mirror of
https://github.com/meshcore-dev/MeshCore.git
synced 2026-04-20 22:13:47 +00:00
Revert identity change
This commit is contained in:
Alex Wolden
parent
86389579eb
commit
0fc85b8c59
2 changed files with 7 additions and 60 deletions
|
|
@ -349,9 +349,9 @@ build_flags =
|
|||
-D P_LORA_TX_LED=2 ; LED pin for TX indication
|
||||
-D PIN_VBAT_READ=35 ; Battery voltage reading (analog pin)
|
||||
-D RADIO_CLASS=CustomSX1276
|
||||
-D ARDUINO_LOOP_STACK_SIZE=16384
|
||||
-D WRAPPER_CLASS=CustomSX1276Wrapper
|
||||
-D LORA_TX_POWER=20
|
||||
-D USE_ESP32_ENCRYPTION=true
|
||||
|
||||
; =============
|
||||
[LilyGo_T3S3_sx1262]
|
||||
|
|
|
|||
|
|
@ -3,11 +3,6 @@
|
|||
#define ED25519_NO_SEED 1
|
||||
#include <ed_25519.h>
|
||||
|
||||
// For weaker ESP32 boards, we use libsodium for cryptographic operations to reduce stack usage
|
||||
#ifdef USE_ESP32_ENCRYPTION
|
||||
#include <sodium.h>
|
||||
#endif
|
||||
|
||||
namespace mesh {
|
||||
|
||||
Identity::Identity() {
|
||||
|
|
@ -19,11 +14,7 @@ Identity::Identity(const char* pub_hex) {
|
|||
}
|
||||
|
||||
bool Identity::verify(const uint8_t* sig, const uint8_t* message, int msg_len) const {
|
||||
#ifdef USE_ESP32_ENCRYPTION
|
||||
return crypto_sign_ed25519_verify_detached(sig, message, msg_len, pub_key) == 0;
|
||||
#else
|
||||
return ed25519_verify(sig, message, msg_len, pub_key);
|
||||
#endif
|
||||
return ed25519_verify(sig, message, msg_len, pub_key);
|
||||
}
|
||||
|
||||
bool Identity::readFrom(Stream& s) {
|
||||
|
|
@ -41,7 +32,6 @@ void Identity::printTo(Stream& s) const {
|
|||
LocalIdentity::LocalIdentity() {
|
||||
memset(prv_key, 0, sizeof(prv_key));
|
||||
}
|
||||
|
||||
LocalIdentity::LocalIdentity(const char* prv_hex, const char* pub_hex) : Identity(pub_hex) {
|
||||
Utils::fromHex(prv_key, PRV_KEY_SIZE, prv_hex);
|
||||
}
|
||||
|
|
@ -49,21 +39,7 @@ LocalIdentity::LocalIdentity(const char* prv_hex, const char* pub_hex) : Identit
|
|||
LocalIdentity::LocalIdentity(RNG* rng) {
|
||||
uint8_t seed[SEED_SIZE];
|
||||
rng->random(seed, SEED_SIZE);
|
||||
|
||||
#ifdef USE_ESP32_ENCRYPTION
|
||||
// Use libsodium for keypair generation on ESP32 to reduce stack usage
|
||||
// NOTE: Format differences between implementations:
|
||||
// - The current ed25519 implementation (orlp/ed25519) uses a 64-byte private key format
|
||||
// - Libsodium also uses a 64-byte format for Ed25519 secret keys, where:
|
||||
// * First 32 bytes: the actual private key seed
|
||||
// * Last 32 bytes: the corresponding public key
|
||||
|
||||
// Generate keypair using libsodium with the provided seed
|
||||
// This avoids the deep stack usage of the default implementation
|
||||
crypto_sign_ed25519_seed_keypair(pub_key, prv_key, seed);
|
||||
#else
|
||||
ed25519_create_keypair(pub_key, prv_key, seed);
|
||||
#endif
|
||||
ed25519_create_keypair(pub_key, prv_key, seed);
|
||||
}
|
||||
|
||||
bool LocalIdentity::readFrom(Stream& s) {
|
||||
|
|
@ -101,46 +77,17 @@ void LocalIdentity::readFrom(const uint8_t* src, size_t len) {
|
|||
memcpy(pub_key, &src[PRV_KEY_SIZE], PUB_KEY_SIZE);
|
||||
} else if (len == PRV_KEY_SIZE) {
|
||||
memcpy(prv_key, src, PRV_KEY_SIZE);
|
||||
|
||||
#ifdef USE_ESP32_ENCRYPTION
|
||||
// In libsodium, the private key already contains the public key in its last 32 bytes
|
||||
// We can just extract it directly, avoiding the expensive derivation calculation
|
||||
memcpy(pub_key, prv_key + 32, 32);
|
||||
#else
|
||||
// now need to re-calculate the pub_key
|
||||
ed25519_derive_pub(pub_key, prv_key);
|
||||
#endif
|
||||
// now need to re-calculate the pub_key
|
||||
ed25519_derive_pub(pub_key, prv_key);
|
||||
}
|
||||
}
|
||||
|
||||
void LocalIdentity::sign(uint8_t* sig, const uint8_t* message, int msg_len) const {
|
||||
#ifdef USE_ESP32_ENCRYPTION
|
||||
crypto_sign_ed25519_detached(sig, NULL, message, msg_len, prv_key);
|
||||
#else
|
||||
ed25519_sign(sig, message, msg_len, pub_key, prv_key);
|
||||
#endif
|
||||
ed25519_sign(sig, message, msg_len, pub_key, prv_key);
|
||||
}
|
||||
|
||||
void LocalIdentity::calcSharedSecret(uint8_t* secret, const uint8_t* other_pub_key) {
|
||||
#ifdef USE_ESP32_ENCRYPTION
|
||||
// NOTE: To calculate a shared secret with Ed25519 keys and libsodium, we need to:
|
||||
// Convert the Ed25519 keys to Curve25519 (X25519) format
|
||||
// Perform the key exchange using the converted keys
|
||||
//
|
||||
// The default implementation handles this conversion internally,
|
||||
// but with libsodium we need to do these steps explicitly.
|
||||
unsigned char x25519_pk[crypto_scalarmult_curve25519_BYTES];
|
||||
unsigned char x25519_sk[crypto_scalarmult_curve25519_BYTES];
|
||||
|
||||
// Convert Ed25519 keys to Curve25519 keys for ECDH
|
||||
crypto_sign_ed25519_pk_to_curve25519(x25519_pk, other_pub_key);
|
||||
crypto_sign_ed25519_sk_to_curve25519(x25519_sk, prv_key);
|
||||
|
||||
// Calculate shared secret using X25519
|
||||
crypto_scalarmult_curve25519(secret, x25519_sk, x25519_pk);
|
||||
#else
|
||||
ed25519_key_exchange(secret, other_pub_key, prv_key);
|
||||
#endif
|
||||
ed25519_key_exchange(secret, other_pub_key, prv_key);
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue