diff options
author | Florian Dold <florian.dold@gmail.com> | 2014-01-20 19:08:47 +0000 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2014-01-20 19:08:47 +0000 |
commit | 29517cf1e5cb2e2a92c97f458ba4d3fe6716b1ee (patch) | |
tree | 1cd922f43818800d7279f16f8b9496a6016338f0 /src/util/crypto_ecc.c | |
parent | 95b657e52e52523cc7080406221896ed31327052 (diff) | |
download | gnunet-29517cf1e5cb2e2a92c97f458ba4d3fe6716b1ee.tar.gz gnunet-29517cf1e5cb2e2a92c97f458ba4d3fe6716b1ee.zip |
- make mpi scan/print public
- secretsharing key generation and decryption fixed
Diffstat (limited to 'src/util/crypto_ecc.c')
-rw-r--r-- | src/util/crypto_ecc.c | 100 |
1 files changed, 17 insertions, 83 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 6bd96b365..71b8470fe 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -133,72 +133,6 @@ adjust (unsigned char *buf, | |||
133 | 133 | ||
134 | 134 | ||
135 | /** | 135 | /** |
136 | * Output the given MPI value to the given buffer. | ||
137 | * | ||
138 | * @param buf where to output to | ||
139 | * @param size number of bytes in @a buf | ||
140 | * @param val value to write to @a buf | ||
141 | */ | ||
142 | static void | ||
143 | mpi_print (unsigned char *buf, | ||
144 | size_t size, | ||
145 | gcry_mpi_t val) | ||
146 | { | ||
147 | size_t rsize; | ||
148 | |||
149 | if (gcry_mpi_get_flag (val, GCRYMPI_FLAG_OPAQUE)) | ||
150 | { | ||
151 | /* Store opaque MPIs left aligned into the buffer. */ | ||
152 | unsigned int nbits; | ||
153 | const void *p; | ||
154 | |||
155 | p = gcry_mpi_get_opaque (val, &nbits); | ||
156 | GNUNET_assert (p); | ||
157 | rsize = (nbits+7)/8; | ||
158 | if (rsize > size) | ||
159 | rsize = size; | ||
160 | memcpy (buf, p, rsize); | ||
161 | if (rsize < size) | ||
162 | memset (buf+rsize, 0, size - rsize); | ||
163 | } | ||
164 | else | ||
165 | { | ||
166 | /* Store regular MPIs as unsigned integers right aligned into | ||
167 | the buffer. */ | ||
168 | rsize = size; | ||
169 | GNUNET_assert (0 == | ||
170 | gcry_mpi_print (GCRYMPI_FMT_USG, buf, rsize, &rsize, | ||
171 | val)); | ||
172 | adjust (buf, rsize, size); | ||
173 | } | ||
174 | } | ||
175 | |||
176 | |||
177 | /** | ||
178 | * Convert data buffer into MPI value. | ||
179 | * | ||
180 | * @param result where to store MPI value (allocated) | ||
181 | * @param data raw data (GCRYMPI_FMT_USG) | ||
182 | * @param size number of bytes in @a data | ||
183 | */ | ||
184 | static void | ||
185 | mpi_scan (gcry_mpi_t *result, | ||
186 | const unsigned char *data, | ||
187 | size_t size) | ||
188 | { | ||
189 | int rc; | ||
190 | |||
191 | if (0 != (rc = gcry_mpi_scan (result, | ||
192 | GCRYMPI_FMT_USG, | ||
193 | data, size, &size))) | ||
194 | { | ||
195 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | ||
196 | GNUNET_assert (0); | ||
197 | } | ||
198 | } | ||
199 | |||
200 | |||
201 | /** | ||
202 | * Convert the given private key from the network format to the | 136 | * Convert the given private key from the network format to the |
203 | * S-expression that can be used by libgcrypt. | 137 | * S-expression that can be used by libgcrypt. |
204 | * | 138 | * |
@@ -317,7 +251,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey * | |||
317 | gcry_sexp_release (sexp); | 251 | gcry_sexp_release (sexp); |
318 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 252 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
319 | GNUNET_assert (q); | 253 | GNUNET_assert (q); |
320 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 254 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
321 | gcry_mpi_release (q); | 255 | gcry_mpi_release (q); |
322 | gcry_ctx_release (ctx); | 256 | gcry_ctx_release (ctx); |
323 | } | 257 | } |
@@ -343,7 +277,7 @@ GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey * | |||
343 | gcry_sexp_release (sexp); | 277 | gcry_sexp_release (sexp); |
344 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 278 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
