1 files changed, 0 insertions, 129 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index efbf2ee17..5b1b579ec 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -714,135 +714,6 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
 }
-/**
- * Derive the 'h' value for key derivation, where
- * 'h = H(l,P)'.
- *
- * @param pub public key for deriviation
- * @param label label for deriviation
- * @param context additional context to use for HKDF of 'h';
- *        typically the name of the subsystem/application
- * @return h value
- */
-static gcry_mpi_t
-derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
-          const char *label,
-          const char *context)
-{
-  gcry_mpi_t h;
-  struct GNUNET_HashCode hc;
-  static const char *const salt = "key-derivation";
-  GNUNET_CRYPTO_kdf (&hc,
-                     sizeof(hc),
-                     salt,
-                     strlen (salt),
-                     pub,
-                     sizeof(*pub),
-                     label,
-                     strlen (label),
-                     context,
-                     strlen (context),
-                     NULL,
-                     0);
-  GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof(hc));
-  return h;
-}
-struct GNUNET_CRYPTO_EcdsaPrivateKey *
-GNUNET_CRYPTO_ecdsa_private_key_derive (
-  const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
-  const char *label,
-  const char *context)
-{
-  struct GNUNET_CRYPTO_EcdsaPublicKey pub;
-  struct GNUNET_CRYPTO_EcdsaPrivateKey *ret;
-  uint8_t dc[32];
-  gcry_mpi_t h;
-  gcry_mpi_t x;
-  gcry_mpi_t d;
-  gcry_mpi_t n;
-  gcry_ctx_t ctx;
-  GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE));
-  n = gcry_mpi_ec_get_mpi ("n", ctx, 1);
-  GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub);
-  h = derive_h (&pub, label, context);
-  /* Convert to big endian for libgcrypt */
-  for (size_t i = 0; i < 32; i++)
-    dc[i] = priv->d[31 - i];
-  GNUNET_CRYPTO_mpi_scan_unsigned (&x, dc, sizeof(dc));
-  d = gcry_mpi_new (256);
-  gcry_mpi_mulm (d, h, x, n);
-  gcry_mpi_release (h);
-  gcry_mpi_release (x);
-  gcry_mpi_release (n);
-  gcry_ctx_release (ctx);
-  ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey);
-  GNUNET_CRYPTO_mpi_print_unsigned (dc, sizeof(dc), d);
-  /* Convert to big endian for libgcrypt */
-  for (size_t i = 0; i < 32; i++)
-    ret->d[i] = dc[31 - i];
-  sodium_memzero (dc, sizeof(dc));
-  gcry_mpi_release (d);
-  return ret;
-}
-void
-GNUNET_CRYPTO_ecdsa_public_key_derive (
-  const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
-  const char *label,
-  const char *context,
-  struct GNUNET_CRYPTO_EcdsaPublicKey *result)
-{
-  gcry_ctx_t ctx;
-  gcry_mpi_t q_y;
-  gcry_mpi_t h;
-  gcry_mpi_t n;
-  gcry_mpi_t h_mod_n;
-  gcry_mpi_point_t q;
-  gcry_mpi_point_t v;
-  GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE));
-  /* obtain point 'q' from original public key.  The provided 'q' is
-     compressed thus we first store it in the context and then get it
-     back as a (decompresssed) point.  */
-  q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8 * sizeof(pub->q_y));
-  GNUNET_assert (NULL != q_y);
-  GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx));
-  gcry_mpi_release (q_y);
-  q = gcry_mpi_ec_get_point ("q", ctx, 0);
-  GNUNET_assert (q);
-  /* calculate h_mod_n = h % n */
-  h = derive_h (pub, label, context);
-  n = gcry_mpi_ec_get_mpi ("n", ctx, 1);
-  h_mod_n = gcry_mpi_new (256);
-  gcry_mpi_mod (h_mod_n, h, n);
-  /* calculate v = h_mod_n * q */
-  v = gcry_mpi_point_new (0);
-  gcry_mpi_ec_mul (v, h_mod_n, q, ctx);
-  gcry_mpi_release (h_mod_n);
-  gcry_mpi_release (h);
-  gcry_mpi_release (n);
-  gcry_mpi_point_release (q);
-  /* convert point 'v' to public key that we return */
-  GNUNET_assert (0 == gcry_mpi_ec_set_point ("q", v, ctx));
-  gcry_mpi_point_release (v);
-  q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
-  GNUNET_assert (q_y);
-  GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof(result->q_y), q_y);
-  gcry_mpi_release (q_y);
-  gcry_ctx_release (ctx);
-}
 enum GNUNET_GenericReturnValue
 GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
                          const struct GNUNET_CRYPTO_EcdhePublicKey *pub,

diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index efbf2ee17..5b1b579ec 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c
@@ -714,135 +714,6 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
714	}	714	}
715		715
716		716
717	/**
718	* Derive the 'h' value for key derivation, where
719	* 'h = H(l,P)'.
