Browse Source

New crypto refactoring.

Bernd Fix 3 months ago
parent
commit
1f48a47d78

+ 1
- 0
.gitignore View File

@@ -76,3 +76,4 @@ local.properties
76 76
 /work/
77 77
 /rt/
78 78
 /docker/
79
+/scratch/

+ 3
- 0
doc/crypto/gcrypt.txt View File

@@ -0,0 +1,3 @@
1
+
2
+https://wiki.gnupg.org/ECC
3
+https://gnupg.org/documentation/manuals/gcrypt.pdf (p.46)

+ 1
- 1
src/cmd/vanityid/main.go View File

@@ -25,7 +25,7 @@ func main() {
25 25
 		if err != nil || n != 32 {
26 26
 			panic(err)
27 27
 		}
28
-		prv := crypto.EdDSAPrivateKeyFromSeed(seed)
28
+		prv := crypto.PrivateKeyFromSeed(seed)
29 29
 		pub := prv.Public().Bytes()
30 30
 		id := util.EncodeBinaryToString(pub)
31 31
 		for _, p := range prefixes {

+ 10
- 10
src/gnunet/core/peer.go View File

@@ -19,18 +19,18 @@ type Peer interface {
19 19
 */
20 20
 
21 21
 type Peer struct {
22
-	pub      *crypto.EdDSAPublicKey
22
+	pub      *crypto.PublicKey
23 23
 	idString string
24 24
 	addrList []*util.Address
25
-	prv      *crypto.EdDSAPrivateKey  // long-term signing key
26
-	ephPrv   *crypto.EdDSAPrivateKey  // ephemeral signing key
25
+	prv      *crypto.PrivateKey       // long-term signing key
26
+	ephPrv   *crypto.PrivateKey       // ephemeral signing key
27 27
 	ephMsg   *message.EphemeralKeyMsg // ephemeral signing key message
28 28
 }
29 29
 
30 30
 func NewPeer(data []byte, local bool) (p *Peer, err error) {
31 31
 	p = new(Peer)
32 32
 	if local {
33
-		p.prv = crypto.EdDSAPrivateKeyFromSeed(data)
33
+		p.prv = crypto.PrivateKeyFromSeed(data)
34 34
 		p.pub = p.prv.Public()
35 35
 		p.ephPrv, p.ephMsg, err = message.NewEphemeralKey(p.pub.Bytes(), p.prv)
36 36
 		if err != nil {
@@ -38,7 +38,7 @@ func NewPeer(data []byte, local bool) (p *Peer, err error) {
38 38
 		}
39 39
 	} else {
40 40
 		p.prv = nil
41
-		p.pub = crypto.NewEdDSAPublicKey(data)
41
+		p.pub = crypto.NewPublicKey(data)
42 42
 	}
43 43
 	p.idString = util.EncodeBinaryToString(p.pub.Bytes())
44 44
 	p.addrList = make([]*util.Address, 0)
@@ -53,15 +53,15 @@ func (p *Peer) SetEphKeyMsg(msg *message.EphemeralKeyMsg) {
53 53
 	p.ephMsg = msg
54 54
 }
55 55
 
56
-func (p *Peer) EphPrvKey() *crypto.EdDSAPrivateKey {
56
+func (p *Peer) EphPrvKey() *crypto.PrivateKey {
57 57
 	return p.ephPrv
58 58
 }
59 59
 
60
-func (p *Peer) PrvKey() *crypto.EdDSAPrivateKey {
60
+func (p *Peer) PrvKey() *crypto.PrivateKey {
61 61
 	return p.prv
62 62
 }
63 63
 
64
-func (p *Peer) PubKey() *crypto.EdDSAPublicKey {
64
+func (p *Peer) PubKey() *crypto.PublicKey {
65 65
 	return p.pub
66 66
 }
67 67
 
@@ -81,13 +81,13 @@ func (p *Peer) AddAddress(a *util.Address) {
81 81
 	p.addrList = append(p.addrList, a)
82 82
 }
83 83
 
84
-func (p *Peer) Sign(msg []byte) ([]byte, error) {
84
+func (p *Peer) Sign(msg []byte) (*crypto.Signature, error) {
85 85
 	if p.prv == nil {
86 86
 		return nil, fmt.Errorf("No private key")
87 87
 	}
88 88
 	return p.prv.Sign(msg)
89 89
 }
90 90
 
91
-func (p *Peer) Verify(msg, sig []byte) bool {
91
+func (p *Peer) Verify(msg []byte, sig *crypto.Signature) bool {
92 92
 	return p.pub.Verify(msg, sig)
93 93
 }

