From f15b16e7fb9f437b35dffac3e7ba7a449bb78af7 Mon Sep 17 00:00:00 2001 From: Lee Bousfield Date: Thu, 8 Nov 2018 14:02:23 -0600 Subject: [PATCH] Make signatures non-deterministic (#1353) --- ed25519-donna/ed25519.c | 5 ++++- rai/core_test/interface.cpp | 7 ++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/ed25519-donna/ed25519.c b/ed25519-donna/ed25519.c index 58a755b8..ad31d118 100644 --- a/ed25519-donna/ed25519.c +++ b/ed25519-donna/ed25519.c @@ -61,12 +61,15 @@ ED25519_FN(ed25519_sign) (const unsigned char *m, size_t mlen, const ed25519_sec bignum256modm r, S, a; ge25519 ALIGN(16) R; hash_512bits extsk, hashr, hram; + unsigned char randr[32]; ed25519_extsk(extsk, sk); - /* r = H(aExt[32..64], m) */ + /* r = H(aExt[32..64], randr, m) */ ed25519_hash_init(&ctx); ed25519_hash_update(&ctx, extsk + 32, 32); + ed25519_randombytes_unsafe(randr, 32); + ed25519_hash_update(&ctx, randr, 32); ed25519_hash_update(&ctx, m, mlen); ed25519_hash_final(&ctx, hashr); expand256_modm(r, hashr, 64); diff --git a/rai/core_test/interface.cpp b/rai/core_test/interface.cpp index d7197294..c6e2ce03 100644 --- a/rai/core_test/interface.cpp +++ b/rai/core_test/interface.cpp @@ -103,7 +103,8 @@ TEST (interface, sign_transaction) ASSERT_FALSE (rai::validate_message (pub, send.hash (), send.signature)); send.signature.bytes[0] ^= 1; ASSERT_TRUE (rai::validate_message (pub, send.hash (), send.signature)); - auto transaction (xrb_sign_transaction (send.to_json ().c_str (), key.data.bytes.data ())); + auto send_json (send.to_json ()); + auto transaction (xrb_sign_transaction (send_json.c_str (), key.data.bytes.data ())); boost::property_tree::ptree block_l; std::string transaction_l (transaction); std::stringstream block_stream (transaction_l); @@ -113,7 +114,11 @@ TEST (interface, sign_transaction) auto send1 (dynamic_cast (block.get ())); ASSERT_NE (nullptr, send1); ASSERT_FALSE (rai::validate_message (pub, send.hash (), send1->signature)); + // Signatures should be non-deterministic + auto transaction2 (xrb_sign_transaction (send_json.c_str (), key.data.bytes.data ())); + ASSERT_NE (0, strcmp (transaction, transaction2)); free (transaction); + free (transaction2); } TEST (interface, fail_sign_transaction)