mirror of
https://github.com/jedisct1/libsodium.git
synced 2024-12-19 10:05:05 -07:00
Change crypto_core_ed25519_from_string() to accept a hash function
This commit is contained in:
parent
e0629769d3
commit
e4206f1337
@ -77,7 +77,8 @@ crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r)
|
||||
|
||||
static int
|
||||
_string_to_points(unsigned char * const px, const size_t n,
|
||||
const char *ctx, const unsigned char *msg, size_t msg_len)
|
||||
const char *ctx, const unsigned char *msg, size_t msg_len,
|
||||
int hash_alg)
|
||||
{
|
||||
unsigned char h[crypto_core_ed25519_HASHBYTES];
|
||||
unsigned char h_be[2U * HASH_GE_L];
|
||||
@ -87,7 +88,7 @@ _string_to_points(unsigned char * const px, const size_t n,
|
||||
abort(); /* LCOV_EXCL_LINE */
|
||||
}
|
||||
if (core_h2c_string_to_hash(h_be, n * HASH_GE_L, ctx, msg, msg_len,
|
||||
CORE_H2C_SHA512) != 0) {
|
||||
hash_alg) != 0) {
|
||||
return -1;
|
||||
}
|
||||
COMPILER_ASSERT(sizeof h >= HASH_GE_L);
|
||||
@ -104,19 +105,19 @@ _string_to_points(unsigned char * const px, const size_t n,
|
||||
int
|
||||
crypto_core_ed25519_from_string(unsigned char p[crypto_core_ed25519_BYTES],
|
||||
const char *ctx, const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
{
|
||||
return _string_to_points(p, 1, ctx, msg, msg_len);
|
||||
return _string_to_points(p, 1, ctx, msg, msg_len, hash_alg);
|
||||
}
|
||||
|
||||
int
|
||||
crypto_core_ed25519_from_string_ro(unsigned char p[crypto_core_ed25519_BYTES],
|
||||
const char *ctx, const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
{
|
||||
unsigned char px[2 * crypto_core_ed25519_BYTES];
|
||||
|
||||
if (_string_to_points(px, 2, ctx, msg, msg_len) != 0) {
|
||||
if (_string_to_points(px, 2, ctx, msg, msg_len, hash_alg) != 0) {
|
||||
return -1;
|
||||
}
|
||||
return crypto_core_ed25519_add(p, &px[0], &px[crypto_core_ed25519_BYTES]);
|
||||
|
@ -1,6 +1,8 @@
|
||||
#ifndef core_h2c_H
|
||||
#define core_h2c_H
|
||||
|
||||
#include "private/quirks.h"
|
||||
|
||||
#define CORE_H2C_SHA256 1
|
||||
#define CORE_H2C_SHA512 2
|
||||
|
||||
|
@ -73,12 +73,13 @@ crypto_core_ristretto255_from_hash(unsigned char *p, const unsigned char *r)
|
||||
|
||||
static int
|
||||
_string_to_element(unsigned char *p,
|
||||
const char *ctx, const unsigned char *msg, size_t msg_len)
|
||||
const char *ctx, const unsigned char *msg, size_t msg_len,
|
||||
int hash_alg)
|
||||
{
|
||||
unsigned char h[crypto_core_ristretto255_HASHBYTES];
|
||||
|
||||
if (core_h2c_string_to_hash(h, sizeof h, ctx, msg, msg_len,
|
||||
CORE_H2C_SHA256) != 0) {
|
||||
hash_alg) != 0) {
|
||||
return -1;
|
||||
}
|
||||
ristretto255_from_hash(p, h);
|
||||
@ -89,17 +90,17 @@ _string_to_element(unsigned char *p,
|
||||
int
|
||||
crypto_core_ristretto255_from_string(unsigned char p[crypto_core_ristretto255_BYTES],
|
||||
const char *ctx, const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
{
|
||||
return _string_to_element(p, ctx, msg, msg_len);
|
||||
return _string_to_element(p, ctx, msg, msg_len, hash_alg);
|
||||
}
|
||||
|
||||
int
|
||||
crypto_core_ristretto255_from_string_ro(unsigned char p[crypto_core_ristretto255_BYTES],
|
||||
const char *ctx, const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
{
|
||||
return crypto_core_ristretto255_from_string(p, ctx, msg, msg_len);
|
||||
return crypto_core_ristretto255_from_string(p, ctx, msg, msg_len, hash_alg);
|
||||
}
|
||||
|
||||
void
|
||||
@ -177,14 +178,14 @@ crypto_core_ristretto255_scalar_is_canonical(const unsigned char *s)
|
||||
int
|
||||
crypto_core_ristretto255_scalar_from_string(unsigned char *s,
|
||||
const char *ctx, const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
{
|
||||
unsigned char h[crypto_core_ristretto255_NONREDUCEDSCALARBYTES];
|
||||
unsigned char h_be[HASH_SC_L];
|
||||
size_t i;
|
||||
|
||||
if (core_h2c_string_to_hash(h_be, sizeof h_be, ctx, msg, msg_len,
|
||||
CORE_H2C_SHA256) != 0) {
|
||||
hash_alg) != 0) {
|
||||
return -1;
|
||||
}
|
||||
COMPILER_ASSERT(sizeof h >= sizeof h_be);
|
||||
|
@ -28,6 +28,9 @@ size_t crypto_core_ed25519_scalarbytes(void);
|
||||
SODIUM_EXPORT
|
||||
size_t crypto_core_ed25519_nonreducedscalarbytes(void);
|
||||
|
||||
#define crypto_core_ed25519_H2CSHA256 1
|
||||
