diff options
author | Florian Dold <florian@dold.me> | 2021-10-19 14:07:27 +0200 |
---|---|---|
committer | Florian Dold <florian@dold.me> | 2021-10-19 14:07:27 +0200 |
commit | 0120fe8345d6592bd61c0ae4df1c3db34155715c (patch) | |
tree | 348da9dd91174f270ba14c09e411e4ce0963a59d | |
parent | f9b3f95b133dd98289ccd165966896fc0af5860d (diff) | |
download | anastasis-0120fe8345d6592bd61c0ae4df1c3db34155715c.tar.gz anastasis-0120fe8345d6592bd61c0ae4df1c3db34155715c.tar.bz2 anastasis-0120fe8345d6592bd61c0ae4df1c3db34155715c.zip |
sort out HKDF invocations (salt vs ikm vs info)
-rw-r--r-- | src/util/anastasis_crypto.c | 32 |
1 files changed, 25 insertions, 7 deletions
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c index e122c07..f5e6c77 100644 --- a/src/util/anastasis_crypto.c +++ b/src/util/anastasis_crypto.c @@ -61,12 +61,15 @@ ANASTASIS_CRYPTO_secure_answer_hash ( GNUNET_CRYPTO_kdf ( result, sizeof (*result), - "Anastasis-secure-question-uuid-salting", - strlen ("Anastasis-secure-question-uuid-salting"), - &pow, - sizeof (pow), + /* salt / XTS */ uuid, sizeof (*uuid), + /* skm */ + &pow, + sizeof (pow), + /* info chunks */ + "anastasis-secure-question-hashing", + strlen ("anastasis-secure-question-hashing"), NULL, 0)); } @@ -88,14 +91,19 @@ derive_key (const void *key_material, const char *salt, struct ANASTASIS_CRYPTO_SymKeyP *key) { - if (GNUNET_YES != GNUNET_CRYPTO_kdf (key, sizeof (struct ANASTASIS_CRYPTO_SymKeyP), + /* salt / XTS */ nonce, sizeof (struct ANASTASIS_CRYPTO_NonceP), + /* ikm */ key_material, key_m_len, + /* info chunks */ + /* The "salt" passed here is actually not something random, + but a protocol-specific identifier string. Thus + we pass it as a context info to the HKDF */ salt, strlen (salt), NULL, @@ -230,8 +238,13 @@ ANASTASIS_CRYPTO_account_private_key_derive ( if (GNUNET_YES != GNUNET_CRYPTO_kdf (&priv_key->priv, sizeof (priv_key->priv), + /* salt / XTS */ + NULL, + 0, + /* ikm */ id, sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP), + /* context chunks */ "ver", strlen ("ver"), NULL, @@ -422,10 +435,15 @@ ANASTASIS_CRYPTO_policy_key_derive ( { GNUNET_CRYPTO_kdf (policy_key, sizeof (*policy_key), - key_shares, - keyshare_length * sizeof (*key_shares), + /* salt / XTS */ salt, sizeof (*salt), + /* ikm */ + key_shares, + keyshare_length * sizeof (*key_shares), + /* info chunks */ + "anastasis-policy-key-derive", + strlen ("anastasis-policy-key-derive"), NULL, 0); } |