View Issue Details

Related ChangesetsJump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0009298GNUnetutil librarypublic2024-10-25 10:172024-10-29 20:56
Reporterfefe Assigned Toschanzen  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Target Version0.22.2Fixed in Version0.22.2 
Summary0009298: derive_h: salt is not random
DescriptionIn crypto_ecc_gnsrecord.c function derive_h:

 54 static const char *const salt = "key-derivation";

A salt is by definition random, not static.
At least add a comment here explaining what you are trying to do.

Similar situation in crypto_edx25519.c function derive_h:

223 static const char *const salt = "edx25519-derivation";
TagsNo tags attached.

Activities

schanzen

2024-10-25 13:57

administrator   ~0023599

Last edited: 2024-10-25 14:03

 This is a key derivation salt. As common in KDF salts (https://www.rfc-editor.org/rfc/rfc8446#section-7.1) the value primarily servers as a domain-separation for the underlying PRF of HKDF (which is HKDF-Extract/HMAC).
This has nothing to do with password hashing.
It is kind of unfortunate that HKDF calls this input value a salt, but it is what it is.

schanzen

2024-10-25 13:59

administrator   ~0023600

More context: https://crypto.stackexchange.com/questions/64150/hkdf-ikm-salt-and-info-values

schanzen

2024-10-29 13:22

administrator   ~0023617

Fix committed to master branch.

schanzen

2024-10-29 20:56

administrator   ~0023622

Released

Related Changesets

gnunet: master 57b21aa7

2024-10-29 14:21

schanzen


Details Diff		 util: Add comment on static non-random KDF salt values. Fixes 0009298 Affected Issues
0009298
mod - src/lib/util/crypto_ecc_gnsrecord.c Diff File
mod - src/lib/util/crypto_edx25519.c Diff File

Issue History

Date Modified Username Field Change
2024-10-25 10:17 fefe New Issue
2024-10-25 13:57 schanzen Note Added: 0023599
2024-10-25 13:59 schanzen Note Added: 0023600
2024-10-25 14:03 schanzen Note Edited: 0023599
2024-10-29 13:22 schanzen Changeset attached => gnunet master 57b21aa7
2024-10-29 13:22 schanzen Note Added: 0023617
2024-10-29 13:22 schanzen Assigned To => schanzen
2024-10-29 13:22 schanzen Status new => resolved
2024-10-29 13:22 schanzen Resolution open => fixed
2024-10-29 13:22 schanzen Fixed in Version => 0.22.2
2024-10-29 13:22 schanzen Target Version => 0.22.2
2024-10-29 20:56 schanzen Note Added: 0023622
2024-10-29 20:56 schanzen Status resolved => closed