Fix keypair derivation #410

Author: svpcom

src/keygen.c

@@ -76,7 +76,7 @@ int main(int argc, char** argv)
         unsigned char salt[crypto_pwhash_argon2i_SALTBYTES] = \
             {'w','i','f','i','b','r','o','a','d','c','a','s','t','k','e','y'};
 
-        unsigned char seed[crypto_box_SEEDBYTES];
+        unsigned char seed[crypto_box_SEEDBYTES * 2];
         if (crypto_pwhash_argon2i
             (seed, sizeof(seed), password, strlen(password), salt,
              crypto_pwhash_argon2i_OPSLIMIT_INTERACTIVE, // Low CPU usage
@@ -87,7 +87,7 @@ int main(int argc, char** argv)
             return 1;
         }
         if (crypto_box_seed_keypair(drone_publickey, drone_secretkey, seed) !=0 ||
-            crypto_box_seed_keypair(gs_publickey, gs_secretkey, seed) != 0)
+            crypto_box_seed_keypair(gs_publickey, gs_secretkey, seed + crypto_box_SEEDBYTES) != 0)
         {
             fprintf(stderr, "Unable to derive keys\n");
             return 1;

wfb_ng/tests/test_txrx.py

@@ -147,10 +147,13 @@ def _got_response(data):
 
 
 class TXRXTestCase(unittest.TestCase):
+    def setup_keys(self, bindir):
+        return  call_and_check_rc(os.path.join(bindir, 'wfb_keygen'))
+
     @defer.inlineCallbacks
     def setUp(self):
         bindir = os.path.join(os.path.dirname(__file__), '../..')
-        yield call_and_check_rc(os.path.join(bindir, 'wfb_keygen'))
+        yield self.setup_keys(bindir)
 
         self.rxp = UDP_TXRX(('127.0.0.1', 10001))
         self.txp = UDP_TXRX(('127.0.0.1', 10003))
@@ -188,6 +191,10 @@ def tearDown(self):
         # Wait for tx/rx processes to die
         yield df_sleep(0.1)
 
+    def test_keys(self):
+        keys = [open(k, 'rb').read() for k in ('gs.key', 'drone.key')]
+        self.assertEqual(len(keys), 2)
+        self.assertNotEqual(keys[0], keys[1])
 
     @defer.inlineCallbacks
     def test_txrx(self):
@@ -363,15 +370,13 @@ def test_cmd_radio_invalid_args(self):
         self.assertEqual([b'm%d' % (i + 1,) for i in range(7)], self.rxp.rxq)
 
 
-class KeyDerivationTestCase(unittest.TestCase):
-    @defer.inlineCallbacks
-    def setUp(self):
-        bindir = os.path.join(os.path.dirname(__file__), '../..')
-        yield call_and_check_rc(os.path.join(bindir, 'wfb_keygen'), 'secret password')
-
+class KeyDerivationTestCase(TXRXTestCase):
+    def setup_keys(self, bindir):
+        return call_and_check_rc(os.path.join(bindir, 'wfb_keygen'), 'secret password')
 
     def test_keys(self):
         keys = [open(k, 'rb').read() for k in ('gs.key', 'drone.key')]
         self.assertEqual(len(keys), 2)
-        self.assertEqual(keys[0], keys[1])
-        self.assertEqual(hashlib.sha1(keys[0]).hexdigest(), '07d6f6998486d99db626b755e026f80ef17f6e77')
+        self.assertNotEqual(keys[0], keys[1])
+        self.assertEqual(hashlib.sha1(keys[0]).hexdigest(), 'cb8d52ca7602928f67daba6ba1f308f4cfc88aa7')
+        self.assertEqual(hashlib.sha1(keys[1]).hexdigest(), '7a6ffb44cebc53b4538d20bdcaba8d70c9cf4095')