GNUNET_NO);
LOG (GNUNET_ERROR_TYPE_WARNING,
"KX AUTH missmatch!\n");
- send_kx (t,
- ct,
- &t->ax);
+ if (NULL == t->kx_task)
+ t->kx_task
+ = GNUNET_SCHEDULER_add_at (t->next_kx_attempt,
+ &retry_kx,
+ t);
return;
}
/* Yep, we're good. */
test_resolver_api_data.conf \
test_service_data.conf \
test_speedup_data.conf \
- gnunet-qr.py.in
+ gnunet-qr.py.in \
+ crypto_bug.c
--- /dev/null
+/*
+ This file is part of GNUnet.
+ Copyright (C) 2018 GNUnet e.V.
+
+ GNUnet is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published
+ by the Free Software Foundation; either version 3, or (at your
+ option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with GNUnet; see the file COPYING. If not, write to the
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
+*/
+
+/**
+ * @file util/crypto_bug.c
+ * @brief work around unidentified public key cryptography bug
+ * @author Christian Grothoff
+ */
+
+/**
+ * Enable work-around. Will cause code to call #check_eddsa_key() to
+ * see if we have a bad key, and if so, create a new one.
+ */
+#define CRYPTO_BUG 1
+
+
+#if CRYPTO_BUG
+/**
+ * Check if ECDH works with @a priv_dsa and this version
+ * of libgcrypt.
+ *
+ * @param priv_dsa key to check
+ * @return #GNUNET_OK if key passes
+ */
+static int
+check_eddsa_key (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv_dsa)
+{
+ struct GNUNET_CRYPTO_EcdhePrivateKey *priv_ecdh;
+ struct GNUNET_CRYPTO_EddsaPublicKey id1;
+ struct GNUNET_CRYPTO_EcdhePublicKey id2;
+ struct GNUNET_HashCode dh[2];
+
+ GNUNET_CRYPTO_eddsa_key_get_public (priv_dsa,
+ &id1);
+ for (unsigned int j=0;j<4;j++)
+ {
+ priv_ecdh = GNUNET_CRYPTO_ecdhe_key_create ();
+ /* Extract public keys */
+ GNUNET_CRYPTO_ecdhe_key_get_public (priv_ecdh,
+ &id2);
+ /* Do ECDH */
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_eddsa_ecdh (priv_dsa,
+ &id2,
+ &dh[0]));
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_ecdh_eddsa (priv_ecdh,
+ &id1,
+ &dh[1]));
+ /* Check that both DH results are equal. */
+ if (0 != memcmp (&dh[0],
+ &dh[1],
+ sizeof (struct GNUNET_HashCode)))
+ {
+ GNUNET_break (0); /* bad EdDSA key! */
+ return GNUNET_SYSERR;
+ }
+ GNUNET_free (priv_ecdh);
+ }
+ return GNUNET_OK;
+}
+#endif
#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0)
+#include "crypto_bug.c"
+
+
/**
* Extract values from an S-expression.
*
int
GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
size_t enclen,
- struct GNUNET_CRYPTO_EddsaPrivateKey *pub)
+ struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
{
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
if (enclen != keylen)
return GNUNET_SYSERR;
- if (GNUNET_OK != GNUNET_STRINGS_string_to_data (enc, enclen,
- pub,
- sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)))
+ if (GNUNET_OK !=
+ GNUNET_STRINGS_string_to_data (enc, enclen,
+ priv,
+ sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)))
return GNUNET_SYSERR;
+#if CRYPTO_BUG
+ if (GNUNET_OK !=
+ check_eddsa_key (priv))
+ {
+ GNUNET_break (0);
+ return GNUNET_OK;
+ }
+#endif
return GNUNET_OK;
}
gcry_mpi_t d;
int rc;
+#if CRYPTO_BUG
+ again:
+#endif
if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags eddsa)))")))
priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey);
GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d);
gcry_mpi_release (d);
+
+#if CRYPTO_BUG
+ if (GNUNET_OK !=
+ check_eddsa_key (priv))
+ {
+ GNUNET_break (0);
+ GNUNET_free (priv);
+ goto again;
+ }
+#endif
+
return priv;
}
#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0)
+#include "crypto_bug.c"
+
+
/**
* Wait for a short time (we're trying to lock a file or want
* to give another process a shot at finishing a disk write, etc.).
filename);
GNUNET_assert (GNUNET_YES ==
GNUNET_DISK_file_close (fd));
+#if CRYPTO_BUG
+ if (GNUNET_OK !=
+ check_eddsa_key (priv))
+ {
+ GNUNET_break (0);
+ GNUNET_free (priv);
+ return NULL;
+ }
+#endif
return priv;
}
int ec;
uint64_t fs;
ssize_t sret;
-
+
if (GNUNET_SYSERR ==
GNUNET_DISK_directory_create_for_file (filename))
return NULL;
struct GNUNET_CRYPTO_EcdhePrivateKey *priv_ecdh;
struct GNUNET_CRYPTO_EddsaPublicKey id1;
struct GNUNET_CRYPTO_EcdhePublicKey id2;
- struct GNUNET_HashCode dh[3];
+ struct GNUNET_HashCode dh[2];
/* Generate keys */
priv_dsa = GNUNET_CRYPTO_eddsa_key_create ();
- priv_ecdh = GNUNET_CRYPTO_ecdhe_key_create ();
- /* Extract public keys */
GNUNET_CRYPTO_eddsa_key_get_public (priv_dsa,
&id1);
- GNUNET_CRYPTO_ecdhe_key_get_public (priv_ecdh,
- &id2);
- /* Do ECDH */
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_eddsa_ecdh (priv_dsa,
- &id2,
- &dh[0]));
- GNUNET_assert (GNUNET_OK ==
- GNUNET_CRYPTO_ecdh_eddsa (priv_ecdh,
- &id1,
- &dh[1]));
- /* Check that both DH results are equal. */
- GNUNET_assert (0 == memcmp (&dh[0],
- &dh[1],
- sizeof (struct GNUNET_HashCode)));
+ for (unsigned int j=0;j<10;j++)
+ {
+ fprintf (stderr, ",");
+ priv_ecdh = GNUNET_CRYPTO_ecdhe_key_create ();
+ /* Extract public keys */
+ GNUNET_CRYPTO_ecdhe_key_get_public (priv_ecdh,
+ &id2);
+ /* Do ECDH */
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_eddsa_ecdh (priv_dsa,
+ &id2,
+ &dh[0]));
+ GNUNET_assert (GNUNET_OK ==
+ GNUNET_CRYPTO_ecdh_eddsa (priv_ecdh,
+ &id1,
+ &dh[1]));
+ /* Check that both DH results are equal. */
+ GNUNET_assert (0 == memcmp (&dh[0],
+ &dh[1],
+ sizeof (struct GNUNET_HashCode)));
+ GNUNET_free (priv_ecdh);
+ }
GNUNET_free (priv_dsa);
- GNUNET_free (priv_ecdh);
return 0;
}
if (getenv ("GNUNET_GCRYPT_DEBUG"))
gcry_control (GCRYCTL_SET_DEBUG_FLAGS, 1u, 0);
GNUNET_log_setup ("test-crypto-ecdh-eddsa", "WARNING", NULL);
- for (unsigned int i=0;i<10000;i++)
+ for (unsigned int i=0;i<100;i++)
{
fprintf (stderr,
".");
projects / oweals / gnunet.git / commitdiff