diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-02-05 20:14:46 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-02-05 20:14:46 +0000 |
commit | 5d7efdf7ae4adf77411bc4d91732ae5d8aaa3000 (patch) | |
tree | fa7134df4e198f39922e76b017cb58af4834216a /src/util/crypto_ecc.c | |
parent | 8c560bbf4212258dedf77c83c4b148e0d92fdeb7 (diff) | |
download | gnunet-5d7efdf7ae4adf77411bc4d91732ae5d8aaa3000.tar.gz gnunet-5d7efdf7ae4adf77411bc4d91732ae5d8aaa3000.zip |
-clarifying what we need for ECC
Diffstat (limited to 'src/util/crypto_ecc.c')
-rw-r--r-- | src/util/crypto_ecc.c | 84 |
1 files changed, 72 insertions, 12 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 7f88c3e5f..97ba2a3b6 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -170,7 +170,7 @@ GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv | |||
170 | * @return string representing 'pub' | 170 | * @return string representing 'pub' |
171 | */ | 171 | */ |
172 | char * | 172 | char * |
173 | GNUNET_CRYPTO_ecc_public_key_to_string (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub) | 173 | GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub) |
174 | { | 174 | { |
175 | char *pubkeybuf; | 175 | char *pubkeybuf; |
176 | size_t keylen = (sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded)) * 8; | 176 | size_t keylen = (sizeof (struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded)) * 8; |
@@ -340,8 +340,9 @@ GNUNET_CRYPTO_ecc_decode_key (const char *buf, | |||
340 | if (len < sizeof (uint16_t)) | 340 | if (len < sizeof (uint16_t)) |
341 | return NULL; | 341 | return NULL; |
342 | memcpy (&be, buf, sizeof (be)); | 342 | memcpy (&be, buf, sizeof (be)); |
343 | if (len != ntohs (be)) | 343 | if (len < ntohs (be)) |
344 | return NULL; | 344 | return NULL; |
345 | len = ntohs (be); | ||
345 | if (0 != (rc = gcry_sexp_sscan (&sexp, | 346 | if (0 != (rc = gcry_sexp_sscan (&sexp, |
346 | &erroff, | 347 | &erroff, |
347 | &buf[2], | 348 | &buf[2], |
@@ -644,7 +645,7 @@ GNUNET_CRYPTO_ecc_key_create_from_file (const char *filename) | |||
644 | GNUNET_assert (fs == GNUNET_DISK_file_read (fd, enc, fs)); | 645 | GNUNET_assert (fs == GNUNET_DISK_file_read (fd, enc, fs)); |
645 | len = ntohs (enc->size); | 646 | len = ntohs (enc->size); |
646 | ret = NULL; | 647 | ret = NULL; |
647 | if ((len != fs) || | 648 | if ((len > fs) || |
648 | (NULL == (ret = GNUNET_CRYPTO_ecc_decode_key ((char *) enc, len)))) | 649 | (NULL == (ret = GNUNET_CRYPTO_ecc_decode_key ((char *) enc, len)))) |
649 | { | 650 | { |
650 | LOG (GNUNET_ERROR_TYPE_ERROR, | 651 | LOG (GNUNET_ERROR_TYPE_ERROR, |
@@ -936,7 +937,6 @@ data_to_pkcs1 (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose) | |||
936 | 937 | ||
937 | GNUNET_CRYPTO_short_hash (purpose, ntohl (purpose->size), &hc); | 938 | GNUNET_CRYPTO_short_hash (purpose, ntohl (purpose->size), &hc); |
938 | #define FORMATSTRING "(4:data(5:flags3:raw)(5:value32:01234567890123456789012345678901))" | 939 | #define FORMATSTRING "(4:data(5:flags3:raw)(5:value32:01234567890123456789012345678901))" |
939 | #define FORMATSTRING2 "(4:data(4:hash6:sha25632:01234567890123456789012345678901))" | ||
940 | bufSize = strlen (FORMATSTRING) + 1; | 940 | bufSize = strlen (FORMATSTRING) + 1; |
941 | { | 941 | { |
942 | char buff[bufSize]; | 942 | char buff[bufSize]; |
@@ -1065,16 +1065,76 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *key, | |||
