-get test to work, but with ecdsa instead of eddsa

author: Christian Grothoff <christian@grothoff.org> 2015-03-19 13:12:47 +0000
committer: Christian Grothoff <christian@grothoff.org> 2015-03-19 13:12:47 +0000
commit: 56af9c4ba537faf4c0a4a3acf8447a49673eec64 (patch)
tree: 1a98bea2666fb86bef94d361199c3d01fde93db9 /src/util
parent: d86130ceeb0e9f7ef7adf192b8f44bf94398b466 (diff)
download: gnunet-56af9c4ba537faf4c0a4a3acf8447a49673eec64.tar.gz
gnunet-56af9c4ba537faf4c0a4a3acf8447a49673eec64.zip
6 files changed, 128 insertions, 40 deletions
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index 9bb644d84..f5bccf218 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -227,7 +227,7 @@ check_PROGRAMS = \
 test_crypto_ecdsa \
 test_crypto_eddsa \
 test_crypto_ecdhe \
- test_crypto_ecdh_eddsa \
+ test_crypto_ecdh_ecdsa \
 test_crypto_hash \
 test_crypto_hash_context \
 test_crypto_hkdf \
diff --git a/src/util/configuration.c b/src/util/configuration.c
index d552a7f4d..24b38f933 100644
--- a/src/util/configuration.c
+++ b/src/util/configuration.c
@@ -572,10 +572,9 @@ GNUNET_CONFIGURATION_iterate_section_values (const struct
 * @param iter_cls closure for @a iter
 */
 void
-GNUNET_CONFIGURATION_iterate_sections (const struct GNUNET_CONFIGURATION_Handle
+GNUNET_CONFIGURATION_iterate_sections (const struct GNUNET_CONFIGURATION_Handle *cfg,
-                                       *cfg,
+                                       GNUNET_CONFIGURATION_Section_Iterator iter,
-                                       GNUNET_CONFIGURATION_Section_Iterator
+                                       void *iter_cls)
-                                       iter, void *iter_cls)
 {
  struct ConfigSection *spos;
  struct ConfigSection *next;
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index c11739b27..25393cbf6 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -61,7 +61,9 @@
 * @return 0 on success
 */
 static int
-key_from_sexp (gcry_mpi_t * array, gcry_sexp_t sexp, const char *topname,
+key_from_sexp (gcry_mpi_t * array,
+               gcry_sexp_t sexp,
+               const char *topname,
               const char *elems)
 {
  gcry_sexp_t list;
@@ -229,7 +231,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
  GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL));
  gcry_sexp_release (sexp);
  q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
-  GNUNET_assert (q);
+  GNUNET_assert (NULL != q);
  GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q);
  gcry_mpi_release (q);
  gcry_ctx_release (ctx);
@@ -1313,7 +1315,7 @@ GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
  }
  data = data_to_eddsa_value (validate);
  if (0 != (rc = gcry_sexp_build (&pub_sexpr, NULL,
-                                  "(public-key(ecc(curve " CURVE ")(q %b)))",
+                                  "(public-key(ecc(curve " CURVE ")(flags eddsa)(q %b)))",
                                  (int)sizeof (pub->q_y), pub->q_y)))
  {
    gcry_sexp_release (data);
@@ -1506,7 +1508,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
     compressed thus we first store it in the context and then get it
     back as a (decompresssed) point.  */
  q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8*sizeof (pub->q_y));
-  GNUNET_assert (q_y);
+  GNUNET_assert (NULL != q_y);
  GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx));
  gcry_mpi_release (q_y);
  q = gcry_mpi_ec_get_point ("q", ctx, 0);
@@ -1530,10 +1532,33 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
  gcry_mpi_point_release (v);
  q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
  GNUNET_assert (q_y);
-  GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof result->q_y, q_y);
+  GNUNET_CRYPTO_mpi_print_unsigned (result->q_y,
+                                    sizeof (result->q_y),
+                                    q_y);
  gcry_mpi_release (q_y);
  gcry_ctx_release (ctx);
 }
+/**
+ * @ingroup crypto
+ * Convert ECDSA public key to ECDHE public key.
+ * Please be very careful when using this function, as mixing
+ * cryptographic primitives is not always healthy.
