summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2019-06-14 19:18:01 +0200
committerChristian Grothoff <christian@grothoff.org>2019-06-14 19:18:12 +0200
commitce2f5491241f0fd46ebfb4563b5d020717898613 (patch)
tree3e52ccb600869d23d78194b041edbefef58c9866
parent2a7c0cbbc0e81baef36446683c7e220eca1760c6 (diff)
add option to display private keys
-rw-r--r--ChangeLog3
-rw-r--r--doc/man/gnunet-identity.13
-rw-r--r--src/identity/gnunet-identity.c44
-rw-r--r--src/include/gnunet_crypto_lib.h352
-rw-r--r--src/util/crypto_ecc.c511
5 files changed, 520 insertions, 393 deletions
diff --git a/ChangeLog b/ChangeLog
index 84110a365..7c4c81097 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+Fri 14 Jun 2019 07:17:40 PM CEST
+ Add option to gnunet-identity to display private keys. -CG
+
Wed May 29 11:17:49 2019 +0200
Added CAA record type (RFC 6844). -schanzen
diff --git a/doc/man/gnunet-identity.1 b/doc/man/gnunet-identity.1
index cfb727885..fba649e8d 100644
--- a/doc/man/gnunet-identity.1
+++ b/doc/man/gnunet-identity.1
@@ -35,6 +35,7 @@
.Op Fl e Ar NAME | Fl \-ego= Ns Ar NAME
.Op Fl h | \-help
.Op Fl m | \-monitor
+.Op Fl p | \-private-keys
.Op Fl q | \-quiet
.Op Fl s Ar SUBSYSTEM | Fl \-set= Ns Ar SUBSYSTEM
.Op Fl V | \-verbose
@@ -75,6 +76,8 @@ Run in monitor mode, listing all ouf our egos until CTRL-C is pressed.
Each ego is listed together with a unique pointer value; if
egos are renamed, that pointer value remains the same,
if egos are deleted, they are listed one more time with a name of "<null>".
+.It Fl p | \-private-keys
+Print the private keys (in Crockford Base32 encoding), and not just the public keys.
.It Fl q | \-quiet
Be quiet, in particular outputs only the public key when listing egos.
.It Fl s Ar SUBSYSTEM | Fl \-set= Ns Ar SUBSYSTEM
diff --git a/src/identity/gnunet-identity.c b/src/identity/gnunet-identity.c
index 4d6b1db3f..41878fc1e 100644
--- a/src/identity/gnunet-identity.c
+++ b/src/identity/gnunet-identity.c
@@ -1,6 +1,6 @@
/*
This file is part of GNUnet.
- Copyright (C) 2013 GNUnet e.V.
+ Copyright (C) 2013, 2018, 2019 GNUnet e.V.
GNUnet is free software: you can redistribute it and/or modify it
under the terms of the GNU Affero General Public License as published
@@ -51,6 +51,11 @@ static int list;
static int monitor;
/**
+ * Was "private" specified?
+ */
+static int private_keys;
+
+/**
* Was "verbose" specified?
*/
static unsigned int verbose;
@@ -195,7 +200,18 @@ create_finished (void *cls,
GNUNET_CRYPTO_ecdsa_key_get_public (pk, &pub);
pubs = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pub);
- fprintf (stdout, "%s\n", pubs);
+ if (private_keys)
+ {
+ char *privs;
+
+ privs = GNUNET_CRYPTO_ecdsa_private_key_to_string (pk);
+ fprintf (stdout, "%s - %s\n", pubs, privs);
+ GNUNET_free (privs);
+ }
+ else
+ {
+ fprintf (stdout, "%s\n", pubs);
+ }
GNUNET_free (pubs);
}
test_finished ();
@@ -262,6 +278,7 @@ print_ego (void *cls,
{
struct GNUNET_CRYPTO_EcdsaPublicKey pk;
char *s;
+ char *privs;
if ((NULL != set_ego) && (NULL != set_subsystem) && (NULL != ego) &&
(NULL != identifier) && (0 == strcmp (identifier, set_ego)))