+ 0
- 7
src/gnunet/crypto/ecdhe.go View File

@@ -1,7 +0,0 @@
1
-package crypto
2
-
3
-import ()
4
-
5
-func SharedSecret(prv *EdDSAPrivateKey, pub *EdDSAPublicKey) ([]byte, error) {
6
-	return nil, nil
7
-}

+ 0
- 99
src/gnunet/crypto/eddsa.go View File

@@ -1,99 +0,0 @@
1
-package crypto
2
-
3
-import (
4
-	"crypto"
5
-	"crypto/rand"
6
-	"crypto/sha512"
7
-	"errors"
8
-
9
-	"gnunet/util"
10
-
11
-	"gnunet/crypto/ed25519"
12
-)
13
-
14
-// Error codes
15
-var (
16
-	ErrInvalidEdDSAPrivateKeyData = errors.New("Invalid Ed25519 private key data")
17
-)
18
-
19
-//----------------------------------------------------------------------
20
-// Public key
21
-//----------------------------------------------------------------------
22
-
23
-// EdDSAPublicKey is a Ed25519 public key.
24
-type EdDSAPublicKey struct {
25
-	key ed25519.PublicKey
26
-}
27
-
28
-// NewEdDSAPublicKey sets the binary representation of a public key.
29
-// The value is not checked for validity!
30
-func NewEdDSAPublicKey(data []byte) *EdDSAPublicKey {
31
-	return &EdDSAPublicKey{
32
-		key: util.Clone(data),
33
-	}
34
-}
35
-
36
-// Bytes returns the binary representation of a public key.
37
-func (pub *EdDSAPublicKey) Bytes() []byte {
38
-	return []byte(pub.key)
39
-}
40
-
41
-// Verify checks a signature of a data block.
42
-func (pub *EdDSAPublicKey) Verify(data, sig []byte) bool {
43
-	h := sha512.New()
44
-	h.Write(data)
45
-	hv := h.Sum(nil)
46
-	return ed25519.Verify(pub.key, hv, sig)
47
-}
48
-
49
-//----------------------------------------------------------------------
50
-// Private Key
51
-//----------------------------------------------------------------------
52
-
53
-// EdDSAPrivateKey is a Ed25519 private key.
54
-type EdDSAPrivateKey struct {
55
-	key ed25519.PrivateKey // private key data (seed||public_key)
56
-	d   []byte             // HACK! "real" private key
57
-}
58
-
59
-// EdDSAPrivateKeyFromSeed returns a private key for a given seed.
60
-func EdDSAPrivateKeyFromSeed(seed []byte) *EdDSAPrivateKey {
61
-	k := &EdDSAPrivateKey{
62
-		key: ed25519.NewKeyFromSeed(seed),
63
-	}
64
-	// HACK! Save the "real" private key 'd' for later use
65
-	md := sha512.Sum512(seed)
66
-	k.d = util.Reverse(md[:32])
67
-	k.d[0] = (k.d[0] & 0x3f) | 0x40
68
-	k.d[31] &= 0xf8
69
-	return k
70
-}
71
-
72
-// D returns the "real" private key (HACK!)
73
-func (prv *EdDSAPrivateKey) D() []byte {
74
-	return util.Clone(prv.d)
75
-}
76
-
77
-// Public returns the public key for a private key.
78
-func (prv *EdDSAPrivateKey) Public() *EdDSAPublicKey {
79
-	return &EdDSAPublicKey{
80
-		key: util.Clone(prv.key[ed25519.PublicKeySize:]),
81
-	}
82
-}
83
-
84
-// Sign creates a signature for a data block.
85
-func (prv *EdDSAPrivateKey) Sign(data []byte) ([]byte, error) {
86
-	h := sha512.New()
87
-	h.Write(data)
88
-	hv := h.Sum(nil)
89
-	return prv.key.Sign(rand.Reader, hv, crypto.Hash(0))
90
-}
91
-
92
-// NewPeerKeypair creates a new Ed25519 key pair.
93
-func EdDSAKeypair() (*EdDSAPublicKey, *EdDSAPrivateKey, error) {
94
-	pub, prv, err := ed25519.GenerateKey(rand.Reader)
95
-	if err != nil {
96
-		return nil, nil, err
97
-	}
98
-	return &EdDSAPublicKey{key: pub}, &EdDSAPrivateKey{key: prv}, nil
99
-}

