dh fix
This commit is contained in:
parent
909a2f5362
commit
a7860d829e
@ -139,7 +139,9 @@ pub async fn test_no_auth(vcrypto: CryptoSystemVersion) {
|
|||||||
pub async fn test_dh(vcrypto: CryptoSystemVersion) {
|
pub async fn test_dh(vcrypto: CryptoSystemVersion) {
|
||||||
trace!("test_dh");
|
trace!("test_dh");
|
||||||
let (dht_key, dht_key_secret) = vcrypto.generate_keypair().into_split();
|
let (dht_key, dht_key_secret) = vcrypto.generate_keypair().into_split();
|
||||||
|
assert!(vcrypto.validate_keypair(&dht_key, &dht_key_secret));
|
||||||
let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair().into_split();
|
let (dht_key2, dht_key_secret2) = vcrypto.generate_keypair().into_split();
|
||||||
|
assert!(vcrypto.validate_keypair(&dht_key2, &dht_key_secret2));
|
||||||
|
|
||||||
let r1 = vcrypto.compute_dh(&dht_key, &dht_key_secret2).unwrap();
|
let r1 = vcrypto.compute_dh(&dht_key, &dht_key_secret2).unwrap();
|
||||||
let r2 = vcrypto.compute_dh(&dht_key2, &dht_key_secret).unwrap();
|
let r2 = vcrypto.compute_dh(&dht_key2, &dht_key_secret).unwrap();
|
||||||
|
@ -9,7 +9,6 @@ use chacha20::XChaCha20;
|
|||||||
use chacha20poly1305 as ch;
|
use chacha20poly1305 as ch;
|
||||||
use chacha20poly1305::aead::AeadInPlace;
|
use chacha20poly1305::aead::AeadInPlace;
|
||||||
use chacha20poly1305::KeyInit;
|
use chacha20poly1305::KeyInit;
|
||||||
use core::convert::TryInto;
|
|
||||||
use curve25519_dalek::digest::Digest;
|
use curve25519_dalek::digest::Digest;
|
||||||
use ed25519_dalek as ed;
|
use ed25519_dalek as ed;
|
||||||
use x25519_dalek as xd;
|
use x25519_dalek as xd;
|
||||||
@ -17,27 +16,29 @@ use x25519_dalek as xd;
|
|||||||
const AEAD_OVERHEAD: usize = 16;
|
const AEAD_OVERHEAD: usize = 16;
|
||||||
pub const CRYPTO_KIND_VLD0: CryptoKind = FourCC(*b"VLD0");
|
pub const CRYPTO_KIND_VLD0: CryptoKind = FourCC(*b"VLD0");
|
||||||
|
|
||||||
fn ed25519_to_x25519_pk(key: &ed::VerifyingKey) -> VeilidAPIResult<xd::PublicKey> {
|
fn public_to_x25519_pk(public: &PublicKey) -> VeilidAPIResult<xd::PublicKey> {
|
||||||
let mp = key.to_montgomery();
|
let pk_ed = ed::VerifyingKey::from_bytes(&public.bytes).map_err(VeilidAPIError::internal)?;
|
||||||
Ok(xd::PublicKey::from(mp.to_bytes()))
|
Ok(xd::PublicKey::from(*pk_ed.to_montgomery().as_bytes()))
|
||||||
}
|
}
|
||||||
fn ed25519_to_x25519_sk(key: &ed::SigningKey) -> VeilidAPIResult<xd::StaticSecret> {
|
fn secret_to_x25519_sk(secret: &SecretKey) -> VeilidAPIResult<xd::StaticSecret> {
|
||||||
Ok(xd::StaticSecret::from(*key.to_scalar().as_bytes()))
|
// NOTE: ed::SigningKey.to_scalar() does not produce an unreduced scalar, we want the raw bytes here
|
||||||
|
// See https://github.com/dalek-cryptography/curve25519-dalek/issues/565
|
||||||
|
let hash: [u8; SIGNATURE_LENGTH] = ed::Sha512::default()
|
||||||
|
.chain_update(secret.bytes)
|
||||||
|
.finalize()
|
||||||
|
.into();
|
||||||
|
let mut output = [0u8; 32];
|
||||||
|
output.copy_from_slice(&hash[..32]);
|
||||||
|
|
||||||
|
Ok(xd::StaticSecret::from(output))
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn vld0_generate_keypair() -> KeyPair {
|
pub fn vld0_generate_keypair() -> KeyPair {
|
||||||
let mut csprng = VeilidRng {};
|
let mut csprng = VeilidRng {};
|
||||||
let keypair = ed::SigningKey::generate(&mut csprng);
|
let signing_key = ed::SigningKey::generate(&mut csprng);
|
||||||
let dht_key = PublicKey::new(
|
let verifying_key = signing_key.verifying_key();
|
||||||
keypair.to_keypair_bytes()[ed::SECRET_KEY_LENGTH..]
