| 547 | *pk) | ||
| 548 | { | 541 | { |
| 549 | // eHigh | 542 | // eHigh |
| 550 | // crypto_scalarmult_ed25519_base clamps the scalar pk->d and return only 0 if pk->d is zero | 543 | // crypto_scalarmult_ed25519_base clamps the scalar pk->d and return only 0 if pk->d is zero |
| @@ -563,7 +556,7 @@ GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (unsigned char | |||
| 563 | return GNUNET_SYSERR; | 556 | return GNUNET_SYSERR; |
| 564 | } | 557 | } |
| 565 | 558 | ||
| 566 | if (Elligator_2_Curve25519_convert_from_Ed25519 (pub, edPub) == false) | 559 | if (convert_from_ed_to_curve (pub->q_y, edPub) == false) |
| 567 | { | 560 | { |
| 568 | return GNUNET_SYSERR; | 561 | return GNUNET_SYSERR; |
| 569 | } | 562 | } |
| @@ -578,7 +571,7 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
| 578 | { | 571 | { |
| 579 | // inverse map can fail for some public keys generated by GNUNET_CRYPTO_ecdhe_elligator_generate_public_key | 572 | // inverse map can fail for some public keys generated by GNUNET_CRYPTO_ecdhe_elligator_generate_public_key |
| 580 | bool validKey = 0; | 573 | bool validKey = 0; |
| 581 | unsigned char pub[crypto_scalarmult_SCALARBYTES]; | 574 | struct GNUNET_CRYPTO_EcdhePublicKey pub = {0}; |
| 582 | int8_t random_tweak; | 575 | int8_t random_tweak; |
| 583 | bool high_y; | 576 | bool high_y; |
| 584 | bool msb_set; | 577 | bool msb_set; |
| @@ -592,7 +585,7 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
| 592 | 585 | ||
| 593 | // Continue if generate_public_key fails | 586 | // Continue if generate_public_key fails |
| 594 | if (GNUNET_SYSERR == | 587 | if (GNUNET_SYSERR == |
| 595 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (pub, pk)) | 588 | GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (&pub, pk)) |
| 596 | { | 589 | { |
| 597 | continue; | 590 | continue; |
| 598 | } | 591 | } |
| @@ -602,12 +595,12 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
| 602 | sizeof(int8_t)); | 595 | sizeof(int8_t)); |
| 603 | high_y = random_tweak & 1; | 596 | high_y = random_tweak & 1; |
| 604 | 597 | ||
| 605 | validKey = GNUNET_CRYPTO_ecdhe_elligator_inverse_map ((unsigned | 598 | validKey = GNUNET_CRYPTO_ecdhe_elligator_inverse_map ( |
| 606 | char*) &(repr->r), | 599 | (unsigned char*) &(repr->r), |
| 607 | (unsigned char*) pub, | 600 | (unsigned char*) pub.q_y, |
| 608 | high_y ? | 601 | high_y ? |
| 609 | GNUNET_YES : | 602 | GNUNET_YES : |
| 610 | GNUNET_NO); | 603 | GNUNET_NO); |
| 611 | } | 604 | } |
| 612 | 605 | ||
| 613 | // Setting most significant bit and second most significant bit randomly | 606 | // Setting most significant bit and second most significant bit randomly |
| @@ -625,12 +618,10 @@ GNUNET_CRYPTO_ecdhe_elligator_key_create ( | |||
| 625 | 618 | ||
| 626 | 619 | ||
| 627 | enum GNUNET_GenericReturnValue | 620 | enum GNUNET_GenericReturnValue |
| 628 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | 621 | GNUNET_CRYPTO_eddsa_elligator_kem_encaps ( |
| 629 | GNUNET_CRYPTO_EddsaPublicKey *pub, | 622 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, |
| 630 | struct | 623 | struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
| 631 | GNUNET_CRYPTO_ElligatorRepresentative | 624 | struct GNUNET_HashCode *key_material) |
