[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: include raw answer in KDF for s
|
From: |
gnunet |
|
Subject: |
[taler-anastasis] branch master updated: include raw answer in KDF for security question key share encyption |
|
Date: |
Fri, 19 Mar 2021 18:24:57 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 21f5d50 include raw answer in KDF for security question key share
encyption
21f5d50 is described below
commit 21f5d5025f0da657c55307071c30a34d433c7d2a
Author: Christian Grothoff <grothoff@gnunet.org>
AuthorDate: Fri Mar 19 18:24:45 2021 +0100
include raw answer in KDF for security question key share encyption
---
src/include/anastasis_crypto_lib.h | 7 +++++--
src/lib/anastasis_backup.c | 15 ++++++++++++---
src/lib/anastasis_recovery.c | 29 +++++++++++++++++++----------
src/util/anastasis_crypto.c | 10 ++++------
src/util/test_anastasis_crypto.c | 2 ++
5 files changed, 42 insertions(+), 21 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index 97103fa..bddcb5b 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -103,8 +103,7 @@ struct ANASTASIS_CRYPTO_MasterSaltP
*/
struct ANASTASIS_CRYPTO_QuestionSaltP
{
- struct GNUNET_ShortHashCode key GNUNET_PACKED;
- // struct GNUNET_CRYPTO_PowSalt pow_salt;
+ struct GNUNET_CRYPTO_PowSalt pow_salt;
};
@@ -385,12 +384,14 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
*
* @param key_share the key share which is afterwards encrypted
* @param id the user identification which is the entropy source for the key
generation
+ * @param xsalt answer to security question, otherwise NULL; used as extra
salt in KDF
* @param[out] enc_key_share holds the encrypted share, the first 48 Bytes are
the used nonce and tag
*/
void
ANASTASIS_CRYPTO_keyshare_encrypt (
const struct ANASTASIS_CRYPTO_KeyShareP *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const char *xsalt,
struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share);
@@ -399,12 +400,14 @@ ANASTASIS_CRYPTO_keyshare_encrypt (
*
* @param enc_key_share holds the encrypted share, the first 48 Bytes are the
used nonce and tag
* @param id the user identification which is the entropy source for the key
generation
+ * @param xsalt answer to security question, otherwise NULL; used as extra
salt in KDF
* @param[out] key_share the result of decryption
*/
void
ANASTASIS_CRYPTO_keyshare_decrypt (
const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const char *xsalt,
struct ANASTASIS_CRYPTO_KeyShareP *key_share);
diff --git a/src/lib/anastasis_backup.c b/src/lib/anastasis_backup.c
index f5c0693..c7d1354 100644
--- a/src/lib/anastasis_backup.c
+++ b/src/lib/anastasis_backup.c
@@ -275,9 +275,7 @@ ANASTASIS_truth_upload3 (struct GNUNET_CURL_Context *ctx,
tu->tc = tc;
tu->tc_cls = tc_cls;
tu->t = t;
- ANASTASIS_CRYPTO_keyshare_encrypt (&t->key_share,
- &tu->id,
- &encrypted_key_share);
+
if (0 == strcmp ("question",
t->type))
{
@@ -289,10 +287,21 @@ ANASTASIS_truth_upload3 (struct GNUNET_CURL_Context *ctx,
&t->uuid,
&t->salt,
&nt);
+ ANASTASIS_CRYPTO_keyshare_encrypt (&t->key_share,
+ &tu->id,
+ answer,
+ &encrypted_key_share);
GNUNET_free (answer);
truth_data = &nt;
truth_data_size = sizeof (nt);
}
+ else
+ {
+ ANASTASIS_CRYPTO_keyshare_encrypt (&t->key_share,
+ &tu->id,
+ NULL,
+ &encrypted_key_share);
+ }
ANASTASIS_CRYPTO_truth_encrypt (&t->nonce,
&t->truth_key,
truth_data,
diff --git a/src/lib/anastasis_recovery.c b/src/lib/anastasis_recovery.c
index 1104d4a..cc5e4de 100644
--- a/src/lib/anastasis_recovery.c
+++ b/src/lib/anastasis_recovery.c
@@ -88,6 +88,11 @@ struct ANASTASIS_Challenge
*/
char *instructions;
+ /**
+ * Answer to the security question, if @a type is "question". Otherwise NULL.
