diff options
author | Florian Dold <florian.dold@gmail.com> | 2014-01-20 19:08:47 +0000 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2014-01-20 19:08:47 +0000 |
commit | 29517cf1e5cb2e2a92c97f458ba4d3fe6716b1ee (patch) | |
tree | 1cd922f43818800d7279f16f8b9496a6016338f0 /src/util | |
parent | 95b657e52e52523cc7080406221896ed31327052 (diff) | |
download | gnunet-29517cf1e5cb2e2a92c97f458ba4d3fe6716b1ee.tar.gz gnunet-29517cf1e5cb2e2a92c97f458ba4d3fe6716b1ee.zip |
- make mpi scan/print public
- secretsharing key generation and decryption fixed
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/Makefile.am | 1 | ||||
-rw-r--r-- | src/util/crypto_ecc.c | 100 | ||||
-rw-r--r-- | src/util/crypto_mpi.c | 132 |
3 files changed, 150 insertions, 83 deletions
diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 98af961d5..b502adb4b 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am | |||
@@ -91,6 +91,7 @@ libgnunetutil_la_SOURCES = \ | |||
91 | crypto_hash.c \ | 91 | crypto_hash.c \ |
92 | crypto_hkdf.c \ | 92 | crypto_hkdf.c \ |
93 | crypto_kdf.c \ | 93 | crypto_kdf.c \ |
94 | crypto_mpi.c \ | ||
94 | crypto_random.c \ | 95 | crypto_random.c \ |
95 | disk.c \ | 96 | disk.c \ |
96 | disk.h \ | 97 | disk.h \ |
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 6bd96b365..71b8470fe 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -133,72 +133,6 @@ adjust (unsigned char *buf, | |||
133 | 133 | ||
134 | 134 | ||
135 | /** | 135 | /** |
136 | * Output the given MPI value to the given buffer. | ||
137 | * | ||
138 | * @param buf where to output to | ||
139 | * @param size number of bytes in @a buf | ||
140 | * @param val value to write to @a buf | ||
141 | */ | ||
142 | static void | ||
143 | mpi_print (unsigned char *buf, | ||
144 | size_t size, | ||
145 | gcry_mpi_t val) | ||
146 | { | ||
147 | size_t rsize; | ||
148 | |||
149 | if (gcry_mpi_get_flag (val, GCRYMPI_FLAG_OPAQUE)) | ||
150 | { | ||
151 | /* Store opaque MPIs left aligned into the buffer. */ | ||
152 | unsigned int nbits; | ||
153 | const void *p; | ||
154 | |||
155 | p = gcry_mpi_get_opaque (val, &nbits); | ||
156 | GNUNET_assert (p); | ||
157 | rsize = (nbits+7)/8; | ||
158 | if (rsize > size) | ||
159 | rsize = size; | ||
160 | memcpy (buf, p, rsize); | ||
161 | if (rsize < size) | ||
162 | memset (buf+rsize, 0, size - rsize); | ||
163 | } | ||
164 | else | ||
165 | { | ||
166 | /* Store regular MPIs as unsigned integers right aligned into | ||
167 | the buffer. */ | ||
168 | rsize = size; | ||
169 | GNUNET_assert (0 == | ||
170 | gcry_mpi_print (GCRYMPI_FMT_USG, buf, rsize, &rsize, | ||
171 | val)); | ||
172 | adjust (buf, rsize, size); | ||
173 | } | ||
174 | } | ||
175 | |||
176 | |||
177 | /** | ||
178 | * Convert data buffer into MPI value. | ||
179 | * | ||
180 | * @param result where to store MPI value (allocated) | ||
181 | * @param data raw data (GCRYMPI_FMT_USG) | ||
182 | * @param size number of bytes in @a data | ||
183 | */ | ||
184 | static void | ||
185 | mpi_scan (gcry_mpi_t *result, | ||
186 | const unsigned char *data, | ||
187 | size_t size) | ||
188 | { | ||
189 | int rc; | ||
190 | |||
191 | if (0 != (rc = gcry_mpi_scan (result, | ||
192 | GCRYMPI_FMT_USG, | ||
193 | data, size, &size))) | ||
194 | { | ||
195 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | ||
196 | GNUNET_assert (0); | ||
197 | } | ||
198 | } | ||
199 | |||
200 | |||
201 | /** | ||
202 | * Convert the given private key from the network format to the | 136 | * Convert the given private key from the network format to the |
203 | * S-expression that can be used by libgcrypt. | 137 | * S-expression that can be used by libgcrypt. |
204 | * | 138 | * |
@@ -317,7 +251,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey * | |||
317 | gcry_sexp_release (sexp); | 251 | gcry_sexp_release (sexp); |
318 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 252 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
319 | GNUNET_assert (q); | 253 | GNUNET_assert (q); |