@@ -291,19 +308,32 @@ print_ego (void *cls,
}
if (! (list | monitor))
return;
- if ( (NULL == ego) || (NULL == identifier) )
+ if ((NULL == ego) || (NULL == identifier))
return;
if ((NULL != set_ego) && (0 != strcmp (identifier, set_ego)))
return;
GNUNET_IDENTITY_ego_get_public_key (ego, &pk);
s = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk);
+ privs = GNUNET_CRYPTO_ecdsa_private_key_to_string (
+ GNUNET_IDENTITY_ego_get_private_key (ego));
if ((monitor) || (NULL != identifier))
{
if (quiet)
- fprintf (stdout, "%s\n", s);
+ {
+ if (private_keys)
+ fprintf (stdout, "%s - %s\n", s, privs);
+ else
+ fprintf (stdout, "%s\n", s);
+ }
else
- fprintf (stdout, "%s - %s\n", identifier, s);
+ {
+ if (private_keys)
+ fprintf (stdout, "%s - %s - %s\n", identifier, s, privs);
+ else
+ fprintf (stdout, "%s - %s\n", identifier, s);
+ }
}
+ GNUNET_free (privs);
GNUNET_free (s);
}
@@ -384,6 +414,10 @@ main (int argc, char *const *argv)
"monitor",
gettext_noop ("run in monitor mode egos"),
&monitor),
+ GNUNET_GETOPT_option_flag ('p',
+ "private-keys",
+ gettext_noop ("display private keys as well"),
+ &private_keys),
GNUNET_GETOPT_option_string (
's',
"set",
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 45da5f6ba..2037159e5 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -44,9 +44,8 @@
#define GNUNET_CRYPTO_LIB_H
#ifdef __cplusplus
-extern "C"
-{
-#if 0 /* keep Emacsens' auto-indent happy */
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
}
#endif
#endif
@@ -98,12 +97,12 @@ enum GNUNET_CRYPTO_Quality
/**
* @brief length of the sessionkey in bytes (256 BIT sessionkey)
*/
-#define GNUNET_CRYPTO_AES_KEY_LENGTH (256/8)
+#define GNUNET_CRYPTO_AES_KEY_LENGTH (256 / 8)
/**
* Length of a hash value
*/
-#define GNUNET_CRYPTO_HASH_LENGTH (512/8)
+#define GNUNET_CRYPTO_HASH_LENGTH (512 / 8)
/**
* How many characters (without 0-terminator) are our ASCII-encoded
@@ -144,7 +143,6 @@ struct GNUNET_CRYPTO_EccSignaturePurpose
* network byte order!
*/
uint32_t purpose GNUNET_PACKED;
-
};
@@ -164,11 +162,9 @@ struct GNUNET_CRYPTO_EddsaSignature
* S value.
*/
unsigned char s[256 / 8];
-
};
-
/**
* @brief an ECC signature using ECDSA
*/
@@ -184,7 +180,6 @@ struct GNUNET_CRYPTO_EcdsaSignature
* S value.
*/
unsigned char s[256 / 8];
-
};
@@ -200,7 +195,6 @@ struct GNUNET_CRYPTO_EddsaPublicKey
* compact format.
*/
unsigned char q_y[256 / 8];
-
};
@@ -215,7 +209,6 @@ struct GNUNET_CRYPTO_EcdsaPublicKey
* here in affine coordinates and Ed25519 standard compact format.
*/
unsigned char q_y[256 / 8];
-
};
@@ -253,7 +246,6 @@ struct GNUNET_CRYPTO_EcdhePrivateKey
* d is a value mod n, where n has at most 256 bits.
*/
unsigned char d[256 / 8];
-
};
/**
@@ -266,7 +258,6 @@ struct GNUNET_CRYPTO_EcdsaPrivateKey
* d is a value mod n, where n has at most 256 bits.
*/
unsigned char d[256 / 8];
-
};
/**
@@ -279,7 +270,6 @@ struct GNUNET_CRYPTO_EddsaPrivateKey
* d is a value mod n, where n has at most 256 bits.
*/
unsigned char d[256 / 8];
-
};
@@ -297,7 +287,6 @@ struct GNUNET_CRYPTO_SymmetricSessionKey
* Actual key for TwoFish.
