From 504e0444d3b71d1a62c0b1e917d3daecbde47a70 Mon Sep 17 00:00:00 2001 From: Giovanni Petrantoni Date: Tue, 4 Aug 2020 14:07:53 +0900 Subject: [PATCH] refactor and fix mulgen (curve25519) (#293) * refactor and fix mulgen (curve25519) * crypto tests fixing --- libp2p/crypto/curve25519.nim | 37 +++++++++++++++++-------------- libp2p/protocols/secure/noise.nim | 2 +- tests/testcrypto.nim | 8 +++---- 3 files changed, 25 insertions(+), 22 deletions(-) diff --git a/libp2p/crypto/curve25519.nim b/libp2p/crypto/curve25519.nim index 18580d790..304876c2f 100644 --- a/libp2p/crypto/curve25519.nim +++ b/libp2p/crypto/curve25519.nim @@ -80,30 +80,33 @@ proc mul*(_: type[Curve25519], dst: var Curve25519Key, scalar: Curve25519Key, po EC_curve25519) assert res == 1 -proc mulgen*(_: type[Curve25519], dst: var Curve25519Key, point: Curve25519Key) = +proc mulgen(_: type[Curve25519], dst: var Curve25519Key, point: Curve25519Key): bool = let defaultBrEc = brEcGetDefault() var rpoint = point rpoint.byteswap() - block iterate: - while true: - block derive: - let - size = defaultBrEc.mulgen( - cast[pcuchar](addr dst[0]), - cast[pcuchar](addr rpoint[0]), - Curve25519KeySize, - EC_curve25519) - assert size == Curve25519KeySize - for forbid in ForbiddenCurveValues: - if dst == forbid: - break derive - break iterate + let + size = defaultBrEc.mulgen( + cast[pcuchar](addr dst[0]), + cast[pcuchar](addr rpoint[0]), + Curve25519KeySize, + EC_curve25519) + + assert size == Curve25519KeySize -proc public*(private: Curve25519Key): Curve25519Key = - Curve25519.mulgen(result, private) + if dst in ForbiddenCurveValues: + false + else: + true + +proc public*(private: Curve25519Key): Result[Curve25519Key, cstring] = + var res: Curve25519Key + if Curve25519.mulgen(res, private): + ok(res) + else: + err("mulgen produced a forbidden key") proc random*(_: type[Curve25519Key], rng: var BrHmacDrbgContext): Curve25519Key = var res: Curve25519Key diff --git a/libp2p/protocols/secure/noise.nim b/libp2p/protocols/secure/noise.nim index c34be2973..b02ad5c4f 100644 --- a/libp2p/protocols/secure/noise.nim +++ b/libp2p/protocols/secure/noise.nim @@ -88,7 +88,7 @@ type proc genKeyPair(rng: var BrHmacDrbgContext): KeyPair = result.privateKey = Curve25519Key.random(rng) - result.publicKey = result.privateKey.public() + result.publicKey = result.privateKey.public().tryGet() proc hashProtocol(name: string): MDigest[256] = # If protocol_name is less than or equal to HASHLEN bytes in length, diff --git a/tests/testcrypto.nim b/tests/testcrypto.nim index 287e6bd04..0632264f8 100644 --- a/tests/testcrypto.nim +++ b/tests/testcrypto.nim @@ -505,14 +505,14 @@ suite "Key interface test suite": # RFC vectors private1 = fromHex("a8abababababababababababababababababababababababababababababab6b").intoCurve25519Key - check private1.public().toHex == "E3712D851A0E5D79B831C5E34AB22B41A198171DE209B8B8FACA23A11C624859" + check private1.public().get().toHex == "E3712D851A0E5D79B831C5E34AB22B41A198171DE209B8B8FACA23A11C624859" private1 = fromHex("c8cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd4d").intoCurve25519Key - check private1.public().toHex == "B5BEA823D9C9FF576091C54B7C596C0AE296884F0E150290E88455D7FBA6126F" + check private1.public().get().toHex == "B5BEA823D9C9FF576091C54B7C596C0AE296884F0E150290E88455D7FBA6126F" private1 = fromHex("77076d0a7318a57d3c16c17251b26645df4c2f87ebc0992ab177fba51db92c2a").intoCurve25519Key var private2 = fromHex("5dab087e624a8a4b79e17f8b83800ee66f3bb1292618b6fd1c2f8b27ff88e0eb").intoCurve25519Key - p1Pub = private1.public() - p2Pub = private2.public() + p1Pub = private1.public().get() + p2Pub = private2.public().get() check p1Pub.toHex == "8520F0098930A754748B7DDCB43EF75A0DBF3A0D26381AF4EBA4A98EAA9B4E6A" check p2Pub.toHex == "DE9EDB7D7B7DC1B4D35B61C2ECE435373F8343C85B78674DADFC7E146F882B4F"