Age | Commit message (Collapse) | Author | |
---|---|---|---|
2022-05-10 | - cleanupdev/trizuz/oidc_RSA256 | Tristan Schwieren | |
2022-05-10 | -variable change in user handbook | Tristan Schwieren | |
2022-05-06 | - fix missing key file bug and add test | Tristan Schwieren | |
2022-05-04 | - true/false flip bug while reading oidc config | Tristan Schwieren | |
2022-04-21 | - jwa option RSA/HMAC | Tristan Schwieren | |
2022-04-21 | - generate valid token respoise with RS256 signature | Tristan Schwieren | |
2022-04-13 | -messy attempt using JWS | Tristan Schwieren | |
2022-04-13 | -apply feedback | Tristan Schwieren | |
2022-04-12 | - working read/write of JWK key | Tristan Schwieren | |
2022-04-12 | - filename extra / error | Tristan Schwieren | |
2022-04-12 | - working oids_rsa read/write without logging | Tristan Schwieren | |
2022-04-11 | -not working file write/read | Tristan Schwieren | |
2022-04-11 | change to jose library | Tristan Schwieren | |
2022-04-11 | -init oidc RSA256 feature | Tristan Schwieren | |
2022-04-06 | -fix MHD detection | Christian Grothoff | |
2022-04-05 | -fix messenger renaming | TheJackiMonster | |
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com> | |||
2022-04-05 | add flag to return 'not present' status from GNUNET_JSON_spec_mark_optional | Christian Grothoff | |
2022-04-04 | -fix | Martin Schanzenbach | |
2022-04-04 | UTIL: OpenBSD does not implement unsafe srandom | Martin Schanzenbach | |
2022-04-04 | BUILD: Simplify mhd detection | Martin Schanzenbach | |
2022-04-04 | Merge branch 'master' of ssh://git.gnunet.org/gnunet | t3sserakt | |
2022-04-04 | -typo | Christian Grothoff | |
2022-04-03 | Merge branch 'master' of ssh://git.gnunet.org/gnunet | t3sserakt | |
2022-04-03 | Merge branch 'master' of ssh://git.gnunet.org/gnunet | t3sserakt | |
2022-04-02 | -add include for type fd_set | TheJackiMonster | |
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com> | |||
2022-04-02 | -implement messenger key update, fix ego store operations | TheJackiMonster | |
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com> | |||
2022-04-02 | -unused | Martin Schanzenbach | |
2022-04-01 | - Introduced check, if we need to rebuild a DV box, because we have a ↵ | t3sserakt | |
different path. - Bug fix when freeing PendingMessage structs, in case of more complex hierarchies of pending messages. E.g. root msg -> DV Box -> reliability box. - Bug fix in backtalker logic. - Change logic, if MTU changes to keep already computed fragments. - Introduced a retry delay, if pending messages are not ready again. - Added schedule_transmit_on_queue, if communicator tells us about having capacity again. - Bug fixed in store request sent callback. - Some smaller bug fixes. | |||
2022-04-01 | -fix | Martin Schanzenbach | |
2022-04-01 | -portability openbsd | Martin Schanzenbach | |
2022-04-01 | -fix !tarball | Martin Schanzenbach | |
2022-03-31 | -portability fixes | Martin Schanzenbach | |
2022-03-30 | -fix bogus free bugs | Christian Grothoff | |
2022-03-30 | -style fixes, no semantic changes | Christian Grothoff | |
2022-03-30 | -logging, minor memory leak fix | Christian Grothoff | |
2022-03-29 | -changelog housekeepingv0.16.3 | Martin Schanzenbach | |
2022-03-29 | -update testvector generation | Martin Schanzenbach | |
2022-03-29 | -add assertion again | Martin Schanzenbach | |
2022-03-29 | GNS: Do not fail on assertions in block processing | Martin Schanzenbach | |
2022-03-29 | -fix | Martin Schanzenbach | |
2022-03-28 | -fix leak in edx25519 | Özgür Kesim | |
2022-03-27 | Edx25519 implemented | Özgür Kesim | |
Edx25519 is a variant of EdDSA on curve25519 which allows for repeated derivation of private and public keys, independently. The private keys in Edx25519 initially correspond to the data after expansion and clamping in EdDSA. However, this correspondence is lost after deriving further keys from existing ones. The public keys and signature verification are compatible with EdDSA. The ability to repeatedly derive key material is used for example in the context of age restriction in GNU Taler. The scheme that has been implemented is as follows: /* Private keys in Edx25519 are pairs (a, b) of 32 byte each. * Initially they correspond to the result of the expansion * and clamping in EdDSA. */ Edx25519_generate_private(seed) { /* EdDSA expand and clamp */ dh := SHA-512(seed) a := dh[0..31] b := dh[32..64] a[0] &= 0b11111000 a[31] &= 0b01111111 a[31] |= 0b01000000 return (a, b) } Edx25519_public_from_private(private) { /* Public keys are the same as in EdDSA */ (a, _) := private return [a] * G } Edx25519_blinding_factor(P, seed) { /* This is a helper function used in the derivation of * private/public keys from existing ones. */ h1 := HKDF_32(P, seed) /* Ensure that h == h % L */ h := h1 % L /* Optionally: Make sure that we don't create weak keys. */ P' := [h] * P if !( (h!=1) && (h!=0) && (P'!=E) ) { return Edx25519_blinding_factor(P, seed+1) } return h } Edx25519_derive_private(private, seed) { /* This is based on the definition in * GNUNET_CRYPTO_eddsa_private_key_derive. But it accepts * and returns a private pair (a, b) and allows for iteration. */ (a, b) := private P := Edx25519_public_key_from_private(private) h := Edx25519_blinding_factor(P, seed) /* Carefully calculate the new value for a */ a1 := a / 8; a2 := (h * a1) % L a' := (a2 * 8) % L /* Update b as well, binding it to h. This is an additional step compared to GNS. */ b' := SHA256(b ∥ h) return (a', b') } Edx25519_derive_public(P, seed) { h := Edx25519_blinding_factor(P, seed) return [h]*P } Edx25519_sign(private, message) { /* As in Ed25519, except for the origin of b */ (d, b) := private P := Edx25519_public_from_private(private) r := SHA-512(b ∥ message) R := [r] * G s := r + SHA-512(R ∥ P ∥ message) * d % L return (R,s) } Edx25519_verify(P, message, signature) { /* Identical to Ed25519 */ (R, s) := signature return [s] * G == R + [SHA-512(R ∥ P ∥ message)] * P } | |||
2022-03-27 | GNS: Sanitize APIs and align with LSD0001 | Martin Schanzenbach | |
2022-03-26 | add GNUNET_TIME_absolute_round_down() function | Christian Grothoff | |
2022-03-25 | -do not use potentially old version string | Martin Schanzenbach | |
2022-03-25 | -actual fix | Martin Schanzenbach | |
2022-03-25 | -fix | Martin Schanzenbach | |
2022-03-25 | Remove bash-ism from get_version.sh | David Barksdale | |
2022-03-21 | -init uninit | Christian Grothoff | |
2022-03-21 | -fix FTBFS | Christian Grothoff | |