320 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 254 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
321 | gcry_mpi_release (q); | 255 | gcry_mpi_release (q); |
322 | gcry_ctx_release (ctx); | 256 | gcry_ctx_release (ctx); |
323 | } | 257 | } |
@@ -343,7 +277,7 @@ GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey * | |||
343 | gcry_sexp_release (sexp); | 277 | gcry_sexp_release (sexp); |
344 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 278 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
345 | GNUNET_assert (q); | 279 | GNUNET_assert (q); |
346 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 280 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
347 | gcry_mpi_release (q); | 281 | gcry_mpi_release (q); |
348 | gcry_ctx_release (ctx); | 282 | gcry_ctx_release (ctx); |
349 | } | 283 | } |
@@ -369,7 +303,7 @@ GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey * | |||
369 | gcry_sexp_release (sexp); | 303 | gcry_sexp_release (sexp); |
370 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 304 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
371 | GNUNET_assert (q); | 305 | GNUNET_assert (q); |
372 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 306 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
373 | gcry_mpi_release (q); | 307 | gcry_mpi_release (q); |
374 | gcry_ctx_release (ctx); | 308 | gcry_ctx_release (ctx); |
375 | } | 309 | } |
@@ -578,7 +512,7 @@ GNUNET_CRYPTO_ecdhe_key_create () | |||
578 | } | 512 | } |
579 | gcry_sexp_release (priv_sexp); | 513 | gcry_sexp_release (priv_sexp); |
580 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); | 514 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); |
581 | mpi_print (priv->d, sizeof (priv->d), d); | 515 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
582 | gcry_mpi_release (d); | 516 | gcry_mpi_release (d); |
583 | return priv; | 517 | return priv; |
584 | } | 518 | } |
@@ -628,7 +562,7 @@ GNUNET_CRYPTO_ecdsa_key_create () | |||
628 | } | 562 | } |
629 | gcry_sexp_release (priv_sexp); | 563 | gcry_sexp_release (priv_sexp); |
630 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); | 564 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); |
631 | mpi_print (priv->d, sizeof (priv->d), d); | 565 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
632 | gcry_mpi_release (d); | 566 | gcry_mpi_release (d); |
633 | return priv; | 567 | return priv; |
634 | } | 568 | } |
@@ -677,7 +611,7 @@ GNUNET_CRYPTO_eddsa_key_create () | |||
677 | } | 611 | } |
678 | gcry_sexp_release (priv_sexp); | 612 | gcry_sexp_release (priv_sexp); |
679 | priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey); | 613 | priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey); |
680 | mpi_print (priv->d, sizeof (priv->d), d); | 614 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
681 | gcry_mpi_release (d); | 615 | gcry_mpi_release (d); |
682 | return priv; | 616 | return priv; |
683 | } | 617 | } |
@@ -700,7 +634,7 @@ GNUNET_CRYPTO_ecdsa_key_get_anonymous () | |||
700 | 634 | ||
701 | if (once) | 635 | if (once) |
702 | return &anonymous; | 636 | return &anonymous; |
703 | mpi_print (anonymous.d, | 637 | GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d, |
704 | sizeof (anonymous.d), | 638 | sizeof (anonymous.d), |
705 | GCRYMPI_CONST_ONE); | 639 | GCRYMPI_CONST_ONE); |
706 | once = 1; | 640 | once = 1; |
@@ -1222,8 +1156,8 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, | |||
1222 | return GNUNET_SYSERR; | 1156 | return GNUNET_SYSERR; |
1223 | } | 1157 | } |
1224 | gcry_sexp_release (sig_sexp); | 1158 | gcry_sexp_release (sig_sexp); |
1225 | mpi_print (sig->r, sizeof (sig->r), rs[0]); | 1159 | GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); |
1226 | mpi_print (sig->s, sizeof (sig->s), rs[1]); | 1160 | GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); |
1227 | gcry_mpi_release (rs[0]); | 1161 | gcry_mpi_release (rs[0]); |
1228 | gcry_mpi_release (rs[1]); | 1162 | gcry_mpi_release (rs[1]); |
1229 | return GNUNET_OK; | 1163 | return GNUNET_OK; |