+ */
+ char *answer;
+
/**
* Reference to the recovery process which is ongoing
*/
@@ -327,6 +332,7 @@ keyshare_lookup_cb (void *cls,
&id);
ANASTASIS_CRYPTO_keyshare_decrypt (&dd->details.eks,
&id,
+ c->answer,
&c->key_share);
recovery->solved_challenges[recovery->solved_challenge_pos++] = c;
@@ -464,6 +470,8 @@ ANASTASIS_challenge_answer (
{
struct GNUNET_HashCode hashed_answer;
+ GNUNET_free (c->answer);
+ c->answer = GNUNET_strdup (answer_str);
ANASTASIS_CRYPTO_secure_answer_hash (answer_str,
&c->ci.uuid,
&c->salt,
@@ -839,16 +847,16 @@ policy_lookup_cb (void *cls,
struct ANASTASIS_Recovery *
-ANASTASIS_recovery_begin (struct GNUNET_CURL_Context *ctx,
- const json_t *id_data,
- unsigned int version,
- const char *anastasis_provider_url,
- const struct
- ANASTASIS_CRYPTO_ProviderSaltP *provider_salt,
- ANASTASIS_PolicyCallback pc,
- void *pc_cls,
- ANASTASIS_CoreSecretCallback csc,
- void *csc_cls)
+ANASTASIS_recovery_begin (
+ struct GNUNET_CURL_Context *ctx,
+ const json_t *id_data,
+ unsigned int version,
+ const char *anastasis_provider_url,
+ const struct ANASTASIS_CRYPTO_ProviderSaltP *provider_salt,
+ ANASTASIS_PolicyCallback pc,
+ void *pc_cls,
+ ANASTASIS_CoreSecretCallback csc,
+ void *csc_cls)
{
struct ANASTASIS_Recovery *r;
struct ANASTASIS_CRYPTO_AccountPublicKeyP pub_key;
@@ -1346,6 +1354,7 @@ ANASTASIS_recovery_abort (struct ANASTASIS_Recovery *r)
GNUNET_free (cs->url);
GNUNET_free (cs->type);
GNUNET_free (cs->instructions);
+ GNUNET_free (cs->answer);
}
GNUNET_free (r->ri.cs);
GNUNET_free (r->cs);
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index 35e0761..ace0162 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -412,6 +412,7 @@ void
ANASTASIS_CRYPTO_keyshare_encrypt (
const struct ANASTASIS_CRYPTO_KeyShareP *key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const char *xsalt,
struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share)
{
const char *salt = "eks";
@@ -422,16 +423,12 @@ ANASTASIS_CRYPTO_keyshare_encrypt (
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
&nonce,
sizeof (nonce));
- /* FIXME: the HKDF (in get_iv_key()) should be able to take additional
- bits from the response (e.g. some hash over the answer to the
- security question, see 12.6.-> interface EncryptedKeyShare in spec)
- */
anastasis_encrypt (&nonce,
id,
sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
key_share,
sizeof (struct ANASTASIS_CRYPTO_KeyShareP),
- salt,
+ (NULL == xsalt) ? salt : xsalt,
&eks,
&eks_size);
GNUNET_assert (eks_size ==
@@ -447,6 +444,7 @@ void
ANASTASIS_CRYPTO_keyshare_decrypt (
const struct ANASTASIS_CRYPTO_EncryptedKeyShareP *enc_key_share,
const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const char *xsalt,
struct ANASTASIS_CRYPTO_KeyShareP *key_share)
{
const char *salt = "eks";
@@ -457,7 +455,7 @@ ANASTASIS_CRYPTO_keyshare_decrypt (
sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
enc_key_share,
sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP),
- salt,
+ (NULL == xsalt) ? salt : xsalt,
&ks,
&ks_size);
GNUNET_assert (ks_size ==
diff --git a/src/util/test_anastasis_crypto.c b/src/util/test_anastasis_crypto.c
index dbaf4fe..9a6a98c 100644
--- a/src/util/test_anastasis_crypto.c
+++ b/src/util/test_anastasis_crypto.c
@@ -155,9 +155,11 @@ test_key_share (void)
ANASTASIS_CRYPTO_keyshare_create (&key_share);
ANASTASIS_CRYPTO_keyshare_encrypt (&key_share,
&id,
+ NULL,
&ciphertext);
ANASTASIS_CRYPTO_keyshare_decrypt (&ciphertext,
&id,
+ NULL,
&plaintext);
return GNUNET_memcmp (&key_share,
&plaintext);
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: include raw answer in KDF for security question key share encyption,
gnunet <=