| 632 | *r, | ||
| 633 | struct GNUNET_HashCode *key_material) | ||
| 634 | { | 625 | { |
| 635 | struct GNUNET_CRYPTO_EcdhePrivateKey sk; | 626 | struct GNUNET_CRYPTO_EcdhePrivateKey sk; |
| 636 | 627 | ||
| @@ -641,12 +632,10 @@ GNUNET_CRYPTO_eddsa_elligator_kem_encaps (const struct | |||
| 641 | 632 | ||
| 642 | 633 | ||
| 643 | enum GNUNET_GenericReturnValue | 634 | enum GNUNET_GenericReturnValue |
| 644 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps (const struct | 635 | GNUNET_CRYPTO_eddsa_elligator_kem_decaps ( |
| 645 | GNUNET_CRYPTO_EddsaPrivateKey *priv, | 636 | const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, |
| 646 | const struct | 637 | const struct GNUNET_CRYPTO_ElligatorRepresentative *r, |
| 647 | GNUNET_CRYPTO_ElligatorRepresentative | 638 | struct GNUNET_HashCode *key_material) |
| 648 | *r, | ||
| 649 | struct GNUNET_HashCode *key_material) | ||
| 650 | { | 639 | { |
| 651 | struct GNUNET_CRYPTO_EcdhePublicKey pub; | 640 | struct GNUNET_CRYPTO_EcdhePublicKey pub; |
| 652 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&pub, NULL, r); | 641 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&pub, NULL, r); |
diff --git a/src/lib/util/test_crypto_elligator.c b/src/lib/util/test_crypto_elligator.c index bd357a259..8fd4d4093 100644 --- a/src/lib/util/test_crypto_elligator.c +++ b/src/lib/util/test_crypto_elligator.c | |||
| @@ -94,11 +94,11 @@ testGeneratePkScalarMult (void) | |||
| 94 | &pk, | 94 | &pk, |
| 95 | sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); | 95 | sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); |
| 96 | 96 | ||
| 97 | unsigned char pubWholeCurve[crypto_scalarmult_SCALARBYTES]; | 97 | struct GNUNET_CRYPTO_EcdhePublicKey pubWholeCurve = {0}; |
| 98 | unsigned char pubPrimeCurve[crypto_scalarmult_SCALARBYTES]; | 98 | unsigned char pubPrimeCurve[crypto_scalarmult_SCALARBYTES]; |
| 99 | 99 | ||
| 100 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (pubWholeCurve, &pk) == | 100 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (&pubWholeCurve, |
| 101 | -1) | 101 | &pk) == -1) |
| 102 | { | 102 | { |
| 103 | return GNUNET_SYSERR; | 103 | return GNUNET_SYSERR; |
| 104 | } | 104 | } |
| @@ -111,9 +111,9 @@ testGeneratePkScalarMult (void) | |||
| 111 | // TODO: Currently utilizing ecdsa function for ecdhe testing, due to clamping. Clean this part later. | 111 | // TODO: Currently utilizing ecdsa function for ecdhe testing, due to clamping. Clean this part later. |
| 112 | struct GNUNET_CRYPTO_EcdsaPrivateKey clampedPk; | 112 | struct GNUNET_CRYPTO_EcdsaPrivateKey clampedPk; |
| 113 | GNUNET_CRYPTO_ecdsa_key_create (&clampedPk); | 113 | GNUNET_CRYPTO_ecdsa_key_create (&clampedPk); |
| 114 | crypto_scalarmult_base (pubWholeCurve, clampedPk.d); | 114 | crypto_scalarmult_base (pubWholeCurve.q_y, clampedPk.d); |
| 115 | crypto_scalarmult_base (pubPrimeCurve, clampedPk.d); | 115 | crypto_scalarmult_base (pubPrimeCurve, clampedPk.d); |
| 116 | if (memcmp (pubWholeCurve, pubPrimeCurve, sizeof(pubWholeCurve)) != 0) | 116 | if (memcmp (pubWholeCurve.q_y, pubPrimeCurve, sizeof(pubWholeCurve)) != 0) |
| 117 | { | 117 | { |
| 118 | return GNUNET_SYSERR; | 118 | return GNUNET_SYSERR; |
| 119 | } | 119 | } |