1065 | const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub, | 1065 | const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub, |
1066 | struct GNUNET_HashCode *key_material) | 1066 | struct GNUNET_HashCode *key_material) |
1067 | { | 1067 | { |
1068 | gcry_sexp_t psexp; | 1068 | size_t size; |
1069 | size_t slen; | ||
1070 | int rc; | ||
1071 | gcry_sexp_t data; | ||
1072 | unsigned char sdata_buf[2048]; /* big enough to print 'sdata' and 'r_sig' */ | ||
1069 | 1073 | ||
1070 | if (! (psexp = decode_public_key (pub))) | 1074 | /* first, extract the q value from the public key */ |
1071 | return GNUNET_SYSERR; | 1075 | { |
1072 | 1076 | gcry_sexp_t psexp; | |
1077 | gcry_mpi_t sdata; | ||
1078 | |||
1079 | if (! (psexp = decode_public_key (pub))) | ||
1080 | return GNUNET_SYSERR; | ||
1081 | rc = key_from_sexp (&sdata, psexp, "public-key", "q"); | ||
1082 | if (rc) | ||
1083 | rc = key_from_sexp (&sdata, psexp, "ecc", "q"); | ||
1084 | GNUNET_assert (0 == rc); | ||
1085 | gcry_sexp_release (psexp); | ||
1086 | size = sizeof (sdata_buf); | ||
1087 | GNUNET_assert (0 == | ||
1088 | gcry_mpi_print (GCRYMPI_FMT_USG, sdata_buf, size, &size, | ||
1089 | sdata)); | ||
1090 | gcry_mpi_release (sdata); | ||
1091 | } | ||
1092 | /* convert q value into an S-expression -- whatever format libgcrypt wants, | ||
1093 | re-using format from sign operation for now... */ | ||
1094 | { | ||
1095 | char *sexp_string; | ||
1096 | |||
1097 | #define FORMATPREFIX "(4:data(5:flags3:raw)(5:value%u:" | ||
1098 | #define FORMATPOSTFIX "))" | ||
1099 | sexp_string = GNUNET_malloc (strlen (FORMATPREFIX) + size + 12 + | ||
1100 | strlen (FORMATPOSTFIX) + 1); | ||
1101 | GNUNET_snprintf (sexp_string, | ||
1102 | strlen (FORMATPREFIX) + 12, | ||
1103 | FORMATPREFIX, | ||
1104 | size); | ||
1105 | slen = strlen (sexp_string); | ||
1106 | memcpy (&sexp_string[slen], | ||
1107 | sdata_buf, | ||
1108 | size); | ||
1109 | memcpy (&sexp_string[slen + size], | ||
1110 | FORMATPOSTFIX, | ||
1111 | strlen (FORMATPOSTFIX) + 1); | ||
1112 | GNUNET_assert (0 == gcry_sexp_new (&data, | ||
1113 | sexp_string, | ||
1114 | slen + size + strlen (FORMATPOSTFIX), | ||
1115 | 0)); | ||
1116 | GNUNET_free (sexp_string); | ||
1117 | } | ||
1118 | /* then call the 'multiply' function, hoping it simply multiplies the points; | ||
1119 | here we need essentially a WRAPPER around _gcry_mpi_ex_mul_point! - FIXME-WK!*/ | ||
1120 | #if WK | ||
1121 | { | ||
1122 | gcry_sexp_t result; | ||
1123 | |||
1124 | rc = gcry_ecc_mul_point (&result, data /* scalar */, key->sexp /* point and ctx */); | ||
1125 | GNUNET_assert (0 == rc); | ||
1126 | slen = gcry_sexp_sprint (result, GCRYSEXP_FMT_DEFAULT, sdata_buf, sizeof (sdata_buf)); | ||
1127 | GNUNET_assert (0 != slen); | ||
1128 | } | ||
1129 | #else | ||
1130 | /* use broken version, insecure! */ | ||
1131 | GNUNET_break (0); | ||
1132 | slen = sprintf ((char*) sdata_buf, "FIXME-this is not key material"); | ||
1133 | #endif | ||
1134 | gcry_sexp_release (data); | ||
1073 | 1135 | ||
1074 | gcry_sexp_release (psexp); | 1136 | /* finally, get a string of the resulting S-expression and hash it to generate the key material */ |
1075 | GNUNET_break (0); // not implemented | 1137 | GNUNET_CRYPTO_hash (sdata_buf, slen, key_material); |
1076 | /* FIXME: this totally breaks security ... */ | ||
1077 | memset (key_material, 42, sizeof (struct GNUNET_HashCode)); | ||
1078 | return GNUNET_OK; | 1138 | return GNUNET_OK; |
1079 | } | 1139 | } |
1080 | 1140 | ||