diff options
Diffstat (limited to 'src/util/crypto_ecc.c')
| -rw-r--r-- | src/util/crypto_ecc.c | 100 |
1 files changed, 17 insertions, 83 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 6bd96b365..71b8470fe 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c | |||
| @@ -133,72 +133,6 @@ adjust (unsigned char *buf, | |||
| 133 | 133 | ||
| 134 | 134 | ||
| 135 | /** | 135 | /** |
| 136 | * Output the given MPI value to the given buffer. | ||
| 137 | * | ||
| 138 | * @param buf where to output to | ||
| 139 | * @param size number of bytes in @a buf | ||
| 140 | * @param val value to write to @a buf | ||
| 141 | */ | ||
| 142 | static void | ||
| 143 | mpi_print (unsigned char *buf, | ||
| 144 | size_t size, | ||
| 145 | gcry_mpi_t val) | ||
| 146 | { | ||
| 147 | size_t rsize; | ||
| 148 | |||
| 149 | if (gcry_mpi_get_flag (val, GCRYMPI_FLAG_OPAQUE)) | ||
| 150 | { | ||
| 151 | /* Store opaque MPIs left aligned into the buffer. */ | ||
| 152 | unsigned int nbits; | ||
| 153 | const void *p; | ||
| 154 | |||
| 155 | p = gcry_mpi_get_opaque (val, &nbits); | ||
| 156 | GNUNET_assert (p); | ||
| 157 | rsize = (nbits+7)/8; | ||
| 158 | if (rsize > size) | ||
| 159 | rsize = size; | ||
| 160 | memcpy (buf, p, rsize); | ||
| 161 | if (rsize < size) | ||
| 162 | memset (buf+rsize, 0, size - rsize); | ||
| 163 | } | ||
| 164 | else | ||
| 165 | { | ||
| 166 | /* Store regular MPIs as unsigned integers right aligned into | ||
| 167 | the buffer. */ | ||
| 168 | rsize = size; | ||
| 169 | GNUNET_assert (0 == | ||
| 170 | gcry_mpi_print (GCRYMPI_FMT_USG, buf, rsize, &rsize, | ||
| 171 | val)); | ||
| 172 | adjust (buf, rsize, size); | ||
| 173 | } | ||
| 174 | } | ||
| 175 | |||
| 176 | |||
| 177 | /** | ||
| 178 | * Convert data buffer into MPI value. | ||
| 179 | * | ||
| 180 | * @param result where to store MPI value (allocated) | ||
| 181 | * @param data raw data (GCRYMPI_FMT_USG) | ||
| 182 | * @param size number of bytes in @a data | ||
| 183 | */ | ||
| 184 | static void | ||
| 185 | mpi_scan (gcry_mpi_t *result, | ||
| 186 | const unsigned char *data, | ||
| 187 | size_t size) | ||
| 188 | { | ||
| 189 | int rc; | ||
| 190 | |||
| 191 | if (0 != (rc = gcry_mpi_scan (result, | ||
| 192 | GCRYMPI_FMT_USG, | ||
| 193 | data, size, &size))) | ||
| 194 | { | ||
| 195 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); | ||
| 196 | GNUNET_assert (0); | ||
| 197 | } | ||
| 198 | } | ||
| 199 | |||
| 200 | |||
| 201 | /** | ||
| 202 | * Convert the given private key from the network format to the | 136 | * Convert the given private key from the network format to the |
| 203 | * S-expression that can be used by libgcrypt. | 137 | * S-expression that can be used by libgcrypt. |
| 204 | * | 138 | * |
| @@ -317,7 +251,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey * | |||
| 317 | gcry_sexp_release (sexp); | 251 | gcry_sexp_release (sexp); |
| 318 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 252 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
| 319 | GNUNET_assert (q); | 253 | GNUNET_assert (q); |
| 320 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 254 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
| 321 | gcry_mpi_release (q); | 255 | gcry_mpi_release (q); |
| 322 | gcry_ctx_release (ctx); | 256 | gcry_ctx_release (ctx); |
| 323 | } | 257 | } |
| @@ -343,7 +277,7 @@ GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey * | |||
| 343 | gcry_sexp_release (sexp); | 277 | gcry_sexp_release (sexp); |
| 344 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 278 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
| 345 | GNUNET_assert (q); | 279 | GNUNET_assert (q); |
| 346 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 280 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
| 347 | gcry_mpi_release (q); | 281 | gcry_mpi_release (q); |
| 348 | gcry_ctx_release (ctx); | 282 | gcry_ctx_release (ctx); |
| 349 | } | 283 | } |
