New crypto refactoring.

2 years ago · 1f48a47d78
--- a/.gitignore
+++ b/.gitignore
@ -76,3 +76,4 @@ local.properties
 /work/
 /rt/
 /docker/
 /scratch/
--- a/doc/crypto/gcrypt.txt
+++ b/doc/crypto/gcrypt.txt
@ -0,0 +1,3 @@

 https://wiki.gnupg.org/ECC
 https://gnupg.org/documentation/manuals/gcrypt.pdf (p.46)
--- a/src/cmd/vanityid/main.go
+++ b/src/cmd/vanityid/main.go
@ -25,7 +25,7 @@ func main() {
 		if err != nil || n != 32 {
 			panic(err)
 		}
 		prv := crypto.EdDSAPrivateKeyFromSeed(seed)
 		prv := crypto.PrivateKeyFromSeed(seed)
 		pub := prv.Public().Bytes()
 		id := util.EncodeBinaryToString(pub)
 		for _, p := range prefixes {
--- a/src/gnunet/core/peer.go
+++ b/src/gnunet/core/peer.go
@ -19,18 +19,18 @@ type Peer interface {
 */

 type Peer struct {
 	pub      *crypto.EdDSAPublicKey
 	pub      *crypto.PublicKey
 	idString string
 	addrList []*util.Address
 	prv      *crypto.EdDSAPrivateKey  // long-term signing key
 	ephPrv   *crypto.EdDSAPrivateKey  // ephemeral signing key
 	prv      *crypto.PrivateKey       // long-term signing key
 	ephPrv   *crypto.PrivateKey       // ephemeral signing key
 	ephMsg   *message.EphemeralKeyMsg // ephemeral signing key message
 }

 func NewPeer(data []byte, local bool) (p *Peer, err error) {
 	p = new(Peer)
 	if local {
 		p.prv = crypto.EdDSAPrivateKeyFromSeed(data)
 		p.prv = crypto.PrivateKeyFromSeed(data)
 		p.pub = p.prv.Public()
 		p.ephPrv, p.ephMsg, err = message.NewEphemeralKey(p.pub.Bytes(), p.prv)
 		if err != nil {
@ -38,7 +38,7 @@ func NewPeer(data []byte, local bool) (p *Peer, err error) {
 		}
 	} else {
 		p.prv = nil
 		p.pub = crypto.NewEdDSAPublicKey(data)
 		p.pub = crypto.NewPublicKey(data)
 	}
 	p.idString = util.EncodeBinaryToString(p.pub.Bytes())
 	p.addrList = make([]*util.Address, 0)
@ -53,15 +53,15 @@ func (p *Peer) SetEphKeyMsg(msg *message.EphemeralKeyMsg) {
 	p.ephMsg = msg
 }

 func (p *Peer) EphPrvKey() *crypto.EdDSAPrivateKey {
 func (p *Peer) EphPrvKey() *crypto.PrivateKey {
 	return p.ephPrv
 }

 func (p *Peer) PrvKey() *crypto.EdDSAPrivateKey {
 func (p *Peer) PrvKey() *crypto.PrivateKey {
 	return p.prv
 }

 func (p *Peer) PubKey() *crypto.EdDSAPublicKey {
 func (p *Peer) PubKey() *crypto.PublicKey {
 	return p.pub
 }

@ -81,13 +81,13 @@ func (p *Peer) AddAddress(a *util.Address) {
 	p.addrList = append(p.addrList, a)
 }

 func (p *Peer) Sign(msg []byte) ([]byte, error) {
 func (p *Peer) Sign(msg []byte) (*crypto.Signature, error) {
 	if p.prv == nil {
 		return nil, fmt.Errorf("No private key")
 	}
 	return p.prv.Sign(msg)
 }

 func (p *Peer) Verify(msg, sig []byte) bool {
 func (p *Peer) Verify(msg []byte, sig *crypto.Signature) bool {
 	return p.pub.Verify(msg, sig)
 }
--- a/src/gnunet/crypto/ecdhe.go
+++ b/src/gnunet/crypto/ecdhe.go
@ -1,7 +0,0 @@
 package crypto

 import ()

 func SharedSecret(prv *EdDSAPrivateKey, pub *EdDSAPublicKey) ([]byte, error) {
 	return nil, nil
 }
--- a/src/gnunet/crypto/eddsa.go
+++ b/src/gnunet/crypto/eddsa.go
@ -1,99 +0,0 @@
 package crypto

 import (
 	"crypto"
 	"crypto/rand"
 	"crypto/sha512"
 	"errors"

