aboutsummaryrefslogtreecommitdiff
path: root/crypto.c
diff options
context:
space:
mode:
authorMarkus Teich <markus.teich@stusta.mhn.de>2016-08-03 12:26:27 +0200
committerMarkus Teich <markus.teich@stusta.mhn.de>2016-08-03 12:26:27 +0200
commit3dea4b69f58a1545068bf56824787f6316ad5b95 (patch)
tree64f13d1858e6bb56265643babaa76c64232bbeb1 /crypto.c
parentfd52f708ddb8a985d785fac9c51c8da3fe2ff937 (diff)
downloadlibbrandt-3dea4b69f58a1545068bf56824787f6316ad5b95.tar.gz
libbrandt-3dea4b69f58a1545068bf56824787f6316ad5b95.zip
switch to hashing from gnunetutil
Diffstat (limited to 'crypto.c')
-rw-r--r--crypto.c58
1 files changed, 12 insertions, 46 deletions
diff --git a/crypto.c b/crypto.c
index 63017a5..4b9faa0 100644
--- a/crypto.c
+++ b/crypto.c
@@ -93,22 +93,6 @@ brandt_crypto_init (struct GNUNET_CRYPTO_EccDlogContext *dlogctx)
93} 93}
94 94
95 95
96/* --- HASHING --- */
97
98/**
99 * Hash block of given size.
100 *
101 * @param block the data to #brandt_hash, length is given as a second argument
102 * @param size the length of the data to #brandt_hash in @a block
103 * @param ret pointer to where to write the hashcode
104 */
105void
106brandt_hash (const void *block, size_t size, struct brandt_hash_code *ret)
107{
108 gcry_md_hash_buffer (GCRY_MD_SHA512, ret, block, size);
109}
110
111
112/* --- EC --- */ 96/* --- EC --- */
113 97
114/** 98/**
@@ -1512,10 +1496,9 @@ smc_zkp_dl (gcry_mpi_point_t v,
1512 struct proof_dl *proof) 1496 struct proof_dl *proof)
1513{ 1497{
1514 struct zkp_challenge_dl challenge; 1498 struct zkp_challenge_dl challenge;
1515 struct brandt_hash_code challhash;
1516 gcry_mpi_point_t a = gcry_mpi_point_new (0); 1499 gcry_mpi_point_t a = gcry_mpi_point_new (0);
1517 gcry_mpi_t r = gcry_mpi_new (256); 1500 gcry_mpi_t r = gcry_mpi_new (256);
1518 gcry_mpi_t c = gcry_mpi_new (256); 1501 gcry_mpi_t c;
1519 gcry_mpi_t z = gcry_mpi_new (256); 1502 gcry_mpi_t z = gcry_mpi_new (256);
1520 1503
1521 /* v = xg */ 1504 /* v = xg */
@@ -1528,9 +1511,7 @@ smc_zkp_dl (gcry_mpi_point_t v,
1528 ec_point_serialize (&challenge.g, ec_gen); 1511 ec_point_serialize (&challenge.g, ec_gen);
1529 ec_point_serialize (&challenge.v, v); 1512 ec_point_serialize (&challenge.v, v);
1530 ec_point_serialize (&challenge.a, a); 1513 ec_point_serialize (&challenge.a, a);
1531 brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); 1514 GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp dl");
1532 mpi_parse (c, (struct ec_mpi *)&challhash);
1533 gcry_mpi_mod (c, c, ec_n);
1534 1515
1535 /* r = z + cx */ 1516 /* r = z + cx */
1536 gcry_mpi_mulm (r, c, x, ec_n); 1517 gcry_mpi_mulm (r, c, x, ec_n);
@@ -1560,10 +1541,9 @@ smc_zkp_dl_check (const gcry_mpi_point_t v,
1560{ 1541{
1561 int ret; 1542 int ret;
1562 struct zkp_challenge_dl challenge; 1543 struct zkp_challenge_dl challenge;
1563 struct brandt_hash_code challhash;
1564 gcry_mpi_point_t a = gcry_mpi_point_new (0); 1544 gcry_mpi_point_t a = gcry_mpi_point_new (0);
1565 gcry_mpi_t r = gcry_mpi_new (256); 1545 gcry_mpi_t r = gcry_mpi_new (256);
1566 gcry_mpi_t c = gcry_mpi_new (256); 1546 gcry_mpi_t c;
1567 gcry_mpi_point_t left = gcry_mpi_point_new (0); 1547 gcry_mpi_point_t left = gcry_mpi_point_new (0);
1568 gcry_mpi_point_t right = gcry_mpi_point_new (0); 1548 gcry_mpi_point_t right = gcry_mpi_point_new (0);
1569 1549
@@ -1574,9 +1554,7 @@ smc_zkp_dl_check (const gcry_mpi_point_t v,
1574 ec_point_serialize (&challenge.g, ec_gen); 1554 ec_point_serialize (&challenge.g, ec_gen);
1575 ec_point_serialize (&challenge.v, v); 1555 ec_point_serialize (&challenge.v, v);
