diff options
author | Markus Teich <markus.teich@stusta.mhn.de> | 2016-08-03 12:26:27 +0200 |
---|---|---|
committer | Markus Teich <markus.teich@stusta.mhn.de> | 2016-08-03 12:26:27 +0200 |
commit | 3dea4b69f58a1545068bf56824787f6316ad5b95 (patch) | |
tree | 64f13d1858e6bb56265643babaa76c64232bbeb1 /crypto.c | |
parent | fd52f708ddb8a985d785fac9c51c8da3fe2ff937 (diff) | |
download | libbrandt-3dea4b69f58a1545068bf56824787f6316ad5b95.tar.gz libbrandt-3dea4b69f58a1545068bf56824787f6316ad5b95.zip |
switch to hashing from gnunetutil
Diffstat (limited to 'crypto.c')
-rw-r--r-- | crypto.c | 58 |
1 files changed, 12 insertions, 46 deletions
@@ -93,22 +93,6 @@ brandt_crypto_init (struct GNUNET_CRYPTO_EccDlogContext *dlogctx) | |||
93 | } | 93 | } |
94 | 94 | ||
95 | 95 | ||
96 | /* --- HASHING --- */ | ||
97 | |||
98 | /** | ||
99 | * Hash block of given size. | ||
100 | * | ||
101 | * @param block the data to #brandt_hash, length is given as a second argument | ||
102 | * @param size the length of the data to #brandt_hash in @a block | ||
103 | * @param ret pointer to where to write the hashcode | ||
104 | */ | ||
105 | void | ||
106 | brandt_hash (const void *block, size_t size, struct brandt_hash_code *ret) | ||
107 | { | ||
108 | gcry_md_hash_buffer (GCRY_MD_SHA512, ret, block, size); | ||
109 | } | ||
110 | |||
111 | |||
112 | /* --- EC --- */ | 96 | /* --- EC --- */ |
113 | 97 | ||
114 | /** | 98 | /** |
@@ -1512,10 +1496,9 @@ smc_zkp_dl (gcry_mpi_point_t v, | |||
1512 | struct proof_dl *proof) | 1496 | struct proof_dl *proof) |
1513 | { | 1497 | { |
1514 | struct zkp_challenge_dl challenge; | 1498 | struct zkp_challenge_dl challenge; |
1515 | struct brandt_hash_code challhash; | ||
1516 | gcry_mpi_point_t a = gcry_mpi_point_new (0); | 1499 | gcry_mpi_point_t a = gcry_mpi_point_new (0); |
1517 | gcry_mpi_t r = gcry_mpi_new (256); | 1500 | gcry_mpi_t r = gcry_mpi_new (256); |
1518 | gcry_mpi_t c = gcry_mpi_new (256); | 1501 | gcry_mpi_t c; |
1519 | gcry_mpi_t z = gcry_mpi_new (256); | 1502 | gcry_mpi_t z = gcry_mpi_new (256); |
1520 | 1503 | ||
1521 | /* v = xg */ | 1504 | /* v = xg */ |
@@ -1528,9 +1511,7 @@ smc_zkp_dl (gcry_mpi_point_t v, | |||
1528 | ec_point_serialize (&challenge.g, ec_gen); | 1511 | ec_point_serialize (&challenge.g, ec_gen); |
1529 | ec_point_serialize (&challenge.v, v); | 1512 | ec_point_serialize (&challenge.v, v); |
1530 | ec_point_serialize (&challenge.a, a); | 1513 | ec_point_serialize (&challenge.a, a); |
1531 | brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); | 1514 | GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp dl"); |
1532 | mpi_parse (c, (struct ec_mpi *)&challhash); | ||
1533 | gcry_mpi_mod (c, c, ec_n); | ||
1534 | 1515 | ||
1535 | /* r = z + cx */ | 1516 | /* r = z + cx */ |
1536 | gcry_mpi_mulm (r, c, x, ec_n); | 1517 | gcry_mpi_mulm (r, c, x, ec_n); |
@@ -1560,10 +1541,9 @@ smc_zkp_dl_check (const gcry_mpi_point_t v, | |||
1560 | { | 1541 | { |
