store hash for ECDSA blidning

2024-11-10 00:00:29 +03:00 · 2019-06-03 12:51:57 -04:00 · 2019-06-03 12:51:57 -04:00 · 828862ea49
commit 828862ea49
parent c4dffa4dc8
3 changed files with 32 additions and 19 deletions
--- a/libi2pd/Blinding.cpp
+++ b/libi2pd/Blinding.cpp
@ -175,40 +175,48 @@ namespace data
 		i2p::crypto::HKDF (salt, (const uint8_t *)date, 8, "i2pblinding1", seed);
 	}

-	void BlindedPublicKey::GetBlindedKey (const char * date, uint8_t * blindedKey) const
+	size_t BlindedPublicKey::GetBlindedKey (const char * date, uint8_t * blindedKey) const
 	{
 		uint8_t seed[64];	
 		GenerateAlpha (date, seed);	
+		size_t publicKeyLength = 0;
 		switch (m_SigType)
 		{
 			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA256_P256:
 			{
+				publicKeyLength = i2p::crypto::ECDSAP256_KEY_LENGTH;	
 				EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_X9_62_prime256v1);
-				BlindPublicKeyECDSA (i2p::crypto::ECDSAP256_KEY_LENGTH, group, GetPublicKey (), seed, blindedKey);
+				BlindPublicKeyECDSA (publicKeyLength, group, GetPublicKey (), seed, blindedKey);
 				EC_GROUP_free (group);
 				break;
 			}
 			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA384_P384:
 			{
+				publicKeyLength = i2p::crypto::ECDSAP384_KEY_LENGTH;
 				EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_secp384r1);
-				BlindPublicKeyECDSA (i2p::crypto::ECDSAP384_KEY_LENGTH, group, GetPublicKey (), seed, blindedKey);
+				BlindPublicKeyECDSA (publicKeyLength, group, GetPublicKey (), seed, blindedKey);
 				EC_GROUP_free (group);
 				break;
 			}
 			case i2p::data::SIGNING_KEY_TYPE_ECDSA_SHA512_P521:
 			{
+				publicKeyLength = i2p::crypto::ECDSAP521_KEY_LENGTH;
 				EC_GROUP * group = EC_GROUP_new_by_curve_name (NID_secp521r1);
-				BlindPublicKeyECDSA (i2p::crypto::ECDSAP521_KEY_LENGTH, group, GetPublicKey (), seed, blindedKey);
+				BlindPublicKeyECDSA (publicKeyLength, group, GetPublicKey (), seed, blindedKey);
 				EC_GROUP_free (group);
 				break;
 			}
 			case i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519:
 			case i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519:
+			{
 				i2p::crypto::GetEd25519 ()->BlindPublicKey (GetPublicKey (), seed, blindedKey);	
+				publicKeyLength = i2p::crypto::EDDSA25519_PUBLIC_KEY_LENGTH;
 				break;
+			}
 			default:
 				LogPrint (eLogError, "Blinding: can't blind signature type ", (int)m_SigType);
 		}
+		return publicKeyLength;
 	}

 	size_t BlindedPublicKey::BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const
@ -267,23 +275,23 @@ namespace data
 	i2p::data::IdentHash BlindedPublicKey::GetStoreHash (const char * date) const
 	{
 		i2p::data::IdentHash hash;
-		if (m_BlindedSigType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519 ||
-			m_BlindedSigType == i2p::data::SIGNING_KEY_TYPE_EDDSA_SHA512_ED25519)
-		{
-			uint8_t blinded[32];
+		uint8_t blinded[128];
+		size_t publicKeyLength = 0;	
 		if (date)
-				GetBlindedKey (date, blinded);
+			publicKeyLength = GetBlindedKey (date, blinded);
 		else
 		{
 			char currentDate[9];
 			i2p::util::GetCurrentDate (currentDate);
-				GetBlindedKey (currentDate, blinded);	
+			publicKeyLength = GetBlindedKey (currentDate, blinded);	
 		}	
+		if (publicKeyLength)
+		{
 			auto stA1 = htobe16 (m_BlindedSigType);
 			SHA256_CTX ctx;
 			SHA256_Init (&ctx);
 			SHA256_Update (&ctx, (const uint8_t *)&stA1, 2);
-			SHA256_Update (&ctx, blinded, 32);
+			SHA256_Update (&ctx, blinded, publicKeyLength);
 			SHA256_Final ((uint8_t *)hash, &ctx);
 		}
 		else
--- a/libi2pd/Blinding.h
+++ b/libi2pd/Blinding.h
@ -24,7 +24,7 @@ namespace data
 			SigningKeyType GetBlindedSigType () const  { return m_BlindedSigType; };

 			void GetSubcredential (const uint8_t * blinded, size_t len, uint8_t * subcredential) const; // 32 bytes
-			void GetBlindedKey (const char * date, uint8_t * blindedKey) const; // blinded key 32 bytes, date is 8 chars "YYYYMMDD" 
+			size_t GetBlindedKey (const char * date, uint8_t * blindedKey) const; // date is 8 chars "YYYYMMDD", return public key length  
 			size_t BlindPrivateKey (const uint8_t * priv, const char * date, uint8_t * blindedPriv, uint8_t * blindedPub) const; // date is 8 chars "YYYYMMDD", return public key length 
 			i2p::data::IdentHash GetStoreHash (const char * date = nullptr) const; // date is 8 chars "YYYYMMDD", use current if null

--- a/libi2pd/LeaseSet.cpp
+++ b/libi2pd/LeaseSet.cpp
@ -463,7 +463,7 @@ namespace data
 		if (verified && key && lenOuterCiphertext >= 32)
 		{
 			SetIsValid (false); // we must verify it again in Layer 2 
-			if (blindedKeyType == i2p::data::SIGNING_KEY_TYPE_REDDSA_SHA512_ED25519)
+			if (blindedKeyType == key->GetBlindedSigType ())
 			{
 				// verify blinding
 				char date[9];
@ -476,6 +476,11 @@ namespace data
 					return;
 				}	
 			}	
+			else
+			{
+				LogPrint (eLogError, "LeaseSet2: Unexpected blinded key type ", blindedKeyType, " instread ", key->GetBlindedSigType ());
+				return;
+			}	
 			// outer key
 			// outerInput = subcredential || publishedTimestamp
 			uint8_t subcredential[36];