Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | introduce GNUNET_memcmp() and GNUNET_is_zero() | Christian Grothoff | 2019-04-06 |
| | |||
* | ref bugnote | Christian Grothoff | 2019-02-24 |
| | |||
* | geq redefinition breaks texi2pdf, instead just avoid @geq | Christian Grothoff | 2019-02-24 |
| | |||
* | src: for every AGPL3.0 file, add SPDX identifier. | ng0 | 2019-01-14 |
| | |||
* | benchmark collection awk scripts | Florian Dold | 2018-08-18 |
| | |||
* | missing files | Florian Dold | 2018-08-18 |
| | |||
* | basic benchmarking | Florian Dold | 2018-08-18 |
| | |||
* | remove crypto_bug.c | Christian Grothoff | 2018-06-09 |
| | |||
* | paragraph for gnunet devs that don't know how to use the web | psyc://loupsycedyglgamf.onion/~lynX | 2018-06-07 |
| | |||
* | glitch in the license text detected by hyazinthe, thank you! | psyc://loupsycedyglgamf.onion/~lynX | 2018-06-07 |
| | |||
* | first batch of license fixes (boring) | psyc://loupsycedyglgamf.onion/~lynX | 2018-06-05 |
| | |||
* | Niibe writes: | Christian Grothoff | 2018-05-31 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Sorry, I was not reading the code of GNUnet well. I overlooked how the eddsa_d_to_a function was written and its intention. I read it again. Indeed, the eddsa_d_to_a function tries to handle the case where gcry_mpi_print returns rawmpilen < 32, putting "left pad" by DIGEST. The problem is: DIGEST is not cleared (although comment says so). I think that the stack had zero-byte for some reason on your 32-bit machine. Here is the correction. Clear DIGEST, as comment says. diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c index 8d9091b23..280603234 100644 --- a/src/util/crypto_ecc.c +++ b/src/util/crypto_ecc.c @@ -1273,24 +1273,15 @@ eddsa_d_to_a (gcry_mpi_t d) b = 256 / 8; /* number of bytes in `d` */ + memset (hvec, 0, sizeof hvec); /* Note that we clear DIGEST so we can use it as input to left pad the key with zeroes for hashing. */ - memset (hvec, 0, sizeof hvec); + memset (digest, 0, sizeof digest); rawmpilen = sizeof (rawmpi); GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d)); - if (rawmpilen < 32) - { - memmove (rawmpi + 32 - rawmpilen, - rawmpi, - rawmpilen); - memset (rawmpi, - 0, - 32 - rawmpilen); - rawmpilen = 32; - } hvec[0].data = digest; hvec[0].off = 0; hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0; -- | ||
* | add patch from Niibe Yutaka for | Christian Grothoff | 2018-05-28 |
| | | | | #5328 | ||
* | work-around for crypto bug (to be documented more) | Christian Grothoff | 2018-05-17 |
| | |||
* | deduplicate code in crypto_ecc | Christian Grothoff | 2018-05-17 |
| | |||
* | trying again to fix test_service timeout on v6 failure | Christian Grothoff | 2018-01-04 |
| | |||
* | add -P option to gnunet-ecc | Christian Grothoff | 2017-11-01 |
| | |||
* | util: add component name to LOG macros; util/client: log incoming message ↵ | tg(x) | 2017-02-24 |
| | | | | type/size/source for gnunet-logread | ||
* | introducing GNUNET_CRYPTO_ecdhe_create2() to avoid malloc nonsense | Christian Grothoff | 2017-02-15 |
| | |||
* | -deduplicate string constant | Sree Harsha Totakura | 2016-01-21 |
| | |||
* | -fix (C) notices | Christian Grothoff | 2016-01-19 |
| | |||
* | - Add ecdsa ecdh functions | Martin Schanzenbach | 2016-01-04 |
| | | | | | - Update identity token to encrypted protocol | ||
* | adding bin_to_point and point_to_bin functions for GNUNET_CRYPTO_ecc API | Christian Grothoff | 2015-09-05 |
| | |||
* | fix #3869: outdated FSF address | Christian Grothoff | 2015-06-30 |
| | |||
* | make libextractor actually optional, both for GNUnet and GNUnet-taler builds | Christian Grothoff | 2015-05-30 |
| | |||
* | adding --enable-taler-wallet configure option to build a reduced version of ↵ | Christian Grothoff | 2015-05-28 |
| | | | | libgnunetutil with only the parts needed by GNU Taler wallets | ||