*/
unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH];
-
};
GNUNET_NETWORK_STRUCT_END
@@ -400,8 +389,7 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed);
* @return crc8 value
*/
uint8_t
-GNUNET_CRYPTO_crc8_n (const void *buf,
- size_t len);
+GNUNET_CRYPTO_crc8_n (const void *buf, size_t len);
/**
@@ -413,9 +401,7 @@ GNUNET_CRYPTO_crc8_n (const void *buf,
* @return updated crc sum (must be subjected to #GNUNET_CRYPTO_crc16_finish to get actual crc16)
*/
uint32_t
-GNUNET_CRYPTO_crc16_step (uint32_t sum,
- const void *buf,
- size_t len);
+GNUNET_CRYPTO_crc16_step (uint32_t sum, const void *buf, size_t len);
/**
@@ -437,10 +423,7 @@ GNUNET_CRYPTO_crc16_finish (uint32_t sum);
* @return crc16 value
*/
uint16_t
-GNUNET_CRYPTO_crc16_n (const void *buf,
- size_t len);
-
-
+GNUNET_CRYPTO_crc16_n (const void *buf, size_t len);
/**
@@ -453,8 +436,7 @@ GNUNET_CRYPTO_crc16_n (const void *buf,
* @return the resulting CRC32 checksum
*/
int32_t
-GNUNET_CRYPTO_crc32_n (const void *buf,
- size_t len);
+GNUNET_CRYPTO_crc32_n (const void *buf, size_t len);
/**
* @ingroup crypto
@@ -465,8 +447,7 @@ GNUNET_CRYPTO_crc32_n (const void *buf,
* @param length buffer length
*/
void
-GNUNET_CRYPTO_zero_keys (void *buffer,
- size_t length);
+GNUNET_CRYPTO_zero_keys (void *buffer, size_t length);
/**
@@ -491,8 +472,7 @@ GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode,
* @return a random value in the interval [0,@a i) (exclusive).
*/
uint32_t
-GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode,
- uint32_t i);
+GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, uint32_t i);
/**
@@ -504,8 +484,7 @@ GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode,
* @return random 64-bit number
*/
uint64_t
-GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode,
- uint64_t max);
+GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max);
/**
@@ -518,8 +497,7 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode,
* @return the permutation array (allocated from heap)
*/
unsigned int *
-GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode,
- unsigned int n);
+GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, unsigned int n);
/**
@@ -529,7 +507,8 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode,
* @param key key to initialize
*/
void
-GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key);
+GNUNET_CRYPTO_symmetric_create_session_key (
+ struct GNUNET_CRYPTO_SymmetricSessionKey *key);
/**
@@ -544,11 +523,12 @@ GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessio
* @return the size of the encrypted block, -1 for errors
*/
ssize_t
-GNUNET_CRYPTO_symmetric_encrypt (const void *block,
- size_t size,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
- const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- void *result);
+GNUNET_CRYPTO_symmetric_encrypt (
+ const void *block,
+ size_t size,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
+ const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ void *result);
/**
@@ -563,11 +543,12 @@ GNUNET_CRYPTO_symmetric_encrypt (const void *block,
* @return -1 on failure, size of decrypted block on success
*/
ssize_t
-GNUNET_CRYPTO_symmetric_decrypt (const void *block,
- size_t size,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
- const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- void *result);
+GNUNET_CRYPTO_symmetric_decrypt (
+ const void *block,
+ size_t size,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
+ const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ void *result);
/**
@@ -580,10 +561,12 @@ GNUNET_CRYPTO_symmetric_decrypt (const void *block,
* @param ... pairs of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- const void *salt,
- size_t salt_len, ...);
+GNUNET_CRYPTO_symmetric_derive_iv (
+ struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ const void *salt,
+ size_t salt_len,
+ ...);
/**
@@ -595,11 +578,12 @@ GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationV
* @param argp pairs of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- const void *salt,
- size_t salt_len,
- va_list argp);
+GNUNET_CRYPTO_symmetric_derive_iv_v (
+ struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ const void *salt,
+ size_t salt_len,
+ va_list argp);
/**
@@ -638,7 +622,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc,
* @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding
*/
#define GNUNET_CRYPTO_hash_from_string(enc, result) \
- GNUNET_CRYPTO_hash_from_string2 (enc, strlen(enc), result)
+ GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result)
/**
@@ -732,8 +716,10 @@ GNUNET_CRYPTO_hash_context_abort (struct GNUNET_HashContext *hc);
* @param hmac where to store the hmac
*/
void
-GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len,
- const void *plaintext, size_t plaintext_len,
+GNUNET_CRYPTO_hmac_raw (const void *key,