 	"gnunet/util"

 	"gnunet/crypto/ed25519"
 )

 // Error codes
 var (
 	ErrInvalidEdDSAPrivateKeyData = errors.New("Invalid Ed25519 private key data")
 )

 //----------------------------------------------------------------------
 // Public key
 //----------------------------------------------------------------------

 // EdDSAPublicKey is a Ed25519 public key.
 type EdDSAPublicKey struct {
 	key ed25519.PublicKey
 }

 // NewEdDSAPublicKey sets the binary representation of a public key.
 // The value is not checked for validity!
 func NewEdDSAPublicKey(data []byte) *EdDSAPublicKey {
 	return &EdDSAPublicKey{
 		key: util.Clone(data),
 	}
 }

 // Bytes returns the binary representation of a public key.
 func (pub *EdDSAPublicKey) Bytes() []byte {
 	return []byte(pub.key)
 }

 // Verify checks a signature of a data block.
 func (pub *EdDSAPublicKey) Verify(data, sig []byte) bool {
 	h := sha512.New()
 	h.Write(data)
 	hv := h.Sum(nil)
 	return ed25519.Verify(pub.key, hv, sig)
 }

 //----------------------------------------------------------------------
 // Private Key
 //----------------------------------------------------------------------

 // EdDSAPrivateKey is a Ed25519 private key.
 type EdDSAPrivateKey struct {
 	key ed25519.PrivateKey // private key data (seed||public_key)
 	d   []byte             // HACK! "real" private key
 }

 // EdDSAPrivateKeyFromSeed returns a private key for a given seed.
 func EdDSAPrivateKeyFromSeed(seed []byte) *EdDSAPrivateKey {
 	k := &EdDSAPrivateKey{
 		key: ed25519.NewKeyFromSeed(seed),
 	}
 	// HACK! Save the "real" private key 'd' for later use
 	md := sha512.Sum512(seed)
 	k.d = util.Reverse(md[:32])
 	k.d[0] = (k.d[0] & 0x3f) | 0x40
 	k.d[31] &= 0xf8
 	return k
 }

 // D returns the "real" private key (HACK!)
 func (prv *EdDSAPrivateKey) D() []byte {
 	return util.Clone(prv.d)
 }

 // Public returns the public key for a private key.
 func (prv *EdDSAPrivateKey) Public() *EdDSAPublicKey {
 	return &EdDSAPublicKey{
 		key: util.Clone(prv.key[ed25519.PublicKeySize:]),
 	}
 }

 // Sign creates a signature for a data block.
 func (prv *EdDSAPrivateKey) Sign(data []byte) ([]byte, error) {
 	h := sha512.New()
 	h.Write(data)
 	hv := h.Sum(nil)
 	return prv.key.Sign(rand.Reader, hv, crypto.Hash(0))
 }

 // NewPeerKeypair creates a new Ed25519 key pair.
 func EdDSAKeypair() (*EdDSAPublicKey, *EdDSAPrivateKey, error) {
 	pub, prv, err := ed25519.GenerateKey(rand.Reader)
 	if err != nil {
 		return nil, nil, err
 	}
 	return &EdDSAPublicKey{key: pub}, &EdDSAPrivateKey{key: prv}, nil
 }
--- a/src/gnunet/crypto/key_exchange.go
+++ b/src/gnunet/crypto/key_exchange.go
@ -0,0 +1,7 @@
 package crypto

 import ()

 func SharedSecret(prv *PrivateKey, pub *PublicKey) ([]byte, error) {
 	return nil, nil
 }
--- a/src/gnunet/crypto/keys.go
+++ b/src/gnunet/crypto/keys.go
@ -0,0 +1,100 @@
 package crypto

 import (
 	"crypto"
 	"crypto/rand"
 	"crypto/sha512"
 	"fmt"
 	"math/big"

 	"gnunet/crypto/ed25519"
 	"gnunet/util"
 )

 // Error codes
 var (
 	ErrInvalidPrivateKeyData = fmt.Errorf("Invalid private key data")
 )

 //----------------------------------------------------------------------
 // Public key
 //----------------------------------------------------------------------

 // PublicKey is a Ed25519 public key.
 type PublicKey struct {
 	key ed25519.PublicKey
 }

