1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
|
;; This file is part of scheme-GNUnet, a partial Scheme port of GNUnet
;; Copyright (C) 2001-2013, 2021 GNUnet e.V.
;;
;; GNUnet is free software: you can redistribute it and/or modify it
;; under the terms of the GNU Affero General Public License as published
;; by the Free Software Foundation, either version 3 of the License,
;; or (at your option) any later version.
;;
;; GNUnet is distributed in the hope that it will be useful, but
;; WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
;; Affero General Public License for more details.
;;
;; You should have received a copy of the GNU Affero General Public License
;; along with this program. If not, see <http://www.gnu.org/licenses/>.
;;
;; SPDX-License-Identifier: AGPL3.0-or-later
;; From upstream:
;; @file include/gnunet_crypto_lib.h
;; @brief cryptographic primitives for GNUnet
;;
;; @author Christian Grothoff
;; @author Krista Bennett
;; @author Gerd Knorr <kraxel@bytesex.org>
;; @author Ioana Patrascu
;; @author Tzvetan Horozov
;; @author Jeffrey Burdges <burdges@gnunet.org>
;;
;; @defgroup crypto Crypto library: cryptographic operations
;; Provides cryptographic primitives.
;;
;; @see [Documentation](https://gnunet.org/crypto-api)
;;
;; @defgroup hash Crypto library: hash operations
;; Provides hashing and operations on hashes.
;;
;; @see [Documentation](https://gnunet.org/crypto-api)
;; Downstream (scheme-GNUnet)
;;
;; @brief
;; Definition of cryptographic structures transmitted
;; over the network.
;; @author Maxime Devos
(define-library (gnu gnunet crypto struct)
(export /eddsa-signature /ecdsa-signature
/eddsa-public-key /ecdsa-public-key
/peer-identity
/ecdhe-public-key /ecdhe-private-key
/ecdsa-private-key /eddsa-private-key
/symmetric-session-key
/challenge-nonce-p
/ecc-signature-purpose)
(import (only (gnu gnunet hashcode struct) /hashcode:256)
(only (gnu gnunet netstruct syntactic)
define-type structure/packed)
(only (gnu gnunet netstruct procedural)
u8vector u32/big)
(only (rnrs base) begin))
(begin
(define-type /eddsa-signature
(structure/packed
(synopsis "An ECC signature using EdDSA.")
(documentation "See cr.yp.to/papers.html#ed25519")
(field (r (u8vector 64))
(synopsis "R value"))
(field (s (u8vector 64))
(synopsis "S value"))))
(define-type /ecdsa-signature
(structure/packed
(synopsis "An ECC signature using ECDSA.")
(field (r (u8vector 64))
(synopsis "R value"))
(field (s (u8vector 64))
(synopsis "S value"))))
(define-type /eddsa-public-key
(structure/packed
(documentation "Public ECC key (always for curve Ed25519) encoded in
a format suitable for network transmission and EdDSA signatures.
Refer to section 5.1.3 of rfc8032, for a thorough explanation of how this
value maps to the x- and y-coordinates.")
(field (q (u8vector 64))
(documentation "Point Q consists of a y-value mod p (256 bits);
the x-value is always positive. The point is stored in Ed25519 standard
compact format."))))
(define-type /ecdsa-public-key
(structure/packed
(documentation
"Public ECC key (always for Curve25519) encoded in a format suitable
for network transmission and ECDSA signatures.")
(field (q-y (u8vector 64))
(documentation
"Q consists of an x- and a y-value, each mod p (256 bits), given
here in affine coordinates and Ed25519 standard compact format."))))
(define-type /peer-identity
(structure/packed
(synopsis
"The identity of the host (wraps the signing key of the peer).")
(field (public-key /eddsa-public-key))))
(define-type /ecdhe-public-key
(structure/packed
(documentation
"Public ECC key (always for Curve25519) encoded in a format suitable
for network transmission and encryption (ECDH),
See http://cr.yp.to/ecdh.html")
(field (q-y (u8vector 6))
(documentation
"Q consists of an x- and a y-value, each mod p (256 bits), given
here in affine coordinates and Ed25519 standard compact format."))))
(define-type /ecdhe-private-key
(structure/packed
(synopsis "Private ECC key encoded for transmission")
(documentation
"To be used only for ECDH key exchange (ECDHE to be precise)")
(field (d (u8vector 64))
(documentation
"d is a value mod n, where n has at most 256 bits"))))
(define-type /ecdsa-private-key
(structure/packed
(synopsis "Private ECC key encoded for transmission")
(documentation
"To be used only for ECDSA signatures.")
(field (d (u8vector 64))
(documentation
"d is a value mod n, where n has at most 256 bits"))))
(define-type /eddsa-private-key
(structure/packed
(synopsis "Private ECC key encoded for transmission")
(documentation "To be used only for EdDSA signatures.")
(field (d (u8vector 64))
(documentation
"d is a value mod n, where n has at most 256 bits."))))
(define-type /symmetric-session-key
(structure/packed
(synopsis "Type for session keys")
(field (aes-key (u8vector 64))
(synopsis "Actual key for AES"))
(field (twofish-key (u8vector 64))
(synopsis "Actual key for TwoFish"))))
(define-type /challenge-nonce-p
(structure/packed
(synopsis "Type of a nonce used for challenges")
(field (value /hashcode:256)
(synopsis
"The value of the nonce. Note that this is NOT a hash."))))
(define-type /ecc-signature-purpose
(structure/packed
(synopsis "Header indicating what an ECC signature signs")
(field (size u32/big)
(synopsis "The number of bytes the signature signs"))
(field (purpose u32/big)
(synopsis "What does this signature vouch for?"))))))
|
