2 files changed, 40 insertions, 23 deletions
diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c
index ce41a4699..0ee0570c0 100644
--- a/src/util/crypto_ecc_gnsrecord.c
+++ b/src/util/crypto_ecc_gnsrecord.c
@@ -68,28 +68,15 @@ derive_h (const void *pub,
 }
-/**
+enum GNUNET_GenericReturnValue
- * This is a signature function for EdDSA which takes the
+GNUNET_CRYPTO_eddsa_sign_derived (
- * secret scalar sk instead of the private seed which is
+  const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
- * usually the case for crypto APIs. We require this functionality
+  const char *label,
- * in order to use derived private keys for signatures we
+  const char *context,
- * cannot calculate the inverse of a sk to find the seed
- * efficiently.
- *
- * The resulting signature is a standard EdDSA signature
- * which can be verified using the usual APIs.
- *
- * @param sk the secret scalar
- * @param purp the signature purpose
- * @param sig the resulting signature
- */
-void
-GNUNET_CRYPTO_eddsa_sign_with_scalar (
-  const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
  struct GNUNET_CRYPTO_EddsaSignature *sig)
 {
+  struct GNUNET_CRYPTO_EddsaPrivateScalar priv;
  crypto_hash_sha512_state hs;
  unsigned char sk[64];
  unsigned char r[64];
@@ -98,6 +85,14 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
  unsigned char zk[32];
  unsigned char tmp[32];
+  /**
+   * Derive the private key
+   */
+  GNUNET_CRYPTO_eddsa_private_key_derive (pkey,
+                                          label,
+                                          context,
+                                          &priv);
  crypto_hash_sha512_init (&hs);
  /**
@@ -108,7 +103,7 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
   * sk[0..31] = h * SHA512 (d)[0..31]
   * sk[32..63] = SHA512 (d)[32..63]
   */
-  memcpy (sk, priv->s, 64);
+  memcpy (sk, priv.s, 64);
  /**
   * Calculate the derived zone key zk' from the
@@ -172,8 +167,28 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
  sodium_memzero (sk, sizeof (sk));
  sodium_memzero (r, sizeof (r));
  sodium_memzero (r_mod, sizeof (r_mod));
+  return GNUNET_OK;
 }
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_ecdsa_sign_derived (
+  const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+  const char *label,
+  const char *context,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+  struct GNUNET_CRYPTO_EcdsaSignature *sig)
+{
+  struct GNUNET_CRYPTO_EcdsaPrivateKey *key;
+  enum GNUNET_GenericReturnValue res;
+  key = GNUNET_CRYPTO_ecdsa_private_key_derive (priv,
+                                                label,
+                                                context);
+  res = GNUNET_CRYPTO_ecdsa_sign_ (key,
+                                   purpose,
+                                   sig);
+  GNUNET_free (key);
+  return res;
+}
 struct GNUNET_CRYPTO_EcdsaPrivateKey *
 GNUNET_CRYPTO_ecdsa_private_key_derive (
diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c
index 459619ff2..e9573a307 100644
--- a/src/util/test_crypto_eddsa.c
+++ b/src/util/test_crypto_eddsa.c
@@ -130,9 +130,11 @@ testDeriveSignVerify (void)
    return GNUNET_SYSERR;
  }
-  GNUNET_CRYPTO_eddsa_sign_with_scalar (&dpriv,
+  GNUNET_CRYPTO_eddsa_sign_derived (&key,
-                                        &purp,
+                                    "test-derive",
-                                        &sig);
+                                    "test-CTX",
+                                    &purp,
+                                    &sig);
  if (GNUNET_SYSERR ==
      GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
                                   &purp,

diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c index ce41a4699..0ee0570c0 100644 --- a/src/util/crypto_ecc_gnsrecord.c +++ b/src/util/crypto_ecc_gnsrecord.c
@@ -68,28 +68,15 @@ derive_h (const void *pub,
68	}	68	}
69		69
70		70
71	/**	71	enum GNUNET_GenericReturnValue
72	* This is a signature function for EdDSA which takes the	72	GNUNET_CRYPTO_eddsa_sign_derived (
73	* secret scalar sk instead of the private seed which is	73	const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
74	* usually the case for crypto APIs. We require this functionality	74	const char *label,
75	* in order to use derived private keys for signatures we	75	const char *context,
76	* cannot calculate the inverse of a sk to find the seed
77	* efficiently.
