aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--client/cmixclient.cpp10
-rw-r--r--client/cmixclient.hpp2
-rw-r--r--libcmix-crypto/api.h6
-rw-r--r--libcmix-crypto/curve25519/curve25519.c1
-rw-r--r--libcmix-crypto/elgamal/elgamal.c1
-rw-r--r--libcmix-crypto/elgamal/elgamal.h2
-rw-r--r--libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c19
-rw-r--r--node/node.cpp18
8 files changed, 39 insertions, 20 deletions
diff --git a/client/cmixclient.cpp b/client/cmixclient.cpp
index f05b200..3abe1eb 100644
--- a/client/cmixclient.cpp
+++ b/client/cmixclient.cpp
@@ -16,17 +16,17 @@ void CMixClient::key_exchange(size_t node_id) {
cmix_proto::KeyExchange ke;
ke.set_public_key(buffer, len);
-
- free(buffer);
+ api.free_buffer(buffer);
data.at(node_id).secret_value = api.get_group_element(true);
- void* shared_value = api.get_key_exchange_value(data.at(node_id).secret_value);
- api.element_to_array(&buffer, &len, shared_value);
+ GroupElement shared_value = api.get_key_exchange_value(data.at(node_id).secret_value);
+ api.element_to_array(&buffer, &len, shared_value);
ke.set_value(buffer, len);
+ api.free_buffer(buffer);
- free(buffer);
+ api.free_group_element(shared_value);
network_connections.at(node_id).async_send(ke);
network_connections.at(node_id).async_receive([node_id, this](cmix_proto::CMixMessage message) {
diff --git a/client/cmixclient.hpp b/client/cmixclient.hpp
index 2df754b..f1c726d 100644
--- a/client/cmixclient.hpp
+++ b/client/cmixclient.hpp
@@ -37,7 +37,7 @@ struct NetworkDetails {
class CMixClient {
struct NodeData {
- void* secret_value;
+ GroupElement secret_value;
SharedKey shared_value;
};
diff --git a/libcmix-crypto/api.h b/libcmix-crypto/api.h
index f50cee0..8c40d23 100644
--- a/libcmix-crypto/api.h
+++ b/libcmix-crypto/api.h
@@ -53,6 +53,11 @@ typedef void(*ElementToArray)(unsigned char**, size_t* size, GroupElement);
/*!
*
*/
+typedef void(*BufferDeleter)(void*);
+
+/*!
+ *
+ */
typedef GroupElement(*ArrayToElement)(char const*, size_t size, bool);
/*!
@@ -93,6 +98,7 @@ struct Api {
KeyPairCreator create_key_pair; ///< Pointer to keypair creation function
KeyPairDeleter free_key_pair; ///< Pointer to keypair deletor function
ElementToArray element_to_array; ///< Get the array representation of a public key
+ BufferDeleter free_buffer; ///< frees library allocated buffers.
ArrayToElement array_to_element; ///< The the GroupElement representation of this array;
GroupElementGetter get_group_element; ///< get group element
GroupElementDeleter free_group_element; ///< frees a base type of the cryptolibrary.
diff --git a/libcmix-crypto/curve25519/curve25519.c b/libcmix-crypto/curve25519/curve25519.c
index 1a83308..6eaaafc 100644
--- a/libcmix-crypto/curve25519/curve25519.c
+++ b/libcmix-crypto/curve25519/curve25519.c
@@ -14,6 +14,7 @@ struct Api get_curve25519_implementation()
NULL,
NULL,
NULL,
+ NULL,
&curve25519_add_public_share,
&curve25519_derive_shared_key,
&curve25519_shared_key_deleter,
diff --git a/libcmix-crypto/elgamal/elgamal.c b/libcmix-crypto/elgamal/elgamal.c
index 3ee86d7..336d974 100644
--- a/libcmix-crypto/elgamal/elgamal.c
+++ b/libcmix-crypto/elgamal/elgamal.c
@@ -8,6 +8,7 @@ struct Api get_elgamal_implementation()
elgamal_create_keypair,
elgamal_delete_keypair,
elgamal_element_to_array,
+ elgamal_free_buffer,
elgamal_array_to_element,
elgamal_get_group_element,
elgamal_delete_group_element,
diff --git a/libcmix-crypto/elgamal/elgamal.h b/libcmix-crypto/elgamal/elgamal.h
index 746b726..71046c5 100644
--- a/libcmix-crypto/elgamal/elgamal.h
+++ b/libcmix-crypto/elgamal/elgamal.h
@@ -18,6 +18,8 @@ extern KeyPairDeleter elgamal_delete_keypair;
extern ElementToArray elgamal_element_to_array;
+extern BufferDeleter elgamal_free_buffer;
+
extern ArrayToElement elgamal_array_to_element;
extern GroupElementGetter elgamal_get_group_element;
diff --git a/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c b/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c
index 1dd0690..a0512dd 100644
--- a/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c
+++ b/libcmix-crypto/elgamal/gcrypt/gcrypt_elgamal.c
@@ -67,7 +67,7 @@ struct KeyPair gcrypt_elgamal_create_keypair() {
gcry_error_t error;
void* bytes = gcry_random_bytes_secure(2048/8, GCRY_VERY_STRONG_RANDOM);
- gcry_mpi_t x = gcry_mpi_snew(2048);
+ gcry_mpi_t x;
error = gcry_mpi_scan(&x, GCRYMPI_FMT_USG, bytes, 2048/8, &parse_error_offset);
check(error);
@@ -105,12 +105,17 @@ void gcrypt_elgamal_element_to_array(unsigned char** buffer, size_t* len, void*
check(error);
}
+void gcrypt_elgamal_free_buffer(void* buffer) {
+ gcry_free(buffer);
+}
+
void* gcrypt_elgamal_array_to_element(char const* buffer, size_t len, bool secure) {
size_t error_pos;
gcry_error_t error;
- gcry_mpi_t mpi = secure ? gcry_mpi_snew(0) : gcry_mpi_new(0);
+ gcry_mpi_t mpi;
error = gcry_mpi_scan(&mpi, GCRYMPI_FMT_USG, buffer, len, &error_pos);
+ gcry_mpi_set_flag(mpi, GCRYMPI_FLAG_SECURE);
check(error);
return mpi;
@@ -121,8 +126,10 @@ void* gcrypt_elgamal_get_group_element(bool secure) {
gcry_error_t error;
void* bytes = gcry_random_bytes_secure(2048/8, GCRY_VERY_STRONG_RANDOM);
- gcry_mpi_t a = secure ? gcry_mpi_snew(2048) : gcry_mpi_new(2048);
+ gcry_mpi_t a;
error = gcry_mpi_scan(&a, GCRYMPI_FMT_USG, bytes, 2048/8, &parse_error_offset);
+ //random bytes generated with GCRY{,_VERY}_STRONG_RANDOM are generated in "secure memory"
+ //so secure is unused.