1561 | int ret; | 1542 | int ret; |
1562 | struct zkp_challenge_dl challenge; | 1543 | struct zkp_challenge_dl challenge; |
1563 | struct brandt_hash_code challhash; | ||
1564 | gcry_mpi_point_t a = gcry_mpi_point_new (0); | 1544 | gcry_mpi_point_t a = gcry_mpi_point_new (0); |
1565 | gcry_mpi_t r = gcry_mpi_new (256); | 1545 | gcry_mpi_t r = gcry_mpi_new (256); |
1566 | gcry_mpi_t c = gcry_mpi_new (256); | 1546 | gcry_mpi_t c; |
1567 | gcry_mpi_point_t left = gcry_mpi_point_new (0); | 1547 | gcry_mpi_point_t left = gcry_mpi_point_new (0); |
1568 | gcry_mpi_point_t right = gcry_mpi_point_new (0); | 1548 | gcry_mpi_point_t right = gcry_mpi_point_new (0); |
1569 | 1549 | ||
@@ -1574,9 +1554,7 @@ smc_zkp_dl_check (const gcry_mpi_point_t v, | |||
1574 | ec_point_serialize (&challenge.g, ec_gen); | 1554 | ec_point_serialize (&challenge.g, ec_gen); |
1575 | ec_point_serialize (&challenge.v, v); | 1555 | ec_point_serialize (&challenge.v, v); |
1576 | ec_point_serialize (&challenge.a, a); | 1556 | ec_point_serialize (&challenge.a, a); |
1577 | brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); | 1557 | GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp dl"); |
1578 | mpi_parse (c, (struct ec_mpi *)&challhash); | ||
1579 | gcry_mpi_mod (c, c, ec_n); | ||
1580 | 1558 | ||
1581 | /* rg =? a + cv */ | 1559 | /* rg =? a + cv */ |
1582 | gcry_mpi_ec_mul (left, r, ec_gen, ec_ctx); | 1560 | gcry_mpi_ec_mul (left, r, ec_gen, ec_ctx); |
@@ -1619,14 +1597,13 @@ smc_zkp_2dle (gcry_mpi_point_t v, | |||
1619 | struct proof_2dle *proof) | 1597 | struct proof_2dle *proof) |
1620 | { | 1598 | { |
1621 | struct zkp_challenge_2dle challenge; | 1599 | struct zkp_challenge_2dle challenge; |
1622 | struct brandt_hash_code challhash; | ||
1623 | gcry_mpi_point_t rv; | 1600 | gcry_mpi_point_t rv; |
1624 | gcry_mpi_point_t rw; | 1601 | gcry_mpi_point_t rw; |
1625 | gcry_mpi_t rx; | 1602 | gcry_mpi_t rx; |
1626 | gcry_mpi_point_t a = gcry_mpi_point_new (0); | 1603 | gcry_mpi_point_t a = gcry_mpi_point_new (0); |
1627 | gcry_mpi_point_t b = gcry_mpi_point_new (0); | 1604 | gcry_mpi_point_t b = gcry_mpi_point_new (0); |
1628 | gcry_mpi_t r = gcry_mpi_new (256); | 1605 | gcry_mpi_t r = gcry_mpi_new (256); |
1629 | gcry_mpi_t c = gcry_mpi_new (256); | 1606 | gcry_mpi_t c; |
1630 | gcry_mpi_t z = gcry_mpi_new (256); | 1607 | gcry_mpi_t z = gcry_mpi_new (256); |
1631 | 1608 | ||
1632 | rv = (NULL == v) ? gcry_mpi_point_new (0) : v; | 1609 | rv = (NULL == v) ? gcry_mpi_point_new (0) : v; |
@@ -1655,9 +1632,7 @@ smc_zkp_2dle (gcry_mpi_point_t v, | |||
1655 | ec_point_serialize (&challenge.w, rw); | 1632 | ec_point_serialize (&challenge.w, rw); |
1656 | ec_point_serialize (&challenge.a, a); | 1633 | ec_point_serialize (&challenge.a, a); |
1657 | ec_point_serialize (&challenge.b, b); | 1634 | ec_point_serialize (&challenge.b, b); |
1658 | brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); | 1635 | GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 2dle"); |
