mirror of
https://github.com/PurpleI2P/i2pd.git
synced 2025-01-09 19:47:54 +00:00
store hash for ECDSA blidning
This commit is contained in:
parent
c4dffa4dc8
commit
828862ea49
@ -175,40 +175,48 @@ namespace data
|
|||||||
i2p::crypto::HKDF (salt, (const uint8_t *)date, 8, "i2pblinding1", seed);
|
i2p::crypto::HKDF (salt, (const uint8_t *)date, 8, "i2pblinding1", seed);
|
||||||
}
|
}
|
||||||
|
|
||||||
void BlindedPublicKey::GetBlindedKey (const char * date, uint8_t * blindedKey) const
|
size_t BlindedPublicKey::GetBlindedKey (const char * date, uint8_t * blindedKey) const
|
||||||
{
|
{
|
||||||
uint8_t seed[64];
|
uint8_t seed[64];
|
||||||
GenerateAlpha (date, seed);
|
GenerateAlpha (date, seed);
|
||||||
|
size_t publicKeyLength = 0;
|
||||||
switch (m_SigType)
|
switch (m_SigType)
|
||||||
{
|
{
|
||||||
case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
|
case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
|
||||||
{
|
{
|
||||||
|
publicKeyLength = i2p::crypto::ECDSAP256_KEY_LENGTH;
|
||||||
EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_X9_62_prime256v1);
|
EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_X9_62_prime256v1);
|
||||||
BlindPublicKeyECDSA (i2p::crypto::ECDSAP256_KEY_LENGTH, group, GetPublicKey (), seed, blindedKey);
|
BlindPublicKeyECDSA (publicKeyLength, group, GetPublicKey (), seed, blindedKey);
|
||||||
EC_GROUP_free (group);
|
EC_GROUP_free (group);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
|
case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
|
||||||
{
|
{
|
||||||
|
publicKeyLength = i2p::crypto::ECDSAP384_KEY_LENGTH;
|
||||||
EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_secp384r1);
|
EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_secp384r1);
|
||||||
BlindPublicKeyECDSA (i2p::crypto::ECDSAP384_KEY_LENGTH, group, GetPublicKey (), seed, blindedKey);
|
BlindPublicKeyECDSA (publicKeyLength, group, GetPublicKey (), seed, blindedKey);
|
||||||
EC_GROUP_free (group);
|
EC_GROUP_free (group);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
|
case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
|
||||||
{
|
{
|
||||||
|
publicKeyLength = i2p::crypto::ECDSAP521_KEY_LENGTH;
|
||||||
EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_secp521r1);
|
EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_secp521r1);
|
||||||
BlindPublicKeyECDSA (i2p::crypto::ECDSAP521_KEY_LENGTH, group, GetPublicKey (), seed, blindedKey);
|
BlindPublicKeyECDSA (publicKeyLength, group, GetPublicKey (), seed, blindedKey);
|
||||||
EC_GROUP_free (group);
|
EC_GROUP_free (group);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
case i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
case i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
|
||||||
case i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
|
case i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
|
||||||
|
{
|
||||||
i2p::crypto::GetEd25519 ()->BlindPublicKey (GetPublicKey (), seed, blindedKey);
|
i2p::crypto::GetEd25519 ()->BlindPublicKey (GetPublicKey (), seed, blindedKey);
|
||||||
|
publicKeyLength = i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH;
|
||||||
break;
|
break;
|
||||||
|
}
|
||||||
default:
|
default:
|
||||||
LogPrint (eLogError, "Blinding: can't blind signature type ", (int)m_SigType);
|
LogPrint (eLogError, "Blinding: can't blind signature type ", (int)m_SigType);
|
||||||
}
|
}
|
||||||
|
return publicKeyLength;
|
||||||
}
|
}
|
||||||
|
|
||||||
size_t BlindedPublicKey::BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const
|
size_t BlindedPublicKey::BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const
|
||||||
@ -267,23 +275,23 @@ namespace data
|
|||||||
