diff options
author | Christian Grothoff <christian@grothoff.org> | 2015-05-13 16:19:10 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2015-05-13 16:19:10 +0000 |
commit | 55d612a4f2b68911b472d10bb7efd50d8740fe6e (patch) | |
tree | 95adabb8bee4032937a6ab9f19ec758896caf94f /src/util | |
parent | 4725d59b468f1f30ba2910992333ca157682ce29 (diff) | |
download | gnunet-55d612a4f2b68911b472d10bb7efd50d8740fe6e.tar.gz gnunet-55d612a4f2b68911b472d10bb7efd50d8740fe6e.zip |
towards using EdDSA-ECDHE instead of ECDSA-ECDHE combined cryptosystem (API only)
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/Makefile.am | 8 | ||||
-rw-r--r-- | src/util/crypto_ecc.c | 57 | ||||
-rw-r--r-- | src/util/test_crypto_ecdh_ecdsa.c | 133 | ||||
-rw-r--r-- | src/util/test_crypto_ecdh_eddsa.c | 86 |
4 files changed, 117 insertions, 167 deletions
diff --git a/src/util/Makefile.am b/src/util/Makefile.am index ee7ccec26..685632b49 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am | |||
@@ -228,7 +228,7 @@ check_PROGRAMS = \ | |||
228 | test_crypto_ecdsa \ | 228 | test_crypto_ecdsa \ |
229 | test_crypto_eddsa \ | 229 | test_crypto_eddsa \ |
230 | test_crypto_ecdhe \ | 230 | test_crypto_ecdhe \ |
231 | test_crypto_ecdh_ecdsa \ | 231 | test_crypto_ecdh_eddsa \ |
232 | test_crypto_hash \ | 232 | test_crypto_hash \ |
233 | test_crypto_hash_context \ | 233 | test_crypto_hash_context \ |
234 | test_crypto_hkdf \ | 234 | test_crypto_hkdf \ |
@@ -389,9 +389,9 @@ test_crypto_ecdhe_LDADD = \ | |||
389 | libgnunetutil.la \ | 389 | libgnunetutil.la \ |
390 | $(LIBGCRYPT_LIBS) | 390 | $(LIBGCRYPT_LIBS) |
391 | 391 | ||
392 | test_crypto_ecdh_ecdsa_SOURCES = \ | 392 | test_crypto_ecdh_eddsa_SOURCES = \ |
393 | test_crypto_ecdh_ecdsa.c | 393 | test_crypto_ecdh_eddsa.c |
394 | test_crypto_ecdh_ecdsa_LDADD = \ | 394 | test_crypto_ecdh_eddsa_LDADD = \ |
395 | libgnunetutil.la \ | 395 | libgnunetutil.la \ |
396 | $(LIBGCRYPT_LIBS) | 396 | $(LIBGCRYPT_LIBS) |
397 | 397 | ||
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 429d2bf4b..c3a60e841 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -1,6 +1,6 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet. | 2 | This file is part of GNUnet. |
3 | Copyright (C) 2012, 2013 Christian Grothoff (and other contributing authors) | 3 | Copyright (C) 2012, 2013, 2015 Christian Grothoff (and other contributing authors) |
4 | 4 | ||
5 | GNUnet is free software; you can redistribute it and/or modify | 5 | GNUnet is free software; you can redistribute it and/or modify |
6 | it under the terms of the GNU General Public License as published | 6 | it under the terms of the GNU General Public License as published |
@@ -1398,7 +1398,9 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1398 | GNUNET_assert (0 == | 1398 | GNUNET_assert (0 == |
1399 | gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, | 1399 | gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, |
1400 | result_x)); | 1400 | result_x)); |
1401 | GNUNET_CRYPTO_hash (xbuf, rsize, key_material); | 1401 | GNUNET_CRYPTO_hash (xbuf, |
1402 | rsize, | ||
1403 | key_material); | ||
1402 | gcry_mpi_release (result_x); | 1404 | gcry_mpi_release (result_x); |
1403 | return GNUNET_OK; | 1405 | return GNUNET_OK; |
1404 | } | 1406 | } |
@@ -1542,46 +1544,41 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey | |||