| @@ -369,7 +303,7 @@ GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey * | |||
| 369 | gcry_sexp_release (sexp); | 303 | gcry_sexp_release (sexp); |
| 370 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 304 | q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
| 371 | GNUNET_assert (q); | 305 | GNUNET_assert (q); |
| 372 | mpi_print (pub->q_y, sizeof (pub->q_y), q); | 306 | GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); |
| 373 | gcry_mpi_release (q); | 307 | gcry_mpi_release (q); |
| 374 | gcry_ctx_release (ctx); | 308 | gcry_ctx_release (ctx); |
| 375 | } | 309 | } |
| @@ -578,7 +512,7 @@ GNUNET_CRYPTO_ecdhe_key_create () | |||
| 578 | } | 512 | } |
| 579 | gcry_sexp_release (priv_sexp); | 513 | gcry_sexp_release (priv_sexp); |
| 580 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); | 514 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); |
| 581 | mpi_print (priv->d, sizeof (priv->d), d); | 515 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
| 582 | gcry_mpi_release (d); | 516 | gcry_mpi_release (d); |
| 583 | return priv; | 517 | return priv; |
| 584 | } | 518 | } |
| @@ -628,7 +562,7 @@ GNUNET_CRYPTO_ecdsa_key_create () | |||
| 628 | } | 562 | } |
| 629 | gcry_sexp_release (priv_sexp); | 563 | gcry_sexp_release (priv_sexp); |
| 630 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); | 564 | priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); |
| 631 | mpi_print (priv->d, sizeof (priv->d), d); | 565 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
| 632 | gcry_mpi_release (d); | 566 | gcry_mpi_release (d); |
| 633 | return priv; | 567 | return priv; |
| 634 | } | 568 | } |
| @@ -677,7 +611,7 @@ GNUNET_CRYPTO_eddsa_key_create () | |||
| 677 | } | 611 | } |
| 678 | gcry_sexp_release (priv_sexp); | 612 | gcry_sexp_release (priv_sexp); |
| 679 | priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey); | 613 | priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey); |
| 680 | mpi_print (priv->d, sizeof (priv->d), d); | 614 | GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); |
| 681 | gcry_mpi_release (d); | 615 | gcry_mpi_release (d); |
| 682 | return priv; | 616 | return priv; |
| 683 | } | 617 | } |
| @@ -700,7 +634,7 @@ GNUNET_CRYPTO_ecdsa_key_get_anonymous () | |||
| 700 | 634 | ||
| 701 | if (once) | 635 | if (once) |
| 702 | return &anonymous; | 636 | return &anonymous; |
| 703 | mpi_print (anonymous.d, | 637 | GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d, |
| 704 | sizeof (anonymous.d), | 638 | sizeof (anonymous.d), |
| 705 | GCRYMPI_CONST_ONE); | 639 | GCRYMPI_CONST_ONE); |
| 706 | once = 1; | 640 | once = 1; |
| @@ -1222,8 +1156,8 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, | |||
| 1222 | return GNUNET_SYSERR; | 1156 | return GNUNET_SYSERR; |
| 1223 | } | 1157 | } |
| 1224 | gcry_sexp_release (sig_sexp); | 1158 | gcry_sexp_release (sig_sexp); |
| 1225 | mpi_print (sig->r, sizeof (sig->r), rs[0]); | 1159 | GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); |
| 1226 | mpi_print (sig->s, sizeof (sig->s), rs[1]); | 1160 | GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); |
| 1227 | gcry_mpi_release (rs[0]); | 1161 | gcry_mpi_release (rs[0]); |
| 1228 | gcry_mpi_release (rs[1]); | 1162 | gcry_mpi_release (rs[1]); |
| 1229 | return GNUNET_OK; | 1163 | return GNUNET_OK; |
| @@ -1272,8 +1206,8 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, | |||
| 1272 | return GNUNET_SYSERR; | 1206 | return GNUNET_SYSERR; |
| 1273 | } | 1207 | } |
| 1274 | gcry_sexp_release (sig_sexp); | 1208 | gcry_sexp_release (sig_sexp); |
| 1275 | mpi_print (sig->r, sizeof (sig->r), rs[0]); | 1209 | GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); |
| 1276 | mpi_print (sig->s, sizeof (sig->s), rs[1]); | 1210 | GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); |
| 1277 | gcry_mpi_release (rs[0]); | 1211 | gcry_mpi_release (rs[0]); |
| 1278 | gcry_mpi_release (rs[1]); | 1212 | gcry_mpi_release (rs[1]); |
