aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorMartin Schanzenbach <mschanzenbach@posteo.de>2020-05-26 00:42:31 +0200
committerMartin Schanzenbach <mschanzenbach@posteo.de>2020-05-26 00:42:31 +0200
commite54d6f691dc71cd428e33f770a68a3224ba5c31f (patch)
tree9ca4989578b843a0f830ad8285800f9baf332450 /src
parent24be68238b375f02018b1ed904b443f65eef9513 (diff)
parent5a69caa07f3f334a76a61f13d8336608b3c5d5e9 (diff)
downloadgnunet-e54d6f691dc71cd428e33f770a68a3224ba5c31f.tar.gz
gnunet-e54d6f691dc71cd428e33f770a68a3224ba5c31f.zip
Merge branch 'master' of ssh://gnunet.org/gnunet
Diffstat (limited to 'src')
-rw-r--r--src/util/crypto_ecc.c10
-rw-r--r--src/util/test_crypto_ecdsa.c9
2 files changed, 18 insertions, 1 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 96d546185..e1608ae55 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -544,10 +544,18 @@ void
544GNUNET_CRYPTO_eddsa_key_create (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) 544GNUNET_CRYPTO_eddsa_key_create (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
545{ 545{
546 BENCHMARK_START (eddsa_key_create); 546 BENCHMARK_START (eddsa_key_create);
547 /*
548 * We do not clamp for EdDSA, since all functions that use the private key do
549 * their own clamping (just like in libsodium). What we call "private key"
550 * here, actually corresponds to the seed in libsodium.
551 *
552 * (Contrast this to ECDSA, where functions using the private key can't clamp
553 * due to properties needed for GNS. That is a worse/unsafer API, but
554 * required for the GNS constructions to work.)
555 */
547 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, 556 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
548 pk, 557 pk,
549 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)); 558 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
550 // FIXME: should we not do the clamping here? Or is this done elsewhere?
551 BENCHMARK_END (eddsa_key_create); 559 BENCHMARK_END (eddsa_key_create);
552} 560}
553 561
diff --git a/src/util/test_crypto_ecdsa.c b/src/util/test_crypto_ecdsa.c
index cfa236d6d..7908590a8 100644
--- a/src/util/test_crypto_ecdsa.c
+++ b/src/util/test_crypto_ecdsa.c
@@ -107,6 +107,7 @@ testDeriveSignVerify (void)
107 struct GNUNET_CRYPTO_EcdsaPrivateKey *dpriv; 107 struct GNUNET_CRYPTO_EcdsaPrivateKey *dpriv;
108 struct GNUNET_CRYPTO_EcdsaPublicKey pkey; 108 struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
109 struct GNUNET_CRYPTO_EcdsaPublicKey dpub; 109 struct GNUNET_CRYPTO_EcdsaPublicKey dpub;
110 struct GNUNET_CRYPTO_EcdsaPublicKey dpub2;
110 111
111 dpriv = GNUNET_CRYPTO_ecdsa_private_key_derive (&key, 112 dpriv = GNUNET_CRYPTO_ecdsa_private_key_derive (&key,
112 "test-derive", 113 "test-derive",
@@ -117,9 +118,17 @@ testDeriveSignVerify (void)
117 "test-derive", 118 "test-derive",
118 "test-CTX", 119 "test-CTX",
119 &dpub); 120 &dpub);
121 GNUNET_CRYPTO_ecdsa_key_get_public (dpriv, &dpub2);
120 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); 122 purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose));
121 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); 123 purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
122 124
125 if (0 != GNUNET_memcmp (&dpub.q_y, &dpub2.q_y))
126 {
127 fprintf (stderr, "%s", "key derivation failed\n");
128 GNUNET_free (dpriv);
129 return GNUNET_SYSERR;
130 }
131
123 if (GNUNET_SYSERR == 132 if (GNUNET_SYSERR ==
124 GNUNET_CRYPTO_ecdsa_sign_ (dpriv, 133 GNUNET_CRYPTO_ecdsa_sign_ (dpriv,
125 &purp, 134 &purp,