[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Signing some data using CRYPTO
|
From: |
Christian Grothoff |
|
Subject: |
Re: Signing some data using CRYPTO |
|
Date: |
Sat, 13 Jun 2020 22:21:53 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.8.0 |
On 6/13/20 6:47 PM, Alessio Vanni wrote:
> Hello,
>
> I have a service which sends some data to a remote peer via CADET to a
> well known port. This data is preceded by a header with a bunch of
> informations, including a signature to verify that nothing happened
> while the data was being transmitted. I thought I could use CRYPTO to
> sign this data, but it's a bit unclear how it works. The signature
> should be performed using the keys of an ego.
>
> The function to sign the data expects a "purpose", which is a structure
> with two field: "size" and "purpose". It's not clear where the data to
> sign goes, but I'll guess it goes after the structure, similarily to how
> messages created with `GNUNET_MQ_msg_extra' have extra space at the end.
Yes, you should put the data to sign into a struct with the 'purpose'
first and the rest afterwards.
> The "purpose" field has a problem though: the documentation says the
> value has to be one from "gnunet_signatures.h", but none of them are a
> "generic signature" value, only something specific to a certain
> situation.
You should define a new value for your application. This is important:
otherwise, someone could say sign data with a key using your
application, and then use that signature in a different context for a
different application. The 'purpose' ensures that all signatures are
generated specific to the context where they will be used.
> There is also another small problem, because the data can have a size
> that can fit into a uint64_t (when sent through CADET, the data is
> fragmented as needed) and the "size" field in the purpose is a uint32_t,
> but since the service is still being developed the uint64_t can become a
> uint32_t if needed.
You should in this case put a hash over the data you are signing behind
the purpose, and not the entire data:
struct MySignData {
struct Purpose purpose;
struct GNUNET_HashCode hc;
} msd = {
.purpose.purpose = htonl (NEW_CONSTANT),
.purpose.size = htonl (sizeof (msd))
};
You may want to use the HashContext to hash the data in a streaming way
instead of requiring it all to be in memory at the same time.
> With all that said, how can I sign some data using CRYPTO?
The most important bit is to define a new purpose constant. I hope to
"soon" convert gnunet_signatures.h into a GANA
(https://gana.gnunet.org/) recfile, that will make it easier for
out-of-tree applications to properly register a new purpose value.
signature.asc
Description: OpenPGP digital signature