+ 7
- 0
src/gnunet/crypto/key_exchange.go View File

@@ -0,0 +1,7 @@
1
+package crypto
2
+
3
+import ()
4
+
5
+func SharedSecret(prv *PrivateKey, pub *PublicKey) ([]byte, error) {
6
+	return nil, nil
7
+}

+ 100
- 0
src/gnunet/crypto/keys.go View File

@@ -0,0 +1,100 @@
1
+package crypto
2
+
3
+import (
4
+	"crypto"
5
+	"crypto/rand"
6
+	"crypto/sha512"
7
+	"fmt"
8
+	"math/big"
9
+
10
+	"gnunet/crypto/ed25519"
11
+	"gnunet/util"
12
+)
13
+
14
+// Error codes
15
+var (
16
+	ErrInvalidPrivateKeyData = fmt.Errorf("Invalid private key data")
17
+)
18
+
19
+//----------------------------------------------------------------------
20
+// Public key
21
+//----------------------------------------------------------------------
22
+
23
+// PublicKey is a Ed25519 public key.
24
+type PublicKey struct {
25
+	key ed25519.PublicKey
26
+}
27
+
28
+// NewPublicKey sets the binary representation of a public key.
29
+// The value is not checked for validity!
30
+func NewPublicKey(data []byte) *PublicKey {
31
+	if l := len(data); l != ed25519.PublicKeySize {
32
+		panic(fmt.Sprintf("NewPublicKey: invalid key size (%d)", l))
33
+	}
34
+	return &PublicKey{
35
+		key: util.Clone(data),
36
+	}
37
+}
38
+
39
+// Bytes returns the binary representation of a public key.
40
+func (pub *PublicKey) Bytes() []byte {
41
+	return []byte(pub.key)
42
+}
43
+
44
+// Verify checks a signature of a message.
45
+func (pub *PublicKey) Verify(msg []byte, sig *Signature) bool {
46
+	hv := sha512.Sum512(msg)
47
+	return ed25519.Verify(pub.key, hv[:], sig.Bytes())
48
+}
49
+
50
+//----------------------------------------------------------------------
51
+// Private Key
52
+//----------------------------------------------------------------------
53
+
54
+// PrivateKey is a Ed25519 private key.
55
+type PrivateKey struct {
56
+	key ed25519.PrivateKey // private key data (seed||public_key)
57
+	d   *big.Int           // HACK! "real" private key
58
+}
59
+
60
+// PrivateKeyFromSeed returns a private key for a given seed.
61
+func PrivateKeyFromSeed(seed []byte) *PrivateKey {
62
+	k := &PrivateKey{
63
+		key: ed25519.NewKeyFromSeed(seed),
64
+	}
65
+	// HACK! Save the "real" private key 'd' for later use
66
+	md := sha512.Sum512(seed)
67
+	d := util.Reverse(md[:32])
68
+	d[0] = (d[0] & 0x3f) | 0x40
69
+	d[31] &= 0xf8
70
+	k.d = new(big.Int).SetBytes(d)
71
+	return k
72
+}
73
+
74
+// D returns the "real" private key (HACK!)
75
+func (prv *PrivateKey) D() *big.Int {
76
+	return prv.d
77
+}
78
+
79
+// Public returns the public key for a private key.
80
+func (prv *PrivateKey) Public() *PublicKey {
81
+	return &PublicKey{
82
+		key: util.Clone(prv.key[ed25519.PublicKeySize:]),
83
+	}
84
+}
85
+
86
+// Sign creates a signature for a message.
87
+func (prv *PrivateKey) Sign(msg []byte) (*Signature, error) {
88
+	hv := sha512.Sum512(msg)
89
+	sig, err := prv.key.Sign(rand.Reader, hv[:], crypto.Hash(0))
90
+	return NewSignatureFromBytes(sig), err
91
+}
92
+
93
+// NewKeypair creates a new Ed25519 key pair.
94
+func NewKeypair() (*PublicKey, *PrivateKey, error) {
95
+	pub, prv, err := ed25519.GenerateKey(rand.Reader)
96
+	if err != nil {
97
+		return nil, nil, err
98
+	}
99
+	return &PublicKey{key: pub}, &PrivateKey{key: prv}, nil
100
+}

src/gnunet/crypto/eddsa_test.go → src/gnunet/crypto/keys_test.go View File

@@ -73,13 +73,13 @@ var (
73 73
 			},
74 74
 		*/
75 75
 	}
76
-	prv *EdDSAPrivateKey
77
-	pub *EdDSAPublicKey
76
+	prv *PrivateKey
77
+	pub *PublicKey
78 78
 )
79 79
 