1659 | mpi_parse (c, (struct ec_mpi *)&challhash); | ||
1660 | gcry_mpi_mod (c, c, ec_n); | ||
1661 | 1636 | ||
1662 | /* r = z + cx */ | 1637 | /* r = z + cx */ |
1663 | gcry_mpi_mulm (r, c, rx, ec_n); | 1638 | gcry_mpi_mulm (r, c, rx, ec_n); |
@@ -1701,11 +1676,10 @@ smc_zkp_2dle_check (const gcry_mpi_point_t v, | |||
1701 | { | 1676 | { |
1702 | int ret; | 1677 | int ret; |
1703 | struct zkp_challenge_2dle challenge; | 1678 | struct zkp_challenge_2dle challenge; |
1704 | struct brandt_hash_code challhash; | ||
1705 | gcry_mpi_point_t a = gcry_mpi_point_new (0); | 1679 | gcry_mpi_point_t a = gcry_mpi_point_new (0); |
1706 | gcry_mpi_point_t b = gcry_mpi_point_new (0); | 1680 | gcry_mpi_point_t b = gcry_mpi_point_new (0); |
1707 | gcry_mpi_t r = gcry_mpi_new (256); | 1681 | gcry_mpi_t r = gcry_mpi_new (256); |
1708 | gcry_mpi_t c = gcry_mpi_new (256); | 1682 | gcry_mpi_t c; |
1709 | gcry_mpi_point_t left = gcry_mpi_point_new (0); | 1683 | gcry_mpi_point_t left = gcry_mpi_point_new (0); |
1710 | gcry_mpi_point_t right = gcry_mpi_point_new (0); | 1684 | gcry_mpi_point_t right = gcry_mpi_point_new (0); |
1711 | 1685 | ||
@@ -1720,9 +1694,7 @@ smc_zkp_2dle_check (const gcry_mpi_point_t v, | |||
1720 | ec_point_serialize (&challenge.w, w); | 1694 | ec_point_serialize (&challenge.w, w); |
1721 | ec_point_serialize (&challenge.a, a); | 1695 | ec_point_serialize (&challenge.a, a); |
1722 | ec_point_serialize (&challenge.b, b); | 1696 | ec_point_serialize (&challenge.b, b); |
1723 | brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); | 1697 | GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 2dle"); |
1724 | mpi_parse (c, (struct ec_mpi *)&challhash); | ||
1725 | gcry_mpi_mod (c, c, ec_n); | ||
1726 | 1698 | ||
1727 | /* r*g1 =? a + cv */ | 1699 | /* r*g1 =? a + cv */ |
1728 | gcry_mpi_ec_mul (left, r, g1, ec_ctx); | 1700 | gcry_mpi_ec_mul (left, r, g1, ec_ctx); |
@@ -1775,7 +1747,6 @@ smc_zkp_0og (int m_is_gen, | |||
1775 | struct proof_0og *proof) | 1747 | struct proof_0og *proof) |
1776 | { | 1748 | { |
1777 | struct zkp_challenge_0og challenge; | 1749 | struct zkp_challenge_0og challenge; |
1778 | struct brandt_hash_code challhash; | ||
1779 | gcry_mpi_point_t a1 = gcry_mpi_point_new (0); | 1750 | gcry_mpi_point_t a1 = gcry_mpi_point_new (0); |
1780 | gcry_mpi_point_t a2 = gcry_mpi_point_new (0); | 1751 | gcry_mpi_point_t a2 = gcry_mpi_point_new (0); |
1781 | gcry_mpi_point_t b1 = gcry_mpi_point_new (0); | 1752 | gcry_mpi_point_t b1 = gcry_mpi_point_new (0); |
@@ -1784,7 +1755,7 @@ smc_zkp_0og (int m_is_gen, | |||
1784 | gcry_mpi_t d2 = gcry_mpi_new (256); | 1755 | gcry_mpi_t d2 = gcry_mpi_new (256); |
1785 | gcry_mpi_t r1 = gcry_mpi_new (256); | 1756 | gcry_mpi_t r1 = gcry_mpi_new (256); |
1786 | gcry_mpi_t r2 = gcry_mpi_new (256); | 1757 | gcry_mpi_t r2 = gcry_mpi_new (256); |
1787 | gcry_mpi_t c = gcry_mpi_new (256); | 1758 | gcry_mpi_t c; |
1788 | gcry_mpi_t rr; | 1759 | gcry_mpi_t rr; |
