Commit Graph

20 Commits

Author SHA1 Message Date
Jeff Becker
1318846a08
test/service/test_llarp_service_identity.cpp:
* remove failing irrelevent test
* add expect_call in EnsureKeys to match expected bevahior
2020-02-04 06:44:48 -05:00
Jason Rhinelander
46f3459b79 Fixed EncryptedIntroSet signing to use PrivateKey
We can generate both root and derived signatures from a PrivateKey, but
only root from a SecretKey, so just change it to use a PrivateKey.
2020-01-31 16:47:25 -04:00
Jason Rhinelander
cd8f26deff Use hash instead of random for signing hash data
This makes PrivateKey store both the key followed by the hash.  For
PrivateKeys based on SecretKeys this just means the second half of the
SHA-512 of the seed, and makes a PrivateKey constructed from a SecretKey
give an identical signature to signing directly with sodium.

For derived keys we use a ShortHash of the root key's signing hash
concatenated with the publicly known hash value, so that our derived key
signing hash will be different from the root signing hash and also
different for different derivation parameters.

This also changed one of the asserts in crypto_noop, but upon closer
inspection the copying of the secret key into the signature seems really
wrong, so just changed them to fill with 0s.
2020-01-31 16:47:25 -04:00
Jeff Becker
9153f726c5 const correctness 2020-01-31 16:47:25 -04:00
Thomas Winget
a487982c49 initial implementation of blinded sign -- not working yet 2020-01-31 12:05:20 -04:00
Jason Rhinelander
860c5efd47 Derived key fixes
The reason things weren't working here is because libsodium does
something completely unintuitive and called the seed the "secret key"
when it isn't, it's the seed.

This adds a new PrivateKey class (alongside the existing SecretKey and
PubKey) that holds just a private key value but no seed -- which we need
to do because there is no way we can get a seed after calculating a
derived keypair.

With these changes, we now generate exactly the same keys and subkeys as
Tor (and a new test case uses values generated in Tor to verify this).

This is incomplete -- the subkey signing code is still not implemented;
it has to be adapted to create a signature from a PrivateKey rather than
a SecretKey which will probably requiring working around/reimplementing
some of what libsodium does for creating a signature since it expects
"secret keys" i.e. the seed.
2020-01-30 12:34:05 -04:00
Jeff Becker
0f13591802
does not work 2020-01-28 16:55:36 -05:00
Jeff Becker
99eb7726ff
initial dht key blinding 2020-01-27 16:30:41 -05:00
Stephen Shelton
2c6226f54a Backup SNApp keys when migrating to new ed25519 crypto 2019-12-06 11:21:14 -07:00
Michael
a62655d501
Move tests to use top-level LlarpTest 2019-05-28 20:45:09 +01:00
Michael
491fee206b
Port code to use CryptoManager over passing Crypto pointers 2019-05-28 20:45:08 +01:00
Rick V
f0a4b93431
fix
(cherry picked from commit 0d2e1da774580917dcf6a05c6be81ebfe823adef)
2019-05-22 05:14:04 -05:00
Michael
a83be769e2
More explicit error when keyfile is not a valid file 2019-05-18 18:34:25 +01:00
Michael
9ee525a006
Fix shadowing warnings 2019-04-26 00:21:19 +01:00
Michael
98e691f315
Tidy up more parts of the service/ directory 2019-04-22 22:28:10 +01:00
Jeff Becker
c910a2a2fb
more 2019-04-05 10:58:22 -04:00
Michael
f24f554a01
Convert llarp::Crypto into an abstract base class 2019-01-26 15:40:58 +00:00
Michael
04e0fe3ad7
Move crypto code to a subdirectory 2019-01-13 15:06:16 +00:00
Michael
081d4dfa32
Reorganise source into more folders 2019-01-11 01:19:49 +00:00
Michael
fa2b466ffe
Reorganise tests to mirror source layout 2019-01-11 00:12:52 +00:00