lukechilds
/
ethminer
mirror of https://github.com/lukechilds/ethminer.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

aes-ctr secrets

cl-refactor
subtly 10 years ago
parent
6efe450ef8
commit
589fecc866
3 changed files with 18 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 3
      libdevcrypto/EC.h
  2. 1
      libdevcrypto/ECDHE.cpp
  3. 26
      libdevcrypto/ECDHE.h

3
libdevcrypto/EC.h
View File

@ -31,9 +31,6 @@ namespace dev
namespace crypto namespace crypto
{ {
//class ECDHETKeyExchange;
// 256-bit sha3(k) || Public = 84
using PublicTrustNonce = h256; using PublicTrustNonce = h256;
typedef std::pair<PublicTrustNonce,Public> PublicTrust; typedef std::pair<PublicTrustNonce,Public> PublicTrust;

1
libdevcrypto/ECDHE.cpp
View File

@ -65,4 +65,3 @@ bool ECDHETKeyExchange::authenticate(bytes _exchangeIn)
} }

26
libdevcrypto/ECDHE.h
View File

@ -58,10 +58,10 @@ private:
class ECDHETKeyExchange class ECDHETKeyExchange
{ {
public: public:
/// Blind key exchange. KeyPair trusts will be updated if successful. /// Blind key exchange. KeyPair trusts are updated if successful.
ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust); ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust);
/// Trusted key exchange. Upon success, KeyPair trusts will be updated. /// Trusted key exchange. Upon success, KeyPair trusts are updated.
ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust, Address _remote); ECDHETKeyExchange(ECDHE const& _ecdhe, ECKeyPair* _keyTrust, Address _remote);
/// Authentication for trusted remote, blind trust, or disconnect. /// Authentication for trusted remote, blind trust, or disconnect.
@ -87,20 +87,30 @@ public:
bytes exchange(); bytes exchange();
/// Decrypts payload, checks mac, checks trust, decrypts exchange, authenticates exchange, verifies version, verifies signature, and if no failures occur, updates or creats trust and derives trusted-shared-secret. /// Decrypts payload, checks mac, checks trust, decrypts exchange, authenticates exchange, verifies version, verifies signature, and if no failures occur, updates or creats trust and derives trusted-shared-secret.
/// New ECDH agreement is created with trusted public keys.
/// _out = E(m_trustedC, _out)
/// E = AES in CTR mode (todo: nonce)
/// sigk = k from exchange signature sent
/// sigr = r from exchange signature received
/// K = sha3(ecdheTrusted.secret||(sha3(sigk)⊕sha3(sigr))
/// m_trustedC = K[0..127]
/// m_trustedM = K[128..255]
bool authenticate(bytes _exchangeIn); bool authenticate(bytes _exchangeIn);
/// Encrypts message; @returns e(k,m). /// Places ciphertext in _out, zeros _in, and upates _mac. MAC is finalized and appended to _out if _finalmac is true.
void encrypt(); void blockEncrypt(bytes* _in, bytes* _out, h256* _mac, bool _finalmac);
/// Signs message then encrypts; @returns e(k,sign(k,sha3(m))||m).
bytes signEncrypt(bytes _m);
private: private:
/// Encrypt message using current m_trust public key. During blind trust key exchange the remote ephemeral public key is used.
void encrypt();
bool blind; bool blind;
ECDHE const& m_ecdhe; ECDHE const& m_ecdhe;
ECKeyPair* m_keypair; ECKeyPair* m_keypair;
PublicTrust m_trust; PublicTrust m_trust;
ECDHE m_ecdheTrusted;
FixedHash<16> m_trustedC;
FixedHash<16> m_trustedM;
}; };
} }

Write Preview
Loading…
Cancel
Save