diff options
Diffstat (limited to 'src/crypto/crypto.cpp')
| -rw-r--r-- | src/crypto/crypto.cpp | 35 |
1 files changed, 21 insertions, 14 deletions
diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp index 494027560..f4ef751d3 100644 --- a/src/crypto/crypto.cpp +++ b/src/crypto/crypto.cpp @@ -70,8 +70,6 @@ namespace crypto { #include "random.h" } - boost::mutex random_lock; - static inline unsigned char *operator &(ec_point &point) { return &reinterpret_cast<unsigned char &>(point); } @@ -88,6 +86,13 @@ namespace crypto { return &reinterpret_cast<const unsigned char &>(scalar); } + void generate_random_bytes_thread_safe(size_t N, uint8_t *bytes) + { + static boost::mutex random_lock; + boost::lock_guard<boost::mutex> lock(random_lock); + generate_random_bytes_not_thread_safe(N, bytes); + } + /* generate a random 32-byte (256-bit) integer and copy it to res */ static inline void random_scalar_not_thread_safe(ec_scalar &res) { unsigned char tmp[64]; @@ -96,8 +101,10 @@ namespace crypto { memcpy(&res, tmp, 32); } static inline void random_scalar(ec_scalar &res) { - boost::lock_guard<boost::mutex> lock(random_lock); - random_scalar_not_thread_safe(res); + unsigned char tmp[64]; + generate_random_bytes_thread_safe(64, tmp); + sc_reduce(tmp); + memcpy(&res, tmp, 32); } void hash_to_scalar(const void *data, size_t length, ec_scalar &res) { @@ -124,9 +131,9 @@ namespace crypto { random_scalar(rng); } sec = rng; - sc_reduce32(&sec); // reduce in case second round of keys (sendkeys) + sc_reduce32(&unwrap(sec)); // reduce in case second round of keys (sendkeys) - ge_scalarmult_base(&point, &sec); + ge_scalarmult_base(&point, &unwrap(sec)); ge_p3_tobytes(&pub, &point); return rng; @@ -139,10 +146,10 @@ namespace crypto { bool crypto_ops::secret_key_to_public_key(const secret_key &sec, public_key &pub) { ge_p3 point; - if (sc_check(&sec) != 0) { + if (sc_check(&unwrap(sec)) != 0) { return false; } - ge_scalarmult_base(&point, &sec); + ge_scalarmult_base(&point, &unwrap(sec)); ge_p3_tobytes(&pub, &point); return true; } @@ -155,7 +162,7 @@ namespace crypto { if (ge_frombytes_vartime(&point, &key1) != 0) { return false; } - ge_scalarmult(&point2, &key2, &point); + ge_scalarmult(&point2, &unwrap(key2), &point); ge_mul8(&point3, &point2); ge_p1p1_to_p2(&point2, &point3); ge_tobytes(&derivation, &point2); @@ -199,7 +206,7 @@ namespace crypto { ec_scalar scalar; assert(sc_check(&base) == 0); derivation_to_scalar(derivation, output_index, scalar); - sc_add(&derived_key, &base, &scalar); + sc_add(&unwrap(derived_key), &unwrap(base), &scalar); } bool crypto_ops::derive_subaddress_public_key(const public_key &out_key, const key_derivation &derivation, std::size_t output_index, public_key &derived_key) { @@ -254,7 +261,7 @@ namespace crypto { ge_scalarmult_base(&tmp3, &k); ge_p3_tobytes(&buf.comm, &tmp3); hash_to_scalar(&buf, sizeof(s_comm), sig.c); - sc_mulsub(&sig.r, &sig.c, &sec, &k); + sc_mulsub(&sig.r, &sig.c, &unwrap(sec), &k); } bool crypto_ops::check_signature(const hash &prefix_hash, const public_key &pub, const signature &sig) { @@ -347,7 +354,7 @@ namespace crypto { hash_to_scalar(&buf, sizeof(buf), sig.c); // sig.r = k - sig.c*r - sc_mulsub(&sig.r, &sig.c, &r, &k); + sc_mulsub(&sig.r, &sig.c, &unwrap(r), &k); } bool crypto_ops::check_tx_proof(const hash &prefix_hash, const public_key &R, const public_key &A, const boost::optional<public_key> &B, const public_key &D, const signature &sig) { @@ -451,7 +458,7 @@ namespace crypto { ge_p2 point2; assert(sc_check(&sec) == 0); hash_to_ec(pub, point); - ge_scalarmult(&point2, &sec, &point); + ge_scalarmult(&point2, &unwrap(sec), &point); ge_tobytes(&image, &point2); } @@ -530,7 +537,7 @@ POP_WARNINGS } hash_to_scalar(buf.get(), rs_comm_size(pubs_count), h); sc_sub(&sig[sec_index].c, &h, &sum); - sc_mulsub(&sig[sec_index].r, &sig[sec_index].c, &sec, &k); + sc_mulsub(&sig[sec_index].r, &sig[sec_index].c, &unwrap(sec), &k); } bool crypto_ops::check_ring_signature(const hash &prefix_hash, const key_image &image, |