+ *
+ * @param ecdsa ecdsa public key
+ * @param ecdhe[OUT] ecdhe public key
+ */
+void
+GNUNET_CRYPTO_ecdsa_public_to_ecdhe (const struct GNUNET_CRYPTO_EcdsaPublicKey *ecdsa,
+                                     struct GNUNET_CRYPTO_EcdhePublicKey *ecdhe)
+{
+  GNUNET_assert (sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) ==
+                 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey));
+  memcpy (ecdhe,
+          ecdsa,
+          sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
+}
 /* end of crypto_ecc.c */
diff --git a/src/util/crypto_mpi.c b/src/util/crypto_mpi.c
index 65896584d..806a35da8 100644
--- a/src/util/crypto_mpi.c
+++ b/src/util/crypto_mpi.c
@@ -77,6 +77,7 @@ GNUNET_CRYPTO_mpi_print_unsigned (void *buf,
                                  gcry_mpi_t val)
 {
  size_t rsize;
+  int rc;
  if (gcry_mpi_get_flag (val, GCRYMPI_FLAG_OPAQUE))
  {
@@ -98,9 +99,17 @@ GNUNET_CRYPTO_mpi_print_unsigned (void *buf,
    /* Store regular MPIs as unsigned integers right aligned into
       the buffer.  */
    rsize = size;
-    GNUNET_assert (0 ==
+    if (0 !=
-                   gcry_mpi_print (GCRYMPI_FMT_USG, buf, rsize, &rsize,
+        (rc = gcry_mpi_print (GCRYMPI_FMT_USG,
-                                   val));
+                              buf,
+                              rsize, &rsize,
+                              val)))
+    {
+      LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
+                "gcry_mpi_print",
+                rc);
+      GNUNET_assert (0);
+    }
    adjust (buf, rsize, size);
  }
 }
@@ -126,7 +135,9 @@ GNUNET_CRYPTO_mpi_scan_unsigned (gcry_mpi_t *result,
                                GCRYMPI_FMT_USG,
                                data, size, &size)))
  {
-    LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
+    LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
+              "gcry_mpi_scan",
+              rc);
    GNUNET_assert (0);
  }
 }
diff --git a/src/util/strings.c b/src/util/strings.c
index 849d9e843..379f3f5a3 100644
--- a/src/util/strings.c
+++ b/src/util/strings.c
@@ -895,7 +895,7 @@ GNUNET_STRINGS_data_to_string (const void *data,
    out[wpos++] = encTable__[(bits >> (vbit - 5)) & 31];
    vbit -= 5;
  }
-  GNUNET_assert (vbit == 0);
+  GNUNET_assert (0 == vbit);
  if (wpos < out_size)
    out[wpos] = '\0';
  return &out[wpos];
diff --git a/src/util/test_crypto_ecdh_eddsa.c b/src/util/test_crypto_ecdh_ecdsa.c
index d8fee849e..8eb2055ae 100644
--- a/src/util/test_crypto_ecdh_eddsa.c
+++ b/src/util/test_crypto_ecdh_ecdsa.c
@@ -21,52 +21,83 @@
 /**
 * @file util/test_crypto_ecdh_ecdsa.c
 * @brief testcase for ECC DH key exchange with EdDSA private keys.
- * @author Christian Grothoff, Bart Polot
+ * @author Christian Grothoff
+ * @author Bart Polot
 */
 #include "platform.h"
 #include "gnunet_util_lib.h"
 #include <gcrypt.h>
-int
+static int
-main (int argc, char *argv[])
+test_pk()
 {
-  struct GNUNET_CRYPTO_EddsaPrivateKey *priv_dsa1;
+  struct GNUNET_CRYPTO_EcdsaPrivateKey *priv1;
-  struct GNUNET_CRYPTO_EddsaPrivateKey *priv_dsa2;
+  struct GNUNET_CRYPTO_EcdhePrivateKey priv2;
-  struct GNUNET_CRYPTO_EddsaPublicKey id1;
+  struct GNUNET_CRYPTO_EcdsaPublicKey pub1;
-  struct GNUNET_CRYPTO_EddsaPublicKey id2;
-  struct GNUNET_CRYPTO_EcdhePrivateKey *priv1;
-  struct GNUNET_CRYPTO_EcdhePrivateKey *priv2;
  struct GNUNET_CRYPTO_EcdhePublicKey pub2;
-  struct GNUNET_HashCode dh[3];
+  struct GNUNET_CRYPTO_EcdhePublicKey pub1c;
-  if (! gcry_check_version ("1.6.0"))
+  /* Generate, cast keys */
+  priv1 = GNUNET_CRYPTO_ecdsa_key_create ();
+  memcpy (&priv2,
+          priv1,
+          sizeof (priv2));
