diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-27 12:25:01 +0200 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-27 12:25:01 +0200 |
commit | 1e4d6256731d69f1309ff8439569c65d2e1384a0 (patch) | |
tree | 164e7b5cd860ba30e315caba7a1ac08919dee90b /src/gnsrecord | |
parent | e598ffe0a3a3d3db0df1fcc04f52bbefe93d3779 (diff) | |
download | gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.tar.gz gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.zip |
GNS: Sanitize APIs and align with LSD0001
Diffstat (limited to 'src/gnsrecord')
-rw-r--r-- | src/gnsrecord/gnsrecord_crypto.c | 39 |
1 files changed, 18 insertions, 21 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index ff92911de..b5e8be82b 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
@@ -219,7 +219,6 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
219 | rd); | 219 | rd); |
220 | struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; | 220 | struct GNUNET_GNSRECORD_EcdsaBlock *ecblock; |
221 | struct GNRBlockPS *gnr_block; | 221 | struct GNRBlockPS *gnr_block; |
222 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey; | ||
223 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; | 222 | unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2]; |
224 | unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; | 223 | unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH]; |
225 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; | 224 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; |
@@ -270,11 +269,10 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
270 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); | 269 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
271 | ecblock->expiration_time = gnr_block->expiration_time; | 270 | ecblock->expiration_time = gnr_block->expiration_time; |
272 | /* encrypt and sign */ | 271 | /* encrypt and sign */ |
273 | dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key, | 272 | GNUNET_CRYPTO_ecdsa_public_key_derive (pkey, |
274 | label, | 273 | label, |
275 | "gns"); | 274 | "gns", |
276 | GNUNET_CRYPTO_ecdsa_key_get_public (dkey, | 275 | &ecblock->derived_key); |
277 | &ecblock->derived_key); | ||
278 | GNR_derive_block_aes_key (ctr, | 276 | GNR_derive_block_aes_key (ctr, |
279 | skey, | 277 | skey, |
280 | label, | 278 | label, |
@@ -289,18 +287,18 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, | |||
289 | GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len); | 287 | GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len); |
290 | } | 288 | } |
291 | if (GNUNET_OK != | 289 | if (GNUNET_OK != |
292 | GNUNET_CRYPTO_ecdsa_sign_ (dkey, | 290 | GNUNET_CRYPTO_ecdsa_sign_derived (key, |
293 | &gnr_block->purpose, | 291 | label, |
294 | &ecblock->signature)) | 292 | "gns", |
293 | &gnr_block->purpose, | ||
294 | &ecblock->signature)) | ||
295 | { | 295 | { |
296 | GNUNET_break (0); | 296 | GNUNET_break (0); |
297 | GNUNET_free (*block); | 297 | GNUNET_free (*block); |
298 | GNUNET_free (dkey); | ||
299 | GNUNET_free (gnr_block); | 298 | GNUNET_free (gnr_block); |
300 | return GNUNET_SYSERR; | 299 | return GNUNET_SYSERR; |
301 | } | 300 | } |
302 | GNUNET_free (gnr_block); | 301 | GNUNET_free (gnr_block); |
303 | GNUNET_free (dkey); | ||
304 | return GNUNET_OK; | 302 | return GNUNET_OK; |
305 | } | 303 | } |
306 | 304 | ||
@@ -344,7 +342,6 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
344 | rd); | 342 | rd); |
345 | struct GNUNET_GNSRECORD_EddsaBlock *edblock; | 343 | struct GNUNET_GNSRECORD_EddsaBlock *edblock; |
346 | struct GNRBlockPS *gnr_block; | 344 | struct GNRBlockPS *gnr_block; |
347 | struct GNUNET_CRYPTO_EddsaPrivateScalar dkey; | ||
348 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; | 345 | unsigned char nonce[crypto_secretbox_NONCEBYTES]; |
349 | unsigned char skey[crypto_secretbox_KEYBYTES]; | 346 | unsigned char skey[crypto_secretbox_KEYBYTES]; |
350 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; | 347 | struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)]; |
@@ -402,12 +399,10 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
402 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); | 399 | gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire); |
403 | edblock->expiration_time = gnr_block->expiration_time; | 400 | edblock->expiration_time = gnr_block->expiration_time; |
404 | /* encrypt and sign */ | 401 | /* encrypt and sign */ |
405 | GNUNET_CRYPTO_eddsa_private_key_derive (key, | 402 | GNUNET_CRYPTO_eddsa_public_key_derive (pkey, |
406 | label, | 403 | label, |
407 | "gns", | 404 | "gns", |
408 | &dkey); | 405 | &edblock->derived_key); |
409 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey, | ||
410 | &edblock->derived_key); | ||
411 | GNR_derive_block_xsalsa_key (nonce, | 406 | GNR_derive_block_xsalsa_key (nonce, |
412 | skey, | 407 | skey, |
413 | label, | 408 | label, |
@@ -422,9 +417,11 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
422 | GNUNET_memcpy (&gnr_block[1], &edblock[1], | 417 | GNUNET_memcpy (&gnr_block[1], &edblock[1], |
423 | payload_len + crypto_secretbox_MACBYTES); | 418 | payload_len + crypto_secretbox_MACBYTES); |
424 | 419 | ||
425 | GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey, | 420 | GNUNET_CRYPTO_eddsa_sign_derived (key, |
426 | &gnr_block->purpose, | 421 | label, |
427 | &edblock->signature); | 422 | "gns", |
423 | &gnr_block->purpose, | ||
424 | &edblock->signature); | ||
428 | } | 425 | } |
429 | return GNUNET_OK; | 426 | return GNUNET_OK; |
430 | } | 427 | } |