1576 ec_point_serialize (&challenge.a, a); 1556 ec_point_serialize (&challenge.a, a);
1577 brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); 1557 GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp dl");
1578 mpi_parse (c, (struct ec_mpi *)&challhash);
1579 gcry_mpi_mod (c, c, ec_n);
1580 1558
1581 /* rg =? a + cv */ 1559 /* rg =? a + cv */
1582 gcry_mpi_ec_mul (left, r, ec_gen, ec_ctx); 1560 gcry_mpi_ec_mul (left, r, ec_gen, ec_ctx);
@@ -1619,14 +1597,13 @@ smc_zkp_2dle (gcry_mpi_point_t v,
1619 struct proof_2dle *proof) 1597 struct proof_2dle *proof)
1620{ 1598{
1621 struct zkp_challenge_2dle challenge; 1599 struct zkp_challenge_2dle challenge;
1622 struct brandt_hash_code challhash;
1623 gcry_mpi_point_t rv; 1600 gcry_mpi_point_t rv;
1624 gcry_mpi_point_t rw; 1601 gcry_mpi_point_t rw;
1625 gcry_mpi_t rx; 1602 gcry_mpi_t rx;
1626 gcry_mpi_point_t a = gcry_mpi_point_new (0); 1603 gcry_mpi_point_t a = gcry_mpi_point_new (0);
1627 gcry_mpi_point_t b = gcry_mpi_point_new (0); 1604 gcry_mpi_point_t b = gcry_mpi_point_new (0);
1628 gcry_mpi_t r = gcry_mpi_new (256); 1605 gcry_mpi_t r = gcry_mpi_new (256);
1629 gcry_mpi_t c = gcry_mpi_new (256); 1606 gcry_mpi_t c;
1630 gcry_mpi_t z = gcry_mpi_new (256); 1607 gcry_mpi_t z = gcry_mpi_new (256);
1631 1608
1632 rv = (NULL == v) ? gcry_mpi_point_new (0) : v; 1609 rv = (NULL == v) ? gcry_mpi_point_new (0) : v;
@@ -1655,9 +1632,7 @@ smc_zkp_2dle (gcry_mpi_point_t v,
1655 ec_point_serialize (&challenge.w, rw); 1632 ec_point_serialize (&challenge.w, rw);
1656 ec_point_serialize (&challenge.a, a); 1633 ec_point_serialize (&challenge.a, a);
1657 ec_point_serialize (&challenge.b, b); 1634 ec_point_serialize (&challenge.b, b);
1658 brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); 1635 GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 2dle");
1659 mpi_parse (c, (struct ec_mpi *)&challhash);
1660 gcry_mpi_mod (c, c, ec_n);
1661 1636
1662 /* r = z + cx */ 1637 /* r = z + cx */
1663 gcry_mpi_mulm (r, c, rx, ec_n); 1638 gcry_mpi_mulm (r, c, rx, ec_n);
@@ -1701,11 +1676,10 @@ smc_zkp_2dle_check (const gcry_mpi_point_t v,
1701{ 1676{
1702 int ret; 1677 int ret;
1703 struct zkp_challenge_2dle challenge; 1678 struct zkp_challenge_2dle challenge;
1704 struct brandt_hash_code challhash;
1705 gcry_mpi_point_t a = gcry_mpi_point_new (0); 1679 gcry_mpi_point_t a = gcry_mpi_point_new (0);
1706 gcry_mpi_point_t b = gcry_mpi_point_new (0); 1680 gcry_mpi_point_t b = gcry_mpi_point_new (0);
1707 gcry_mpi_t r = gcry_mpi_new (256); 1681 gcry_mpi_t r = gcry_mpi_new (256);
1708 gcry_mpi_t c = gcry_mpi_new (256); 1682 gcry_mpi_t c;
1709 gcry_mpi_point_t left = gcry_mpi_point_new (0); 1683 gcry_mpi_point_t left = gcry_mpi_point_new (0);
1710 gcry_mpi_point_t right = gcry_mpi_point_new (0); 1684 gcry_mpi_point_t right = gcry_mpi_point_new (0);
1711 1685
@@ -1720,9 +1694,7 @@ smc_zkp_2dle_check (const gcry_mpi_point_t v,
1720 ec_point_serialize (&challenge.w, w); 1694 ec_point_serialize (&challenge.w, w);
1721 ec_point_serialize (&challenge.a, a); 1695 ec_point_serialize (&challenge.a, a);
1722 ec_point_serialize (&challenge.b, b); 1696 ec_point_serialize (&challenge.b, b);
1723 brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); 1697 GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 2dle");
1724 mpi_parse (c, (struct ec_mpi *)&challhash);
1725 gcry_mpi_mod (c, c, ec_n);
1726 1698
1727 /* r*g1 =? a + cv */ 1699 /* r*g1 =? a + cv */
1728 gcry_mpi_ec_mul (left, r, g1, ec_ctx); 1700 gcry_mpi_ec_mul (left, r, g1, ec_ctx);
@@ -1775,7 +1747,6 @@ smc_zkp_0og (int m_is_gen,
