lukechilds
/
ethminer
mirror of https://github.com/lukechilds/ethminer.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge branch 'develop' of github.com:ethereum/cpp-ethereum into develop

cl-refactor
Gav Wood 10 years ago
parent
c8bbf5a0b0 053e3b1cc1
commit
479f0fde4f
5 changed files with 1 additions and 198 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 31
      libdevcrypto/AES.cpp
  2. 62
      libdevcrypto/AES.h
  3. 59
      libdevcrypto/ECDHE.cpp
  4. 35
      libdevcrypto/ECDHE.h
  5. 12
      test/libdevcrypto/AES.cpp

31
libdevcrypto/AES.cpp
View File

@ -25,39 +25,8 @@
using namespace std;
using namespace dev;
using namespace dev::crypto;
using namespace dev::crypto::aes;
using namespace CryptoPP;
struct aes::Aes128Ctr
{
Aes128Ctr(h128 _k)
{
mode.SetKeyWithIV(_k.data(), sizeof(h128), Nonce::get().data());
}
CTR_Mode<AES>::Encryption mode;
};
Stream::Stream(StreamType, h128 _ckey):
m_cSecret(_ckey)
{
cryptor = new Aes128Ctr(_ckey);
}
Stream::~Stream()
{
delete cryptor;
}
void Stream::update(bytesRef)
{
}
size_t Stream::streamOut(bytes&)
{
return 0;
}
bytes dev::aesDecrypt(bytesConstRef _ivCipher, std::string const& _password, unsigned _rounds, bytesConstRef _salt)
{
bytes pw = asBytes(_password);

62
libdevcrypto/AES.h
View File

@ -24,71 +24,11 @@
#pragma once
#include <atomic>
#include "Common.h"
namespace dev
{
namespace crypto
{
namespace aes
{
struct Aes128Ctr;
enum StreamType { Encrypt, Decrypt };
/**
* @brief Encrypted stream
*/
class Stream
{
public:
// streamtype maybe irrelevant w/ctr
Stream(StreamType _t, h128 _ckey);
~Stream();
virtual void update(bytesRef io_bytes);
/// Move ciphertext to _bytes.
virtual size_t streamOut(bytes& o_bytes);
private:
Stream(Stream const&) = delete;
Stream& operator=(Stream const&) = delete;
h128 m_cSecret;
bytes m_text;
Aes128Ctr* cryptor;
};
/**
* @brief Encrypted stream with inband SHA3 mac at specific interval.
*/
class AuthenticatedStream: public Stream
{
public:
AuthenticatedStream(StreamType _t, h128 _ckey, h128 _mackey, unsigned _interval): Stream(_t, _ckey), m_macSecret(_mackey) { m_macInterval = _interval; }
AuthenticatedStream(StreamType _t, Secret const& _s, unsigned _interval): Stream(_t, h128(_s)), m_macSecret(FixedHash<16>((byte const*)_s.data()+16,h128::ConstructFromPointer)) { m_macInterval = _interval; }
/// Adjust mac interval. Next mac will be xored with value.
void adjustInterval(unsigned _interval) { m_macInterval = _interval; }
unsigned getMacInterval() { return m_macInterval;}
private:
AuthenticatedStream(AuthenticatedStream const&) = delete;
AuthenticatedStream& operator=(AuthenticatedStream const&) = delete;
std::atomic<unsigned> m_macInterval;
h128 m_macSecret;
};
}
}
bytes aesDecrypt(bytesConstRef _cipher, std::string const& _password, unsigned _rounds = 2000, bytesConstRef _salt = bytesConstRef());
}
}