1789 | gcry_mpi_t w = gcry_mpi_new (256); | 1760 | gcry_mpi_t w = gcry_mpi_new (256); |
1790 | 1761 | ||
@@ -1854,9 +1825,7 @@ smc_zkp_0og (int m_is_gen, | |||
1854 | ec_point_serialize (&challenge.a2, a2); | 1825 | ec_point_serialize (&challenge.a2, a2); |
1855 | ec_point_serialize (&challenge.b1, b1); | 1826 | ec_point_serialize (&challenge.b1, b1); |
1856 | ec_point_serialize (&challenge.b2, b2); | 1827 | ec_point_serialize (&challenge.b2, b2); |
1857 | brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); | 1828 | GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 0og"); |
1858 | mpi_parse (c, (struct ec_mpi *)&challhash); | ||
1859 | gcry_mpi_mod (c, c, ec_n); | ||
1860 | 1829 | ||
1861 | if (!m_is_gen) | 1830 | if (!m_is_gen) |
1862 | { /* m == 0 */ | 1831 | { /* m == 0 */ |
@@ -1919,7 +1888,6 @@ smc_zkp_0og_check (const gcry_mpi_point_t y, | |||
1919 | { | 1888 | { |
1920 | int ret; | 1889 | int ret; |
1921 | struct zkp_challenge_0og challenge; | 1890 | struct zkp_challenge_0og challenge; |
1922 | struct brandt_hash_code challhash; | ||
1923 | gcry_mpi_point_t a1 = gcry_mpi_point_new (0); | 1891 | gcry_mpi_point_t a1 = gcry_mpi_point_new (0); |
1924 | gcry_mpi_point_t a2 = gcry_mpi_point_new (0); | 1892 | gcry_mpi_point_t a2 = gcry_mpi_point_new (0); |
1925 | gcry_mpi_point_t b1 = gcry_mpi_point_new (0); | 1893 | gcry_mpi_point_t b1 = gcry_mpi_point_new (0); |
@@ -1928,7 +1896,7 @@ smc_zkp_0og_check (const gcry_mpi_point_t y, | |||
1928 | gcry_mpi_t d2 = gcry_mpi_new (256); | 1896 | gcry_mpi_t d2 = gcry_mpi_new (256); |
1929 | gcry_mpi_t r1 = gcry_mpi_new (256); | 1897 | gcry_mpi_t r1 = gcry_mpi_new (256); |
1930 | gcry_mpi_t r2 = gcry_mpi_new (256); | 1898 | gcry_mpi_t r2 = gcry_mpi_new (256); |
1931 | gcry_mpi_t c = gcry_mpi_new (256); | 1899 | gcry_mpi_t c; |
1932 | gcry_mpi_t sum = gcry_mpi_new (256); | 1900 | gcry_mpi_t sum = gcry_mpi_new (256); |
1933 | gcry_mpi_point_t right = gcry_mpi_point_new (0); | 1901 | gcry_mpi_point_t right = gcry_mpi_point_new (0); |
1934 | gcry_mpi_point_t tmp = gcry_mpi_point_new (0); | 1902 | gcry_mpi_point_t tmp = gcry_mpi_point_new (0); |
@@ -1950,9 +1918,7 @@ smc_zkp_0og_check (const gcry_mpi_point_t y, | |||
1950 | ec_point_serialize (&challenge.a2, a2); | 1918 | ec_point_serialize (&challenge.a2, a2); |
1951 | ec_point_serialize (&challenge.b1, b1); | 1919 | ec_point_serialize (&challenge.b1, b1); |
1952 | ec_point_serialize (&challenge.b2, b2); | 1920 | ec_point_serialize (&challenge.b2, b2); |
1953 | brandt_hash (&challenge, sizeof (struct zkp_challenge_dl), &challhash); | 1921 | GNUNET_CRYPTO_kdf_mod_mpi (&c, ec_n, NULL, 0, &challenge, sizeof (challenge), "libbrandt zkp 0og"); |
1954 | mpi_parse (c, (struct ec_mpi *)&challhash); | ||
1955 | gcry_mpi_mod (c, c, ec_n); | ||
1956 | 1922 | ||
1957 | /* c == d1 + d2 */ | 1923 | /* c == d1 + d2 */ |
1958 | gcry_mpi_addm (sum, d1, d2, ec_n); | 1924 | gcry_mpi_addm (sum, d1, d2, ec_n); |