 // NewPublicKey sets the binary representation of a public key.
 // The value is not checked for validity!
 func NewPublicKey(data []byte) *PublicKey {
 	if l := len(data); l != ed25519.PublicKeySize {
 		panic(fmt.Sprintf("NewPublicKey: invalid key size (%d)", l))
 	}
 	return &PublicKey{
 		key: util.Clone(data),
 	}
 }

 // Bytes returns the binary representation of a public key.
 func (pub *PublicKey) Bytes() []byte {
 	return []byte(pub.key)
 }

 // Verify checks a signature of a message.
 func (pub *PublicKey) Verify(msg []byte, sig *Signature) bool {
 	hv := sha512.Sum512(msg)
 	return ed25519.Verify(pub.key, hv[:], sig.Bytes())
 }

 //----------------------------------------------------------------------
 // Private Key
 //----------------------------------------------------------------------

 // PrivateKey is a Ed25519 private key.
 type PrivateKey struct {
 	key ed25519.PrivateKey // private key data (seed||public_key)
 	d   *big.Int           // HACK! "real" private key
 }

 // PrivateKeyFromSeed returns a private key for a given seed.
 func PrivateKeyFromSeed(seed []byte) *PrivateKey {
 	k := &PrivateKey{
 		key: ed25519.NewKeyFromSeed(seed),
 	}
 	// HACK! Save the "real" private key 'd' for later use
 	md := sha512.Sum512(seed)
 	d := util.Reverse(md[:32])
 	d[0] = (d[0] & 0x3f) | 0x40
 	d[31] &= 0xf8
 	k.d = new(big.Int).SetBytes(d)
 	return k
 }

 // D returns the "real" private key (HACK!)
 func (prv *PrivateKey) D() *big.Int {
 	return prv.d
 }

 // Public returns the public key for a private key.
 func (prv *PrivateKey) Public() *PublicKey {
 	return &PublicKey{
 		key: util.Clone(prv.key[ed25519.PublicKeySize:]),
 	}
 }

 // Sign creates a signature for a message.
 func (prv *PrivateKey) Sign(msg []byte) (*Signature, error) {
 	hv := sha512.Sum512(msg)
 	sig, err := prv.key.Sign(rand.Reader, hv[:], crypto.Hash(0))
 	return NewSignatureFromBytes(sig), err
 }

 // NewKeypair creates a new Ed25519 key pair.
 func NewKeypair() (*PublicKey, *PrivateKey, error) {
 	pub, prv, err := ed25519.GenerateKey(rand.Reader)
 	if err != nil {
 		return nil, nil, err
 	}
 	return &PublicKey{key: pub}, &PrivateKey{key: prv}, nil
 }
--- a/src/gnunet/crypto/eddsa_test.go
+++ b/src/gnunet/crypto/eddsa_test.go
--- a/src/gnunet/crypto/signature.go
+++ b/src/gnunet/crypto/signature.go
@ -1,6 +1,8 @@
 package crypto

 import ()
 import (
 	"gnunet/util"
 )

 // Signature purpose constants
 const (
@ -34,3 +36,22 @@ const (
 	SIG_GNUID_TICKET                    // GNUid Ticket.
 	SIG_CREDENTIAL                      // GNUnet credential.
 )

 //----------------------------------------------------------------------
 // Signature
 //----------------------------------------------------------------------

 type Signature struct {
 	// internal
 	data []byte
 }

 func NewSignatureFromBytes(data []byte) *Signature {
 	return &Signature{
 		data: util.Clone(data),
 	}
 }

 func (s *Signature) Bytes() []byte {
 	return s.data[:]
 }
--- a/src/gnunet/message/msg_core.go
+++ b/src/gnunet/message/msg_core.go
@ -27,20 +27,19 @@ type EphemeralKeyMsg struct {
 }

 func NewEphemeralKeyMsg() *EphemeralKeyMsg {
 	b := &EphKeyBlock{
 		SignSize:     88,
 		SigPurpose:   crypto.SIG_ECC_KEY,
 		CreateTime:   util.GetAbsoluteTimeNow(),
 		ExpireTime:   util.GetAbsoluteTimeOffset(12 * time.Hour),
 		EphemeralKey: make([]byte, 32),
 		PeerID:       make([]byte, 32),
 	}
 	return &EphemeralKeyMsg{
 		MsgSize:      160,
 		MsgType:      CORE_EPHEMERAL_KEY,
 		SenderStatus: 1,
 		Signature:    make([]byte, 64),
 		SignedBlock:  b,
 		SignedBlock: &EphKeyBlock{
 			SignSize:     88,
 			SigPurpose:   crypto.SIG_ECC_KEY,
 			CreateTime:   util.GetAbsoluteTimeNow(),
 			ExpireTime:   util.GetAbsoluteTimeOffset(12 * time.Hour),
 			EphemeralKey: make([]byte, 32),
 			PeerID:       make([]byte, 32),
 		},
 	}
 }