1542 | 1544 | ||
1543 | /** | 1545 | /** |
1544 | * @ingroup crypto | 1546 | * @ingroup crypto |
1545 | * Convert ECDSA public key to ECDHE public key. | 1547 | * Derive key material from a ECDH public key and a private EdDSA key. |
1546 | * Please be very careful when using this function, as mixing | 1548 | * Dual to #GNUNET_CRRYPTO_ecdh_eddsa. |
1547 | * cryptographic primitives is not always healthy. | ||
1548 | * | 1549 | * |
1549 | * @param ecdsa ecdsa public key | 1550 | * @param priv private key from EdDSA to use for the ECDH (x) |
1550 | * @param ecdhe[OUT] ecdhe public key | 1551 | * @param pub public key to use for the ECDH (yG) |
1552 | * @param key_material where to write the key material H(h(x)yG) | ||
1553 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1551 | */ | 1554 | */ |
1552 | void | 1555 | int |
1553 | GNUNET_CRYPTO_ecdsa_public_to_ecdhe (const struct GNUNET_CRYPTO_EcdsaPublicKey *ecdsa, | 1556 | GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, |
1554 | struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe) | 1557 | const struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
1558 | struct GNUNET_HashCode *key_material) | ||
1555 | { | 1559 | { |
1556 | GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) == | 1560 | return GNUNET_SYSERR; |
1557 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)); | ||
1558 | memcpy (ecdhe, | ||
1559 | ecdsa, | ||
1560 | sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); | ||
1561 | } | 1561 | } |
1562 | 1562 | ||
1563 | 1563 | ||
1564 | |||
1565 | /** | 1564 | /** |
1566 | * @ingroup crypto | 1565 | * @ingroup crypto |
1567 | * Convert ECDSA private key to ECDHE private key. | 1566 | * Derive key material from a EdDSA public key and a private ECDH key. |
1568 | * Please be very careful when using this function, as mixing | 1567 | * Dual to #GNUNET_CRRYPTO_eddsa_ecdh. |
1569 | * cryptographic primitives is not always healthy. | ||
1570 | * | 1568 | * |
1571 | * @param ecdsa ecdsa private key | 1569 | * @param priv private key to use for the ECDH (y) |
1572 | * @param ecdhe[OUT] ecdhe private key | 1570 | * @param pub public key from EdDSA to use for the ECDH (X=h(x)G) |
1571 | * @param key_material where to write the key material H(yX)=H(h(x)yG) | ||
1572 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1573 | */ | 1573 | */ |
1574 | void | 1574 | int |
1575 | GNUNET_CRYPTO_ecdsa_private_to_ecdhe (const struct GNUNET_CRYPTO_EcdsaPrivateKey *ecdsa, | 1575 | GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, |
1576 | struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe) | 1576 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, |
1577 | struct GNUNET_HashCode *key_material) | ||
1577 | { | 1578 | { |
1578 | GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey) == | 1579 | return GNUNET_SYSERR; |
1579 | sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); | ||
1580 | memcpy (ecdhe, | ||
1581 | ecdsa, | ||
1582 | sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); | ||
1583 | |||
1584 | } | 1580 | } |
1585 | 1581 | ||
1586 | 1582 | ||
1583 | |||
1587 | /* end of crypto_ecc.c */ | 1584 | /* end of crypto_ecc.c */ |
diff --git a/src/util/test_crypto_ecdh_ecdsa.c b/src/util/test_crypto_ecdh_ecdsa.c deleted file mode 100644 index 39e68abfc..000000000 --- a/src/util/test_crypto_ecdh_ecdsa.c +++ /dev/null | |||
