diff options
author | Tristan Schwieren <tristan.schwieren@tum.de> | 2022-08-26 15:51:29 +0200 |
---|---|---|
committer | Tristan Schwieren <tristan.schwieren@tum.de> | 2022-08-26 17:49:07 +0200 |
commit | 7777cef05fedae221bf4b82c6b5a1de87a7d101e (patch) | |
tree | 4fe985301185257f5d4dfd78e5944cc062cd5f1f /src/util | |
parent | 45f2059a57f4a55214bb25b1efc8da2f184ef1ae (diff) | |
download | gnunet-7777cef05fedae221bf4b82c6b5a1de87a7d101e.tar.gz gnunet-7777cef05fedae221bf4b82c6b5a1de87a7d101e.zip |
-switch to EdDSA egos only for signature rest endpoint
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/crypto_ecc.c | 90 |
1 files changed, 34 insertions, 56 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 36945e291..0ac6e2865 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -594,68 +594,46 @@ GNUNET_CRYPTO_ecdsa_sign_ ( | |||
594 | return GNUNET_OK; | 594 | return GNUNET_OK; |
595 | } | 595 | } |
596 | 596 | ||
597 | // TODO: Code reuse with GNUNET_CRYPTO_ecdsa_sign_ | ||
598 | // Refactor above as a wrapper around raw | ||
599 | enum GNUNET_GenericReturnValue | 597 | enum GNUNET_GenericReturnValue |
600 | GNUNET_CRYPTO_ecdsa_sign_raw ( | 598 | GNUNET_CRYPTO_eddsa_sign_raw ( |
601 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, | 599 | const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, |
602 | void *data, | 600 | void *data, |
603 | size_t len, | 601 | size_t size, |
604 | struct GNUNET_CRYPTO_EcdsaSignature *sig) | 602 | struct GNUNET_CRYPTO_EddsaSignature *sig) |
605 | { | 603 | { |
606 | struct GNUNET_HashCode hash_code; | 604 | unsigned char sk[crypto_sign_SECRETKEYBYTES]; |
607 | gcry_sexp_t skey_sexp; | 605 | unsigned char pk[crypto_sign_PUBLICKEYBYTES]; |
608 | gcry_sexp_t sig_sexp; | 606 | int res; |
609 | gcry_sexp_t data_sexp; | ||
610 | gcry_error_t error; | ||
611 | gcry_mpi_t rs[2]; | ||
612 | |||
613 | // Decode private key | ||
614 | skey_sexp = decode_private_ecdsa_key (priv); | ||
615 | |||
616 | // Hash data | ||
617 | GNUNET_CRYPTO_hash (data, len, &hash_code); | ||
618 | if (0 != (error = gcry_sexp_build (&data_sexp, | ||
619 | NULL, | ||
620 | "(data(flags rfc6979)(hash %s %b))", | ||
621 | "sha512", | ||
622 | (int) sizeof(hash_code), | ||
623 | &hash_code))) | ||
624 | { | ||
625 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", error); | ||
626 | return GNUNET_SYSERR; | ||
627 | } | ||
628 | 607 | ||
629 | // Sign Hash | 608 | GNUNET_assert (0 == crypto_sign_seed_keypair (pk, sk, priv->d)); |
630 | if (0 != (error = gcry_pk_sign (&sig_sexp, data_sexp, skey_sexp))) | 609 | res = crypto_sign_detached ((uint8_t *) sig, |
631 | { | 610 | NULL, |
632 | LOG (GNUNET_ERROR_TYPE_WARNING, | 611 | (uint8_t *) data, |
633 | _ ("ECC signing failed at %s:%d: %s\n"), | 612 | size, |
634 | __FILE__, | 613 | sk); |
635 | __LINE__, | 614 | return (res == 0) ? GNUNET_OK : GNUNET_SYSERR; |
636 | gcry_strerror (error)); | 615 | } |
637 | gcry_sexp_release (data_sexp); | ||
638 | gcry_sexp_release (skey_sexp); | ||
639 | return GNUNET_SYSERR; | ||
640 | } | ||
641 | gcry_sexp_release (skey_sexp); | ||
642 | gcry_sexp_release (data_sexp); | ||
643 | 616 | ||
644 | /* extract 'r' and 's' values from sexpression 'sig_sexp' and store in | 617 | size_t |
645 | 'signature' */ | 618 | GNUNET_CRYPTO_eddsa_signature_encode ( |
646 | if (0 != (error = key_from_sexp (rs, sig_sexp, "sig-val", "rs"))) | 619 | const struct GNUNET_CRYPTO_EddsaSignature *sig, |
647 | { | 620 | char **sig_str) |
648 | GNUNET_break (0); | 621 | { |
649 | gcry_sexp_release (sig_sexp); | 622 | return GNUNET_STRINGS_base64url_encode ( |
650 | return GNUNET_SYSERR; | 623 | (void*) sig, |
651 | } | 624 | 32, |
652 | gcry_sexp_release (sig_sexp); | 625 | sig_str); |
653 | GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof(sig->r), rs[0]); | 626 | } |
654 | GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof(sig->s), rs[1]); | ||
655 | gcry_mpi_release (rs[0]); | ||
656 | gcry_mpi_release (rs[1]); | ||
657 | 627 | ||
658 | return GNUNET_OK; | 628 | size_t |
629 | GNUNET_CRYPTO_eddsa_signature_decode ( | ||
630 | const char *sig_str, | ||
631 | struct GNUNET_CRYPTO_EddsaSignature *sig) | ||
632 | { | ||
633 | return GNUNET_STRINGS_base64url_decode ( | ||
634 | sig_str, | ||
635 | strlen (sig_str), | ||
636 | (void **) &sig); | ||
659 | } | 637 | } |
660 | 638 | ||
661 | size_t | 639 | size_t |