From e7f4a10e544e97f5ac532bf2afffcb616a53c4dd Mon Sep 17 00:00:00 2001
From: "Richard T. Carback III" <rick.carback@gmail.com>
Date: Thu, 14 Apr 2022 16:18:36 +0000
Subject: [PATCH] Remove all 256 bit key generation in client

---
 api/user.go            | 21 +++++++--------------
 cmix/nodes/register.go | 14 +++++++-------
 2 files changed, 14 insertions(+), 21 deletions(-)

diff --git a/api/user.go b/api/user.go
index ab8ccebd5..7ed520a0f 100644
--- a/api/user.go
+++ b/api/user.go
@@ -104,12 +104,7 @@ func createDhKeys(rng *fastRNG.StreamGenerator,
 		var err error
 		rngStream := rng.GetStream()
 		prime := e2e.GetPBytes()
-		// FIXME: Why 256 bits? -- this is spec but not
-		// explained, it has to do with optimizing operations
-		// on one side and still preserves decent security --
-		// cite this. Why valid for BOTH e2e and cmix?
-		//keyLen := len(prime)
-		keyLen := 256
+		keyLen := len(prime)
 		e2eKeyBytes, err = csprng.GenerateInGroup(prime, keyLen,
 			rngStream)
 		rngStream.Close()
@@ -153,11 +148,10 @@ func createDhKeys(rng *fastRNG.StreamGenerator,
 func createPrecannedUser(precannedID uint, rng csprng.Source, cmix,
 	e2e *cyclic.Group) user.Info {
 	// DH Keygen
-	// FIXME: Why 256 bits? -- this is spec but not explained, it has
-	// to do with optimizing operations on one side and still preserves
-	// decent security -- cite this. Why valid for BOTH e2e and cmix?
 	prng := rand.New(rand.NewSource(int64(precannedID)))
-	e2eKeyBytes, err := csprng.GenerateInGroup(e2e.GetPBytes(), 256, prng)
+	prime := e2e.GetPBytes()
+	keyLen := len(prime)
+	e2eKeyBytes, err := csprng.GenerateInGroup(prime, keyLen, prng)
 	if err != nil {
 		jww.FATAL.Panicf(err.Error())
 	}
@@ -192,10 +186,9 @@ func createPrecannedUser(precannedID uint, rng csprng.Source, cmix,
 func createNewVanityUser(rng csprng.Source, cmix,
 	e2e *cyclic.Group, prefix string) user.Info {
 	// DH Keygen
-	// FIXME: Why 256 bits? -- this is spec but not explained, it has
-	// to do with optimizing operations on one side and still preserves
-	// decent security -- cite this. Why valid for BOTH e2e and cmix?
-	e2eKeyBytes, err := csprng.GenerateInGroup(e2e.GetPBytes(), 256, rng)
+	prime := e2e.GetPBytes()
+	keyLen := len(prime)
+	e2eKeyBytes, err := csprng.GenerateInGroup(prime, keyLen, rng)
 	if err != nil {
 		jww.FATAL.Panicf(err.Error())
 	}
diff --git a/cmix/nodes/register.go b/cmix/nodes/register.go
index 9cd4502f0..af18976e4 100644
--- a/cmix/nodes/register.go
+++ b/cmix/nodes/register.go
@@ -10,6 +10,10 @@ package nodes
 import (
 	"crypto/sha256"
 	"encoding/hex"
+	"strconv"
+	"sync"
+	"time"
+
 	"github.com/golang/protobuf/proto"
 	"github.com/pkg/errors"
 	jww "github.com/spf13/jwalterweatherman"
@@ -31,9 +35,6 @@ import (
 	"gitlab.com/xx_network/primitives/id"
 	"gitlab.com/xx_network/primitives/ndf"
 	"gitlab.com/xx_network/primitives/netTime"
-	"strconv"
-	"sync"
-	"time"
 )
 
 func registerNodes(r *registrar, s storage.Session, stop *stoppable.Single,
@@ -155,10 +156,9 @@ func requestKey(sender gateway.Sender, comms RegisterNodeCommsInterface,
 
 	grp := r.session.GetCmixGroup()
 
-	// FIXME: Why 256 bits? -- this is spec but not explained, it has to do with
-	//  optimizing operations on one side and still preserves decent security --
-	//  cite this.
-	dhPrivBytes, err := csprng.GenerateInGroup(grp.GetPBytes(), 256, rng)
+	prime := grp.GetPBytes()
+	keyLen := len(prime)
+	dhPrivBytes, err := csprng.GenerateInGroup(prime, keyLen, rng)
 	if err != nil {
 		return nil, nil, 0, err
 	}
-- 
GitLab