aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2021-05-03 18:49:17 +0200
committerMartin Schanzenbach <mschanzenbach@posteo.de>2021-05-03 18:49:17 +0200
commitd552acf5e7114f92d8251276ef76827a9db92257 (patch)
tree4b5ed54763b6acbd8292d52ef9fda9a789c56ec8 /src
parent5bb2578678064ff4d537fcbc8d9a552a6779892d (diff)
downloadgnunet-d552acf5e7114f92d8251276ef76827a9db92257.tar.gz
gnunet-d552acf5e7114f92d8251276ef76827a9db92257.zip
-add more tests for eddsa and gnsrecord
Diffstat (limited to 'src')
-rw-r--r--src/gnsrecord/gnsrecord_crypto.c23
-rw-r--r--src/gnsrecord/gnsrecord_misc.c2
-rw-r--r--src/gnsrecord/test_gnsrecord_crypto.c22
-rw-r--r--src/include/gnunet_crypto_lib.h12
-rw-r--r--src/util/crypto_ecc_gnsrecord.c24
-rw-r--r--src/util/test_crypto_eddsa.c74
6 files changed, 131 insertions, 26 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c
index 289f0e885..7fe0c6953 100644
--- a/src/gnsrecord/gnsrecord_crypto.c
+++ b/src/gnsrecord/gnsrecord_crypto.c
@@ -396,11 +396,8 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
396 label, 396 label,
397 "gns", 397 "gns",
398 &dkey); 398 &dkey);
399 // FIXME: We may want a key_get_public_from_private_scalar function 399 GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey,
400 struct GNUNET_CRYPTO_EddsaPublicKey test; 400 &edblock->derived_key);
401 crypto_scalarmult_ed25519_base_noclamp (test.q_y,
402 dkey.s);
403 edblock->derived_key = test;
404 derive_block_xsalsa_key (nonce, 401 derive_block_xsalsa_key (nonce,
405 skey, 402 skey,
406 label, 403 label,
@@ -438,25 +435,21 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
438 const struct GNUNET_GNSRECORD_Data *rd, 435 const struct GNUNET_GNSRECORD_Data *rd,
439 unsigned int rd_count) 436 unsigned int rd_count)
440{ 437{
441 struct GNUNET_CRYPTO_EcdsaPublicKey pkey; 438 struct GNUNET_IDENTITY_PublicKey pkey;
442 struct GNUNET_CRYPTO_EddsaPublicKey edkey; 439 GNUNET_IDENTITY_key_get_public (key,
443 440 &pkey);
444 switch (ntohl (key->type)) 441 switch (ntohl (key->type))
445 { 442 {
446 case GNUNET_GNSRECORD_TYPE_PKEY: 443 case GNUNET_GNSRECORD_TYPE_PKEY:
447 GNUNET_CRYPTO_ecdsa_key_get_public (&key->ecdsa_key,
448 &pkey);
449 return block_create_ecdsa (&key->ecdsa_key, 444 return block_create_ecdsa (&key->ecdsa_key,
450 &pkey, 445 &pkey.ecdsa_key,
451 expire, 446 expire,
452 label, 447 label,
453 rd, 448 rd,
454 rd_count); 449 rd_count);
455 case GNUNET_GNSRECORD_TYPE_EDKEY: 450 case GNUNET_GNSRECORD_TYPE_EDKEY:
456 GNUNET_CRYPTO_eddsa_key_get_public (&key->eddsa_key,
457 &edkey);
458 return block_create_eddsa (&key->eddsa_key, 451 return block_create_eddsa (&key->eddsa_key,
459 &edkey, 452 &pkey.eddsa_key,
460 expire, 453 expire,
461 label, 454 label,
462 rd, 455 rd,
@@ -930,7 +923,7 @@ GNUNET_GNSRECORD_query_from_public_key (const struct
930 GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, 923 GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key,
931 label, 924 label,
932 "gns", 925 "gns",
933 &pd.eddsa_key); 926 &(pd.eddsa_key));
934 GNUNET_CRYPTO_hash (&pd.eddsa_key, 927 GNUNET_CRYPTO_hash (&pd.eddsa_key,
935 sizeof (pd.eddsa_key), 928 sizeof (pd.eddsa_key),
936 query); 929 query);
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c
index 2fe315bd8..8d3a6421f 100644
--- a/src/gnsrecord/gnsrecord_misc.c
+++ b/src/gnsrecord/gnsrecord_misc.c
@@ -377,7 +377,7 @@ GNUNET_GNSRECORD_query_from_block (const struct GNUNET_GNSRECORD_Block *block,
377 switch (ntohl (block->type)) 377 switch (ntohl (block->type))
378 { 378 {
379 case GNUNET_GNSRECORD_TYPE_PKEY: 379 case GNUNET_GNSRECORD_TYPE_PKEY:
380 GNUNET_CRYPTO_hash (&block->ecdsa_block.derived_key, 380 GNUNET_CRYPTO_hash (&(block->ecdsa_block.derived_key),
381 sizeof (block->ecdsa_block.derived_key), 381 sizeof (block->ecdsa_block.derived_key),
382 query); 382 query);
383 return GNUNET_OK; 383 return GNUNET_OK;
diff --git a/src/gnsrecord/test_gnsrecord_crypto.c b/src/gnsrecord/test_gnsrecord_crypto.c
index b9b2b5ba5..9e5a1aa7e 100644
--- a/src/gnsrecord/test_gnsrecord_crypto.c
+++ b/src/gnsrecord/test_gnsrecord_crypto.c
@@ -92,6 +92,7 @@ rd_decrypt_cb (void *cls,
92 res = 0; 92 res = 0;
93} 93}
94 94
95
95static void 96static void
96test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) 97test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey)
97{ 98{
@@ -99,6 +100,7 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey)
99 struct GNUNET_IDENTITY_PublicKey pubkey; 100 struct GNUNET_IDENTITY_PublicKey pubkey;
100 struct GNUNET_HashCode query_pub; 101 struct GNUNET_HashCode query_pub;
101 struct GNUNET_HashCode query_priv; 102 struct GNUNET_HashCode query_priv;
103 struct GNUNET_HashCode query_block;
102 struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get (); 104 struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get ();
103 105
104 106
@@ -117,7 +119,7 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey)
117 &query_pub, 119 &query_pub,
118 sizeof(struct GNUNET_HashCode))); 120 sizeof(struct GNUNET_HashCode)));
119 /* create record */ 121 /* create record */
120 s_name = "DUMMY.dummy.gnunet"; 122 s_name = "testlabel";
121 s_rd = create_record (RECORDS); 123 s_rd = create_record (RECORDS);
122 124
123 /* Create block */ 125 /* Create block */
@@ -128,6 +130,13 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey)
128 s_rd, 130 s_rd,
129 RECORDS))); 131 RECORDS)));
130 GNUNET_assert (GNUNET_OK == 132 GNUNET_assert (GNUNET_OK ==
133 GNUNET_GNSRECORD_query_from_block (block,
134 &query_block));
135 GNUNET_assert (0 == memcmp (&query_pub,
136 &query_block,
137 sizeof(struct GNUNET_HashCode)));
138
139 GNUNET_assert (GNUNET_OK ==
131 GNUNET_GNSRECORD_block_verify (block)); 140 GNUNET_GNSRECORD_block_verify (block));
132 GNUNET_assert (GNUNET_OK == 141 GNUNET_assert (GNUNET_OK ==
133 GNUNET_GNSRECORD_block_decrypt (block, 142 GNUNET_GNSRECORD_block_decrypt (block,
@@ -139,7 +148,6 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey)
139} 148}
140 149
141 150
142
143static void 151static void
144run (void *cls, 152run (void *cls,
145 char *const *args, 153 char *const *args,
@@ -158,17 +166,17 @@ run (void *cls,
158 test_with_type (&privkey); 166 test_with_type (&privkey);