#define crypto_core_ed25519_H2CSHA512 2
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_core_ed25519_is_valid_point(const unsigned char *p)
|
||||
__attribute__ ((nonnull));
|
||||
@ -49,13 +52,13 @@ int crypto_core_ed25519_from_uniform(unsigned char *p, const unsigned char *r)
|
||||
SODIUM_EXPORT
|
||||
int crypto_core_ed25519_from_string(unsigned char p[crypto_core_ed25519_BYTES],
|
||||
const char *ctx, const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
__attribute__ ((nonnull(1)));
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_core_ed25519_from_string_ro(unsigned char p[crypto_core_ed25519_BYTES],
|
||||
const char *ctx, const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
__attribute__ ((nonnull(1)));
|
||||
|
||||
SODIUM_EXPORT
|
||||
|
@ -24,6 +24,9 @@ size_t crypto_core_ristretto255_scalarbytes(void);
|
||||
SODIUM_EXPORT
|
||||
size_t crypto_core_ristretto255_nonreducedscalarbytes(void);
|
||||
|
||||
#define crypto_core_ristretto255_H2CSHA256 1
|
||||
#define crypto_core_ristretto255_H2CSHA512 2
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_core_ristretto255_is_valid_point(const unsigned char *p)
|
||||
__attribute__ ((nonnull));
|
||||
@ -47,14 +50,14 @@ SODIUM_EXPORT
|
||||
int crypto_core_ristretto255_from_string(unsigned char p[crypto_core_ristretto255_BYTES],
|
||||
const char *ctx,
|
||||
const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
__attribute__ ((nonnull(1)));
|
||||
|
||||
SODIUM_EXPORT
|
||||
int crypto_core_ristretto255_from_string_ro(unsigned char p[crypto_core_ristretto255_BYTES],
|
||||
const char *ctx,
|
||||
const unsigned char *msg,
|
||||
size_t msg_len)
|
||||
size_t msg_len, int hash_alg)
|
||||
__attribute__ ((nonnull(1)));
|
||||
|
||||
SODIUM_EXPORT
|
||||
|
@ -54,6 +54,8 @@ static TestData test_data[] = {
|
||||
"6dc2fc04f266c5c27f236a80b14f92ccd051ef1ff027f26a07f8c0f327d8f995" }
|
||||
};
|
||||
|
||||
#define H2CHASH crypto_core_ed25519_H2CSHA512
|
||||
|
||||
int
|
||||
main(void)
|
||||
{
|
||||
@ -79,14 +81,14 @@ main(void)
|
||||
if (crypto_core_ed25519_from_string(
|
||||
y, "QUUX-V01-CS02-with-edwards25519_XMD:SHA-512_ELL2_NU_",
|
||||
(const unsigned char *) test_data[i].msg,
|
||||
strlen(test_data[i].msg)) != 0) {
|
||||
strlen(test_data[i].msg), H2CHASH) != 0) {
|
||||
printf("crypto_core_ed25519_from_string() failed\n");
|
||||
}
|
||||
} else {
|
||||
if (crypto_core_ed25519_from_string_ro(
|
||||
y, "QUUX-V01-CS02-with-edwards25519_XMD:SHA-512_ELL2_RO_",
|
||||
(const unsigned char *) test_data[i].msg,
|
||||
strlen(test_data[i].msg)) != 0) {
|
||||
strlen(test_data[i].msg), H2CHASH) != 0) {
|
||||
printf("crypto_core_ed25519_from_string_ro() failed\n");
|
||||
}
|
||||
}
|
||||
@ -102,11 +104,12 @@ main(void)
|
||||
}
|
||||
|
||||
if (crypto_core_ed25519_from_string(y, NULL, (const unsigned char *) "msg",
|
||||
3U) != 0 ||
|
||||
crypto_core_ed25519_from_string(y, "", guard_page, 0U) != 0 ||
|
||||
3U, H2CHASH) != 0 ||
|
||||
crypto_core_ed25519_from_string(y, "", guard_page, 0U, H2CHASH) != 0 ||
|
||||
crypto_core_ed25519_from_string_ro(
|
||||
y, NULL, (const unsigned char *) "msg", 3U) != 0 ||
|
||||
crypto_core_ed25519_from_string_ro(y, "", guard_page, 0U) != 0) {
|
||||
y, NULL, (const unsigned char *) "msg", 3U, H2CHASH) != 0 ||
|
||||
crypto_core_ed25519_from_string_ro(y, "", guard_page, 0U,
|
||||
H2CHASH) != 0) {
|
||||
printf("Failed with empty parameters");
|
||||
}
|
||||
|
||||
@ -114,12 +117,14 @@ main(void)
|
||||
memset(oversized_ctx, 'X', oversized_ctx_len - 1U);
|
||||
oversized_ctx[oversized_ctx_len - 1U] = 0;
|
||||
crypto_core_ed25519_from_string(y, oversized_ctx,
|
||||
(const unsigned char *) "msg", 3U);
|
||||
(const unsigned char *) "msg", 3U,
|
||||
H2CHASH);
|
||||
sodium_bin2hex(y_hex, crypto_core_ed25519_BYTES * 2U + 1U, y,
|
||||
crypto_core_ed25519_BYTES);
|
||||
printf("NU with oversized context: %s\n", y_hex);
|
||||
crypto_core_ed25519_from_string_ro(y, oversized_ctx,
|
||||
(const unsigned char *) "msg", 3U);
|
||||
(const unsigned char *) "msg", 3U,
|
||||
H2CHASH);
|
||||
sodium_bin2hex(y_hex, crypto_core_ed25519_BYTES * 2U + 1U, y,
|
||||
crypto_core_ed25519_BYTES);
|
||||
printf("RO with oversized context: %s\n", y_hex);
|
||||
|
Loading…
Reference in New Issue
Block a user