@@ -1272,8 +1206,8 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, | |||
1272 | return GNUNET_SYSERR; | 1206 | return GNUNET_SYSERR; |
1273 | } | 1207 | } |
1274 | gcry_sexp_release (sig_sexp); | 1208 | gcry_sexp_release (sig_sexp); |
1275 | mpi_print (sig->r, sizeof (sig->r), rs[0]); | 1209 | GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); |
1276 | mpi_print (sig->s, sizeof (sig->s), rs[1]); | 1210 | GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); |
1277 | gcry_mpi_release (rs[0]); | 1211 | gcry_mpi_release (rs[0]); |
1278 | gcry_mpi_release (rs[1]); | 1212 | gcry_mpi_release (rs[1]); |
1279 | return GNUNET_OK; | 1213 | return GNUNET_OK; |
@@ -1425,7 +1359,7 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1425 | q = gcry_mpi_ec_get_point ("q", ctx, 0); | 1359 | q = gcry_mpi_ec_get_point ("q", ctx, 0); |
1426 | 1360 | ||
1427 | /* second, extract the d value from our private key */ | 1361 | /* second, extract the d value from our private key */ |
1428 | mpi_scan (&d, priv->d, sizeof (priv->d)); | 1362 | GNUNET_CRYPTO_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d)); |
1429 | 1363 | ||
1430 | /* then call the 'multiply' function, to compute the product */ | 1364 | /* then call the 'multiply' function, to compute the product */ |
1431 | result = gcry_mpi_point_new (0); | 1365 | result = gcry_mpi_point_new (0); |
@@ -1447,7 +1381,7 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1447 | 1381 | ||
1448 | rsize = sizeof (xbuf); | 1382 | rsize = sizeof (xbuf); |
1449 | GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); | 1383 | GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); |
1450 | /* result_x can be negative here, so we do not use 'mpi_print' | 1384 | /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned' |
1451 | as that does not include the sign bit; x should be a 255-bit | 1385 | as that does not include the sign bit; x should be a 255-bit |
1452 | value, so with the sign it should fit snugly into the 256-bit | 1386 | value, so with the sign it should fit snugly into the 256-bit |
1453 | xbuf */ | 1387 | xbuf */ |
@@ -1484,7 +1418,7 @@ derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, | |||
1484 | label, strlen (label), | 1418 | label, strlen (label), |
1485 | context, strlen (context), | 1419 | context, strlen (context), |
1486 | NULL, 0); | 1420 | NULL, 0); |
1487 | mpi_scan (&h, (unsigned char *) &hc, sizeof (hc)); | 1421 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc)); |
1488 | return h; | 1422 | return h; |
1489 | } | 1423 | } |
1490 | 1424 | ||
@@ -1520,7 +1454,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK | |||
1520 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); | 1454 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); |
1521 | 1455 | ||
1522 | h = derive_h (&pub, label, context); | 1456 | h = derive_h (&pub, label, context); |
1523 | mpi_scan (&x, priv->d, sizeof (priv->d)); | 1457 | GNUNET_CRYPTO_mpi_scan_unsigned (&x, priv->d, sizeof (priv->d)); |
1524 | d = gcry_mpi_new (256); | 1458 | d = gcry_mpi_new (256); |
1525 | gcry_mpi_mulm (d, h, x, n); | 1459 | gcry_mpi_mulm (d, h, x, n); |
1526 | gcry_mpi_release (h); | 1460 | gcry_mpi_release (h); |
@@ -1528,7 +1462,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK | |||
1528 | gcry_mpi_release (n); | 1462 | gcry_mpi_release (n); |
1529 | gcry_ctx_release (ctx); | 1463 | gcry_ctx_release (ctx); |
1530 | ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); | 1464 | ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); |
1531 | mpi_print (ret->d, sizeof (ret->d), d); | 1465 | GNUNET_CRYPTO_mpi_print_unsigned (ret->d, sizeof (ret->d), d); |
1532 | gcry_mpi_release (d); | 1466 | gcry_mpi_release (d); |
1533 | return ret; | 1467 | return ret; |
1534 | } | 1468 | } |
@@ -1588,7 +1522,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey | |||
1588 | gcry_mpi_point_release (v); | 1522 | gcry_mpi_point_release (v); |
1589 | q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 1523 | q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
1590 | GNUNET_assert (q_y); | 1524 | GNUNET_assert (q_y); |
1591 | mpi_print (result->q_y, sizeof result->q_y, q_y); | 1525 | GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof result->q_y, q_y); |
1592 | gcry_mpi_release (q_y); | 1526 | gcry_mpi_release (q_y); |
1593 | gcry_ctx_release (ctx); | 1527 | gcry_ctx_release (ctx); |
1594 | } | 1528 | } |
diff --git a/src/util/crypto_mpi.c b/src/util/crypto_mpi.c new file mode 100644 index 000000000..8e52424cf --- /dev/null +++ b/src/util/crypto_mpi.c | |||
@@ -0,0 +1,132 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | (C) 2012, 2013 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file util/crypto_mpi.c | ||
23 | * @brief Helper functions for libgcrypt MPIs | ||
24 | * @author Christian Grothoff | ||
25 | * @author Florian Dold | ||
26 | */ | ||
27 | #include "platform.h" | ||
28 | #include <gcrypt.h> | ||
29 | #include "gnunet_util_lib.h" | ||
30 | |||
31 | |||
32 | #define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) | ||
33 | |||
34 | /** | ||
35 | * Log an error message at log-level 'level' that indicates | ||
36 | * a failure of the command 'cmd' with the message given | ||
37 | * by gcry_strerror(rc). | ||
38 | */ | ||
39 | #define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0) | ||
40 | |||
41 | |||
42 | /** | ||
43 | * If target != size, move @a target bytes to the end of the size-sized | ||
44 | * buffer and zero out the first @a target - @a size bytes. | ||
45 | * | ||
46 | * @param buf original buffer | ||
47 | * @param size number of bytes in @a buf | ||
48 | * @param target target size of the buffer | ||
49 | */ | ||
50 | static void | ||
51 | adjust (void *buf, | ||
52 | size_t size, | ||
53 | size_t target) | ||
54 | { | ||
55 | if (size < target) | ||
56 | { | ||
57 | memmove (&buf[target - size], buf, size); | ||
58 | memset (buf, 0, target - size); | ||
59 | } | ||
60 | } | ||
61 | |||
62 | |||
63 | /** | ||
64 | * Output the given MPI value to the given buffer in | ||
65 | * network byte order. | ||
66 | * The MPI @a val may not be negative. | ||
67 | * | ||
68 | * @param buf where to output to | ||
69 | * @param size number of bytes in @a buf | ||
70 | * @param val value to write to @a buf | ||
71 | */ | ||
72 | void | ||
73 | GNUNET_CRYPTO_mpi_print_unsigned (void *buf, | ||
74 | size_t size, | ||
75 | gcry_mpi_t val) | ||
76 | { | ||
77 | size_t rsize; | ||
78 | |||
79 | if (gcry_mpi_get_flag (val, GCRYMPI_FLAG_OPAQUE)) | ||
80 | { | ||
81 | /* Store opaque MPIs left aligned into the buffer. */ | ||
82 | unsigned int nbits; | ||
83 | const void *p; | ||
84 | |||
85 | p = gcry_mpi_get_opaque (val, &nbits); | ||
86 | GNUNET_assert (p); | ||
87 | rsize = (nbits+7)/8; | ||
88 | if (rsize > size) | ||
89 | rsize = size; | ||
90 | memcpy (buf, p, rsize); | ||
91 | if (rsize < size) | ||
92 | memset (buf+rsize, 0, size - rsize); | ||
93 | } | ||
94 | else | ||
95 | { | ||
96 | /* Store regular MPIs as unsigned integers right aligned into | ||
97 | the buffer. */ | ||
98 | rsize = size; | ||
99 | GNUNET_assert (0 == | ||
100 | gcry_mpi_print (GCRYMPI_FMT_USG, buf, rsize, &rsize, | ||
101 | val)); | ||
102 | adjust (buf, rsize, size); | ||
103 | } | ||
104 | } | ||
105 | |||
106 | |||
107 | /** | ||
108 | * Convert data buffer into MPI value. | ||
109 | * The buffer is interpreted as network | ||
110 | * byte order, unsigned integer. | ||
111 | * | ||
112 | * @param result where to store MPI value (allocated) | ||
113 | * @param data raw data (GCRYMPI_FMT_USG) | ||
114 | * @param size number of bytes in @a data | ||
115 | */ | ||
116 | void | ||
117 | GNUNET_CRYPTO_mpi_scan_unsigned (gcry_mpi_t *result, | ||
118 | const void *data, | ||
119 | size_t size) | ||
120 | { | ||
121 | int rc; | ||
122 | |||
123 | if (0 != (rc = gcry_mpi_scan (result, | ||
124 | GCRYMPI_FMT_USG, | ||
125 | data, size, &size))) | ||
126 | { | ||
127 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | ||
128 | GNUNET_assert (0); | ||
129 | } | ||
130 | } | ||
131 | |||
132 | /* end of crypto_mpi.c */ | ||