diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-27 12:25:01 +0200 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2022-03-27 12:25:01 +0200 |
commit | 1e4d6256731d69f1309ff8439569c65d2e1384a0 (patch) | |
tree | 164e7b5cd860ba30e315caba7a1ac08919dee90b /src/util | |
parent | e598ffe0a3a3d3db0df1fcc04f52bbefe93d3779 (diff) | |
download | gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.tar.gz gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.zip |
GNS: Sanitize APIs and align with LSD0001
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/crypto_ecc_gnsrecord.c | 55 | ||||
-rw-r--r-- | src/util/test_crypto_eddsa.c | 8 |
2 files changed, 40 insertions, 23 deletions
diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c index ce41a4699..0ee0570c0 100644 --- a/src/util/crypto_ecc_gnsrecord.c +++ b/src/util/crypto_ecc_gnsrecord.c | |||
@@ -68,28 +68,15 @@ derive_h (const void *pub, | |||
68 | } | 68 | } |
69 | 69 | ||
70 | 70 | ||
71 | /** | 71 | enum GNUNET_GenericReturnValue |
72 | * This is a signature function for EdDSA which takes the | 72 | GNUNET_CRYPTO_eddsa_sign_derived ( |
73 | * secret scalar sk instead of the private seed which is | 73 | const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey, |
74 | * usually the case for crypto APIs. We require this functionality | 74 | const char *label, |
75 | * in order to use derived private keys for signatures we | 75 | const char *context, |
76 | * cannot calculate the inverse of a sk to find the seed | ||
77 | * efficiently. | ||
78 | * | ||
79 | * The resulting signature is a standard EdDSA signature | ||
80 | * which can be verified using the usual APIs. | ||
81 | * | ||
82 | * @param sk the secret scalar | ||
83 | * @param purp the signature purpose | ||
84 | * @param sig the resulting signature | ||
85 | */ | ||
86 | void | ||
87 | GNUNET_CRYPTO_eddsa_sign_with_scalar ( | ||
88 | const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv, | ||
89 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | 76 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, |
90 | struct GNUNET_CRYPTO_EddsaSignature *sig) | 77 | struct GNUNET_CRYPTO_EddsaSignature *sig) |
91 | { | 78 | { |
92 | 79 | struct GNUNET_CRYPTO_EddsaPrivateScalar priv; | |
93 | crypto_hash_sha512_state hs; | 80 | crypto_hash_sha512_state hs; |
94 | unsigned char sk[64]; | 81 | unsigned char sk[64]; |
95 | unsigned char r[64]; | 82 | unsigned char r[64]; |
@@ -98,6 +85,14 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar ( | |||
98 | unsigned char zk[32]; | 85 | unsigned char zk[32]; |
99 | unsigned char tmp[32]; | 86 | unsigned char tmp[32]; |
100 | 87 | ||
88 | /** | ||
89 | * Derive the private key | ||
90 | */ | ||
91 | GNUNET_CRYPTO_eddsa_private_key_derive (pkey, | ||
92 | label, | ||
93 | context, | ||
94 | &priv); | ||
95 | |||
101 | crypto_hash_sha512_init (&hs); | 96 | crypto_hash_sha512_init (&hs); |
102 | 97 | ||
103 | /** | 98 | /** |
@@ -108,7 +103,7 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar ( | |||
108 | * sk[0..31] = h * SHA512 (d)[0..31] | 103 | * sk[0..31] = h * SHA512 (d)[0..31] |
109 | * sk[32..63] = SHA512 (d)[32..63] | 104 | * sk[32..63] = SHA512 (d)[32..63] |
110 | */ | 105 | */ |
111 | memcpy (sk, priv->s, 64); | 106 | memcpy (sk, priv.s, 64); |
112 | 107 | ||
113 | /** | 108 | /** |
114 | * Calculate the derived zone key zk' from the | 109 | * Calculate the derived zone key zk' from the |
@@ -172,8 +167,28 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar ( | |||
172 | sodium_memzero (sk, sizeof (sk)); | 167 | sodium_memzero (sk, sizeof (sk)); |
173 | sodium_memzero (r, sizeof (r)); | 168 | sodium_memzero (r, sizeof (r)); |
174 | sodium_memzero (r_mod, sizeof (r_mod)); | 169 | sodium_memzero (r_mod, sizeof (r_mod)); |
170 | return GNUNET_OK; | ||
175 | } | 171 | } |
176 | 172 | ||
173 | enum GNUNET_GenericReturnValue | ||
174 | GNUNET_CRYPTO_ecdsa_sign_derived ( | ||
175 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, | ||
176 | const char *label, | ||
177 | const char *context, | ||
178 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
179 | struct GNUNET_CRYPTO_EcdsaSignature *sig) | ||
180 | { | ||
181 | struct GNUNET_CRYPTO_EcdsaPrivateKey *key; | ||
182 | enum GNUNET_GenericReturnValue res; | ||
183 | key = GNUNET_CRYPTO_ecdsa_private_key_derive (priv, | ||
184 | label, | ||
185 | context); | ||
186 | res = GNUNET_CRYPTO_ecdsa_sign_ (key, | ||
187 | purpose, | ||
188 | sig); | ||
189 | GNUNET_free (key); | ||
190 | return res; | ||
191 | } | ||
177 | 192 | ||
178 | struct GNUNET_CRYPTO_EcdsaPrivateKey * | 193 | struct GNUNET_CRYPTO_EcdsaPrivateKey * |
179 | GNUNET_CRYPTO_ecdsa_private_key_derive ( | 194 | GNUNET_CRYPTO_ecdsa_private_key_derive ( |
diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c index 459619ff2..e9573a307 100644 --- a/src/util/test_crypto_eddsa.c +++ b/src/util/test_crypto_eddsa.c | |||
@@ -130,9 +130,11 @@ testDeriveSignVerify (void) | |||
130 | return GNUNET_SYSERR; | 130 | return GNUNET_SYSERR; |
131 | } | 131 | } |
132 | 132 | ||
133 | GNUNET_CRYPTO_eddsa_sign_with_scalar (&dpriv, | 133 | GNUNET_CRYPTO_eddsa_sign_derived (&key, |
134 | &purp, | 134 | "test-derive", |
135 | &sig); | 135 | "test-CTX", |
136 | &purp, | ||
137 | &sig); | ||
136 | if (GNUNET_SYSERR == | 138 | if (GNUNET_SYSERR == |
137 | GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, | 139 | GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, |
138 | &purp, | 140 | &purp, |