phantom/mkp224o
1
0
Fork 0
mirror of https://github.com/cathugger/mkp224o.git synced 2025-01-25 02:02:57 -03:00
Code Issues Projects Releases Packages Wiki Activity Actions

reseed right half of sk in password case, some tweaks

Browse source
This commit is contained in:
cathugger 2019-02-13 23:07:53 +00:00
parent 02137f7ed4
commit 33007eadea
No known key found for this signature in database
GPG key ID: 9BADDA2DAF6F01A8
2 changed files with 26 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
common.h
View file

@ -19,7 +19,7 @@
// Argon2 hashed passphrase stretching settings // Argon2 hashed passphrase stretching settings
#define PWHASH_OPSLIMIT 256 #define PWHASH_OPSLIMIT 256
#define PWHASH_MEMLIMIT 64 * 1024 * 1024 #define PWHASH_MEMLIMIT 64 * 1024 * 1024
#define PWHASH_ALG crypto_pwhash_ALG_ARGON2ID13 #define PWHASH_ALG crypto_pwhash_ALG_ARGON2ID13
extern pthread_mutex_t fout_mutex; extern pthread_mutex_t fout_mutex;
extern FILE *fout; extern FILE *fout;

30
main.c
View file

@ -12,6 +12,7 @@
#include <sodium/core.h> #include <sodium/core.h>
#include <sodium/randombytes.h> #include <sodium/randombytes.h>
#ifdef PASSPHRASE #ifdef PASSPHRASE
#include <sodium/crypto_hash_sha256.h>
#include <sodium/crypto_pwhash.h> #include <sodium/crypto_pwhash.h>
#endif #endif
#include <sodium/utils.h> #include <sodium/utils.h>
@ -415,6 +416,19 @@ end:
} }
#ifdef PASSPHRASE #ifdef PASSPHRASE
static void reseedright(u8 sk[SECRET_LEN])
{
crypto_hash_sha256_state state;
crypto_hash_sha256_init(&state);
// old right side
crypto_hash_sha256_update(&state,&sk[32],32);
// new random data
randombytes(&sk[32],32);
crypto_hash_sha256_update(&state,&sk[32],32);
// put result in right side
crypto_hash_sha256_final(&state,&sk[32]);
}
static void *dofastworkdeterministic(void *task) static void *dofastworkdeterministic(void *task)
{ {
union pubonionunion pubonion; union pubonionunion pubonion;
@ -451,6 +465,10 @@ initseed:
memcpy(seed, determseed, SEED_LEN); memcpy(seed, determseed, SEED_LEN);
pthread_mutex_unlock(&determseed_mutex); pthread_mutex_unlock(&determseed_mutex);
ed25519_seckey_expand(sk,seed); ed25519_seckey_expand(sk,seed);
// reseed right half of key with some random data to have more entropy
reseedright(sk);
#ifdef STATISTICS #ifdef STATISTICS
++st->numrestart.v; ++st->numrestart.v;
#endif #endif
@ -496,7 +514,9 @@ initseed:
strcpy(base32_to(&sname[direndpos],pk,PUBONION_LEN),".onion"); strcpy(base32_to(&sname[direndpos],pk,PUBONION_LEN),".onion");
onionready(sname,secret,pubonion.raw); onionready(sname,secret,pubonion.raw);
pk[PUBLIC_LEN] = 0; // what is this for? pk[PUBLIC_LEN] = 0; // what is this for?
// TODO reseed right half of key
// reseed right half of key to avoid reuse, it won't change public key anyway
reseedright(sk);
}); });
next: next:
ge_add(&sum, &ge_public,&ge_eightpoint); ge_add(&sum, &ge_public,&ge_eightpoint);
@ -1008,10 +1028,10 @@ int main(int argc,char **argv)
yamlout_init(); yamlout_init();
pthread_mutex_init(&keysgenerated_mutex,0); pthread_mutex_init(&keysgenerated_mutex,0);
pthread_mutex_init(&fout_mutex,0);
#ifdef PASSPHRASE #ifdef PASSPHRASE
pthread_mutex_init(&determseed_mutex,0); pthread_mutex_init(&determseed_mutex,0);
#endif #endif
pthread_mutex_init(&fout_mutex,0);
if (numthreads <= 0) { if (numthreads <= 0) {
numthreads = cpucount(); numthreads = cpucount();
@ -1167,11 +1187,11 @@ int main(int argc,char **argv)
if (yamloutput) if (yamloutput)
yamlout_clean(); yamlout_clean();
pthread_mutex_destroy(&keysgenerated_mutex);
pthread_mutex_destroy(&fout_mutex);
#ifdef PASSPHRASE #ifdef PASSPHRASE
pthread_attr_destroy(&determseed_mutex); pthread_mutex_destroy(&determseed_mutex);
#endif #endif
pthread_mutex_destroy(&fout_mutex);
pthread_mutex_destroy(&keysgenerated_mutex);
done: done:
filters_clean(); filters_clean();