i2p::data::IdentHash BlindedPublicKey::GetStoreHash (const char * date) const
|
i2p::data::IdentHash BlindedPublicKey::GetStoreHash (const char * date) const
|
||||||
{
|
{
|
||||||
i2p::data::IdentHash hash;
|
i2p::data::IdentHash hash;
|
||||||
if (m_BlindedSigType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 ||
|
uint8_t blinded[128];
|
||||||
m_BlindedSigType == i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519)
|
size_t publicKeyLength = 0;
|
||||||
{
|
|
||||||
uint8_t blinded[32];
|
|
||||||
if (date)
|
if (date)
|
||||||
GetBlindedKey (date, blinded);
|
publicKeyLength = GetBlindedKey (date, blinded);
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
char currentDate[9];
|
char currentDate[9];
|
||||||
i2p::util::GetCurrentDate (currentDate);
|
i2p::util::GetCurrentDate (currentDate);
|
||||||
GetBlindedKey (currentDate, blinded);
|
publicKeyLength = GetBlindedKey (currentDate, blinded);
|
||||||
}
|
}
|
||||||
|
if (publicKeyLength)
|
||||||
|
{
|
||||||
auto stA1 = htobe16 (m_BlindedSigType);
|
auto stA1 = htobe16 (m_BlindedSigType);
|
||||||
SHA256_CTX ctx;
|
SHA256_CTX ctx;
|
||||||
SHA256_Init (&ctx);
|
SHA256_Init (&ctx);
|
||||||
SHA256_Update (&ctx, (const uint8_t *)&stA1, 2);
|
SHA256_Update (&ctx, (const uint8_t *)&stA1, 2);
|
||||||
SHA256_Update (&ctx, blinded, 32);
|
SHA256_Update (&ctx, blinded, publicKeyLength);
|
||||||
SHA256_Final ((uint8_t *)hash, &ctx);
|
SHA256_Final ((uint8_t *)hash, &ctx);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
@ -24,7 +24,7 @@ namespace data
|
|||||||
SigningKeyType GetBlindedSigType () const { return m_BlindedSigType; };
|
SigningKeyType GetBlindedSigType () const { return m_BlindedSigType; };
|
||||||
|
|
||||||
void GetSubcredential (const uint8_t * blinded, size_t len, uint8_t * subcredential) const; // 32 bytes
|
void GetSubcredential (const uint8_t * blinded, size_t len, uint8_t * subcredential) const; // 32 bytes
|
||||||
void GetBlindedKey (const char * date, uint8_t * blindedKey) const; // blinded key 32 bytes, date is 8 chars "YYYYMMDD"
|
size_t GetBlindedKey (const char * date, uint8_t * blindedKey) const; // date is 8 chars "YYYYMMDD", return public key length
|
||||||
size_t BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const; // date is 8 chars "YYYYMMDD", return public key length
|
size_t BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const; // date is 8 chars "YYYYMMDD", return public key length
|
||||||
i2p::data::IdentHash GetStoreHash (const char * date = nullptr) const; // date is 8 chars "YYYYMMDD", use current if null
|
i2p::data::IdentHash GetStoreHash (const char * date = nullptr) const; // date is 8 chars "YYYYMMDD", use current if null
|
||||||
|
|
||||||
|
@ -463,7 +463,7 @@ namespace data
|
|||||||
if (verified && key && lenOuterCiphertext >= 32)
|
if (verified && key && lenOuterCiphertext >= 32)
|
||||||
{
|
{
|
||||||
SetIsValid (false); // we must verify it again in Layer 2
|
SetIsValid (false); // we must verify it again in Layer 2
|
||||||
if (blindedKeyType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519)
|
if (blindedKeyType == key->GetBlindedSigType ())
|
||||||
{
|
{
|
||||||
// verify blinding
|
// verify blinding
|
||||||
char date[9];
|
char date[9];
|
||||||
@ -476,6 +476,11 @@ namespace data
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
LogPrint (eLogError, "LeaseSet2: Unexpected blinded key type ", blindedKeyType, " instread ", key->GetBlindedSigType ());
|
||||||
|
return;
|
||||||
|
}
|
||||||
// outer key
|
// outer key
|
||||||
// outerInput = subcredential || publishedTimestamp
|
// outerInput = subcredential || publishedTimestamp
|
||||||
uint8_t subcredential[36];
|
uint8_t subcredential[36];
|
||||||
|
Loading…
Reference in New Issue
Block a user