| 1 | |
|---|---|
| 2 | static gpg_error_t |
| 3 | compute_master_secret (unsigned char *master, size_t masterlen, |
| 4 | const unsigned char *sk_a, size_t sk_a_len, |
| 5 | const unsigned char *pk_b, size_t pk_b_len) |
| 6 | { |
| 7 | gpg_error_t err; |
| 8 | gcry_sexp_t s_sk_a = NULL; |
| 9 | gcry_sexp_t s_pk_b = NULL; |
| 10 | gcry_sexp_t s_shared = NULL; |
| 11 | gcry_sexp_t s_tmp; |
| 12 | const char *s; |
| 13 | size_t n; |
| 14 | |
| 15 | log_assert (masterlen == 32); |
| 16 | |
| 17 | err = gcry_sexp_build (&s_sk_a, NULL, "%b", (int)sk_a_len, sk_a); |
| 18 | if (!err) |
| 19 | err = gcry_sexp_build (&s_pk_b, NULL, |
| 20 | "(public-key(ecdh(curve Curve25519)" |
| 21 | " (flags djb-tweak)(q%b)))", |
| 22 | (int)pk_b_len, pk_b); |
| 23 | if (err) |
| 24 | { |
| 25 | log_error ("error building S-expression: %s\n", gpg_strerror (err)); |
| 26 | goto leave; |
| 27 | } |
| 28 | |
| 29 | err = gcry_pk_encrypt (&s_shared, s_sk_a, s_pk_b); |
| 30 | if (err) |
| 31 | { |
| 32 | log_error ("error computing DH: %s\n", gpg_strerror (err)); |
| 33 | goto leave; |
| 34 | } |
| 35 | /* gcry_log_debugsxp ("sk_a", s_sk_a); */ |
| 36 | /* gcry_log_debugsxp ("pk_b", s_pk_b); */ |
| 37 | /* gcry_log_debugsxp ("shared", s_shared); */ |
| 38 | |
| 39 | s_tmp = gcry_sexp_find_token (s_shared, "s", 0); |
| 40 | if (!s_tmp || !(s = gcry_sexp_nth_data (s_tmp, 1, &n)) |
| 41 | || n != 33 || s[0] != 0x40) |
| 42 | { |
| 43 | err = gpg_error (GPG_ERR_INTERNAL); |
| 44 | log_error ("error computing DH: %s\n", gpg_strerror (err)); |
| 45 | goto leave; |
| 46 | } |
| 47 | memcpy (master, s+1, 32); |
| 48 | |
| 49 | |
| 50 | leave: |
| 51 | gcry_sexp_release (s_sk_a); |
| 52 | gcry_sexp_release (s_pk_b); |
| 53 | gcry_sexp_release (s_shared); |
| 54 | return err; |
| 55 | } |
Paste P7
X25519 the ugly way
X25519 the ugly way
Authored by werner on Oct 25 2018, 1:15 PM.
Tags
None
Subscribers
None