59
libdevcrypto/ECDHE.cpp
View File

@ -44,62 +44,3 @@ void ECDHE::agree(Public const& _remote, Secret& o_sharedSecret) const
s_secp256k1.agree(m_ephemeral.sec(), m_remoteEphemeral, o_sharedSecret);
}
void ECDHEKeyExchange::agree(Public const& _remoteEphemeral)
{
s_secp256k1.agree(m_ephemeral.sec(), _remoteEphemeral, m_ephemeralSecret);
}
void ECDHEKeyExchange::exchange(bytes& o_exchange)
{
if (!m_ephemeralSecret)
// didn't agree on public remote
BOOST_THROW_EXCEPTION(InvalidState());
// The key exchange payload is in two parts and is encrypted
// using ephemeral keypair.
//
// The first part is the 'prefix' which is a zero-knowledge proof
// allowing the remote to resume or emplace a previous session.
// If a session previously exists:
// prefix is sha3(token) // todo: ephemeral entropy from both sides
// If a session doesn't exist:
// prefix is sha3(m_ephemeralSecret)
//
// The second part is encrypted using the public key which relates to the prefix.
Public encpk = m_known.first ? m_known.first : m_remoteEphemeral;
bytes exchange(encpk.asBytes());
// This is the public key which we would like the remote to use,
// which maybe different than the previously-known public key.
//
// Here we should pick an appropriate alias or generate a new one,
// but for now, we use static alias passed to constructor.
//
Public p = toPublic(m_alias.m_secret);
exchange.resize(exchange.size() + sizeof(p));
memcpy(&exchange[exchange.size() - sizeof(p)], p.data(), sizeof(p));
// protocol parameters; should be fixed size
bytes v(1, 0x80);
exchange.resize(exchange.size() + v.size());
memcpy(&exchange[exchange.size() - v.size()], v.data(), v.size());
h256 auth;
sha3mac(m_alias.m_secret.ref(), m_ephemeralSecret.ref(), auth.ref());
Signature sig = s_secp256k1.sign(m_alias.m_secret, auth);
exchange.resize(exchange.size() + sizeof(sig));
memcpy(&exchange[exchange.size() - sizeof(sig)], sig.data(), sizeof(sig));
aes::AuthenticatedStream aes(aes::Encrypt, m_ephemeralSecret, 0);
h256 prefix(sha3(m_known.second ? m_known.second : (h256)m_remoteEphemeral));
aes.update(prefix.ref());
s_secp256k1.encrypt(encpk, exchange);
aes.update(&exchange);
aes.streamOut(o_exchange);
}

35
libdevcrypto/ECDHE.h
View File

@ -38,7 +38,6 @@ using AliasSession = std::pair<Public,h256>;
*/
class Alias
{
friend class ECDHEKeyExchange; // todo: remove
public:
Alias(Secret _s): m_secret(_s) {};
@ -77,40 +76,6 @@ protected:
mutable Public m_remoteEphemeral; ///< Public key of remote; parameter. Set once when agree is called, otherwise immutable.
};
/**
* @brief Secure exchange of static keys.
* Key exchange is encrypted with public key of remote and then encrypted by block cipher. For a blind remote the ecdhe public key is used to encrypt exchange, and for a known remote the known public key is used. The block cipher key is derived from ecdhe shared secret.
*
* Usage: Agree -> Exchange -> Authenticate
*/
class ECDHEKeyExchange: private ECDHE
{
public:
/// Exchange with unknown remote (pass public key for ingress exchange)
ECDHEKeyExchange(Alias& _k): m_alias(_k) {}
/// Exchange with known remote
ECDHEKeyExchange(Alias& _k, AliasSession _known): m_alias(_k), m_known(_known) {}
/// Provide public key for dh agreement to generate shared secret.
void agree(Public const& _remoteEphemeral);
/// @returns encrypted payload of key exchange
void exchange(bytes& o_exchange);
/// Decrypt payload, check mac, check trust, decrypt exchange, authenticate exchange, verify version, verify signature, and if no failure occurs, update or creats trust and derive session-shared-secret.
bool authenticate(bytes _exchangeIn);
private:
Secret m_ephemeralSecret;
Alias m_alias;
AliasSession m_known;
Secret m_sharedAliasSecret;
FixedHash<16> m_sharedC;
FixedHash<16> m_sharedM;
};
}
}

12
test/libdevcrypto/AES.cpp
View File

@ -75,18 +75,6 @@ BOOST_AUTO_TEST_CASE(AesDecryptFailInvalidSeed2)
bytes seed = fromHex("000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f");
BOOST_CHECK(bytes() == aesDecrypt(&seed, "test"));
}
BOOST_AUTO_TEST_CASE(AuthenticatedStreamConstructor)
{
cout << "AuthenticatedStreamConstructor" << endl;
Secret const sec(dev::sha3("test"));
crypto::aes::AuthenticatedStream as(crypto::aes::Encrypt, sec, 0);
BOOST_CHECK(as.getMacInterval() == 0);
as.adjustInterval(1);
BOOST_CHECK(as.getMacInterval() == 1);
crypto::aes::AuthenticatedStream as_mac(crypto::aes::Encrypt, h128(), h128(), 42);
BOOST_CHECK(as_mac.getMacInterval() == 42);
}
BOOST_AUTO_TEST_SUITE_END()

Write Preview
Loading…
Cancel
Save