+ size_t key_len,
+ const void *plaintext,
+ size_t plaintext_len,
struct GNUNET_HashCode *hmac);
@@ -760,9 +746,9 @@ GNUNET_CRYPTO_hmac (const struct GNUNET_CRYPTO_AuthKey *key,
* @param cls closure
* @param res resulting hash, NULL on error
*/
-typedef void
-(*GNUNET_CRYPTO_HashCompletedCallback) (void *cls,
- const struct GNUNET_HashCode *res);
+typedef void (*GNUNET_CRYPTO_HashCompletedCallback) (
+ void *cls,
+ const struct GNUNET_HashCode *res);
/**
@@ -862,9 +848,10 @@ GNUNET_CRYPTO_hash_xor (const struct GNUNET_HashCode *a,
* @param iv set to a valid initialization vector
*/
void
-GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc,
- struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- struct GNUNET_CRYPTO_SymmetricInitializationVector *iv);
+GNUNET_CRYPTO_hash_to_aes_key (
+ const struct GNUNET_HashCode *hc,
+ struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ struct GNUNET_CRYPTO_SymmetricInitializationVector *iv);
/**
@@ -877,7 +864,7 @@ GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc,
*/
int
GNUNET_CRYPTO_hash_get_bit (const struct GNUNET_HashCode *code,
- unsigned int bit);
+ unsigned int bit);
/**
@@ -937,10 +924,12 @@ GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode *h1,
* @param argp pair of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
- const void *salt, size_t salt_len,
- va_list argp);
+GNUNET_CRYPTO_hmac_derive_key_v (
+ struct GNUNET_CRYPTO_AuthKey *key,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
+ const void *salt,
+ size_t salt_len,
+ va_list argp);
/**
@@ -953,10 +942,12 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key,
* @param ... pair of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
- const void *salt, size_t salt_len,
- ...);
+GNUNET_CRYPTO_hmac_derive_key (
+ struct GNUNET_CRYPTO_AuthKey *key,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
+ const void *salt,
+ size_t salt_len,
+ ...);
/**
@@ -1047,8 +1038,10 @@ GNUNET_CRYPTO_kdf_v (void *result,
void
GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
gcry_mpi_t n,
- const void *xts, size_t xts_len,
- const void *skm, size_t skm_len,
+ const void *xts,
+ size_t xts_len,
+ const void *skm,
+ size_t skm_len,
const char *ctx);
@@ -1082,8 +1075,9 @@ GNUNET_CRYPTO_kdf (void *result,
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_key_get_public (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
/**
* @ingroup crypto
@@ -1093,9 +1087,9 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub);
-
+GNUNET_CRYPTO_eddsa_key_get_public (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
@@ -1106,8 +1100,9 @@ GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
- struct GNUNET_CRYPTO_EcdhePublicKey *pub);
+GNUNET_CRYPTO_ecdhe_key_get_public (
+ const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdhePublicKey *pub);
/**
@@ -1117,7 +1112,18 @@ GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+
+/**
+ * Convert a private key to a string.
+ *
+ * @param priv key to convert
+ * @return string representing @a priv
+ */
+char *
+GNUNET_CRYPTO_ecdsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv);
/**
@@ -1127,7 +1133,8 @@ GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublic
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv);
+GNUNET_CRYPTO_eddsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv);
/**
@@ -1137,7 +1144,8 @@ GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPriva
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
+GNUNET_CRYPTO_eddsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
@@ -1149,9 +1157,10 @@ GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublic
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
/**
@@ -1163,9 +1172,10 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPrivateKey *pub);
+GNUNET_CRYPTO_eddsa_private_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPrivateKey *pub);
/**
@@ -1177,9 +1187,10 @@ GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub);
+GNUNET_CRYPTO_eddsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
@@ -1236,7 +1247,8 @@ struct GNUNET_CONFIGURATION_Handle;
* permission denied); free using #GNUNET_free
*/
struct GNUNET_CRYPTO_EddsaPrivateKey *
-GNUNET_CRYPTO_eddsa_key_create_from_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg);
+GNUNET_CRYPTO_eddsa_key_create_from_configuration (
+ const struct GNUNET_CONFIGURATION_Handle *cfg);
/**
@@ -1375,8 +1387,7 @@ struct GNUNET_CRYPTO_EccPoint
* @return NULL on error
*/
struct GNUNET_CRYPTO_EccDlogContext *
-GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max,
- unsigned int mem);
+GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max, unsigned int mem);
/**
@@ -1389,7 +1400,7 @@ GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max,
*/
int
GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_point_t input);