|
let dht_key = PublicKey::new(verifying_key.to_bytes());
|
||||||
.try_into()
|
let dht_key_secret = SecretKey::new(signing_key.to_bytes());
|
||||||
.expect("should fit"),
|
|
||||||
);
|
|
||||||
let dht_key_secret = SecretKey::new(
|
|
||||||
keypair.to_keypair_bytes()[0..ed::SECRET_KEY_LENGTH]
|
|
||||||
.try_into()
|
|
||||||
.expect("should fit"),
|
|
||||||
);
|
|
||||||
|
|
||||||
KeyPair::new(dht_key, dht_key_secret)
|
KeyPair::new(dht_key, dht_key_secret)
|
||||||
}
|
}
|
||||||
@ -130,10 +131,9 @@ impl CryptoSystem for CryptoSystemVLD0 {
|
|||||||
SharedSecret::new(s)
|
SharedSecret::new(s)
|
||||||
}
|
}
|
||||||
fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
|
fn compute_dh(&self, key: &PublicKey, secret: &SecretKey) -> VeilidAPIResult<SharedSecret> {
|
||||||
let pk_ed = ed::VerifyingKey::from_bytes(&key.bytes).map_err(VeilidAPIError::internal)?;
|
let pk_xd = public_to_x25519_pk(&key)?;
|
||||||
let pk_xd = ed25519_to_x25519_pk(&pk_ed)?;
|
let sk_xd = secret_to_x25519_sk(&secret)?;
|
||||||
let sk_ed = ed::SigningKey::from_bytes(&secret.bytes);
|
|
||||||
let sk_xd = ed25519_to_x25519_sk(&sk_ed)?;
|
|
||||||
Ok(SharedSecret::new(sk_xd.diffie_hellman(&pk_xd).to_bytes()))
|
Ok(SharedSecret::new(sk_xd.diffie_hellman(&pk_xd).to_bytes()))
|
||||||
}
|
}
|
||||||
fn generate_keypair(&self) -> KeyPair {
|
fn generate_keypair(&self) -> KeyPair {
|
||||||
|
@ -97,8 +97,6 @@ cfg_if! {
|
|||||||
|
|
||||||
pub fn setup() {
|
pub fn setup() {
|
||||||
SETUP_ONCE.call_once(|| {
|
SETUP_ONCE.call_once(|| {
|
||||||
cfg_if! {
|
|
||||||
if #[cfg(feature = "tracing")] {
|
|
||||||
use tracing_subscriber::{filter, fmt, prelude::*};
|
use tracing_subscriber::{filter, fmt, prelude::*};
|
||||||
let mut filters = filter::Targets::new().with_default(filter::LevelFilter::TRACE);
|
let mut filters = filter::Targets::new().with_default(filter::LevelFilter::TRACE);
|
||||||
for ig in DEFAULT_LOG_IGNORE_LIST {
|
for ig in DEFAULT_LOG_IGNORE_LIST {
|
||||||
@ -109,8 +107,6 @@ cfg_if! {
|
|||||||
.with(fmt_layer)
|
.with(fmt_layer)
|
||||||
.with(filters)
|
.with(filters)
|
||||||
.init();
|
.init();
|
||||||
}
|
|
||||||
}
|
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1,8 +1,6 @@
|
|||||||
use super::*;
|
use super::*;
|
||||||
use lz4_flex::block;
|
use lz4_flex::block;
|
||||||
|
|
||||||
use crate::apibail_generic;
|
|
||||||
|
|
||||||
pub fn compress_prepend_size(input: &[u8]) -> Vec<u8> {
|
pub fn compress_prepend_size(input: &[u8]) -> Vec<u8> {
|
||||||
block::compress_prepend_size(input)
|
block::compress_prepend_size(input)
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user