159 end = GNUNET_TIME_absolute_get (); 167 end = GNUNET_TIME_absolute_get ();
160 printf ("Time: %llu ms\n", (unsigned long long) 168 printf ("Time: %llu ms\n", (unsigned long long)
161 GNUNET_TIME_absolute_get_difference (start, 169 GNUNET_TIME_absolute_get_difference (start,
162 end).rel_value_us); 170 end).rel_value_us);
163 171
164 privkey_ed.type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); 172 privkey_ed.type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY);
165 GNUNET_CRYPTO_eddsa_key_create (&privkey_ed.eddsa_key); 173 GNUNET_CRYPTO_eddsa_key_create (&privkey_ed.eddsa_key);
166 start = GNUNET_TIME_absolute_get (); 174 start = GNUNET_TIME_absolute_get ();
167 test_with_type(&privkey_ed); 175 test_with_type (&privkey_ed);
168 end = GNUNET_TIME_absolute_get (); 176 end = GNUNET_TIME_absolute_get ();
169 printf ("Time: %llu ms\n", (unsigned long long) 177 printf ("Time: %llu ms\n", (unsigned long long)
170 GNUNET_TIME_absolute_get_difference (start, 178 GNUNET_TIME_absolute_get_difference (start,
171 end).rel_value_us); 179 end).rel_value_us);
172 180
173 181
174} 182}
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index a334b50d0..ae73c9d40 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -1985,6 +1985,18 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
1985 1985
1986 1986
1987/** 1987/**
1988 * Extract the public key of the given private scalar.
1989 *
1990 * @param s the private scalar
1991 * @param pkey the resulting public key
1992 */
1993void
1994GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (
1995 const struct GNUNET_CRYPTO_EddsaPrivateScalar *s,
1996 struct GNUNET_CRYPTO_EddsaPublicKey *pkey);
1997
1998
1999/**
1988 * Output the given MPI value to the given buffer in network 2000 * Output the given MPI value to the given buffer in network
1989 * byte order. The MPI @a val may not be negative. 2001 * byte order. The MPI @a val may not be negative.
1990 * 2002 *
diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c
index 59efff8ab..a78511105 100644
--- a/src/util/crypto_ecc_gnsrecord.c
+++ b/src/util/crypto_ecc_gnsrecord.c
@@ -114,8 +114,8 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
114 * Calculate the derived zone key zk' from the 114 * Calculate the derived zone key zk' from the
115 * derived private scalar. 115 * derived private scalar.
116 */ 116 */
117 crypto_scalarmult_ed25519_base (zk, 117 crypto_scalarmult_ed25519_base_noclamp (zk,
118 sk); 118 sk);
119 119
120 /** 120 /**
121 * Calculate r: 121 * Calculate r:
@@ -352,7 +352,7 @@ GNUNET_CRYPTO_eddsa_private_key_derive (
352 GNUNET_CRYPTO_mpi_print_unsigned (dc, sizeof(dc), d); 352 GNUNET_CRYPTO_mpi_print_unsigned (dc, sizeof(dc), d);
353 /** 353 /**
354 * Note that we copy all of SHA512(d) into the result and 354 * Note that we copy all of SHA512(d) into the result and
355 * then overrwrite the derived private scalar. 355 * then overwrite the derived private scalar.
356 * This means that we re-use SHA512(d)[32..63] 356 * This means that we re-use SHA512(d)[32..63]
357 * FIXME: Do we want to derive this part as well?? 357 * FIXME: Do we want to derive this part as well??