+ gcry_mpi_point_t input);
/**
@@ -1406,8 +1417,7 @@ GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc,
* must be freed using #GNUNET_CRYPTO_ecc_free()
*/
gcry_mpi_point_t
-GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc,
- int val);
+GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc, int val);
/**
@@ -1421,7 +1431,7 @@ GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc,
*/
gcry_mpi_point_t
GNUNET_CRYPTO_ecc_dexp_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_t val);
+ gcry_mpi_t val);
/**
@@ -1436,7 +1446,7 @@ GNUNET_CRYPTO_ecc_dexp_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
gcry_mpi_point_t
GNUNET_CRYPTO_ecc_pmul_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
gcry_mpi_point_t p,
- gcry_mpi_t val);
+ gcry_mpi_t val);
/**
@@ -1474,8 +1484,8 @@ GNUNET_CRYPTO_ecc_bin_to_point (struct GNUNET_CRYPTO_EccDlogContext *edc,
*/
gcry_mpi_point_t
GNUNET_CRYPTO_ecc_add (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_point_t a,
- gcry_mpi_point_t b);
+ gcry_mpi_point_t a,
+ gcry_mpi_point_t b);
/**
@@ -1489,8 +1499,8 @@ GNUNET_CRYPTO_ecc_add (struct GNUNET_CRYPTO_EccDlogContext *edc,
*/
void
GNUNET_CRYPTO_ecc_rnd (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_point_t *r,
- gcry_mpi_point_t *r_inv);
+ gcry_mpi_point_t *r,
+ gcry_mpi_point_t *r_inv);
/**
@@ -1622,9 +1632,10 @@ GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EddsaSignature *sig);
+GNUNET_CRYPTO_eddsa_sign (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EddsaSignature *sig);
/**
@@ -1637,9 +1648,10 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EcdsaSignature *sig);
+GNUNET_CRYPTO_ecdsa_sign (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig);
/**
* @ingroup crypto
@@ -1652,11 +1664,11 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EddsaSignature *sig,
- const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
-
+GNUNET_CRYPTO_eddsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EddsaSignature *sig,
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
@@ -1670,10 +1682,11 @@ GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EcdsaSignature *sig,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
/**
@@ -1690,9 +1703,10 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
* @return derived private key
*/
struct GNUNET_CRYPTO_EcdsaPrivateKey *
-GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const char *label,
- const char *context);
+GNUNET_CRYPTO_ecdsa_private_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const char *label,
+ const char *context);
/**
@@ -1707,10 +1721,11 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK
* @param result where to write the derived public key
*/
void
-GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
- const char *label,
- const char *context,
- struct GNUNET_CRYPTO_EcdsaPublicKey *result);
+GNUNET_CRYPTO_ecdsa_public_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
+ const char *label,
+ const char *context,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *result);
/**
@@ -1722,9 +1737,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
* @param val value to write to @a buf
*/
void
-GNUNET_CRYPTO_mpi_print_unsigned (void *buf,
- size_t size,
- gcry_mpi_t val);
+GNUNET_CRYPTO_mpi_print_unsigned (void *buf, size_t size, gcry_mpi_t val);
/**
@@ -1749,8 +1762,9 @@ GNUNET_CRYPTO_mpi_scan_unsigned (gcry_mpi_t *result,
* @param[out] private_key Where to store the private key?
*/
void
-GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- struct GNUNET_CRYPTO_PaillierPrivateKey *private_key);
+GNUNET_CRYPTO_paillier_create (
+ struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ struct GNUNET_CRYPTO_PaillierPrivateKey *private_key);
/**
@@ -1765,10 +1779,11 @@ GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_ke
* or -1 if less than one homomorphic operation is possible
*/
int
-GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- const gcry_mpi_t m,
- int desired_ops,
- struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext);
+GNUNET_CRYPTO_paillier_encrypt (
+ const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ const gcry_mpi_t m,
+ int desired_ops,
+ struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext);
/**
@@ -1780,10 +1795,11 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu
* @param[out] m Decryption of @a ciphertext with @private_key.
*/
void
-GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key,
- const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext,
- gcry_mpi_t m);
+GNUNET_CRYPTO_paillier_decrypt (
+ const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key,
+ const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext,
+ gcry_mpi_t m);
/**
@@ -1800,10 +1816,11 @@ GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *p
* #GNUNET_SYSERR if no more homomorphic operations are remaining.
