diff options
author | Florian Dold <florian.dold@gmail.com> | 2020-01-06 14:02:40 +0100 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2020-01-06 14:02:40 +0100 |
commit | 1ad2fb331548adf635e9cff8786b468e54666371 (patch) | |
tree | 1eeafe3a8aa5a32ea78ead24fe742110133e0805 /src/util/tweetnacl-gnunet.c | |
parent | 2111817ee190b99561f067277c3b081da27e2afa (diff) | |
download | gnunet-1ad2fb331548adf635e9cff8786b468e54666371.tar.gz gnunet-1ad2fb331548adf635e9cff8786b468e54666371.zip |
Fix ECDSA/ECDH key exchange
Libgcrypt interprets the private key as little endian, while tweetnacl
interprets it as big endian. This caused the key exchange to fail.
Diffstat (limited to 'src/util/tweetnacl-gnunet.c')
-rw-r--r-- | src/util/tweetnacl-gnunet.c | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/src/util/tweetnacl-gnunet.c b/src/util/tweetnacl-gnunet.c index 1c27730a4..c3471ae66 100644 --- a/src/util/tweetnacl-gnunet.c +++ b/src/util/tweetnacl-gnunet.c | |||
@@ -424,8 +424,25 @@ GNUNET_TWEETNACL_sign_pk_from_seed (u8 *pk, const u8 *seed) | |||
424 | d[31] &= 127; | 424 | d[31] &= 127; |
425 | d[31] |= 64; | 425 | d[31] |= 64; |
426 | 426 | ||
427 | scalarbase (p,d); | 427 | scalarbase (p, d); |
428 | pack (pk,p); | 428 | pack (pk, p); |
429 | } | ||
430 | |||
431 | void | ||
432 | GNUNET_TWEETNACL_scalarmult_le_ed25519_base (u8 *pk, const u8 *s) | ||
433 | { | ||
434 | u8 d[64]; | ||
435 | gf p[4]; | ||
436 | |||
437 | // Treat s as little endian. | ||
438 | for (u32 i = 0; i < 32; i++) | ||
439 | d[i] = s[31 - i]; | ||
440 | d[0] &= 248; | ||
441 | d[31] &= 127; | ||
442 | d[31] |= 64; | ||
443 | |||
444 | scalarbase (p, d); | ||
445 | pack (pk, p); | ||
429 | } | 446 | } |
430 | 447 | ||
431 | void | 448 | void |