diff options
| author | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-27 12:25:01 +0200 |
|---|---|---|
| committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-27 12:25:01 +0200 |
| commit | 1e4d6256731d69f1309ff8439569c65d2e1384a0 (patch) | |
| tree | 164e7b5cd860ba30e315caba7a1ac08919dee90b /src/gnsrecord | |
| parent | e598ffe0a3a3d3db0df1fcc04f52bbefe93d3779 (diff) | |
| download | gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.tar.gz gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.zip | |
GNS: Sanitize APIs and align with LSD0001
Diffstat (limited to 'src/gnsrecord')
| -rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 39 |
1 files changed, 18 insertions, 21 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index ff92911de..b5e8be82b 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
| @@ -219,7 +219,6 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 219 | rd); | 219 | rd); |
| 220 | struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; | 220 | struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; |
| 221 | struct GNRBlockPS *gnr_block; | 221 | struct GNRBlockPS *gnr_block; |
| 222 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; | ||
| 223 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; | 222 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; |
| 224 | unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; | 223 | unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; |
| 225 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; | 224 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; |
| @@ -270,11 +269,10 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 270 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); | 269 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
| 271 | ecblock->expiration_time = gnr_block->expiration_time; | 270 | ecblock->expiration_time = gnr_block->expiration_time; |
| 272 | /* encrypt and sign */ | 271 | /* encrypt and sign */ |
| 273 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, | 272 | GNUNET_CRYPTO_ecdsa_public_key_derive (pkey, |
| 274 | label, | 273 | label, |
| 275 | "gns"); | 274 | "gns", |
| 276 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, | 275 | &ecblock->derived_key); |
| 277 | &ecblock->derived_key); | ||
| 278 | GNR_derive_block_aes_key (ctr, | 276 | GNR_derive_block_aes_key (ctr, |
| 279 | skey, | 277 | skey, |
| 280 | label, | 278 | label, |
| @@ -289,18 +287,18 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
| 289 | GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len); | 287 | GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len); |
| 290 | } | 288 | } |
| 291 | if (GNUNET_OK != | 289 | if (GNUNET_OK != |
| 292 | GNUNET_CRYPTO_ecdsa_sign_ (dkey, | 290 | GNUNET_CRYPTO_ecdsa_sign_derived (key, |
| 293 | &gnr_block->purpose, | 291 | label, |
| 294 | &ecblock->signature)) | 292 | "gns", |
| 293 | &gnr_block->purpose, | ||
| 294 | &ecblock->signature)) | ||
| 295 | { | 295 | { |
| 296 | GNUNET_break (0); | 296 | GNUNET_break (0); |
| 297 | GNUNET_free (*block); | 297 | GNUNET_free (*block); |
| 298 | GNUNET_free (dkey); | ||
| 299 | GNUNET_free (gnr_block); | 298 | GNUNET_free (gnr_block); |
| 300 | return GNUNET_SYSERR; | 299 | return GNUNET_SYSERR; |
| 301 | } | 300 | } |
| 302 | GNUNET_free (gnr_block); | 301 | GNUNET_free (gnr_block); |
| 303 | GNUNET_free (dkey); | ||
| 304 | return GNUNET_OK; | 302 | return GNUNET_OK; |
| 305 | } | 303 | } |
| 306 | 304 | ||
| @@ -344,7 +342,6 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
| 344 | rd); | 342 | rd); |
| 345 | struct GNUNET_GNSRECORD_EddsaBlock *edblock; | 343 | struct GNUNET_GNSRECORD_EddsaBlock *edblock; |
| 346 | struct GNRBlockPS *gnr_block; | 344 | struct GNRBlockPS *gnr_block; |
| 347 | struct GNUNET_CRYPTO_EddsaPrivateScalar dkey; | ||
| 348 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; | 345 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; |
| 349 | unsigned char skey[crypto_secretbox_KEYBYTES]; | 346 | unsigned char skey[crypto_secretbox_KEYBYTES]; |
| 350 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; | 347 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; |
| @@ -402,12 +399,10 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
| 402 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); | 399 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
| 403 | edblock->expiration_time = gnr_block->expiration_time; | 400 | edblock->expiration_time = gnr_block->expiration_time; |
| 404 | /* encrypt and sign */ | 401 | /* encrypt and sign */ |
| 405 | GNUNET_CRYPTO_eddsa_private_key_derive (key, | 402 | GNUNET_CRYPTO_eddsa_public_key_derive (pkey, |
| 406 | label, | 403 | label, |
| 407 | "gns", | 404 | "gns", |
| 408 | &dkey); | 405 | &edblock->derived_key); |
| 409 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey, | ||
| 410 | &edblock->derived_key); | ||
| 411 | GNR_derive_block_xsalsa_key (nonce, | 406 | GNR_derive_block_xsalsa_key (nonce, |
| 412 | skey, | 407 | skey, |
| 413 | label, | 408 | label, |
| @@ -422,9 +417,11 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
| 422 | GNUNET_memcpy (&gnr_block[1], &edblock[1], | 417 | GNUNET_memcpy (&gnr_block[1], &edblock[1], |
| 423 | payload_len + crypto_secretbox_MACBYTES); | 418 | payload_len + crypto_secretbox_MACBYTES); |
| 424 | 419 | ||
| 425 | GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey, | 420 | GNUNET_CRYPTO_eddsa_sign_derived (key, |
| 426 | &gnr_block->purpose, | 421 | label, |
| 427 | &edblock->signature); | 422 | "gns", |
| 423 | &gnr_block->purpose, | ||
| 424 | &edblock->signature); | ||
| 428 | } | 425 | } |
| 429 | return GNUNET_OK; | 426 | return GNUNET_OK; |
| 430 | } | 427 | } |