345 | GNUNET_assert (q); | 279 | GNUNET_assert (q); |
346 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 280 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
347 | gcry_mpi_release (q); | 281 | gcry_mpi_release (q); |
348 | gcry_ctx_release (ctx); | 282 | gcry_ctx_release (ctx); |
349 | } | 283 | } |
@@ -369,7 +303,7 @@ GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey * | |||
369 | gcry_sexp_release (sexp); | 303 | gcry_sexp_release (sexp); |
370 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 304 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
371 | GNUNET_assert (q); | 305 | GNUNET_assert (q); |
372 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 306 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
373 | gcry_mpi_release (q); | 307 | gcry_mpi_release (q); |
374 | gcry_ctx_release (ctx); | 308 | gcry_ctx_release (ctx); |
375 | } | 309 | } |
@@ -578,7 +512,7 @@ GNUNET_CRYPTO_ecdhe_key_create () | |||
578 | } | 512 | } |
579 | gcry_sexp_release (priv_sexp); | 513 | gcry_sexp_release (priv_sexp); |
580 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); | 514 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); |
581 | mpi_print (priv->d, sizeof (priv->d), d); | 515 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
582 | gcry_mpi_release (d); | 516 | gcry_mpi_release (d); |
583 | return priv; | 517 | return priv; |
584 | } | 518 | } |
@@ -628,7 +562,7 @@ GNUNET_CRYPTO_ecdsa_key_create () | |||
628 | } | 562 | } |
629 | gcry_sexp_release (priv_sexp); | 563 | gcry_sexp_release (priv_sexp); |
630 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); | 564 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); |
631 | mpi_print (priv->d, sizeof (priv->d), d); | 565 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
632 | gcry_mpi_release (d); | 566 | gcry_mpi_release (d); |
633 | return priv; | 567 | return priv; |
634 | } | 568 | } |
@@ -677,7 +611,7 @@ GNUNET_CRYPTO_eddsa_key_create () | |||
677 | } | 611 | } |
678 | gcry_sexp_release (priv_sexp); | 612 | gcry_sexp_release (priv_sexp); |
679 | priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey); | 613 | priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey); |
680 | mpi_print (priv->d, sizeof (priv->d), d); | 614 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
681 | gcry_mpi_release (d); | 615 | gcry_mpi_release (d); |
682 | return priv; | 616 | return priv; |
683 | } | 617 | } |
@@ -700,7 +634,7 @@ GNUNET_CRYPTO_ecdsa_key_get_anonymous () | |||
700 | 634 | ||
701 | if (once) | 635 | if (once) |
702 | return &anonymous; | 636 | return &anonymous; |
703 | mpi_print (anonymous.d, | 637 | GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d, |
704 | sizeof (anonymous.d), | 638 | sizeof (anonymous.d), |
705 | GCRYMPI_CONST_ONE); | 639 | GCRYMPI_CONST_ONE); |
706 | once = 1; | 640 | once = 1; |
@@ -1222,8 +1156,8 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, | |||
1222 | return GNUNET_SYSERR; | 1156 | return GNUNET_SYSERR; |
1223 | } | 1157 | } |
1224 | gcry_sexp_release (sig_sexp); | 1158 | gcry_sexp_release (sig_sexp); |
1225 | mpi_print (sig->r, sizeof (sig->r), rs[0]); | 1159 | GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); |
1226 | mpi_print (sig->s, sizeof (sig->s), rs[1]); | 1160 | GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); |
1227 | gcry_mpi_release (rs[0]); | 1161 | gcry_mpi_release (rs[0]); |
1228 | gcry_mpi_release (rs[1]); | 1162 | gcry_mpi_release (rs[1]); |
1229 | return GNUNET_OK; | 1163 | return GNUNET_OK; |
@@ -1272,8 +1206,8 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, | |||
1272 | return GNUNET_SYSERR; | 1206 | return GNUNET_SYSERR; |
1273 | } | 1207 | } |
1274 | gcry_sexp_release (sig_sexp); | 1208 | gcry_sexp_release (sig_sexp); |
1275 | mpi_print (sig->r, sizeof (sig->r), rs[0]); | 1209 | GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); |
1276 | mpi_print (sig->s, sizeof (sig->s), rs[1]); | 1210 | GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); |