*/
int
-GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- const struct GNUNET_CRYPTO_PaillierCiphertext *c1,
- const struct GNUNET_CRYPTO_PaillierCiphertext *c2,
- struct GNUNET_CRYPTO_PaillierCiphertext *result);
+GNUNET_CRYPTO_paillier_hom_add (
+ const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ const struct GNUNET_CRYPTO_PaillierCiphertext *c1,
+ const struct GNUNET_CRYPTO_PaillierCiphertext *c2,
+ struct GNUNET_CRYPTO_PaillierCiphertext *result);
/**
@@ -1813,14 +1830,13 @@ GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *pu
* @return the number of remaining homomorphic operations
*/
int
-GNUNET_CRYPTO_paillier_hom_get_remaining (const struct GNUNET_CRYPTO_PaillierCiphertext *c);
+GNUNET_CRYPTO_paillier_hom_get_remaining (
+ const struct GNUNET_CRYPTO_PaillierCiphertext *c);
/* ********* Chaum-style RSA-based blind signatures ******************* */
-
-
/**
* The private information of an RSA key pair.
*/
@@ -1877,8 +1893,9 @@ GNUNET_CRYPTO_rsa_private_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key);
* @return size of memory allocatedin @a buffer
*/
size_t
-GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- char **buffer);
+GNUNET_CRYPTO_rsa_private_key_encode (
+ const struct GNUNET_CRYPTO_RsaPrivateKey *key,
+ char **buffer);
/**
@@ -1890,8 +1907,7 @@ GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *
* @return NULL on error
*/
struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_private_key_decode (const char *buf,
- size_t len);
+GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, size_t len);
/**
@@ -1901,7 +1917,8 @@ GNUNET_CRYPTO_rsa_private_key_decode (const char *buf,
* @return the duplicate key; NULL upon error
*/
struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_private_key_dup (const struct GNUNET_CRYPTO_RsaPrivateKey *key);
+GNUNET_CRYPTO_rsa_private_key_dup (
+ const struct GNUNET_CRYPTO_RsaPrivateKey *key);
/**
@@ -1911,7 +1928,8 @@ GNUNET_CRYPTO_rsa_private_key_dup (const struct GNUNET_CRYPTO_RsaPrivateKey *key
* @retur NULL on error, otherwise the public key
*/
struct GNUNET_CRYPTO_RsaPublicKey *
-GNUNET_CRYPTO_rsa_private_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey *priv);
+GNUNET_CRYPTO_rsa_private_key_get_public (
+ const struct GNUNET_CRYPTO_RsaPrivateKey *priv);
/**
@@ -1953,8 +1971,9 @@ GNUNET_CRYPTO_rsa_public_key_free (struct GNUNET_CRYPTO_RsaPublicKey *key);
* @return size of memory allocated in @a buffer
*/
size_t
-GNUNET_CRYPTO_rsa_public_key_encode (const struct GNUNET_CRYPTO_RsaPublicKey *key,
- char **buffer);
+GNUNET_CRYPTO_rsa_public_key_encode (
+ const struct GNUNET_CRYPTO_RsaPublicKey *key,
+ char **buffer);
/**
@@ -1966,8 +1985,7 @@ GNUNET_CRYPTO_rsa_public_key_encode (const struct GNUNET_CRYPTO_RsaPublicKey *ke
* @return NULL on error
*/
struct GNUNET_CRYPTO_RsaPublicKey *
-GNUNET_CRYPTO_rsa_public_key_decode (const char *buf,
- size_t len);
+GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, size_t len);
/**
@@ -2056,7 +2074,7 @@ GNUNET_CRYPTO_rsa_sign_blinded (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
*/
struct GNUNET_CRYPTO_RsaSignature *
GNUNET_CRYPTO_rsa_sign_fdh (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- const struct GNUNET_HashCode *hash);
+ const struct GNUNET_HashCode *hash);
/**
@@ -2076,8 +2094,9 @@ GNUNET_CRYPTO_rsa_signature_free (struct GNUNET_CRYPTO_RsaSignature *sig);
* @return size of memory allocated in @a buffer
*/
size_t
-GNUNET_CRYPTO_rsa_signature_encode (const struct GNUNET_CRYPTO_RsaSignature *sig,
- char **buffer);
+GNUNET_CRYPTO_rsa_signature_encode (
+ const struct GNUNET_CRYPTO_RsaSignature *sig,
+ char **buffer);
/**
@@ -2089,8 +2108,7 @@ GNUNET_CRYPTO_rsa_signature_encode (const struct GNUNET_CRYPTO_RsaSignature *sig
* @return NULL on error
*/
struct GNUNET_CRYPTO_RsaSignature *
-GNUNET_CRYPTO_rsa_signature_decode (const char *buf,
