diff options
| author | Christian Grothoff <christian@grothoff.org> | 2013-08-11 15:36:42 +0000 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2013-08-11 15:36:42 +0000 |
| commit | b64ef35e9e4d3f43b8840bacac60ac2a91ae03f1 (patch) | |
| tree | d97273f6ef88c54622e15ea1d675b7d9f2ee93a5 /src/util/crypto_ecc.c | |
| parent | a78e015dd4764c54c013729cf58c55dbaa8af626 (diff) | |
| download | gnunet-b64ef35e9e4d3f43b8840bacac60ac2a91ae03f1.tar.gz gnunet-b64ef35e9e4d3f43b8840bacac60ac2a91ae03f1.zip | |
-add extra context argument for key deriviation, so that fs and gads do not collide
Diffstat (limited to 'src/util/crypto_ecc.c')
| -rw-r--r-- | src/util/crypto_ecc.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 191892bce..4d949eaf8 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
| @@ -926,11 +926,14 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | |||
| 926 | * | 926 | * |
| 927 | * @param pub public key for deriviation | 927 | * @param pub public key for deriviation |
| 928 | * @param label label for deriviation | 928 | * @param label label for deriviation |
| 929 | * @param context additional context to use for HKDF of 'h'; | ||
| 930 | * typically the name of the subsystem/application | ||
| 929 | * @return h value | 931 | * @return h value |
| 930 | */ | 932 | */ |
| 931 | static gcry_mpi_t | 933 | static gcry_mpi_t |
| 932 | derive_h (const struct GNUNET_CRYPTO_EccPublicKey *pub, | 934 | derive_h (const struct GNUNET_CRYPTO_EccPublicKey *pub, |
| 933 | const char *label) | 935 | const char *label, |
| 936 | const char *context) | ||
| 934 | { | 937 | { |
| 935 | gcry_mpi_t h; | 938 | gcry_mpi_t h; |
| 936 | struct GNUNET_HashCode hc; | 939 | struct GNUNET_HashCode hc; |
| @@ -939,6 +942,7 @@ derive_h (const struct GNUNET_CRYPTO_EccPublicKey *pub, | |||
| 939 | "key-derivation", strlen ("key-derivation"), | 942 | "key-derivation", strlen ("key-derivation"), |
| 940 | pub, sizeof (*pub), | 943 | pub, sizeof (*pub), |
| 941 | label, strlen (label), | 944 | label, strlen (label), |
| 945 | context, strlen (context), | ||
| 942 | NULL, 0); | 946 | NULL, 0); |
| 943 | mpi_scan (&h, (unsigned char *) &hc, sizeof (hc)); | 947 | mpi_scan (&h, (unsigned char *) &hc, sizeof (hc)); |
| 944 | return h; | 948 | return h; |
| @@ -953,11 +957,14 @@ derive_h (const struct GNUNET_CRYPTO_EccPublicKey *pub, | |||
| 953 | * | 957 | * |
| 954 | * @param priv original private key | 958 | * @param priv original private key |
| 955 | * @param label label to use for key deriviation | 959 | * @param label label to use for key deriviation |
| 960 | * @param context additional context to use for HKDF of 'h'; | ||
| 961 | * typically the name of the subsystem/application | ||
| 956 | * @return derived private key | 962 | * @return derived private key |
| 957 | */ | 963 | */ |
| 958 | struct GNUNET_CRYPTO_EccPrivateKey * | 964 | struct GNUNET_CRYPTO_EccPrivateKey * |
| 959 | GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | 965 | GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv, |
| 960 | const char *label) | 966 | const char *label, |
| 967 | const char *context) | ||
| 961 | { | 968 | { |
| 962 | struct GNUNET_CRYPTO_EccPublicKey pub; | 969 | struct GNUNET_CRYPTO_EccPublicKey pub; |
| 963 | struct GNUNET_CRYPTO_EccPrivateKey *ret; | 970 | struct GNUNET_CRYPTO_EccPrivateKey *ret; |
| @@ -970,7 +977,7 @@ GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | |||
| 970 | GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE)); | 977 | GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE)); |
| 971 | n = gcry_mpi_ec_get_mpi ("n", ctx, 0 /* no copy */); | 978 | n = gcry_mpi_ec_get_mpi ("n", ctx, 0 /* no copy */); |
| 972 | GNUNET_CRYPTO_ecc_key_get_public (priv, &pub); | 979 | GNUNET_CRYPTO_ecc_key_get_public (priv, &pub); |
| 973 | h = derive_h (&pub, label); | 980 | h = derive_h (&pub, label, context); |
| 974 | mpi_scan (&x, priv->d, sizeof (priv->d)); | 981 | mpi_scan (&x, priv->d, sizeof (priv->d)); |
| 975 | d = gcry_mpi_new (256); | 982 | d = gcry_mpi_new (256); |
| 976 | gcry_mpi_mulm (d, h, x, n); | 983 | gcry_mpi_mulm (d, h, x, n); |
| @@ -989,11 +996,14 @@ GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | |||
| 989 | * | 996 | * |
| 990 | * @param pub original public key | 997 | * @param pub original public key |
| 991 | * @param label label to use for key deriviation | 998 | * @param label label to use for key deriviation |
| 999 | * @param context additional context to use for HKDF of 'h'; | ||
| 1000 | * typically the name of the subsystem/application | ||
| 992 | * @param result where to write the derived public key | 1001 | * @param result where to write the derived public key |
| 993 | */ | 1002 | */ |
| 994 | void | 1003 | void |
| 995 | GNUNET_CRYPTO_ecc_public_key_derive (const struct GNUNET_CRYPTO_EccPublicKey *pub, | 1004 | GNUNET_CRYPTO_ecc_public_key_derive (const struct GNUNET_CRYPTO_EccPublicKey *pub, |
| 996 | const char *label, | 1005 | const char *label, |
| 1006 | const char *context, | ||
| 997 | struct GNUNET_CRYPTO_EccPublicKey *result) | 1007 | struct GNUNET_CRYPTO_EccPublicKey *result) |
| 998 | { | 1008 | { |
| 999 | gcry_ctx_t ctx; | 1009 | gcry_ctx_t ctx; |
| @@ -1017,7 +1027,7 @@ GNUNET_CRYPTO_ecc_public_key_derive (const struct GNUNET_CRYPTO_EccPublicKey *pu | |||
| 1017 | gcry_mpi_release (q_y); | 1027 | gcry_mpi_release (q_y); |
| 1018 | 1028 | ||
| 1019 | /* calulcate h_mod_n = h % n */ | 1029 | /* calulcate h_mod_n = h % n */ |
| 1020 | h = derive_h (pub, label); | 1030 | h = derive_h (pub, label, context); |
| 1021 | n = gcry_mpi_ec_get_mpi ("n", ctx, 0 /* no copy */); | 1031 | n = gcry_mpi_ec_get_mpi ("n", ctx, 0 /* no copy */); |
| 1022 | h_mod_n = gcry_mpi_new (256); | 1032 | h_mod_n = gcry_mpi_new (256); |
| 1023 | gcry_mpi_mod (h_mod_n, h, n); | 1033 | gcry_mpi_mod (h_mod_n, h, n); |