check(error);
gcry_free(bytes);
@@ -149,8 +156,6 @@ void gcrypt_elgamal_delete_group_element(void* el) {
gcry_mpi_release((gcry_mpi_t) el);
}
-
-
void gcrypt_elgamal_add_public_share(char** buffer, size_t* out_len, char const* share, size_t in_len, void* pubkey) {
gcry_error_t error;
@@ -167,6 +172,9 @@ void gcrypt_elgamal_add_public_share(char** buffer, size_t* out_len, char const*
error = gcry_mpi_aprint(GCRYMPI_FMT_USG, (unsigned char**) buffer, out_len, result);
check(error);
+
+ gcry_mpi_release(mpi_share);
+ gcry_mpi_release(result);
}
struct SharedKey gcrypt_elgamal_derive_shared_key(struct KeyPair keypair, unsigned char const* other_pub, size_t pub_len, unsigned char const* value, size_t value_len, void* priv_value, bool swap) {
@@ -227,6 +235,7 @@ Initializer elgamal_initialize = &gcrypt_elgamal_initialize;
KeyPairCreator elgamal_create_keypair = &gcrypt_elgamal_create_keypair;
KeyPairDeleter elgamal_delete_keypair = &gcrypt_elgamal_delete_keypair;
ElementToArray elgamal_element_to_array = &gcrypt_elgamal_element_to_array;
+BufferDeleter elgamal_free_buffer = &gcrypt_elgamal_free_buffer;
ArrayToElement elgamal_array_to_element = &gcrypt_elgamal_array_to_element;
GroupElementGetter elgamal_get_group_element = &gcrypt_elgamal_get_group_element;
GroupElementDeleter elgamal_delete_group_element = &gcrypt_elgamal_delete_group_element;
diff --git a/node/node.cpp b/node/node.cpp
index f5c8dbe..2e5fd32 100644
--- a/node/node.cpp
+++ b/node/node.cpp
@@ -93,7 +93,8 @@ void Node::handle_node_initialization(const cmix_proto::Initialization& init)
api.element_to_array(&data, &len, network_key);
sec.set_secret_key(data, len);
- free(data);
+
+ api.free_buffer(data);
next_node.async_send(sec);
} else {
@@ -104,7 +105,7 @@ void Node::handle_node_initialization(const cmix_proto::Initialization& init)
cmix_proto::Initialization init;
init.set_public_share(buffer, len);
- free(buffer);
+ api.free_buffer(buffer);
BOOST_LOG_TRIVIAL(trace) << "Sending intialization";
next_node.async_send(init);
@@ -156,11 +157,11 @@ void Node::handle_node_prepre(cmix_proto::PrePre const& pre) {
api.element_to_array(&buffer, &len, new_random_element);
prepre.add_r_er(buffer, len);
- free(buffer);
+ api.free_buffer(buffer);
api.element_to_array(&buffer, &len, new_message_element);
prepre.add_m_er(buffer, len);
- free(buffer);
+ api.free_buffer(buffer);
api.free_group_element(random_element);
api.free_group_element(message_element);
@@ -224,11 +225,11 @@ void Node::handle_client_keyexchange(ClientConnections::key_type handle, cmix_pr
api.element_to_array(&buffer, &len, keypair.pub);
exchange.set_public_key(buffer, len);
- free(buffer);
+ api.free_buffer(buffer);
api.element_to_array(&buffer, &len, ex_val);
exchange.set_value(buffer, len);
- free(buffer);
+ api.free_buffer(buffer);
api.free_group_element(ex_val);
@@ -339,15 +340,14 @@ void Node::start_precomputation() {
api.element_to_array(&buffer, &len, random_element);
prepre.add_m_er(buffer, len);
- free(buffer);
+ api.free_buffer(buffer);
api.element_to_array(&buffer, &len, message_element);
prepre.add_m_er(buffer, len);
- free(buffer);
+ api.free_buffer(buffer);
next_node.async_send(prepre);
- //ToDo generate permutation.
precomputation_data.emplace_back(MixData{r, s, pair.first, *perm_it++});
api.free_group_element(random_element);
generated by cgit v1.2.3-70-g09d2 (git 2.49.0) at 2025-12-16 11:54:47 +0000