Don't normalize when deriving ECDSA public keys

author: Florian Dold <florian.dold@gmail.com> 2020-01-06 14:16:24 +0100
committer: Florian Dold <florian.dold@gmail.com> 2020-01-06 14:16:24 +0100
commit: e8533c8a41e3fb29e51200d643382c8d5f882e5e (patch)
tree: 1b45c807840a5d9ac2cb17678756fe0ec5a574fa
parent: 1ad2fb331548adf635e9cff8786b468e54666371 (diff)
download: gnunet-e8533c8a41e3fb29e51200d643382c8d5f882e5e.tar.gz
gnunet-e8533c8a41e3fb29e51200d643382c8d5f882e5e.zip
3 files changed, 5 insertions, 6 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index d4cfaa72c..237062eb7 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -174,7 +174,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (
  struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 {
  BENCHMARK_START (ecdsa_key_get_public);
-  GNUNET_TWEETNACL_scalarmult_le_ed25519_base (pub->q_y, priv->d);
+  GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (pub->q_y, priv->d);
  BENCHMARK_END (ecdsa_key_get_public);
 }
diff --git a/src/util/tweetnacl-gnunet.c b/src/util/tweetnacl-gnunet.c
index c3471ae66..f01667adb 100644
--- a/src/util/tweetnacl-gnunet.c
+++ b/src/util/tweetnacl-gnunet.c
@@ -429,7 +429,7 @@ GNUNET_TWEETNACL_sign_pk_from_seed (u8 *pk, const u8 *seed)
 }
 void
-GNUNET_TWEETNACL_scalarmult_le_ed25519_base (u8 *pk, const u8 *s)
+GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (u8 *pk, const u8 *s)
 {
  u8 d[64];
  gf p[4];
@@ -437,9 +437,8 @@ GNUNET_TWEETNACL_scalarmult_le_ed25519_base (u8 *pk, const u8 *s)
  // Treat s as little endian.
  for (u32 i = 0; i < 32; i++)
    d[i] = s[31 - i];
-  d[0] &= 248;
-  d[31] &= 127;
+  // For GNUnet, we don't normalize d
-  d[31] |= 64;
  scalarbase (p, d);
  pack (pk, p);
diff --git a/src/util/tweetnacl-gnunet.h b/src/util/tweetnacl-gnunet.h
index 2b2dc8e63..d052d8824 100644
--- a/src/util/tweetnacl-gnunet.h
+++ b/src/util/tweetnacl-gnunet.h
@@ -49,6 +49,6 @@ GNUNET_TWEETNACL_sign_detached (uint8_t *sig,
                                const uint8_t *sk);
 void
-GNUNET_TWEETNACL_scalarmult_le_ed25519_base (uint8_t *pk, const uint8_t *s);
+GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (uint8_t *pk, const uint8_t *s);
 #endif
author	Florian Dold <florian.dold@gmail.com>	2020-01-06 14:16:24 +0100
committer	Florian Dold <florian.dold@gmail.com>	2020-01-06 14:16:24 +0100
commit	e8533c8a41e3fb29e51200d643382c8d5f882e5e (patch)
tree	1b45c807840a5d9ac2cb17678756fe0ec5a574fa
parent	1ad2fb331548adf635e9cff8786b468e54666371 (diff)
download	gnunet-e8533c8a41e3fb29e51200d643382c8d5f882e5e.tar.gz gnunet-e8533c8a41e3fb29e51200d643382c8d5f882e5e.zip

diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index d4cfaa72c..237062eb7 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c
@@ -174,7 +174,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (
174	struct GNUNET_CRYPTO_EcdsaPublicKey *pub)	174	struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
175	{	175	{
176	BENCHMARK_START (ecdsa_key_get_public);	176	BENCHMARK_START (ecdsa_key_get_public);
177	GNUNET_TWEETNACL_scalarmult_le_ed25519_base (pub->q_y, priv->d);	177	GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (pub->q_y, priv->d);
178	BENCHMARK_END (ecdsa_key_get_public);	178	BENCHMARK_END (ecdsa_key_get_public);
179	}	179	}
180		180


diff --git a/src/util/tweetnacl-gnunet.c b/src/util/tweetnacl-gnunet.c index c3471ae66..f01667adb 100644 --- a/src/util/tweetnacl-gnunet.c +++ b/src/util/tweetnacl-gnunet.c
@@ -429,7 +429,7 @@ GNUNET_TWEETNACL_sign_pk_from_seed (u8 pk, const u8 seed)
429	}	429	}
430		430
431	void	431	void
432	GNUNET_TWEETNACL_scalarmult_le_ed25519_base (u8 pk, const u8 s)	432	GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (u8 pk, const u8 s)
433	{	433	{
434	u8 d[64];	434	u8 d[64];
435	gf p[4];	435	gf p[4];
@@ -437,9 +437,8 @@ GNUNET_TWEETNACL_scalarmult_le_ed25519_base (u8 pk, const u8 s)
437	// Treat s as little endian.	437	// Treat s as little endian.
438	for (u32 i = 0; i < 32; i++)	438	for (u32 i = 0; i < 32; i++)
439	d[i] = s[31 - i];	439	d[i] = s[31 - i];
440	d[0] &= 248;	440
441	d[31] &= 127;	441	// For GNUnet, we don't normalize d
442	d[31] \|= 64;
443		442
444	scalarbase (p, d);	443	scalarbase (p, d);
445	pack (pk, p);	444	pack (pk, p);


diff --git a/src/util/tweetnacl-gnunet.h b/src/util/tweetnacl-gnunet.h index 2b2dc8e63..d052d8824 100644 --- a/src/util/tweetnacl-gnunet.h +++ b/src/util/tweetnacl-gnunet.h
@@ -49,6 +49,6 @@ GNUNET_TWEETNACL_sign_detached (uint8_t *sig,
49	const uint8_t *sk);	49	const uint8_t *sk);
50		50
51	void	51	void
52	GNUNET_TWEETNACL_scalarmult_le_ed25519_base (uint8_t pk, const uint8_t s);	52	GNUNET_TWEETNACL_scalarmult_gnunet_ecdsa (uint8_t pk, const uint8_t s);
53		53
54	#endif	54	#endif