[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[gnunet] branch master updated: - Add KEM validation error handling
|
From: |
gnunet |
|
Subject: |
[gnunet] branch master updated: - Add KEM validation error handling |
|
Date: |
Wed, 17 Jul 2024 09:10:04 +0200 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 0e9d6af26 - Add KEM validation error handling
0e9d6af26 is described below
commit 0e9d6af260c8bfd5293ce6dc084325f6fabdd9ea
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Wed Jul 17 09:09:54 2024 +0200
- Add KEM validation error handling
---
src/lib/util/crypto_ecc.c | 12 ++++++++++--
src/lib/util/crypto_kem.c | 15 +++++++++------
2 files changed, 19 insertions(+), 8 deletions(-)
diff --git a/src/lib/util/crypto_ecc.c b/src/lib/util/crypto_ecc.c
index a1f6d5c74..ee5c42417 100644
--- a/src/lib/util/crypto_ecc.c
+++ b/src/lib/util/crypto_ecc.c
@@ -768,9 +768,13 @@ GNUNET_CRYPTO_x25519_ecdh (const struct
GNUNET_CRYPTO_EcdhePrivateKey *sk,
const struct GNUNET_CRYPTO_EcdhePublicKey *pub,
struct GNUNET_CRYPTO_EcdhePublicKey *dh)
{
+ uint8_t checkbyte = 0;
if (0 != crypto_scalarmult_curve25519 (dh->q_y, sk->d, pub->q_y))
return GNUNET_SYSERR;
- return GNUNET_OK;
+ // We need to check if this is the all-zero value
+ for (int i = 0; i < sizeof *dh; i++)
+ checkbyte ^= ((uint8_t*)dh)[i];
+ return (0 == checkbyte) ? GNUNET_SYSERR : GNUNET_OK;
}
@@ -779,9 +783,13 @@ GNUNET_CRYPTO_ecdh_x25519 (const struct
GNUNET_CRYPTO_EcdhePrivateKey *sk,
const struct GNUNET_CRYPTO_EcdhePublicKey *pk,
struct GNUNET_CRYPTO_EcdhePublicKey *dh)
{
+ uint8_t checkbyte = 0;
if (0 != crypto_scalarmult_curve25519 (dh->q_y, sk->d, pk->q_y))
return GNUNET_SYSERR;
- return GNUNET_OK;
+ // We need to check if this is the all-zero value
+ for (int i = 0; i < sizeof *dh; i++)
+ checkbyte ^= ((uint8_t*)dh)[i];
+ return (0 == checkbyte) ? GNUNET_SYSERR : GNUNET_OK;
}
diff --git a/src/lib/util/crypto_kem.c b/src/lib/util/crypto_kem.c
index 5a6ff8d3d..fd7fc4575 100644
--- a/src/lib/util/crypto_kem.c
+++ b/src/lib/util/crypto_kem.c
@@ -54,8 +54,8 @@ labeled_extract (const char *ctx_str,
const uint8_t *suite_id, size_t suite_id_len,
struct GNUNET_ShortHashCode *prk)
{
- size_t labeled_ikm_len = strlen (ctx_str) + suite_id_len +
- label_len + ikm_len;
+ size_t labeled_ikm_len = strlen (ctx_str) + suite_id_len
+ + label_len + ikm_len;
uint8_t labeled_ikm[labeled_ikm_len];
uint8_t *tmp = labeled_ikm;
@@ -218,8 +218,9 @@ GNUNET_CRYPTO_kem_encaps_norand (const struct
GNUNET_CRYPTO_EcdhePublicKey *pub,
GNUNET_CRYPTO_ecdhe_key_get_public (skE, c);
// dh = DH(skE, pkR)
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_x25519 (skE, pub,
- &dh));
+ if (GNUNET_OK != GNUNET_CRYPTO_ecdh_x25519 (skE, pub,
+ &dh))
+ return GNUNET_SYSERR; // ValidationError
// enc = SerializePublicKey(pkE) is a NOP, see Section 7.1.1
// pkRm = SerializePublicKey(pkR) is a NOP, see Section 7.1.1
// kem_context = concat(enc, pkRm)
@@ -279,8 +280,10 @@ GNUNET_CRYPTO_kem_decaps (const struct
GNUNET_CRYPTO_EcdhePrivateKey *skR,
// pkE = DeserializePublicKey(enc) is a NOP, see Section 7.1.1
// dh = DH(skR, pkE)
- GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_x25519_ecdh (skR, c,
- &dh));
+ if (GNUNET_OK != GNUNET_CRYPTO_x25519_ecdh (skR, c,
+ &dh))
+ return GNUNET_SYSERR; // ValidationError
+
// pkRm = DeserializePublicKey(pk(skR)) is a NOP, see Section 7.1.1
crypto_scalarmult_curve25519_base (pkR, skR->d);
// kem_context = concat(enc, pkRm)
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [gnunet] branch master updated: - Add KEM validation error handling,
gnunet <=