| 1279 | return GNUNET_OK; | 1213 | return GNUNET_OK; |
| @@ -1425,7 +1359,7 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
| 1425 | q = gcry_mpi_ec_get_point ("q", ctx, 0); | 1359 | q = gcry_mpi_ec_get_point ("q", ctx, 0); |
| 1426 | 1360 | ||
| 1427 | /* second, extract the d value from our private key */ | 1361 | /* second, extract the d value from our private key */ |
| 1428 | mpi_scan (&d, priv->d, sizeof (priv->d)); | 1362 | GNUNET_CRYPTO_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d)); |
| 1429 | 1363 | ||
| 1430 | /* then call the 'multiply' function, to compute the product */ | 1364 | /* then call the 'multiply' function, to compute the product */ |
| 1431 | result = gcry_mpi_point_new (0); | 1365 | result = gcry_mpi_point_new (0); |
| @@ -1447,7 +1381,7 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
| 1447 | 1381 | ||
| 1448 | rsize = sizeof (xbuf); | 1382 | rsize = sizeof (xbuf); |
| 1449 | GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); | 1383 | GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); |
| 1450 | /* result_x can be negative here, so we do not use 'mpi_print' | 1384 | /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned' |
| 1451 | as that does not include the sign bit; x should be a 255-bit | 1385 | as that does not include the sign bit; x should be a 255-bit |
| 1452 | value, so with the sign it should fit snugly into the 256-bit | 1386 | value, so with the sign it should fit snugly into the 256-bit |
| 1453 | xbuf */ | 1387 | xbuf */ |
| @@ -1484,7 +1418,7 @@ derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, | |||
| 1484 | label, strlen (label), | 1418 | label, strlen (label), |
| 1485 | context, strlen (context), | 1419 | context, strlen (context), |
| 1486 | NULL, 0); | 1420 | NULL, 0); |
| 1487 | mpi_scan (&h, (unsigned char *) &hc, sizeof (hc)); | 1421 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc)); |
| 1488 | return h; | 1422 | return h; |
| 1489 | } | 1423 | } |
| 1490 | 1424 | ||
| @@ -1520,7 +1454,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK | |||
| 1520 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); | 1454 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); |
| 1521 | 1455 | ||
| 1522 | h = derive_h (&pub, label, context); | 1456 | h = derive_h (&pub, label, context); |
| 1523 | mpi_scan (&x, priv->d, sizeof (priv->d)); | 1457 | GNUNET_CRYPTO_mpi_scan_unsigned (&x, priv->d, sizeof (priv->d)); |
| 1524 | d = gcry_mpi_new (256); | 1458 | d = gcry_mpi_new (256); |
| 1525 | gcry_mpi_mulm (d, h, x, n); | 1459 | gcry_mpi_mulm (d, h, x, n); |
| 1526 | gcry_mpi_release (h); | 1460 | gcry_mpi_release (h); |
| @@ -1528,7 +1462,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK | |||
| 1528 | gcry_mpi_release (n); | 1462 | gcry_mpi_release (n); |
| 1529 | gcry_ctx_release (ctx); | 1463 | gcry_ctx_release (ctx); |
| 1530 | ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); | 1464 | ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); |
| 1531 | mpi_print (ret->d, sizeof (ret->d), d); | 1465 | GNUNET_CRYPTO_mpi_print_unsigned (ret->d, sizeof (ret->d), d); |
| 1532 | gcry_mpi_release (d); | 1466 | gcry_mpi_release (d); |
| 1533 | return ret; | 1467 | return ret; |
| 1534 | } | 1468 | } |
| @@ -1588,7 +1522,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey | |||
| 1588 | gcry_mpi_point_release (v); | 1522 | gcry_mpi_point_release (v); |
| 1589 | q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); | 1523 | q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); |
| 1590 | GNUNET_assert (q_y); | 1524 | GNUNET_assert (q_y); |
| 1591 | mpi_print (result->q_y, sizeof result->q_y, q_y); | 1525 | GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof result->q_y, q_y); |
| 1592 | gcry_mpi_release (q_y); | 1526 | gcry_mpi_release (q_y); |
| 1593 | gcry_ctx_release (ctx); | 1527 | gcry_ctx_release (ctx); |
| 1594 | } | 1528 | } |