Index: crypt.fs ================================================================== --- crypt.fs +++ crypt.fs @@ -563,21 +563,21 @@ 64dup 64#-1 64<> IF fuzzedtime# 64-2* 64+ THEN early/late? msg( dup IF ." sig out of date: " ticks .ticks ." sigdate: " >r 2dup startdate@ .ticks 2dup enddate@ .ticks r> cr THEN ) ; : verify-sig ( addr u pk -- addr u flag ) >r - check-date dup 0= IF drop - 2dup + sigonlysize# - r> ed-verify 0= sig-wrong and + check-date dup 0= IF drop +cmd + 2dup + sigonlysize# - r> ed-verify 0= sig-wrong and +sig EXIT THEN rdrop ; : quick-verify-sig ( addr u pk -- addr u flag ) >r - check-date dup 0= IF drop + check-date dup 0= IF drop +cmd 2dup + sigonlysize# - r@ dup last# >r search-key? r> to last# dup 0= IF nip nip rdrop EXIT THEN swap .ke-sksig sec@ drop swap 2swap - ed-quick-verify 0= sig-wrong and + ed-quick-verify 0= sig-wrong and +sigquick THEN rdrop ; : date-sig? ( addr u pk -- addr u flag ) >r >date r> verify-sig ; @@ -605,11 +605,11 @@ : sk@ ( -- sk u ) my-key? .ke-sk sec@ ; : sksig@ ( -- sksig u ) my-key? .ke-sksig sec@ ; : .sig ( -- ) - sigdate +date sigdate datesize# type + +sig sigdate +date sigdate datesize# type sig-params ed-sign type keysize emit ; : .pk ( -- ) pk@ key| type ; : pk-sig ( addr u -- sig u ) c:0key c:hash [: .pk .sig ;] $tmp ; Index: debugging.fs ================================================================== --- debugging.fs +++ debugging.fs @@ -122,10 +122,12 @@ timer: +next timer: +reset timer: +event timer: +calc timer: +cryptsu +timer: +sig +timer: +sigquick timer: +enc timer: +rec timer: +send timer: +wait timer: +cmd Index: ed25519-donna.fs ================================================================== --- ed25519-donna.fs +++ ed25519-donna.fs @@ -119,15 +119,19 @@ sct2 sk raw>sc25519 \ sct2 is sk sct1 sct1 sct2 sc25519* sct1 sct1 sct3 sc25519+ \ s=z*sk+k sigbuf $20 + sct1 sc25519>32b clean-ed25519 sigbuf $40 ; \ r,s + +UValue no-ed-check? +0 to no-ed-check? : ed-check? { sig pk -- flag } \G check a message: the keccak state contains the hash of the message. \G The unpacked pk is in get0, so this word can be used for batch checking. \G sig and pk need to be aligned properly, ed-verify does that alignment + no-ed-check? IF true EXIT THEN sig hashtmp $20 move pk hashtmp $20 + $20 move hashtmp $40 c:shorthash hashtmp $40 c:hash@ \ z=hash(r+pk+message) sct2 hashtmp 64b>sc25519 \ sct2 is z sct3 sig $20 + raw>sc25519 \ sct3 is s get1 get0 sct2 sct3 ge25519*+ \ base*s-pk*z Index: keys.fs ================================================================== --- keys.fs +++ keys.fs @@ -632,10 +632,14 @@ key-version$ evaluate Constant key-version# : new-pet? ( addr u -- addr u flag ) 0 ke-pets[] [: rot >r 2over str= r> or ;] $[]map 0= ; +: ?sk ( addr u -- addr u ) + over keypad sk>pk \ generate pubkey + keypad ke-pk $@ drop keysize tuck str= 0= !!wrong-key!! ; + scope{ net2o-base cmd-table $@ inherit-table key-entry-table \g \g ### key storage commands ### @@ -648,13 +652,12 @@ $11 net2o: privkey ( $:string -- ) \g private key \ does not need to be signed, the secret key verifies itself !!unsigned? $40 !!>=order? keypack c@ $F and ke-pwlevel ! - $> over keypad sk>pk \ generate pubkey - keypad ke-pk $@ drop keysize tuck str= 0= !!wrong-key!! - ke-sk sec! +seckey "\0" ke-groups $! 0 groups[] $[]@ drop @ ke-mask ! ; + $> ?sk ke-sk sec! +seckey + "\0" ke-groups $! 0 groups[] $[]@ drop @ ke-mask ! ; +net2o: keytype ( n -- ) !!signed? 1 !!>order? 64>n ke-type ! ; \g key type (0: anon, 1: user, 2: group) +net2o: keynick ( $:string -- ) !!signed? 2 !!>order? $> ke-nick $! \g key nick nick! ; @@ -1022,11 +1025,11 @@ : try-decrypt-key ( key u1 -- addr u2 flag ) keypack keypack-d keypack-all# move keypack-d keypack-all# 2swap dup $20 = IF decrypt$ ELSE keypack c@ $F and config:pw-maxlevel# @ <= - IF decrypt-pw$ ELSE 2drop false THEN + IF +cmd decrypt-pw$ +cryptsu ELSE 2drop false THEN THEN ; : try-decrypt ( flag -- addr u / 0 0 ) { flag } keys $[]# 0 ?DO I keys sec[]@ dup keysize = flag xor IF @@ -1080,14 +1083,15 @@ ?key-sfd read-keys-loop secret-keys# r> = IF migrate-key-loop THEN save-keys-again @ IF save-seckeys THEN ; : read-pkey-loop ( -- ) lastkey@ drop defaultkey ! \ at least one default key available + true to no-ed-check? -1 config:pw-level# - [: import#new import-type ! - ?key-pfd read-keys-loop - save-keys-again @ IF save-keys THEN ;] !wrapper ; + [: import#new import-type ! ?key-pfd read-keys-loop + save-keys-again @ IF save-keys THEN ;] !wrapper + false to no-ed-check? ; : read-keys ( -- ) read-key-loop read-pkey-loop import#new import-type ! ; : read-pk2key$ ( addr u -- ) Index: n2o.fs ================================================================== --- n2o.fs +++ n2o.fs @@ -801,11 +801,13 @@ }scope : start-n2o ( -- ) [IFDEF] cov+ load-cov [THEN] cmd-args ++debug %droprate %droprate \ read in all debugging stuff + profile( init-timer ) argc @ 1 > IF next-cmd ELSE n2o:help THEN [IFDEF] cov+ save-cov annotate-cov cov% [THEN] + profile( .times ) n2o:bye ; ' start-n2o is process-args