path: root/src
AgeCommit message (Collapse)Author
4 days-fix horrible indentationHEADmasterChristian Grothoff
4 days-modify mingling to preserve less structure, breaks protocol slightly...Christian Grothoff
10 days-log more detailsChristian Grothoff
11 daysfix scheduler bug with same-priority immediately-ready tasks possibly ↵Christian Grothoff
hogging the scheduler
2022-05-09DHT: Move block type definitions to GANAMartin Schanzenbach
2022-05-09FCFSD: Allow configuration of relative expiration time of added recordsMartin Schanzenbach
2022-05-05-fix unchecked remove calls in messenger ego storeTheJackiMonster
Signed-off-by: TheJackiMonster <>
2022-04-30-nicer loggingChristian Grothoff
2022-04-27-oops, fix wrong size of unreduced scalarFlorian Dold
2022-04-26-only need to copy 32 bytesFlorian Dold
2022-04-26gnunet-crypto-tvg: edx25519 test vectorsFlorian Dold
2022-04-26edx25519: use SHA512/256 instead of SHA256Florian Dold
2022-04-26- added missing GNUNET_SERVICE_client_continuet3sserakt
2022-04-25- added debug informationt3sserakt
2022-04-25-code cleanup: remove duplicated commentsChristian Grothoff
2022-04-25-simplify mqChristian Grothoff
2022-04-24-added name for deletion message kindTheJackiMonster
Signed-off-by: TheJackiMonster <>
2022-04-19edx25519: KDF callFlorian Dold
2022-04-19edx25519: use libsodium, tweak KDF callFlorian Dold
2022-04-08-libgnunetpq needs version bumpChristian Grothoff
2022-04-05-fix messenger renamingTheJackiMonster
Signed-off-by: TheJackiMonster <>
2022-04-05add flag to return 'not present' status from GNUNET_JSON_spec_mark_optionalChristian Grothoff
2022-04-04UTIL: OpenBSD does not implement unsafe srandomMartin Schanzenbach
2022-04-04Merge branch 'master' of ssh://
2022-04-04-typoChristian Grothoff
2022-04-03Merge branch 'master' of ssh://
2022-04-03Merge branch 'master' of ssh://
2022-04-02-add include for type fd_setTheJackiMonster
Signed-off-by: TheJackiMonster <>
2022-04-02-implement messenger key update, fix ego store operationsTheJackiMonster
Signed-off-by: TheJackiMonster <>
2022-04-02-unusedMartin Schanzenbach
2022-04-01- Introduced check, if we need to rebuild a DV box, because we have a ↵t3sserakt
different path. - Bug fix when freeing PendingMessage structs, in case of more complex hierarchies of pending messages. E.g. root msg -> DV Box -> reliability box. - Bug fix in backtalker logic. - Change logic, if MTU changes to keep already computed fragments. - Introduced a retry delay, if pending messages are not ready again. - Added schedule_transmit_on_queue, if communicator tells us about having capacity again. - Bug fixed in store request sent callback. - Some smaller bug fixes.
2022-04-01-fixMartin Schanzenbach
2022-04-01-portability openbsdMartin Schanzenbach
2022-03-30-fix bogus free bugsChristian Grothoff
2022-03-30-style fixes, no semantic changesChristian Grothoff
2022-03-30-logging, minor memory leak fixChristian Grothoff
2022-03-29-update testvector generationMartin Schanzenbach
2022-03-29-add assertion againMartin Schanzenbach
2022-03-29GNS: Do not fail on assertions in block processingMartin Schanzenbach
2022-03-29-fixMartin Schanzenbach
2022-03-28-fix leak in edx25519Özgür Kesim
2022-03-27Edx25519 implementedÖzgür Kesim
Edx25519 is a variant of EdDSA on curve25519 which allows for repeated derivation of private and public keys, independently. The private keys in Edx25519 initially correspond to the data after expansion and clamping in EdDSA. However, this correspondence is lost after deriving further keys from existing ones. The public keys and signature verification are compatible with EdDSA. The ability to repeatedly derive key material is used for example in the context of age restriction in GNU Taler. The scheme that has been implemented is as follows: /* Private keys in Edx25519 are pairs (a, b) of 32 byte each. * Initially they correspond to the result of the expansion * and clamping in EdDSA. */ Edx25519_generate_private(seed) { /* EdDSA expand and clamp */ dh := SHA-512(seed) a := dh[0..31] b := dh[32..64] a[0] &= 0b11111000 a[31] &= 0b01111111 a[31] |= 0b01000000 return (a, b) } Edx25519_public_from_private(private) { /* Public keys are the same as in EdDSA */ (a, _) := private return [a] * G } Edx25519_blinding_factor(P, seed) { /* This is a helper function used in the derivation of * private/public keys from existing ones. */ h1 := HKDF_32(P, seed) /* Ensure that h == h % L */ h := h1 % L /* Optionally: Make sure that we don't create weak keys. */ P' := [h] * P if !( (h!=1) && (h!=0) && (P'!=E) ) { return Edx25519_blinding_factor(P, seed+1) } return h } Edx25519_derive_private(private, seed) { /* This is based on the definition in * GNUNET_CRYPTO_eddsa_private_key_derive. But it accepts * and returns a private pair (a, b) and allows for iteration. */ (a, b) := private P := Edx25519_public_key_from_private(private) h := Edx25519_blinding_factor(P, seed) /* Carefully calculate the new value for a */ a1 := a / 8; a2 := (h * a1) % L a' := (a2 * 8) % L /* Update b as well, binding it to h. This is an additional step compared to GNS. */ b' := SHA256(b ∥ h) return (a', b') } Edx25519_derive_public(P, seed) { h := Edx25519_blinding_factor(P, seed) return [h]*P } Edx25519_sign(private, message) { /* As in Ed25519, except for the origin of b */ (d, b) := private P := Edx25519_public_from_private(private) r := SHA-512(b ∥ message) R := [r] * G s := r + SHA-512(R ∥ P ∥ message) * d % L return (R,s) } Edx25519_verify(P, message, signature) { /* Identical to Ed25519 */ (R, s) := signature return [s] * G == R + [SHA-512(R ∥ P ∥ message)] * P }
2022-03-27GNS: Sanitize APIs and align with LSD0001Martin Schanzenbach
2022-03-26add GNUNET_TIME_absolute_round_down() functionChristian Grothoff
2022-03-21-init uninitChristian Grothoff
2022-03-21-fix FTBFSChristian Grothoff
2022-03-21Merge branch 'master' of git+ssh:// Schanzenbach
2022-03-21NAMESTORE: Towards new transaction-based APIMartin Schanzenbach
2022-03-21-add gns record type handling for messenger room detailsTheJackiMonster
Signed-off-by: TheJackiMonster <>
2022-03-21add new approximate time cmp functionChristian Grothoff