78	*
79	* The resulting signature is a standard EdDSA signature
80	* which can be verified using the usual APIs.
81	*
82	* @param sk the secret scalar
83	* @param purp the signature purpose
84	* @param sig the resulting signature
85	*/
86	void
87	GNUNET_CRYPTO_eddsa_sign_with_scalar (
88	const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,
89	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,	76	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
90	struct GNUNET_CRYPTO_EddsaSignature *sig)	77	struct GNUNET_CRYPTO_EddsaSignature *sig)
91	{	78	{
92		79	struct GNUNET_CRYPTO_EddsaPrivateScalar priv;
93	crypto_hash_sha512_state hs;	80	crypto_hash_sha512_state hs;
94	unsigned char sk[64];	81	unsigned char sk[64];
95	unsigned char r[64];	82	unsigned char r[64];
@@ -98,6 +85,14 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
98	unsigned char zk[32];	85	unsigned char zk[32];
99	unsigned char tmp[32];	86	unsigned char tmp[32];
100		87
		88	/**
		89	* Derive the private key
		90	*/
		91	GNUNET_CRYPTO_eddsa_private_key_derive (pkey,
		92	label,
		93	context,
		94	&priv);
		95
101	crypto_hash_sha512_init (&hs);	96	crypto_hash_sha512_init (&hs);
102		97
103	/**	98	/**
@@ -108,7 +103,7 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
108	* sk[0..31] = h * SHA512 (d)[0..31]	103	* sk[0..31] = h * SHA512 (d)[0..31]
109	* sk[32..63] = SHA512 (d)[32..63]	104	* sk[32..63] = SHA512 (d)[32..63]
110	*/	105	*/
111	memcpy (sk, priv->s, 64);	106	memcpy (sk, priv.s, 64);
112		107
113	/**	108	/**
114	* Calculate the derived zone key zk' from the	109	* Calculate the derived zone key zk' from the
@@ -172,8 +167,28 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
172	sodium_memzero (sk, sizeof (sk));	167	sodium_memzero (sk, sizeof (sk));
173	sodium_memzero (r, sizeof (r));	168	sodium_memzero (r, sizeof (r));
174	sodium_memzero (r_mod, sizeof (r_mod));	169	sodium_memzero (r_mod, sizeof (r_mod));
		170	return GNUNET_OK;
175	}	171	}
176		172
		173	enum GNUNET_GenericReturnValue
		174	GNUNET_CRYPTO_ecdsa_sign_derived (
		175	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
		176	const char *label,
		177	const char *context,
		178	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
		179	struct GNUNET_CRYPTO_EcdsaSignature *sig)
		180	{
		181	struct GNUNET_CRYPTO_EcdsaPrivateKey *key;
		182	enum GNUNET_GenericReturnValue res;
		183	key = GNUNET_CRYPTO_ecdsa_private_key_derive (priv,
		184	label,
		185	context);
		186	res = GNUNET_CRYPTO_ecdsa_sign_ (key,
		187	purpose,
		188	sig);
		189	GNUNET_free (key);
		190	return res;
		191	}
177		192
178	struct GNUNET_CRYPTO_EcdsaPrivateKey *	193	struct GNUNET_CRYPTO_EcdsaPrivateKey *
179	GNUNET_CRYPTO_ecdsa_private_key_derive (	194	GNUNET_CRYPTO_ecdsa_private_key_derive (


diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c index 459619ff2..e9573a307 100644 --- a/src/util/test_crypto_eddsa.c +++ b/src/util/test_crypto_eddsa.c
@@ -130,9 +130,11 @@ testDeriveSignVerify (void)
130	return GNUNET_SYSERR;	130	return GNUNET_SYSERR;
131	}	131	}
132		132
133	GNUNET_CRYPTO_eddsa_sign_with_scalar (&dpriv,	133	GNUNET_CRYPTO_eddsa_sign_derived (&key,
134	&purp,	134	"test-derive",
135	&sig);	135	"test-CTX",
		136	&purp,
		137	&sig);
136	if (GNUNET_SYSERR ==	138	if (GNUNET_SYSERR ==
137	GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,	139	GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
138	&purp,	140	&purp,