[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: sort out HKDF invocations (salt
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: sort out HKDF invocations (salt vs ikm vs info) |
|
Date: |
Tue, 19 Oct 2021 14:07:35 +0200 |
This is an automated email from the git hooks/post-receive script.
dold pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 0120fe8 sort out HKDF invocations (salt vs ikm vs info)
0120fe8 is described below
commit 0120fe8345d6592bd61c0ae4df1c3db34155715c
Author: Florian Dold <florian@dold.me>
AuthorDate: Tue Oct 19 14:07:27 2021 +0200
sort out HKDF invocations (salt vs ikm vs info)
---
src/util/anastasis_crypto.c | 32 +++++++++++++++++++++++++-------
1 file changed, 25 insertions(+), 7 deletions(-)
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index e122c07..f5e6c77 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -61,12 +61,15 @@ ANASTASIS_CRYPTO_secure_answer_hash (
GNUNET_CRYPTO_kdf (
result,
sizeof (*result),
- "Anastasis-secure-question-uuid-salting",
- strlen ("Anastasis-secure-question-uuid-salting"),
- &pow,
- sizeof (pow),
+ /* salt / XTS */
uuid,
sizeof (*uuid),
+ /* skm */
+ &pow,
+ sizeof (pow),
+ /* info chunks */
+ "anastasis-secure-question-hashing",
+ strlen ("anastasis-secure-question-hashing"),
NULL,
0));
}
@@ -88,14 +91,19 @@ derive_key (const void *key_material,
const char *salt,
struct ANASTASIS_CRYPTO_SymKeyP *key)
{
-
if (GNUNET_YES !=
GNUNET_CRYPTO_kdf (key,
sizeof (struct ANASTASIS_CRYPTO_SymKeyP),
+ /* salt / XTS */
nonce,
sizeof (struct ANASTASIS_CRYPTO_NonceP),
+ /* ikm */
key_material,
key_m_len,
+ /* info chunks */
+ /* The "salt" passed here is actually not something
random,
+ but a protocol-specific identifier string. Thus
+ we pass it as a context info to the HKDF */
salt,
strlen (salt),
NULL,
@@ -230,8 +238,13 @@ ANASTASIS_CRYPTO_account_private_key_derive (
if (GNUNET_YES !=
GNUNET_CRYPTO_kdf (&priv_key->priv,
sizeof (priv_key->priv),
+ /* salt / XTS */
+ NULL,
+ 0,
+ /* ikm */
id,
sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
+ /* context chunks */
"ver",
strlen ("ver"),
NULL,
@@ -422,10 +435,15 @@ ANASTASIS_CRYPTO_policy_key_derive (
{
GNUNET_CRYPTO_kdf (policy_key,
sizeof (*policy_key),
- key_shares,
- keyshare_length * sizeof (*key_shares),
+ /* salt / XTS */
salt,
sizeof (*salt),
+ /* ikm */
+ key_shares,
+ keyshare_length * sizeof (*key_shares),
+ /* info chunks */
+ "anastasis-policy-key-derive",
+ strlen ("anastasis-policy-key-derive"),
NULL, 0);
}
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: sort out HKDF invocations (salt vs ikm vs info),
gnunet <=