80
-func TestEdDSAPrvKey(t *testing.T) {
80
+func TestPrvKey(t *testing.T) {
81 81
 
82
-	prv = EdDSAPrivateKeyFromSeed(seed)
82
+	prv = PrivateKeyFromSeed(seed)
83 83
 	if testing.Verbose() {
84 84
 		prvB := prv.key[:32]
85 85
 		fmt.Printf("PRIVATE = %s\n", hex.EncodeToString(prvB))
@@ -100,16 +100,18 @@ func TestEdDSAPrvKey(t *testing.T) {
100 100
 	}
101 101
 }
102 102
 
103
-func TestEdDSASign(t *testing.T) {
103
+func TestSign(t *testing.T) {
104 104
 	for i := range data {
105 105
 		sigT, err := prv.Sign(data[i])
106 106
 		if err != nil {
107 107
 			t.Fatal(err)
108 108
 		}
109
+		sigX := sigT.Bytes()
109 110
 		if testing.Verbose() {
110
-			fmt.Printf("SIG(%d)=%s\n", i, hex.EncodeToString(sigT))
111
+			fmt.Printf("SIG(%d)=%s\n", i, hex.EncodeToString(sigX))
111 112
 		}
112
-		if bytes.Compare(sigT, sig[i]) != 0 {
113
+		if bytes.Compare(sigX, sig[i]) != 0 {
114
+			t.Logf("SIG! = %s\n", hex.EncodeToString(sig[i]))
113 115
 			t.Fatal(fmt.Sprintf("Signature mismatch (%d)", i))
114 116
 		}
115 117
 

+ 22
- 1
src/gnunet/crypto/signature.go View File

@@ -1,6 +1,8 @@
1 1
 package crypto
2 2
 
3
-import ()
3
+import (
4
+	"gnunet/util"
5
+)
4 6
 
5 7
 // Signature purpose constants
6 8
 const (
@@ -34,3 +36,22 @@ const (
34 36
 	SIG_GNUID_TICKET                    // GNUid Ticket.
35 37
 	SIG_CREDENTIAL                      // GNUnet credential.
36 38
 )
39
+
40
+//----------------------------------------------------------------------
41
+// Signature
42
+//----------------------------------------------------------------------
43
+
44
+type Signature struct {
45
+	// internal
46
+	data []byte
47
+}
48
+
49
+func NewSignatureFromBytes(data []byte) *Signature {
50
+	return &Signature{
51
+		data: util.Clone(data),
52
+	}
53
+}
54
+
55
+func (s *Signature) Bytes() []byte {
56
+	return s.data[:]
57
+}

+ 17
- 18
src/gnunet/message/msg_core.go View File

@@ -27,20 +27,19 @@ type EphemeralKeyMsg struct {
27 27
 }
28 28
 
29 29
 func NewEphemeralKeyMsg() *EphemeralKeyMsg {
30
-	b := &EphKeyBlock{
31
-		SignSize:     88,
32
-		SigPurpose:   crypto.SIG_ECC_KEY,
33
-		CreateTime:   util.GetAbsoluteTimeNow(),
34
-		ExpireTime:   util.GetAbsoluteTimeOffset(12 * time.Hour),
35
-		EphemeralKey: make([]byte, 32),
36
-		PeerID:       make([]byte, 32),
37
-	}
38 30
 	return &EphemeralKeyMsg{
39 31
 		MsgSize:      160,
40 32
 		MsgType:      CORE_EPHEMERAL_KEY,
41 33
 		SenderStatus: 1,
42 34
 		Signature:    make([]byte, 64),
43
-		SignedBlock:  b,
35
+		SignedBlock: &EphKeyBlock{
36
+			SignSize:     88,
37
+			SigPurpose:   crypto.SIG_ECC_KEY,
38
+			CreateTime:   util.GetAbsoluteTimeNow(),
39
+			ExpireTime:   util.GetAbsoluteTimeOffset(12 * time.Hour),
40
+			EphemeralKey: make([]byte, 32),
41
+			PeerID:       make([]byte, 32),
42
+		},
44 43
 	}
45 44
 }
46 45
 
@@ -52,25 +51,25 @@ func (m *EphemeralKeyMsg) String() string {
52 51
 		m.SenderStatus)
53 52
 }
54 53
 