@@ -1,133 +0,0 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2002-2015 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | |||
20 | */ | ||
21 | /** | ||
22 | * @file util/test_crypto_ecdh_ecdsa.c | ||
23 | * @brief testcase for ECC DH key exchange with EdDSA private keys. | ||
24 | * @author Christian Grothoff | ||
25 | * @author Bart Polot | ||
26 | */ | ||
27 | #include "platform.h" | ||
28 | #include "gnunet_util_lib.h" | ||
29 | #include <gcrypt.h> | ||
30 | |||
31 | |||
32 | static int | ||
33 | test_pk() | ||
34 | { | ||
35 | struct GNUNET_CRYPTO_EcdsaPrivateKey *priv1; | ||
36 | struct GNUNET_CRYPTO_EcdhePrivateKey priv2; | ||
37 | struct GNUNET_CRYPTO_EcdsaPublicKey pub1; | ||
38 | struct GNUNET_CRYPTO_EcdhePublicKey pub2; | ||
39 | struct GNUNET_CRYPTO_EcdhePublicKey pub1c; | ||
40 | |||
41 | /* Generate, cast keys */ | ||
42 | priv1 = GNUNET_CRYPTO_ecdsa_key_create (); | ||
43 | GNUNET_CRYPTO_ecdsa_private_to_ecdhe (priv1, | ||
44 | &priv2); | ||
45 | /* Extract public keys */ | ||
46 | GNUNET_CRYPTO_ecdsa_key_get_public (priv1, &pub1); | ||
47 | GNUNET_CRYPTO_ecdhe_key_get_public (&priv2, &pub2); | ||
48 | |||
49 | GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&pub1, &pub1c); | ||
50 | if (0 == memcmp (&pub1c, | ||
51 | &pub2, | ||
52 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) | ||
53 | { | ||
54 | GNUNET_free (priv1); | ||
55 | return 0; | ||
56 | } | ||
57 | GNUNET_free (priv1); | ||
58 | return 1; | ||
59 | } | ||
60 | |||
61 | |||
62 | static int | ||
63 | test_ecdh() | ||
64 | { | ||
65 | struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_dsa1; | ||
66 | struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_dsa2; | ||
67 | struct GNUNET_CRYPTO_EcdsaPublicKey id1; | ||
68 | struct GNUNET_CRYPTO_EcdsaPublicKey id2; | ||
69 | struct GNUNET_CRYPTO_EcdhePublicKey id1c; | ||
70 | struct GNUNET_CRYPTO_EcdhePublicKey id2c; | ||
71 | |||
72 | struct GNUNET_CRYPTO_EcdhePrivateKey priv1; | ||
73 | struct GNUNET_CRYPTO_EcdhePrivateKey priv2; | ||
74 | struct GNUNET_CRYPTO_EcdhePublicKey pub2; | ||
75 | struct GNUNET_HashCode dh[3]; | ||
76 | |||
77 | /* Generate, cast keys */ | ||
78 | priv_dsa1 = GNUNET_CRYPTO_ecdsa_key_create (); | ||
79 | priv_dsa2 = GNUNET_CRYPTO_ecdsa_key_create (); | ||
80 | GNUNET_CRYPTO_ecdsa_private_to_ecdhe (priv_dsa1, | ||
81 | &priv1); | ||
82 | |||
83 | GNUNET_CRYPTO_ecdsa_private_to_ecdhe (priv_dsa2, | ||
84 | &priv2); | ||
85 | /* Extract public keys */ | ||
86 | GNUNET_CRYPTO_ecdsa_key_get_public (priv_dsa1, &id1); | ||
87 | GNUNET_CRYPTO_ecdsa_key_get_public (priv_dsa2, &id2); | ||
88 | GNUNET_CRYPTO_ecdhe_key_get_public (&priv2, &pub2); | ||
89 | |||
90 | /* Do ECDH */ | ||
91 | GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&id2, | ||
92 | &id2c); | ||
93 | GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&id1, | ||
94 | &id1c); | ||
95 | GNUNET_CRYPTO_ecc_ecdh (&priv1, | ||
96 | &id2c, | ||
97 | &dh[0]); | ||
98 | GNUNET_CRYPTO_ecc_ecdh (&priv2, | ||
99 | &id1c, | ||
100 | &dh[1]); | ||
101 | GNUNET_CRYPTO_ecc_ecdh (&priv1, &pub2, &dh[2]); | ||
102 | |||
103 | /* Check that both DH results are equal. */ | ||
104 | GNUNET_assert (0 == memcmp (&dh[0], &dh[1], | ||
105 | sizeof (struct GNUNET_HashCode))); | ||