358 */ 358 */
@@ -420,3 +420,21 @@ GNUNET_CRYPTO_eddsa_public_key_derive (
420 gcry_ctx_release (ctx); 420 gcry_ctx_release (ctx);
421 421
422} 422}
423
424
425void
426GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (
427 const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,
428 struct GNUNET_CRYPTO_EddsaPublicKey *pkey)
429{
430 unsigned char sk[32];
431
432 memcpy (sk, priv->s, 32);
433
434 /**
435 * Calculate the derived zone key zk' from the
436 * derived private scalar.
437 */
438 crypto_scalarmult_ed25519_base_noclamp (pkey->q_y,
439 sk);
440}
diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c
index 5baf696b1..10d6a4e91 100644
--- a/src/util/test_crypto_eddsa.c
+++ b/src/util/test_crypto_eddsa.c
@@ -100,6 +100,73 @@ testSignVerify (void)
100} 100}
101 101
102 102
103static int
104testDeriveSignVerify (void)
105{
106 struct GNUNET_CRYPTO_EddsaSignature sig;
107 struct GNUNET_CRYPTO_EccSignaturePurpose purp;
108 struct GNUNET_CRYPTO_EddsaPrivateScalar dpriv;
109 struct GNUNET_CRYPTO_EddsaPublicKey pkey;
110 struct GNUNET_CRYPTO_EddsaPublicKey dpub;
111 struct GNUNET_CRYPTO_EddsaPublicKey dpub2;
112
113 GNUNET_CRYPTO_eddsa_private_key_derive (&key,
114 "test-derive",
115 "test-CTX",
116 &dpriv);
117 GNUNET_CRYPTO_eddsa_key_get_public (&key,
118 &pkey);
119 GNUNET_CRYPTO_eddsa_public_key_derive (&pkey,
120 "test-derive",
121 "test-CTX",
122 &dpub);
123 GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dpriv, &dpub2);
124 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose));
125 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
126
127 if (0 != GNUNET_memcmp (&dpub.q_y, &dpub2.q_y))
128 {
129 fprintf (stderr, "%s", "key derivation failed\n");
130 return GNUNET_SYSERR;
131 }
132
133 GNUNET_CRYPTO_eddsa_sign_with_scalar (&dpriv,
134 &purp,
135 &sig);
136 if (GNUNET_SYSERR ==
137 GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
138 &purp,
139 &sig,
140 &dpub))
141 {
142 fprintf (stderr,
143 "GNUNET_CRYPTO_eddsa_verify failed!\n");
144 return GNUNET_SYSERR;
145 }
146 if (GNUNET_SYSERR !=
147 GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
148 &purp,
149 &sig,
150 &pkey))
151 {
152 fprintf (stderr,
153 "GNUNET_CRYPTO_eddsa_verify failed to fail!\n");
154 return GNUNET_SYSERR;
155 }
156 if (GNUNET_SYSERR !=
157 GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
158 &purp,
159 &sig,
160 &dpub))
161 {
162 fprintf (stderr,
163 "GNUNET_CRYPTO_eddsa_verify failed to fail!\n");
164 return GNUNET_SYSERR;
165 }
166 return GNUNET_OK;
167}
168
169
103#if PERF 170#if PERF
104static int 171static int
105testSignPerformance () 172testSignPerformance ()
@@ -217,6 +284,13 @@ main (int argc, char *argv[])
217 "WARNING", 284 "WARNING",
218 NULL); 285 NULL);
219 GNUNET_CRYPTO_eddsa_key_create (&key); 286 GNUNET_CRYPTO_eddsa_key_create (&key);
287 if (GNUNET_OK != testDeriveSignVerify ())
288 {
289 failure_count++;
290 fprintf (stderr,
291 "\n\n%d TESTS FAILED!\n\n", failure_count);
292 return -1;
293 }
220#if PERF 294#if PERF
221 if (GNUNET_OK != testSignPerformance ()) 295 if (GNUNET_OK != testSignPerformance ())
222 failure_count++; 296 failure_count++;