720	*
721	* @param pub public key for deriviation
722	* @param label label for deriviation
723	* @param context additional context to use for HKDF of 'h';
724	* typically the name of the subsystem/application
725	* @return h value
726	*/
727	static gcry_mpi_t
728	derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
729	const char *label,
730	const char *context)
731	{
732	gcry_mpi_t h;
733	struct GNUNET_HashCode hc;
734	static const char *const salt = "key-derivation";
735
736	GNUNET_CRYPTO_kdf (&hc,
737	sizeof(hc),
738	salt,
739	strlen (salt),
740	pub,
741	sizeof(*pub),
742	label,
743	strlen (label),
744	context,
745	strlen (context),
746	NULL,
747	0);
748	GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof(hc));
749	return h;
750	}
751
752
753	struct GNUNET_CRYPTO_EcdsaPrivateKey *
754	GNUNET_CRYPTO_ecdsa_private_key_derive (
755	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
756	const char *label,
757	const char *context)
758	{
759	struct GNUNET_CRYPTO_EcdsaPublicKey pub;
760	struct GNUNET_CRYPTO_EcdsaPrivateKey *ret;
761	uint8_t dc[32];
762	gcry_mpi_t h;
763	gcry_mpi_t x;
764	gcry_mpi_t d;
765	gcry_mpi_t n;
766	gcry_ctx_t ctx;
767
768	GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE));
769
770	n = gcry_mpi_ec_get_mpi ("n", ctx, 1);
771	GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub);
772
773	h = derive_h (&pub, label, context);
774	/* Convert to big endian for libgcrypt */
775	for (size_t i = 0; i < 32; i++)
776	dc[i] = priv->d[31 - i];
777	GNUNET_CRYPTO_mpi_scan_unsigned (&x, dc, sizeof(dc));
778	d = gcry_mpi_new (256);
779	gcry_mpi_mulm (d, h, x, n);
780	gcry_mpi_release (h);
781	gcry_mpi_release (x);
782	gcry_mpi_release (n);
783	gcry_ctx_release (ctx);
784	ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey);
785	GNUNET_CRYPTO_mpi_print_unsigned (dc, sizeof(dc), d);
786	/* Convert to big endian for libgcrypt */
787	for (size_t i = 0; i < 32; i++)
788	ret->d[i] = dc[31 - i];
789	sodium_memzero (dc, sizeof(dc));
790	gcry_mpi_release (d);
791	return ret;
792	}
793
794
795	void
796	GNUNET_CRYPTO_ecdsa_public_key_derive (
797	const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
798	const char *label,
799	const char *context,
800	struct GNUNET_CRYPTO_EcdsaPublicKey *result)
801	{
802	gcry_ctx_t ctx;
803	gcry_mpi_t q_y;
804	gcry_mpi_t h;
805	gcry_mpi_t n;
806	gcry_mpi_t h_mod_n;
807	gcry_mpi_point_t q;
808	gcry_mpi_point_t v;
809
810	GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE));
811
812	/* obtain point 'q' from original public key. The provided 'q' is
813	compressed thus we first store it in the context and then get it
814	back as a (decompresssed) point. */
815	q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8 * sizeof(pub->q_y));
816	GNUNET_assert (NULL != q_y);
817	GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx));
818	gcry_mpi_release (q_y);
819	q = gcry_mpi_ec_get_point ("q", ctx, 0);
820	GNUNET_assert (q);
821
822	/* calculate h_mod_n = h % n */
823	h = derive_h (pub, label, context);
824	n = gcry_mpi_ec_get_mpi ("n", ctx, 1);
825	h_mod_n = gcry_mpi_new (256);
826	gcry_mpi_mod (h_mod_n, h, n);
827	/* calculate v = h_mod_n * q */
828	v = gcry_mpi_point_new (0);
829	gcry_mpi_ec_mul (v, h_mod_n, q, ctx);
830	gcry_mpi_release (h_mod_n);
831	gcry_mpi_release (h);
832	gcry_mpi_release (n);
833	gcry_mpi_point_release (q);
834
835	/* convert point 'v' to public key that we return */
836	GNUNET_assert (0 == gcry_mpi_ec_set_point ("q", v, ctx));
837	gcry_mpi_point_release (v);
838	q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
839	GNUNET_assert (q_y);
840	GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof(result->q_y), q_y);
841	gcry_mpi_release (q_y);
842	gcry_ctx_release (ctx);
843	}
844
845
846	enum GNUNET_GenericReturnValue	717	enum GNUNET_GenericReturnValue
847	GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,	718	GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
848	const struct GNUNET_CRYPTO_EcdhePublicKey *pub,	719	const struct GNUNET_CRYPTO_EcdhePublicKey *pub,