edx25519: use SHA512/256 instead of SHA256

author: Florian Dold <florian@dold.me> 2022-04-26 17:13:36 +0200
committer: Florian Dold <florian@dold.me> 2022-04-26 17:13:36 +0200
commit: 8d8e7d3da92e5ad4613671caed0a9a3f17e8b545 (patch)
tree: 5c1300cb303ba1196604e1ec4b264da6a9e9334c /src/util
parent: 1ca30687b08de63cdee7d5c6a137e52b687545c4 (diff)
download: gnunet-8d8e7d3da92e5ad4613671caed0a9a3f17e8b545.tar.gz
gnunet-8d8e7d3da92e5ad4613671caed0a9a3f17e8b545.zip
1 files changed, 11 insertions, 5 deletions
diff --git a/src/util/crypto_edx25519.c b/src/util/crypto_edx25519.c
index 2f6e12ead..775b64190 100644
--- a/src/util/crypto_edx25519.c
+++ b/src/util/crypto_edx25519.c
@@ -309,11 +309,17 @@ GNUNET_CRYPTO_edx25519_private_key_derive (
   * generation, the "R" is derived from the same derivation path as "h" and is
   * not reused. */
  {
-    crypto_hash_sha256_state hs;
+    struct GNUNET_HashCode hcb;
-    crypto_hash_sha256_init (&hs);
+    struct GNUNET_HashContext *hctx;
-    crypto_hash_sha256_update (&hs, priv->b, sizeof(priv->b));
-    crypto_hash_sha256_update (&hs, (unsigned char*) &hc, sizeof (hc));
+    hctx = GNUNET_CRYPTO_hash_context_start ();
-    crypto_hash_sha256_final (&hs, result->b);
+    GNUNET_CRYPTO_hash_context_read (hctx, priv->b, sizeof(priv->b));
+    GNUNET_CRYPTO_hash_context_read (hctx, (unsigned char*) &hc, sizeof (hc));
+    GNUNET_CRYPTO_hash_context_finish (hctx, &hcb);
+    /* Truncate result, effectively doing SHA512/256 */
+    for (size_t i = 0; i < 32; i++)
+      result->b[i] = ((unsigned char *) &hcb)[i];
  }
  for (size_t i = 0; i < 32; i++)
author	Florian Dold <florian@dold.me>	2022-04-26 17:13:36 +0200
committer	Florian Dold <florian@dold.me>	2022-04-26 17:13:36 +0200
commit	8d8e7d3da92e5ad4613671caed0a9a3f17e8b545 (patch)
tree	5c1300cb303ba1196604e1ec4b264da6a9e9334c /src/util
parent	1ca30687b08de63cdee7d5c6a137e52b687545c4 (diff)
download	gnunet-8d8e7d3da92e5ad4613671caed0a9a3f17e8b545.tar.gz gnunet-8d8e7d3da92e5ad4613671caed0a9a3f17e8b545.zip

diff --git a/src/util/crypto_edx25519.c b/src/util/crypto_edx25519.c index 2f6e12ead..775b64190 100644 --- a/src/util/crypto_edx25519.c +++ b/src/util/crypto_edx25519.c
@@ -309,11 +309,17 @@ GNUNET_CRYPTO_edx25519_private_key_derive (
309	* generation, the "R" is derived from the same derivation path as "h" and is	309	* generation, the "R" is derived from the same derivation path as "h" and is
310	* not reused. */	310	* not reused. */
311	{	311	{
312	crypto_hash_sha256_state hs;	312	struct GNUNET_HashCode hcb;
313	crypto_hash_sha256_init (&hs);	313	struct GNUNET_HashContext *hctx;
314	crypto_hash_sha256_update (&hs, priv->b, sizeof(priv->b));	314
315	crypto_hash_sha256_update (&hs, (unsigned char*) &hc, sizeof (hc));	315	hctx = GNUNET_CRYPTO_hash_context_start ();
316	crypto_hash_sha256_final (&hs, result->b);	316	GNUNET_CRYPTO_hash_context_read (hctx, priv->b, sizeof(priv->b));
		317	GNUNET_CRYPTO_hash_context_read (hctx, (unsigned char*) &hc, sizeof (hc));
		318	GNUNET_CRYPTO_hash_context_finish (hctx, &hcb);
		319
		320	/* Truncate result, effectively doing SHA512/256 */
		321	for (size_t i = 0; i < 32; i++)
		322	result->b[i] = ((unsigned char *) &hcb)[i];
317	}	323	}
318		324
319	for (size_t i = 0; i < 32; i++)	325	for (size_t i = 0; i < 32; i++)