55
-func (m *EphemeralKeyMsg) Public() *crypto.EdDSAPublicKey {
56
-	return crypto.NewEdDSAPublicKey(m.SignedBlock.PeerID)
54
+func (m *EphemeralKeyMsg) Public() *crypto.PublicKey {
55
+	return crypto.NewPublicKey(m.SignedBlock.PeerID)
57 56
 }
58 57
 
59
-func (m *EphemeralKeyMsg) Verify(pub *crypto.EdDSAPublicKey) bool {
58
+func (m *EphemeralKeyMsg) Verify(pub *crypto.PublicKey) bool {
60 59
 	data, err := Marshal(m.SignedBlock)
61 60
 	if err != nil {
62 61
 		fmt.Printf("Verify: %s\n", err)
63 62
 		return false
64 63
 	}
65
-	return pub.Verify(data, m.Signature)
64
+	sig := crypto.NewSignatureFromBytes(m.Signature)
65
+	return pub.Verify(data, sig)
66 66
 }
67 67
 
68
-func NewEphemeralKey(peerId []byte, ltPrv *crypto.EdDSAPrivateKey) (*crypto.EdDSAPrivateKey, *EphemeralKeyMsg, error) {
68
+func NewEphemeralKey(peerId []byte, ltPrv *crypto.PrivateKey) (*crypto.PrivateKey, *EphemeralKeyMsg, error) {
69 69
 	msg := NewEphemeralKeyMsg()
70 70
 	copy(msg.SignedBlock.PeerID, peerId)
71
-	seed := make([]byte, 32)
72
-	util.RndArray(seed)
73
-	prv := crypto.EdDSAPrivateKeyFromSeed(seed)
71
+	seed := util.NewRndArray(32)
72
+	prv := crypto.PrivateKeyFromSeed(seed)
74 73
 	copy(msg.SignedBlock.EphemeralKey, prv.Public().Bytes())
75 74
 
76 75
 	data, err := Marshal(msg.SignedBlock)
@@ -81,7 +80,7 @@ func NewEphemeralKey(peerId []byte, ltPrv *crypto.EdDSAPrivateKey) (*crypto.EdDS
81 80
 	if err != nil {
82 81
 		return nil, nil, err
83 82
 	}
84
-	msg.Signature = sig
83
+	copy(msg.Signature, sig.Bytes())
85 84
 
86 85
 	return prv, msg, nil
87 86
 }

+ 5
- 4
src/gnunet/message/msg_transport.go View File

@@ -105,7 +105,7 @@ func (m *TransportPongMsg) String() string {
105 105
 	return fmt.Sprintf("TransportPongMsg{<unkown>,%d}", m.Challenge)
106 106
 }
107 107
 
108
-func (m *TransportPongMsg) Sign(prv *crypto.EdDSAPrivateKey) error {
108
+func (m *TransportPongMsg) Sign(prv *crypto.PrivateKey) error {
109 109
 	data, err := Marshal(m.SignedBlock)
110 110
 	if err != nil {
111 111
 		fmt.Printf("Sign: %s\n", err)
@@ -116,17 +116,18 @@ func (m *TransportPongMsg) Sign(prv *crypto.EdDSAPrivateKey) error {
116 116
 		fmt.Printf("Sign: %s\n", err)
117 117
 		return err
118 118
 	}
119
-	m.Signature = sig
119
+	copy(m.Signature, sig.Bytes())
120 120
 	return nil
121 121
 }
122 122
 
123
-func (m *TransportPongMsg) Verify(pub *crypto.EdDSAPublicKey) bool {
123
+func (m *TransportPongMsg) Verify(pub *crypto.PublicKey) bool {
124 124
 	data, err := Marshal(m.SignedBlock)
125 125
 	if err != nil {
126 126
 		fmt.Printf("Verify: %s\n", err)
127 127
 		return false
128 128
 	}
129
-	return pub.Verify(data, m.Signature)
129
+	sig := crypto.NewSignatureFromBytes(m.Signature)
130
+	return pub.Verify(data, sig)
130 131
 }
131 132
 
132 133
 //----------------------------------------------------------------------

+ 6
- 0
src/gnunet/util/rnd.go View File

@@ -10,6 +10,12 @@ func RndArray(b []byte) {
10 10
 	rand.Read(b)
11 11
 }
12 12
 
13
+func NewRndArray(size int) []byte {
14
+	b := make([]byte, size)
15
+	rand.Read(b)
16
+	return b
17
+}
18
+
13 19
 func RndUInt64() uint64 {
14 20
 	b := make([]byte, 8)
15 21
 	RndArray(b)

Loading…
Cancel
Save