| @@ -133,15 +133,15 @@ testInverseDirect (void) | |||
| 133 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | 133 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; |
| 134 | GNUNET_CRYPTO_ecdhe_elligator_key_create (&repr, &pk); | 134 | GNUNET_CRYPTO_ecdhe_elligator_key_create (&repr, &pk); |
| 135 | 135 | ||
| 136 | unsigned char pub[crypto_scalarmult_SCALARBYTES]; | 136 | struct GNUNET_CRYPTO_EcdhePublicKey pub = {0}; |
| 137 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (pub, &pk) == -1) | 137 | if (GNUNET_CRYPTO_ecdhe_elligator_generate_public_key (&pub, &pk) == -1) |
| 138 | { | 138 | { |
| 139 | return GNUNET_SYSERR; | 139 | return GNUNET_SYSERR; |
| 140 | } | 140 | } |
| 141 | 141 | ||
| 142 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&point, NULL, &repr); | 142 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&point, NULL, &repr); |
| 143 | 143 | ||
| 144 | if (memcmp (pub, point.q_y, sizeof(point.q_y)) != 0) | 144 | if (memcmp (pub.q_y, point.q_y, sizeof(point.q_y)) != 0) |
| 145 | { | 145 | { |
| 146 | return GNUNET_SYSERR; | 146 | return GNUNET_SYSERR; |
| 147 | } | 147 | } |
| @@ -263,7 +263,6 @@ elligatorKEM () | |||
| 263 | int | 263 | int |
| 264 | main (int argc, char *argv[]) | 264 | main (int argc, char *argv[]) |
| 265 | { | 265 | { |
| 266 | GNUNET_CRYPTO_ecdhe_elligator_initialize (); | ||
| 267 | 266 | ||
| 268 | int failure_count = 0; | 267 | int failure_count = 0; |
| 269 | 268 | ||
diff --git a/src/service/transport/gnunet-communicator-udp.c b/src/service/transport/gnunet-communicator-udp.c index 3d8e980ed..28729bb73 100644 --- a/src/service/transport/gnunet-communicator-udp.c +++ b/src/service/transport/gnunet-communicator-udp.c | |||
| @@ -67,7 +67,7 @@ | |||
| 67 | * How often do we scan for changes to our network interfaces? | 67 | * How often do we scan for changes to our network interfaces? |
| 68 | */ | 68 | */ |
| 69 | #define INTERFACE_SCAN_FREQUENCY \ | 69 | #define INTERFACE_SCAN_FREQUENCY \ |
| 70 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5) | 70 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5) |
| 71 | 71 | ||
| 72 | /** | 72 | /** |
| 73 | * How long do we believe our addresses to remain up (before | 73 | * How long do we believe our addresses to remain up (before |
| @@ -76,7 +76,7 @@ | |||
| 76 | #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS | 76 | #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS |
| 77 | 77 | ||
| 78 | #define WORKING_QUEUE_INTERVALL \ | 78 | #define WORKING_QUEUE_INTERVALL \ |
| 79 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1) | 79 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1) |
| 80 | 80 | ||
| 81 | /** | 81 | /** |
| 82 | * AES key size. | 82 | * AES key size. |
| @@ -3529,7 +3529,6 @@ run (void *cls, | |||
| 3529 | int | 3529 | int |
| 3530 | main (int argc, char *const *argv) | 3530 | main (int argc, char *const *argv) |
| 3531 | { | 3531 | { |
| 3532 | GNUNET_CRYPTO_ecdhe_elligator_initialize (); | ||
| 3533 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { | 3532 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { |
| 3534 | GNUNET_GETOPT_OPTION_END | 3533 | GNUNET_GETOPT_OPTION_END |
| 3535 | }; | 3534 | }; |