106 | GNUNET_free (priv_dsa1); | ||
107 | GNUNET_free (priv_dsa2); | ||
108 | return 0; | ||
109 | } | ||
110 | |||
111 | |||
112 | int | ||
113 | main (int argc, char *argv[]) | ||
114 | { | ||
115 | if (! gcry_check_version ("1.6.0")) | ||
116 | { | ||
117 | FPRINTF (stderr, | ||
118 | _("libgcrypt has not the expected version (version %s is required).\n"), | ||
119 | "1.6.0"); | ||
120 | return 0; | ||
121 | } | ||
122 | if (getenv ("GNUNET_GCRYPT_DEBUG")) | ||
123 | gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0); | ||
124 | GNUNET_log_setup ("test-crypto-ecdh-ecdsa", "WARNING", NULL); | ||
125 | if (0 != test_pk()) | ||
126 | return 1; | ||
127 | if (0 != test_ecdh()) | ||
128 | return 1; | ||
129 | return 0; | ||
130 | } | ||
131 | |||
132 | |||
133 | /* end of test_crypto_ecdh_ecdsa.c */ | ||
diff --git a/src/util/test_crypto_ecdh_eddsa.c b/src/util/test_crypto_ecdh_eddsa.c new file mode 100644 index 000000000..6b9867b1e --- /dev/null +++ b/src/util/test_crypto_ecdh_eddsa.c | |||
@@ -0,0 +1,86 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | Copyright (C) 2002-2015 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | |||
20 | */ | ||
21 | /** | ||
22 | * @file util/test_crypto_ecdh_eddsa.c | ||
23 | * @brief testcase for ECC DH key exchange with EdDSA private keys. | ||
24 | * @author Christian Grothoff | ||
25 | * @author Bart Polot | ||
26 | */ | ||
27 | #include "platform.h" | ||
28 | #include "gnunet_util_lib.h" | ||
29 | #include <gcrypt.h> | ||
30 | |||
31 | |||
32 | static int | ||
33 | test_ecdh() | ||
34 | { | ||
35 | struct GNUNET_CRYPTO_EddsaPrivateKey *priv_dsa; | ||
36 | struct GNUNET_CRYPTO_EcdhePrivateKey *priv_ecdh; | ||
37 | struct GNUNET_CRYPTO_EddsaPublicKey id1; | ||
38 | struct GNUNET_CRYPTO_EcdhePublicKey id2; | ||
39 | struct GNUNET_HashCode dh[3]; | ||
40 | |||
41 | /* Generate keys */ | ||
42 | priv_dsa = GNUNET_CRYPTO_eddsa_key_create (); | ||
43 | priv_ecdh = GNUNET_CRYPTO_ecdhe_key_create (); | ||
44 | /* Extract public keys */ | ||
45 | GNUNET_CRYPTO_eddsa_key_get_public (priv_dsa, | ||
46 | &id1); | ||
47 | GNUNET_CRYPTO_ecdhe_key_get_public (priv_ecdh, | ||
48 | &id2); | ||
49 | /* Do ECDH */ | ||
50 | GNUNET_assert (GNUNET_OK == | ||
51 | GNUNET_CRYPTO_eddsa_ecdh (priv_dsa, | ||
52 | &id2, | ||
53 | &dh[0])); | ||
54 | GNUNET_assert (GNUNET_OK == | ||
55 | GNUNET_CRYPTO_ecdh_eddsa (priv_ecdh, | ||
56 | &id1, | ||
57 | &dh[1])); | ||
58 | /* Check that both DH results are equal. */ | ||
59 | GNUNET_assert (0 == memcmp (&dh[0], &dh[1], | ||
60 | sizeof (struct GNUNET_HashCode))); | ||
61 | GNUNET_free (priv_dsa); | ||
62 | GNUNET_free (priv_ecdh); | ||
63 | return 0; | ||
64 | } | ||
65 | |||
66 | |||
67 | int | ||
68 | main (int argc, char *argv[]) | ||
69 | { | ||
70 | if (! gcry_check_version ("1.6.0")) | ||
71 | { | ||
72 | FPRINTF (stderr, | ||
73 | _("libgcrypt has not the expected version (version %s is required).\n"), | ||
74 | "1.6.0"); | ||
75 | return 0; | ||
76 | } | ||
77 | if (getenv ("GNUNET_GCRYPT_DEBUG")) | ||
78 | gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0); | ||
79 | GNUNET_log_setup ("test-crypto-ecdh-eddsa", "WARNING", NULL); | ||
80 | if (0 != test_ecdh()) | ||
81 | return 1; | ||
82 | return 0; | ||
83 | } | ||
84 | |||
85 | |||
86 | /* end of test_crypto_ecdh_eddsa.c */ | ||