diff --git a/api/user.go b/api/user.go index ab8ccebd5284161a872e3c82cc9eab6e1fb1d8fe..7ed520a0ffd2d19b12c1af772713273f7fbd7210 100644 --- a/api/user.go +++ b/api/user.go @@ -104,12 +104,7 @@ func createDhKeys(rng *fastRNG.StreamGenerator, var err error rngStream := rng.GetStream() prime := e2e.GetPBytes() - // FIXME: Why 256 bits? -- this is spec but not - // explained, it has to do with optimizing operations - // on one side and still preserves decent security -- - // cite this. Why valid for BOTH e2e and cmix? - //keyLen := len(prime) - keyLen := 256 + keyLen := len(prime) e2eKeyBytes, err = csprng.GenerateInGroup(prime, keyLen, rngStream) rngStream.Close() @@ -153,11 +148,10 @@ func createDhKeys(rng *fastRNG.StreamGenerator, func createPrecannedUser(precannedID uint, rng csprng.Source, cmix, e2e *cyclic.Group) user.Info { // DH Keygen - // FIXME: Why 256 bits? -- this is spec but not explained, it has - // to do with optimizing operations on one side and still preserves - // decent security -- cite this. Why valid for BOTH e2e and cmix? prng := rand.New(rand.NewSource(int64(precannedID))) - e2eKeyBytes, err := csprng.GenerateInGroup(e2e.GetPBytes(), 256, prng) + prime := e2e.GetPBytes() + keyLen := len(prime) + e2eKeyBytes, err := csprng.GenerateInGroup(prime, keyLen, prng) if err != nil { jww.FATAL.Panicf(err.Error()) } @@ -192,10 +186,9 @@ func createPrecannedUser(precannedID uint, rng csprng.Source, cmix, func createNewVanityUser(rng csprng.Source, cmix, e2e *cyclic.Group, prefix string) user.Info { // DH Keygen - // FIXME: Why 256 bits? -- this is spec but not explained, it has - // to do with optimizing operations on one side and still preserves - // decent security -- cite this. Why valid for BOTH e2e and cmix? - e2eKeyBytes, err := csprng.GenerateInGroup(e2e.GetPBytes(), 256, rng) + prime := e2e.GetPBytes() + keyLen := len(prime) + e2eKeyBytes, err := csprng.GenerateInGroup(prime, keyLen, rng) if err != nil { jww.FATAL.Panicf(err.Error()) } diff --git a/cmix/nodes/register.go b/cmix/nodes/register.go index 9cd4502f04a1e9fd16269df09c07f0eb31a1d727..af18976e4402845ea513aae0e8ae400f6683bbb5 100644 --- a/cmix/nodes/register.go +++ b/cmix/nodes/register.go @@ -10,6 +10,10 @@ package nodes import ( "crypto/sha256" "encoding/hex" + "strconv" + "sync" + "time" + "github.com/golang/protobuf/proto" "github.com/pkg/errors" jww "github.com/spf13/jwalterweatherman" @@ -31,9 +35,6 @@ import ( "gitlab.com/xx_network/primitives/id" "gitlab.com/xx_network/primitives/ndf" "gitlab.com/xx_network/primitives/netTime" - "strconv" - "sync" - "time" ) func registerNodes(r *registrar, s storage.Session, stop *stoppable.Single, @@ -155,10 +156,9 @@ func requestKey(sender gateway.Sender, comms RegisterNodeCommsInterface, grp := r.session.GetCmixGroup() - // FIXME: Why 256 bits? -- this is spec but not explained, it has to do with - // optimizing operations on one side and still preserves decent security -- - // cite this. - dhPrivBytes, err := csprng.GenerateInGroup(grp.GetPBytes(), 256, rng) + prime := grp.GetPBytes() + keyLen := len(prime) + dhPrivBytes, err := csprng.GenerateInGroup(prime, keyLen, rng) if err != nil { return nil, nil, 0, err }