Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | replace Christian's FIXME with an explanation | Florian Dold | 2020-05-26 |
| | |||
* | Fix #6070 | Florian Dold | 2020-05-06 |
| | | | | | | | | Use same endianess for EdSA and ECDSA private keys. The encoding of (R,S) of ECDSA signatures is still big-endian, to match RFC 6967. This is different from the (R,S) of EdDSA, which is little-endian according to RFC 8032. | ||
* | move from tweetnacl (+custom hacks) -> only sodium | Florian Dold | 2020-05-06 |
| | |||
* | fixing #6149 | Christian Grothoff | 2020-04-11 |
| | |||
* | fix sign api for to address #6164 | Christian Grothoff | 2020-04-08 |
| | |||
* | improve comments (#6164) | Christian Grothoff | 2020-04-07 |
| | |||
* | const | Christian Grothoff | 2020-04-07 |
| | |||
* | Don't normalize when deriving ECDSA public keys | Florian Dold | 2020-01-06 |
| | |||
* | Fix ECDSA/ECDH key exchange | Florian Dold | 2020-01-06 |
| | | | | | Libgcrypt interprets the private key as little endian, while tweetnacl interprets it as big endian. This caused the key exchange to fail. | ||
* | fix #3795/5968/5398 | Christian Grothoff | 2019-12-07 |
| | |||
* | DCE / GNUNET_TWEETNACL prefix for exported symbols | Florian Dold | 2019-11-26 |
| | |||
* | use Curve25519 for ECDH and tweetnacl where we can | Florian Dold | 2019-11-26 |
| | | | | | | | | | | | | This leads to some performance improvements and makes it easier to write software that interoperates with GNUnet / GNU Taler. It also avoids using the rather inconvenient libgcrypt APIs. We still need to keep libgcrypt though, as we need it for RSA, ECDSA and some other primitives. This change is still behind a #define NEW_CRYPTO, as it is a breaking change for both EdDSA (removing the superfluous additional hash) and for ECDHE (using Curve25519 instead of Ed25519). | ||
* | make bfix happy | Christian Grothoff | 2019-11-15 |
| | |||
* | tighten formatting rules | Christian Grothoff | 2019-10-31 |
| | |||
* | global reindent, now with uncrustify hook enabled | Christian Grothoff | 2019-10-05 |
| | |||
* | reduce scope | Christian Grothoff | 2019-10-05 |
| | |||
* | style fix | Christian Grothoff | 2019-10-05 |
| | |||
* | uncrustify as demanded. | ng0 | 2019-09-08 |
| | |||
* | report purpose when sig verification fails | Christian Grothoff | 2019-07-28 |
| | |||
* | add option to display private keys | Christian Grothoff | 2019-06-14 |
| | |||
* | introduce GNUNET_memcmp() and GNUNET_is_zero() | Christian Grothoff | 2019-04-06 |
| | |||
* | ref bugnote | Christian Grothoff | 2019-02-24 |
| | |||
* | geq redefinition breaks texi2pdf, instead just avoid @geq | Christian Grothoff | 2019-02-24 |
| | |||
* | src: for every AGPL3.0 file, add SPDX identifier. | ng0 | 2019-01-14 |
| | |||
* | benchmark collection awk scripts | Florian Dold | 2018-08-18 |
| | |||
* | missing files | Florian Dold | 2018-08-18 |
| | |||
* | basic benchmarking | Florian Dold | 2018-08-18 |
| | |||
* | remove crypto_bug.c | Christian Grothoff | 2018-06-09 |
| | |||
* | paragraph for gnunet devs that don't know how to use the web | psyc://loupsycedyglgamf.onion/~lynX | 2018-06-07 |
| | |||
* | glitch in the license text detected by hyazinthe, thank you! | psyc://loupsycedyglgamf.onion/~lynX | 2018-06-07 |
| | |||
* | first batch of license fixes (boring) | psyc://loupsycedyglgamf.onion/~lynX | 2018-06-05 |
| | |||
* | Niibe writes: | Christian Grothoff | 2018-05-31 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sorry, I was not reading the code of GNUnet well. I overlooked how the eddsa_d_to_a function was written and its intention. I read it again. Indeed, the eddsa_d_to_a function tries to handle the case where gcry_mpi_print returns rawmpilen < 32, putting "left pad" by DIGEST. The problem is: DIGEST is not cleared (although comment says so). I think that the stack had zero-byte for some reason on your 32-bit machine. Here is the correction. Clear DIGEST, as comment says. diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 8d9091b23..280603234 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c @@ -1273,24 +1273,15 @@ eddsa_d_to_a (gcry_mpi_t d) b = 256 / 8; /* number of bytes in `d` */ + memset (hvec, 0, sizeof hvec); /* Note that we clear DIGEST so we can use it as input to left pad the key with zeroes for hashing. */ - memset (hvec, 0, sizeof hvec); + memset (digest, 0, sizeof digest); rawmpilen = sizeof (rawmpi); GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d)); - if (rawmpilen < 32) - { - memmove (rawmpi + 32 - rawmpilen, - rawmpi, - rawmpilen); - memset (rawmpi, - 0, - 32 - rawmpilen); - rawmpilen = 32; - } hvec[0].data = digest; hvec[0].off = 0; hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0; -- | ||
* | add patch from Niibe Yutaka for | Christian Grothoff | 2018-05-28 |
| | | | | #5328 | ||
* | work-around for crypto bug (to be documented more) | Christian Grothoff | 2018-05-17 |
| | |||
* | deduplicate code in crypto_ecc | Christian Grothoff | 2018-05-17 |
| | |||
* | trying again to fix test_service timeout on v6 failure | Christian Grothoff | 2018-01-04 |
| | |||
* | add -P option to gnunet-ecc | Christian Grothoff | 2017-11-01 |
| | |||
* | util: add component name to LOG macros; util/client: log incoming message ↵ | tg(x) | 2017-02-24 |
| | | | | type/size/source for gnunet-logread | ||
* | introducing GNUNET_CRYPTO_ecdhe_create2() to avoid malloc nonsense | Christian Grothoff | 2017-02-15 |
| | |||
* | -deduplicate string constant | Sree Harsha Totakura | 2016-01-21 |
| | |||
* | -fix (C) notices | Christian Grothoff | 2016-01-19 |
| | |||
* | - Add ecdsa ecdh functions | Martin Schanzenbach | 2016-01-04 |
| | | | | | - Update identity token to encrypted protocol | ||
* | adding bin_to_point and point_to_bin functions for GNUNET_CRYPTO_ecc API | Christian Grothoff | 2015-09-05 |
| | |||
* | fix #3869: outdated FSF address | Christian Grothoff | 2015-06-30 |
| | |||
* | make libextractor actually optional, both for GNUnet and GNUnet-taler builds | Christian Grothoff | 2015-05-30 |
| | |||
* | adding --enable-taler-wallet configure option to build a reduced version of ↵ | Christian Grothoff | 2015-05-28 |
| | | | | libgnunetutil with only the parts needed by GNU Taler wallets | ||
* | -use flag to disable key generation test for libgcrypt > 1.7 | Christian Grothoff | 2015-05-22 |
| | |||
* | -use faster Eddsa key gen | Christian Grothoff | 2015-05-19 |
| | |||
* | ecdh-eddsa implementation now works | Christian Grothoff | 2015-05-15 |
| | |||
* | towards using EdDSA-ECDHE instead of ECDSA-ECDHE combined cryptosystem (API ↵ | Christian Grothoff | 2015-05-13 |
| | | | | only) |