Don't recheck key signatures every time you open your secret keys

parent 18af5eca
......@@ -565,17 +565,17 @@ drop
msg( dup IF <err> ." sig out of date: " ticks .ticks ." sigdate: "
>r 2dup startdate@ .ticks 2dup enddate@ .ticks r> <default> cr THEN ) ;
: verify-sig ( addr u pk -- addr u flag ) >r
check-date dup 0= IF drop
2dup + sigonlysize# - r> ed-verify 0= sig-wrong and
check-date dup 0= IF drop +cmd
2dup + sigonlysize# - r> ed-verify 0= sig-wrong and +sig
EXIT THEN
rdrop ;
: quick-verify-sig ( addr u pk -- addr u flag ) >r
check-date dup 0= IF drop
check-date dup 0= IF drop +cmd
2dup + sigonlysize# -
r@ dup last# >r search-key? r> to last#
dup 0= IF nip nip rdrop EXIT THEN
swap .ke-sksig sec@ drop swap 2swap
ed-quick-verify 0= sig-wrong and
ed-quick-verify 0= sig-wrong and +sigquick
THEN
rdrop ;
......@@ -607,7 +607,7 @@ drop
: sksig@ ( -- sksig u )
my-key? .ke-sksig sec@ ;
: .sig ( -- )
sigdate +date sigdate datesize# type
+sig sigdate +date sigdate datesize# type
sig-params ed-sign type keysize emit ;
: .pk ( -- ) pk@ key| type ;
: pk-sig ( addr u -- sig u )
......
......@@ -124,6 +124,8 @@ timer: +reset
timer: +event
timer: +calc
timer: +cryptsu
timer: +sig
timer: +sigquick
timer: +enc
timer: +rec
timer: +send
......
......@@ -122,10 +122,14 @@ init-ed25519
sigbuf $20 + sct1 sc25519>32b
clean-ed25519 sigbuf $40 ; \ r,s
UValue no-ed-check?
0 to no-ed-check?
: ed-check? { sig pk -- flag }
\G check a message: the keccak state contains the hash of the message.
\G The unpacked pk is in get0, so this word can be used for batch checking.
\G sig and pk need to be aligned properly, ed-verify does that alignment
no-ed-check? IF true EXIT THEN
sig hashtmp $20 move pk hashtmp $20 + $20 move
hashtmp $40 c:shorthash hashtmp $40 c:hash@ \ z=hash(r+pk+message)
sct2 hashtmp 64b>sc25519 \ sct2 is z
......
......@@ -634,6 +634,10 @@ key-version$ evaluate Constant key-version#
: new-pet? ( addr u -- addr u flag )
0 ke-pets[] [: rot >r 2over str= r> or ;] $[]map 0= ;
: ?sk ( addr u -- addr u )
over keypad sk>pk \ generate pubkey
keypad ke-pk $@ drop keysize tuck str= 0= !!wrong-key!! ;
scope{ net2o-base
cmd-table $@ inherit-table key-entry-table
......@@ -650,9 +654,8 @@ $11 net2o: privkey ( $:string -- )
\ does not need to be signed, the secret key verifies itself
!!unsigned? $40 !!>=order?
keypack c@ $F and ke-pwlevel !
$> over keypad sk>pk \ generate pubkey
keypad ke-pk $@ drop keysize tuck str= 0= !!wrong-key!!
ke-sk sec! +seckey "\0" ke-groups $! 0 groups[] $[]@ drop @ ke-mask ! ;
$> ?sk ke-sk sec! +seckey
"\0" ke-groups $! 0 groups[] $[]@ drop @ ke-mask ! ;
+net2o: keytype ( n -- ) !!signed? 1 !!>order? 64>n ke-type ! ;
\g key type (0: anon, 1: user, 2: group)
+net2o: keynick ( $:string -- ) !!signed? 2 !!>order? $> ke-nick $!
......@@ -1024,7 +1027,7 @@ false value ?yes
keypack-d keypack-all# 2swap
dup $20 = IF decrypt$ ELSE
keypack c@ $F and config:pw-maxlevel# @ <=
IF decrypt-pw$ ELSE 2drop false THEN
IF +cmd decrypt-pw$ +cryptsu ELSE 2drop false THEN
THEN ;
: try-decrypt ( flag -- addr u / 0 0 ) { flag }
......@@ -1082,10 +1085,11 @@ false value ?yes
save-keys-again @ IF save-seckeys THEN ;
: read-pkey-loop ( -- )
lastkey@ drop defaultkey ! \ at least one default key available
true to no-ed-check?
-1 config:pw-level#
[: import#new import-type !
?key-pfd read-keys-loop
save-keys-again @ IF save-keys THEN ;] !wrapper ;
[: import#new import-type ! ?key-pfd read-keys-loop
save-keys-again @ IF save-keys THEN ;] !wrapper
false to no-ed-check? ;
: read-keys ( -- )
read-key-loop read-pkey-loop import#new import-type ! ;
......
......@@ -803,8 +803,10 @@ scope{ /chat
: start-n2o ( -- )
[IFDEF] cov+ load-cov [THEN]
cmd-args ++debug %droprate %droprate \ read in all debugging stuff
profile( init-timer )
argc @ 1 > IF next-cmd ELSE n2o:help THEN
[IFDEF] cov+ save-cov annotate-cov cov% [THEN]
profile( .times )
n2o:bye ;
' start-n2o is process-args
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment