Fixed EncryptedIntroSet signing to use PrivateKey

We can generate both root and derived signatures from a PrivateKey, but only root from a SecretKey, so just change it to use a PrivateKey.
4 years ago · 46f3459b79
parent cd8f26deff
commit 46f3459b79
4 changed files with 6 additions and 9 deletions
--- a/llarp/service/identity.cpp
+++ b/llarp/service/identity.cpp
@ -181,10 +181,8 @@ namespace llarp
      CryptoManager::instance()->xchacha20(buf, k, encrypted.nounce);
      encrypted.introsetPayload.resize(buf.sz);
      std::copy_n(buf.base, buf.sz, encrypted.introsetPayload.data());
-      /* FIXME
      if(not encrypted.Sign(derivedSignKey))
        return {};
-      */
      return encrypted;
    }
  }  // namespace service
--- a/llarp/service/intro_set.cpp
+++ b/llarp/service/intro_set.cpp
@ -104,10 +104,11 @@ namespace llarp
    }

    bool
-    EncryptedIntroSet::Sign(const SecretKey& k)
+    EncryptedIntroSet::Sign(const PrivateKey& k)
    {
-      signedAt          = llarp::time_now_ms();
-      derivedSigningKey = k.toPublic();
+      signedAt = llarp::time_now_ms();
+      if (not k.toPublic(derivedSigningKey))
+        return false;
      sig.Zero();
      std::array< byte_t, MAX_INTROSET_SIZE + 128 > tmp;
      llarp_buffer_t buf(tmp);
--- a/llarp/service/intro_set.hpp
+++ b/llarp/service/intro_set.hpp
@ -102,7 +102,7 @@ namespace llarp
      return i.print(out, -1, -1);
    }

-    /// public version of the intrset that is encrypted
+    /// public version of the introset that is encrypted
    struct EncryptedIntroSet
    {
      using Payload_t = std::vector< byte_t >;
@ -115,7 +115,7 @@ namespace llarp
      Signature sig;

      bool
-      Sign(const SecretKey& k);
+      Sign(const PrivateKey& k);

      bool
      IsExpired(llarp_time_t now) const;
--- a/test/service/test_llarp_service_identity.cpp
+++ b/test/service/test_llarp_service_identity.cpp
@ -316,11 +316,9 @@ TEST_F(RealCryptographyTest, TestEncryptAndSignIntroSet)

  const auto maybe = ident.EncryptAndSignIntroSet(I, now);
  ASSERT_TRUE(maybe.has_value());
-  llarp::LogInfo("introset=", maybe.value());
  ASSERT_TRUE(maybe->Verify(now));
  PubKey blind_key;
  const PubKey root_key(addr.as_array());
  auto crypto = CryptoManager::instance();
  ASSERT_TRUE(crypto->derive_subkey(blind_key, root_key, 1));
-  ASSERT_EQ(blind_key, root_key);
 }