@ -52,25 +51,25 @@ func (m *EphemeralKeyMsg) String() string {
 		m.SenderStatus)
 }

 func (m *EphemeralKeyMsg) Public() *crypto.EdDSAPublicKey {
 	return crypto.NewEdDSAPublicKey(m.SignedBlock.PeerID)
 func (m *EphemeralKeyMsg) Public() *crypto.PublicKey {
 	return crypto.NewPublicKey(m.SignedBlock.PeerID)
 }

 func (m *EphemeralKeyMsg) Verify(pub *crypto.EdDSAPublicKey) bool {
 func (m *EphemeralKeyMsg) Verify(pub *crypto.PublicKey) bool {
 	data, err := Marshal(m.SignedBlock)
 	if err != nil {
 		fmt.Printf("Verify: %s\n", err)
 		return false
 	}
 	return pub.Verify(data, m.Signature)
 	sig := crypto.NewSignatureFromBytes(m.Signature)
 	return pub.Verify(data, sig)
 }

 func NewEphemeralKey(peerId []byte, ltPrv *crypto.EdDSAPrivateKey) (*crypto.EdDSAPrivateKey, *EphemeralKeyMsg, error) {
 func NewEphemeralKey(peerId []byte, ltPrv *crypto.PrivateKey) (*crypto.PrivateKey, *EphemeralKeyMsg, error) {
 	msg := NewEphemeralKeyMsg()
 	copy(msg.SignedBlock.PeerID, peerId)
 	seed := make([]byte, 32)
 	util.RndArray(seed)
 	prv := crypto.EdDSAPrivateKeyFromSeed(seed)
 	seed := util.NewRndArray(32)
 	prv := crypto.PrivateKeyFromSeed(seed)
 	copy(msg.SignedBlock.EphemeralKey, prv.Public().Bytes())

 	data, err := Marshal(msg.SignedBlock)
@ -81,7 +80,7 @@ func NewEphemeralKey(peerId []byte, ltPrv *crypto.EdDSAPrivateKey) (*crypto.EdDS
 	if err != nil {
 		return nil, nil, err
 	}
 	msg.Signature = sig
 	copy(msg.Signature, sig.Bytes())

 	return prv, msg, nil
 }
--- a/src/gnunet/message/msg_transport.go
+++ b/src/gnunet/message/msg_transport.go
@ -105,7 +105,7 @@ func (m *TransportPongMsg) String() string {
 	return fmt.Sprintf("TransportPongMsg{<unkown>,%d}", m.Challenge)
 }

 func (m *TransportPongMsg) Sign(prv *crypto.EdDSAPrivateKey) error {
 func (m *TransportPongMsg) Sign(prv *crypto.PrivateKey) error {
 	data, err := Marshal(m.SignedBlock)
 	if err != nil {
 		fmt.Printf("Sign: %s\n", err)
@ -116,17 +116,18 @@ func (m *TransportPongMsg) Sign(prv *crypto.EdDSAPrivateKey) error {
 		fmt.Printf("Sign: %s\n", err)
 		return err
 	}
 	m.Signature = sig
 	copy(m.Signature, sig.Bytes())
 	return nil
 }

 func (m *TransportPongMsg) Verify(pub *crypto.EdDSAPublicKey) bool {
 func (m *TransportPongMsg) Verify(pub *crypto.PublicKey) bool {
 	data, err := Marshal(m.SignedBlock)
 	if err != nil {
 		fmt.Printf("Verify: %s\n", err)
 		return false
 	}
 	return pub.Verify(data, m.Signature)
 	sig := crypto.NewSignatureFromBytes(m.Signature)
 	return pub.Verify(data, sig)
 }

 //----------------------------------------------------------------------
--- a/src/gnunet/util/rnd.go
+++ b/src/gnunet/util/rnd.go
@ -10,6 +10,12 @@ func RndArray(b []byte) {
 	rand.Read(b)
 }

 func NewRndArray(size int) []byte {
 	b := make([]byte, size)
 	rand.Read(b)
 	return b
 }

 func RndUInt64() uint64 {
 	b := make([]byte, 8)
 	RndArray(b)