+  /* Extract public keys */
+  GNUNET_CRYPTO_ecdsa_key_get_public (priv1, &pub1);
+  GNUNET_CRYPTO_ecdhe_key_get_public (&priv2, &pub2);
+  GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&pub1, &pub1c);
+  if (0 == memcmp (&pub1c,
+                   &pub2,
+                   sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
  {
-    FPRINTF (stderr,
+    GNUNET_free (priv1);
-             _
-             ("libgcrypt has not the expected version (version %s is required).\n"),
-             "1.6.0");
    return 0;
  }
-  if (getenv ("GNUNET_GCRYPT_DEBUG"))
+  GNUNET_free (priv1);
-    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
+  return 1;
-  GNUNET_log_setup ("test-crypto-ecdh-eddsa", "WARNING", NULL);
+}
+static int
+test_ecdh()
+{
+  struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_dsa1;
+  struct GNUNET_CRYPTO_EcdsaPrivateKey *priv_dsa2;
+  struct GNUNET_CRYPTO_EcdsaPublicKey id1;
+  struct GNUNET_CRYPTO_EcdsaPublicKey id2;
+  struct GNUNET_CRYPTO_EcdhePublicKey id1c;
+  struct GNUNET_CRYPTO_EcdhePublicKey id2c;
+  struct GNUNET_CRYPTO_EcdhePrivateKey *priv1;
+  struct GNUNET_CRYPTO_EcdhePrivateKey *priv2;
+  struct GNUNET_CRYPTO_EcdhePublicKey pub2;
+  struct GNUNET_HashCode dh[3];
  /* Generate, cast keys */
-  priv_dsa1 = GNUNET_CRYPTO_eddsa_key_create ();
+  priv_dsa1 = GNUNET_CRYPTO_ecdsa_key_create ();
-  priv_dsa2 = GNUNET_CRYPTO_eddsa_key_create ();
+  priv_dsa2 = GNUNET_CRYPTO_ecdsa_key_create ();
  priv1 = (struct GNUNET_CRYPTO_EcdhePrivateKey *) priv_dsa1;
  priv2 = (struct GNUNET_CRYPTO_EcdhePrivateKey *) priv_dsa2;
  /* Extract public keys */
-  GNUNET_CRYPTO_eddsa_key_get_public (priv_dsa1, &id1);
+  GNUNET_CRYPTO_ecdsa_key_get_public (priv_dsa1, &id1);
-  GNUNET_CRYPTO_eddsa_key_get_public (priv_dsa2, &id2);
+  GNUNET_CRYPTO_ecdsa_key_get_public (priv_dsa2, &id2);
  GNUNET_CRYPTO_ecdhe_key_get_public (priv2, &pub2);
  /* Do ECDH */
-  GNUNET_CRYPTO_ecc_ecdh (priv1, (struct GNUNET_CRYPTO_EcdhePublicKey *)&id2, &dh[0]);
+  GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&id2,
-  GNUNET_CRYPTO_ecc_ecdh (priv2, (struct GNUNET_CRYPTO_EcdhePublicKey *)&id1, &dh[1]);
+                                       &id2c);
+  GNUNET_CRYPTO_ecdsa_public_to_ecdhe (&id1,
+                                       &id1c);
+  GNUNET_CRYPTO_ecc_ecdh (priv1,
+                          &id2c,
+                          &dh[0]);
+  GNUNET_CRYPTO_ecc_ecdh (priv2,
+                          &id1c,
+                          &dh[1]);
  GNUNET_CRYPTO_ecc_ecdh (priv1, &pub2, &dh[2]);
  /* Check that both DH results are equal. */
@@ -85,4 +116,26 @@ main (int argc, char *argv[])
  return 0;
 }
+int
+main (int argc, char *argv[])
+{
+  if (! gcry_check_version ("1.6.0"))
+  {
+    FPRINTF (stderr,
+             _("libgcrypt has not the expected version (version %s is required).\n"),
+             "1.6.0");
+    return 0;
+  }
+  if (getenv ("GNUNET_GCRYPT_DEBUG"))
+    gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u , 0);
+  GNUNET_log_setup ("test-crypto-ecdh-ecdsa", "WARNING", NULL);
+  if (0 != test_pk())
+    return 1;
+  if (0 != test_ecdh())
+    return 1;
+  return 0;
+}
 /* end of test_crypto_ecdh_ecdsa.c */
author	Christian Grothoff <christian@grothoff.org>	2015-03-19 13:12:47 +0000
committer	Christian Grothoff <christian@grothoff.org>	2015-03-19 13:12:47 +0000
commit	56af9c4ba537faf4c0a4a3acf8447a49673eec64 (patch)
tree	1a98bea2666fb86bef94d361199c3d01fde93db9 /src/util
parent	d86130ceeb0e9f7ef7adf192b8f44bf94398b466 (diff)
download	gnunet-56af9c4ba537faf4c0a4a3acf8447a49673eec64.tar.gz gnunet-56af9c4ba537faf4c0a4a3acf8447a49673eec64.zip