1775 struct proof_0og *proof) 1747 struct proof_0og *proof)
1776{ 1748{
1777 struct zkp_challenge_0og challenge; 1749 struct zkp_challenge_0og challenge;
1778 struct brandt_hash_code challhash;
1779 gcry_mpi_point_t a1 = gcry_mpi_point_new (0); 1750 gcry_mpi_point_t a1 = gcry_mpi_point_new (0);
1780 gcry_mpi_point_t a2 = gcry_mpi_point_new (0); 1751 gcry_mpi_point_t a2 = gcry_mpi_point_new (0);
1781 gcry_mpi_point_t b1 = gcry_mpi_point_new (0); 1752 gcry_mpi_point_t b1 = gcry_mpi_point_new (0);
@@ -1784,7 +1755,7 @@ smc_zkp_0og (int m_is_gen,
1784 gcry_mpi_t d2 = gcry_mpi_new (256); 1755 gcry_mpi_t d2 = gcry_mpi_new (256);
1785 gcry_mpi_t r1 = gcry_mpi_new (256); 1756 gcry_mpi_t r1 = gcry_mpi_new (256);
1786 gcry_mpi_t r2 = gcry_mpi_new (256); 1757 gcry_mpi_t r2 = gcry_mpi_new (256);
1787 gcry_mpi_t c = gcry_mpi_new (256); 1758 gcry_mpi_t c;
1788 gcry_mpi_t rr; 1759 gcry_mpi_t rr;
1789 gcry_mpi_t w = gcry_mpi_new (256); 1760 gcry_mpi_t w = gcry_mpi_new (256);
1790 1761
@@ -1854,9 +1825,7 @@ smc_zkp_0og (int m_is_gen,
1854 ec_point_serialize (&challenge.a2, a2); 1825 ec_point_serialize (&challenge.a2, a2);
1855 ec_point_serialize (&challenge.b1, b1); 1826 ec_point_serialize (&challenge.b1, b1);
1856 ec_point_serialize (&challenge.b2, b2); 1827 ec_point_serialize (&challenge.b2, b2);
1857 brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); 1828 GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 0og");
1858 mpi_parse (c, (struct ec_mpi *)&challhash);
1859 gcry_mpi_mod (c, c, ec_n);
1860 1829
1861 if (!m_is_gen) 1830 if (!m_is_gen)
1862 { /* m == 0 */ 1831 { /* m == 0 */
@@ -1919,7 +1888,6 @@ smc_zkp_0og_check (const gcry_mpi_point_t y,
1919{ 1888{
1920 int ret; 1889 int ret;
1921 struct zkp_challenge_0og challenge; 1890 struct zkp_challenge_0og challenge;
1922 struct brandt_hash_code challhash;
1923 gcry_mpi_point_t a1 = gcry_mpi_point_new (0); 1891 gcry_mpi_point_t a1 = gcry_mpi_point_new (0);
1924 gcry_mpi_point_t a2 = gcry_mpi_point_new (0); 1892 gcry_mpi_point_t a2 = gcry_mpi_point_new (0);
1925 gcry_mpi_point_t b1 = gcry_mpi_point_new (0); 1893 gcry_mpi_point_t b1 = gcry_mpi_point_new (0);
@@ -1928,7 +1896,7 @@ smc_zkp_0og_check (const gcry_mpi_point_t y,
1928 gcry_mpi_t d2 = gcry_mpi_new (256); 1896 gcry_mpi_t d2 = gcry_mpi_new (256);
1929 gcry_mpi_t r1 = gcry_mpi_new (256); 1897 gcry_mpi_t r1 = gcry_mpi_new (256);
1930 gcry_mpi_t r2 = gcry_mpi_new (256); 1898 gcry_mpi_t r2 = gcry_mpi_new (256);
1931 gcry_mpi_t c = gcry_mpi_new (256); 1899 gcry_mpi_t c;
1932 gcry_mpi_t sum = gcry_mpi_new (256); 1900 gcry_mpi_t sum = gcry_mpi_new (256);
1933 gcry_mpi_point_t right = gcry_mpi_point_new (0); 1901 gcry_mpi_point_t right = gcry_mpi_point_new (0);
1934 gcry_mpi_point_t tmp = gcry_mpi_point_new (0); 1902 gcry_mpi_point_t tmp = gcry_mpi_point_new (0);
@@ -1950,9 +1918,7 @@ smc_zkp_0og_check (const gcry_mpi_point_t y,
1950 ec_point_serialize (&challenge.a2, a2); 1918 ec_point_serialize (&challenge.a2, a2);
1951 ec_point_serialize (&challenge.b1, b1); 1919 ec_point_serialize (&challenge.b1, b1);
1952 ec_point_serialize (&challenge.b2, b2); 1920 ec_point_serialize (&challenge.b2, b2);
1953 brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); 1921 GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 0og");
1954 mpi_parse (c, (struct ec_mpi *)&challhash);
1955 gcry_mpi_mod (c, c, ec_n);
1956 1922
1957 /* c == d1 + d2 */ 1923 /* c == d1 + d2 */
1958 gcry_mpi_addm (sum, d1, d2, ec_n); 1924 gcry_mpi_addm (sum, d1, d2, ec_n);
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-28 07:36:03 +0000