diff options
author | Martin Schanzenbach <mschanzenbach@posteo.de> | 2020-05-26 00:42:31 +0200 |
---|---|---|
committer | Martin Schanzenbach <mschanzenbach@posteo.de> | 2020-05-26 00:42:31 +0200 |
commit | e54d6f691dc71cd428e33f770a68a3224ba5c31f (patch) | |
tree | 9ca4989578b843a0f830ad8285800f9baf332450 /src/util | |
parent | 24be68238b375f02018b1ed904b443f65eef9513 (diff) | |
parent | 5a69caa07f3f334a76a61f13d8336608b3c5d5e9 (diff) | |
download | gnunet-e54d6f691dc71cd428e33f770a68a3224ba5c31f.tar.gz gnunet-e54d6f691dc71cd428e33f770a68a3224ba5c31f.zip |
Merge branch 'master' of ssh://gnunet.org/gnunet
Diffstat (limited to 'src/util')
-rw-r--r-- | src/util/crypto_ecc.c | 10 | ||||
-rw-r--r-- | src/util/test_crypto_ecdsa.c | 9 |
2 files changed, 18 insertions, 1 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 96d546185..e1608ae55 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
@@ -544,10 +544,18 @@ void | |||
544 | GNUNET_CRYPTO_eddsa_key_create (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) | 544 | GNUNET_CRYPTO_eddsa_key_create (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) |
545 | { | 545 | { |
546 | BENCHMARK_START (eddsa_key_create); | 546 | BENCHMARK_START (eddsa_key_create); |
547 | /* | ||
548 | * We do not clamp for EdDSA, since all functions that use the private key do | ||
549 | * their own clamping (just like in libsodium). What we call "private key" | ||
550 | * here, actually corresponds to the seed in libsodium. | ||
551 | * | ||
552 | * (Contrast this to ECDSA, where functions using the private key can't clamp | ||
553 | * due to properties needed for GNS. That is a worse/unsafer API, but | ||
554 | * required for the GNS constructions to work.) | ||
555 | */ | ||
547 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, | 556 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, |
548 | pk, | 557 | pk, |
549 | sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)); | 558 | sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)); |
550 | // FIXME: should we not do the clamping here? Or is this done elsewhere? | ||
551 | BENCHMARK_END (eddsa_key_create); | 559 | BENCHMARK_END (eddsa_key_create); |
552 | } | 560 | } |
553 | 561 | ||
diff --git a/src/util/test_crypto_ecdsa.c b/src/util/test_crypto_ecdsa.c index cfa236d6d..7908590a8 100644 --- a/src/util/test_crypto_ecdsa.c +++ b/src/util/test_crypto_ecdsa.c | |||
@@ -107,6 +107,7 @@ testDeriveSignVerify (void) | |||
107 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dpriv; | 107 | struct GNUNET_CRYPTO_EcdsaPrivateKey *dpriv; |
108 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey; | 108 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey; |
109 | struct GNUNET_CRYPTO_EcdsaPublicKey dpub; | 109 | struct GNUNET_CRYPTO_EcdsaPublicKey dpub; |
110 | struct GNUNET_CRYPTO_EcdsaPublicKey dpub2; | ||
110 | 111 | ||
111 | dpriv = GNUNET_CRYPTO_ecdsa_private_key_derive (&key, | 112 | dpriv = GNUNET_CRYPTO_ecdsa_private_key_derive (&key, |
112 | "test-derive", | 113 | "test-derive", |
@@ -117,9 +118,17 @@ testDeriveSignVerify (void) | |||
117 | "test-derive", | 118 | "test-derive", |
118 | "test-CTX", | 119 | "test-CTX", |
119 | &dpub); | 120 | &dpub); |
121 | GNUNET_CRYPTO_ecdsa_key_get_public (dpriv, &dpub2); | ||
120 | purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); | 122 | purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); |
121 | purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); | 123 | purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); |
122 | 124 | ||
125 | if (0 != GNUNET_memcmp (&dpub.q_y, &dpub2.q_y)) | ||
126 | { | ||
127 | fprintf (stderr, "%s", "key derivation failed\n"); | ||
128 | GNUNET_free (dpriv); | ||
129 | return GNUNET_SYSERR; | ||
130 | } | ||
131 | |||
123 | if (GNUNET_SYSERR == | 132 | if (GNUNET_SYSERR == |
124 | GNUNET_CRYPTO_ecdsa_sign_ (dpriv, | 133 | GNUNET_CRYPTO_ecdsa_sign_ (dpriv, |
125 | &purp, | 134 | &purp, |