Werner Koch wrote:

Hi,

find attach the patch which makes all 3 test cases work with Ed25519.
There are some minor hacks in the test cases to allow enabling of
Libgcrypt debugging and also some minor output style changes.

There is one FIXME in the code:

  /* FIXME: mpi_print creates an unsigned integer - is that intended
     or should we convert it to a signed integer (2-compl)?  */
  mpi_print (xbuf, sizeof (xbuf), result_x);

X may be positive or negative but GCRYMPI_FMT_USG ignores the sign.
Thus this is not what we actually want.  Should we change it to 2-comp
(GCRYMPI_FMT_STD) so that we have a proper value?  Given that the curve
is 255 bit this should alwas fit int the 256 bit buffer.  Another option
would be to use the EdDSA method for the sign but that is optimized to
easily recover x and would be more work.  Or we store the sign in the
high bit.  t all depends on what you want to write into the protocol
specs.

I would also like to revert the way we distinguish between Ed25519 with
and without ECDSA:  The way we do it right now is by assuming the
Ed25519 is always used with EdDSA unless a flag has been set.  This is a
bit surprising and requiring the "(flags eddsa)" would be a less
surprising interface.


Salam-Shalom,

   Werner

1 files changed, 13 insertions, 8 deletions

diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c
index 209eea5c6..eda285af8 100644
--- a/src/util/test_crypto_eddsa.c
+++ b/src/util/test_crypto_eddsa.c
@@ -56,7 +56,7 @@ testSignVerify ()
 
   for (i = 0; i < ITER; i++)
   {
-    FPRINTF (stderr, "%s",  ".");
+    FPRINTF (stderr, "%s",  "."); fflush (stderr);
     if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_sign (key, &purp, &sig))
     {
       FPRINTF (stderr, "%s",  "GNUNET_CRYPTO_eddsa_sign returned SYSERR\n");
@@ -80,7 +80,7 @@ testSignVerify ()
       continue;
     }
   }
-  printf ("%d ECC sign/verify operations %s\n", ITER,
+  printf ("%d EdDSA sign/verify operations %s\n", ITER,
           GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start), GNUNET_YES));
   return ok;
 }
@@ -104,7 +104,7 @@ testSignPerformance ()
   start = GNUNET_TIME_absolute_get ();
   for (i = 0; i < ITER; i++)
   {
-    FPRINTF (stderr, "%s",  ".");
+    FPRINTF (stderr, "%s",  "."); fflush (stderr);
     if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_sign (key, &purp, &sig))
     {
       FPRINTF (stderr, "%s",  "GNUNET_CRYPTO_eddsa_sign returned SYSERR\n");
@@ -152,15 +152,18 @@ perf_keygen ()
   struct GNUNET_CRYPTO_EddsaPrivateKey *pk;
   int i;
 
+  FPRINTF (stderr, "%s",  "W");
   start = GNUNET_TIME_absolute_get ();
   for (i=0;i<10;i++)
   {
-    fprintf (stderr, ".");
+    fprintf (stderr, "."); fflush (stderr);
     pk = GNUNET_CRYPTO_eddsa_key_create ();
     GNUNET_free (pk);
   }
-  fprintf (stderr, "\n");
-  printf ("Creating 10 EdDSA keys took %s\n",
+  for (;i<25;i++)
+    fprintf (stderr, ".");
+  fflush (stderr);
+  printf ("10 EdDSA keys created in %s\n",
           GNUNET_STRINGS_relative_time_to_string (GNUNET_TIME_absolute_get_duration (start), GNUNET_YES));
 }
 
@@ -170,13 +173,15 @@ main (int argc, char *argv[])
 {
   int failure_count = 0;
 
-  if (! gcry_check_version ("1.5.0"))
+  if (! gcry_check_version ("1.6.0"))
   {
     FPRINTF (stderr,
              _("libgcrypt has not the expected version (version %s is required).\n"),
-             "1.5.0");
+             "1.6.0");
     return 0;
   }
+  if (getenv ("GNUNET_GCRYPT_DEBUG"))
+    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
   GNUNET_log_setup ("test-crypto-eddsa", "WARNING", NULL);
   key = GNUNET_CRYPTO_eddsa_key_create ();
 #if PERF