1
0

Let's swap a signature and a half of a nonce. And sign both a pub key and the half of a nonce.

This commit is contained in:
Alexander Andreev 2024-03-24 05:52:19 +04:00
parent 1afd678fd4
commit 944a81a8bf
Signed by: Arav
GPG Key ID: 25969B23DCB5CA34

View File

@ -113,12 +113,13 @@ unsigned char *crypt_hello(const crypt_key_t *const own) {
return NULL;
}
if (crypto_sign_detached(hello+CRYPT_PKEY_HEXLEN, NULL, (const unsigned char *)hello, CRYPT_PKEY_HEXLEN, own->sign_sec) == -1) {
randombytes_buf(hello+CRYPT_PKEY_HEXLEN, CRYPT_NONCEHALF_LEN);
if (crypto_sign_detached(hello+CRYPT_PKEY_HEXLEN+CRYPT_NONCEHALF_LEN, NULL, (const unsigned char *)hello, CRYPT_PKEY_HEXLEN+CRYPT_NONCEHALF_LEN, own->sign_sec) == -1) {
free(hello);
return NULL;
}
randombytes_buf(hello+CRYPT_PKEY_HEXLEN+CRYPT_SIGN_LEN, CRYPT_NONCEHALF_LEN);
return hello;
}
@ -127,7 +128,7 @@ int crypt_hello_verify(const unsigned char *const hello, crypt_key_t *const remo
if (crypt_key_from_hex_public(remote, (const char *const)hello) == -1)
return -1;
if (crypto_sign_verify_detached(hello+CRYPT_PKEY_HEXLEN, (const unsigned char *const)hello, CRYPT_PKEY_HEXLEN, remote->sign_pub))
if (crypto_sign_verify_detached(hello+CRYPT_PKEY_HEXLEN+CRYPT_NONCEHALF_LEN, (const unsigned char *const)hello, CRYPT_PKEY_HEXLEN+CRYPT_NONCEHALF_LEN, remote->sign_pub))
return -1;
return 0;