1277 | gcry_mpi_release (rs[0]); | 1211 | gcry_mpi_release (rs[0]); |
1278 | gcry_mpi_release (rs[1]); | 1212 | gcry_mpi_release (rs[1]); |
1279 | return GNUNET_OK; | 1213 | return GNUNET_OK; |
@@ -1425,7 +1359,7 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1425 | q = gcry_mpi_ec_get_point ("q", ctx, 0); | 1359 | q = gcry_mpi_ec_get_point ("q", ctx, 0); |
1426 | 1360 | ||
1427 | /* second, extract the d value from our private key */ | 1361 | /* second, extract the d value from our private key */ |
1428 | mpi_scan (&d, priv->d, sizeof (priv->d)); | 1362 | GNUNET_CRYPTO_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d)); |
1429 | 1363 | ||
1430 | /* then call the 'multiply' function, to compute the product */ | 1364 | /* then call the 'multiply' function, to compute the product */ |
1431 | result = gcry_mpi_point_new (0); | 1365 | result = gcry_mpi_point_new (0); |
@@ -1447,7 +1381,7 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1447 | 1381 | ||
1448 | rsize = sizeof (xbuf); | 1382 | rsize = sizeof (xbuf); |
1449 | GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); | 1383 | GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); |
1450 | /* result_x can be negative here, so we do not use 'mpi_print' | 1384 | /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned' |
1451 | as that does not include the sign bit; x should be a 255-bit | 1385 | as that does not include the sign bit; x should be a 255-bit |
1452 | value, so with the sign it should fit snugly into the 256-bit | 1386 | value, so with the sign it should fit snugly into the 256-bit |
1453 | xbuf */ | 1387 | xbuf */ |
@@ -1484,7 +1418,7 @@ derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, | |||
1484 | label, strlen (label), | 1418 | label, strlen (label), |
1485 | context, strlen (context), | 1419 | context, strlen (context), |
1486 | NULL, 0); | 1420 | NULL, 0); |
1487 | mpi_scan (&h, (unsigned char *) &hc, sizeof (hc)); | 1421 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc)); |
1488 | return h; | 1422 | return h; |
1489 | } | 1423 | } |
1490 | 1424 | ||
@@ -1520,7 +1454,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK | |||
1520 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); | 1454 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); |
1521 | 1455 | ||
1522 | h = derive_h (&pub, label, context); | 1456 | h = derive_h (&pub, label, context); |
1523 | mpi_scan (&x, priv->d, sizeof (priv->d)); | 1457 | GNUNET_CRYPTO_mpi_scan_unsigned (&x, priv->d, sizeof (priv->d)); |
1524 | d = gcry_mpi_new (256); | 1458 | d = gcry_mpi_new (256); |
1525 | gcry_mpi_mulm (d, h, x, n); | 1459 | gcry_mpi_mulm (d, h, x, n); |
1526 | gcry_mpi_release (h); | 1460 | gcry_mpi_release (h); |
@@ -1528,7 +1462,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK | |||
1528 | gcry_mpi_release (n); | 1462 | gcry_mpi_release (n); |
1529 | gcry_ctx_release (ctx); | 1463 | gcry_ctx_release (ctx); |
1530 | ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); | 1464 | ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); |
1531 | mpi_print (ret->d, sizeof (ret->d), d); | 1465 | GNUNET_CRYPTO_mpi_print_unsigned (ret->d, sizeof (ret->d), d); |
1532 | gcry_mpi_release (d); | 1466 | gcry_mpi_release (d); |
1533 | return ret; | 1467 | return ret; |
1534 | } | 1468 | } |
@@ -1588,7 +1522,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey | |||
1588 | gcry_mpi_point_release (v); | 1522 | gcry_mpi_point_release (v); |
1589 | q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 1523 | q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
1590 | GNUNET_assert (q_y); | 1524 | GNUNET_assert (q_y); |
1591 | mpi_print (result->q_y, sizeof result->q_y, q_y); | 1525 | GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof result->q_y, q_y); |
1592 | gcry_mpi_release (q_y); | 1526 | gcry_mpi_release (q_y); |
1593 | gcry_ctx_release (ctx); | 1527 | gcry_ctx_release (ctx); |
1594 | } | 1528 | } |