* | -use flag to disable key generation test for libgcrypt > 1.7 | Christian Grothoff | 2015-05-22 |
| | |||
* | -use faster Eddsa key gen | Christian Grothoff | 2015-05-19 |
| | |||
* | ecdh-eddsa implementation now works | Christian Grothoff | 2015-05-15 |
| | |||
* | towards using EdDSA-ECDHE instead of ECDSA-ECDHE combined cryptosystem (API ↵ | Christian Grothoff | 2015-05-13 |
| | | | | only) | ||
* | -also cover private key case | Christian Grothoff | 2015-03-19 |
| | |||
* | -get test to work, but with ecdsa instead of eddsa | Christian Grothoff | 2015-03-19 |
| | |||
* | -bringing copyright tags up to FSF standard | Christian Grothoff | 2015-02-07 |
| | |||
* | adding GNUNET_CRYPTO_eddsa_private_key_from_string | Christian Grothoff | 2015-01-28 |
| | |||
* | 1.Removed GNUNET_CRYPTO_compute_finger_identity | Supriti Singh | 2014-04-07 |
| | | | | | | | 2.Removed myself as the first element of the trail. 3.Multiple entries in the routing table. 4.Put/Get/Monitor from old DHT added back in clients file. | ||
* | Adding function GNUNET_CRYPTO_compute_finger_identity | Supriti Singh | 2014-02-18 |
| | |||
* | Computing finger identity using libgcrypt functions. | Supriti Singh | 2014-02-07 |
| | |||
* | -Modified struct PeerTrailSetupMessage. | Supriti Singh | 2014-01-27 |
| | | | | | | | | -Modified struct PeerTrailSetupResultMessage. -Added stubs for find_predecessor. -Added comments to understand the flow. | ||
* | - remove adjust | Florian Dold | 2014-01-20 |
| | |||
* | - make mpi scan/print public | Florian Dold | 2014-01-20 |
| | | | | | - secretsharing key generation and decryption fixed | ||
* | -move tcp session check into extra checks condition | Christian Grothoff | 2013-12-13 |
| | |||
* | -dox | Christian Grothoff | 2013-12-06 |
| | |||
* | - add peer cmp | Bart Polot | 2013-12-05 |
| | |||
* | -remove noparam, as suggested by Werner Koch | Christian Grothoff | 2013-11-13 |
| | |||
* | -fix #3095 | Christian Grothoff | 2013-11-08 |
| | |||
* | -addressing final crypto fixme | Christian Grothoff | 2013-11-05 |
| | |||
* | Werner Koch wrote: | Christian Grothoff | 2013-11-05 |
| | | | | | | | | | | | | | Hi, find attached a changed diff to crypto_ecc.c with the final Libgcrypt interface. Use commit b9fd398 or later for your tests. Shalom-Salam, Werner | ||
* | Werner Koch wrote: | Christian Grothoff | 2013-11-05 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hi, find attach the patch which makes all 3 test cases work with Ed25519. There are some minor hacks in the test cases to allow enabling of Libgcrypt debugging and also some minor output style changes. There is one FIXME in the code: /* FIXME: mpi_print creates an unsigned integer - is that intended or should we convert it to a signed integer (2-compl)? */ mpi_print (xbuf, sizeof (xbuf), result_x); X may be positive or negative but GCRYMPI_FMT_USG ignores the sign. Thus this is not what we actually want. Should we change it to 2-comp (GCRYMPI_FMT_STD) so that we have a proper value? Given that the curve is 255 bit this should alwas fit int the 256 bit buffer. Another option would be to use the EdDSA method for the sign but that is optimized to easily recover x and would be more work. Or we store the sign in the high bit. t all depends on what you want to write into the protocol specs. I would also like to revert the way we distinguish between Ed25519 with and without ECDSA: The way we do it right now is by assuming the Ed25519 is always used with EdDSA unless a flag has been set. This is a bit surprising and requiring the "(flags eddsa)" would be a less surprising interface. Salam-Shalom, Werner | ||
* | -eddsa not yet in gcrypt | Christian Grothoff | 2013-10-11 |
| | |||
* | separating ECC crypto into functions/structs for ECDHE, ECDSA and EDDSA | Christian Grothoff | 2013-10-10 |
| |