diff options
Diffstat (limited to 'doc/sphinx/cryptography.rst')
| -rw-r--r-- | doc/sphinx/cryptography.rst | 28 |
1 files changed, 4 insertions, 24 deletions
diff --git a/doc/sphinx/cryptography.rst b/doc/sphinx/cryptography.rst index 406732a..a38f6e7 100644 --- a/doc/sphinx/cryptography.rst +++ b/doc/sphinx/cryptography.rst @@ -116,7 +116,7 @@ HKDF to ensure that the result differs from other cases where we hash .. code-block:: none ver_secret := HKDF(kdf_id, "ver", keysize) - eddsa_priv := eddsa_d_to_a(ver_secret) + eddsa_priv := ver_secret eddsa_pub := get_EdDSA_Pub(eddsa_priv) @@ -128,13 +128,6 @@ HKDF to ensure that the result differs from other cases where we hash **ver_secret**: Derived key from the ``kdf_id``, serves as intermediate step for the generation of the private key. -**eddsa_d_to_a()**: Function which converts the ver_key to a valid EdDSA private key. Specifically, assuming the value ``eddsa_priv`` is in a 32-byte array "digest", the function clears and sets certain bits as follows: - -.. code-block:: c - - digest[0] = (digest[0] & 0x7f) | 0x40; - digest[31] &= 0xf8; - **eddsa_priv**: The generated EdDSA private key. **eddsa_pub**: The generated EdDSA public key. @@ -240,7 +233,9 @@ Signatures ---------- The EdDSA keys are used to sign the data sent from the client to the -server. Everything the client sends to server is signed. The following +server. This signature ensures that an adversary that observes the upload is not +able to upload a new version of the policy without knowing the user's identity attributes. +The signature is made over a hash of the request body. The following algorithm is equivalent for **Anastasis-Policy-Signature**. .. code-block:: none @@ -255,21 +250,6 @@ algorithm is equivalent for **Anastasis-Policy-Signature**. **ver_res**: A boolean value. True: Signature verification passed, False: Signature verification failed. -When requesting policy downloads, the client must also provide a signature: - -.. code-block:: none - - (anastasis-account-signature) := eddsa_sign(version, eddsa_priv) - ver_res := eddsa_verifiy(version, anastasis-account-signature, eddsa_pub) - -**anastasis-account-signature**: Signature over the SHA-512 hash of the body using the purpose code ``TALER_SIGNATURE_ANASTASIS_POLICY_DOWNLOAD`` (1401) (see GNUnet EdDSA signature API for the use of purpose). - -**version**: The version requested as a 64-bit integer, 2^64-1 for the "latest version". - -**ver_res**: A boolean value. True: Signature verification passed, False: Signature verification failed. - - - Availability Considerations ^^^^^^^^^^^^^^^^^^^^^^^^^^^ |