- size_t len);
+GNUNET_CRYPTO_rsa_signature_decode (const char *buf, size_t len);
/**
@@ -2115,8 +2133,8 @@ GNUNET_CRYPTO_rsa_signature_dup (const struct GNUNET_CRYPTO_RsaSignature *sig);
*/
struct GNUNET_CRYPTO_RsaSignature *
GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
- struct GNUNET_CRYPTO_RsaPublicKey *pkey);
+ const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
+ struct GNUNET_CRYPTO_RsaPublicKey *pkey);
/**
@@ -2130,11 +2148,11 @@ GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
*/
int
GNUNET_CRYPTO_rsa_verify (const struct GNUNET_HashCode *hash,
- const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaPublicKey *public_key);
+ const struct GNUNET_CRYPTO_RsaSignature *sig,
+ const struct GNUNET_CRYPTO_RsaPublicKey *public_key);
-#if 0 /* keep Emacsens' auto-indent happy */
+#if 0 /* keep Emacsens' auto-indent happy */
{
#endif
#ifdef __cplusplus
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 339180dff..ff9080345 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -39,18 +39,29 @@
*/
#define CURVE "Ed25519"
-#define LOG(kind,...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
+#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
-#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
+#define LOG_STRERROR(kind, syscall) \
+ GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
-#define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename)
+#define LOG_STRERROR_FILE(kind, syscall, filename) \
+ GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename)
/**
* Log an error message at log-level 'level' that indicates
* a failure of the command 'cmd' with the message given
* by gcry_strerror(rc).
*/
-#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0)
+#define LOG_GCRY(level, cmd, rc) \
+ do \
+ { \
+ LOG (level, \
+ _ ("`%s' failed at %s:%d with error: %s\n"), \
+ cmd, \
+ __FILE__, \
+ __LINE__, \
+ gcry_strerror (rc)); \
+ } while (0)
/**
@@ -63,7 +74,7 @@
* @return 0 on success
*/
static int
-key_from_sexp (gcry_mpi_t * array,
+key_from_sexp (gcry_mpi_t *array,
gcry_sexp_t sexp,
const char *topname,
const char *elems)
@@ -95,7 +106,7 @@ key_from_sexp (gcry_mpi_t * array,
array[i] = NULL;
}
gcry_sexp_release (list);
- return 3; /* required parameter not found */
+ return 3; /* required parameter not found */
}
array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
gcry_sexp_release (l2);
@@ -107,7 +118,7 @@ key_from_sexp (gcry_mpi_t * array,
array[i] = NULL;
}
gcry_sexp_release (list);
- return 4; /* required parameter is invalid */
+ return 4; /* required parameter is invalid */
}
}
gcry_sexp_release (list);
@@ -128,10 +139,12 @@ decode_private_ecdsa_key (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
gcry_sexp_t result;
int rc;
- rc = gcry_sexp_build (&result, NULL,
- "(private-key(ecc(curve \"" CURVE "\")"
+ rc = gcry_sexp_build (&result,
+ NULL,
+ "(private-key(ecc(curve \"" CURVE "\")"
"(d %b)))",
- (int) sizeof (priv->d), priv->d);
+ (int) sizeof (priv->d),
+ priv->d);
if (0 != rc)
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
@@ -161,10 +174,12 @@ decode_private_eddsa_key (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
gcry_sexp_t result;
int rc;
- rc = gcry_sexp_build (&result, NULL,
- "(private-key(ecc(curve \"" CURVE "\")"
+ rc = gcry_sexp_build (&result,
+ NULL,
+ "(private-key(ecc(curve \"" CURVE "\")"
"(flags eddsa)(d %b)))",
- (int)sizeof (priv->d), priv->d);
+ (int) sizeof (priv->d),
+ priv->d);
if (0 != rc)
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
@@ -194,10 +209,12 @@ decode_private_ecdhe_key (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv)
gcry_sexp_t result;
int rc;
- rc = gcry_sexp_build (&result, NULL,
- "(private-key(ecc(curve \"" CURVE "\")"
+ rc = gcry_sexp_build (&result,
+ NULL,
+ "(private-key(ecc(curve \"" CURVE "\")"
"(d %b)))",
- (int)sizeof (priv->d), priv->d);
+ (int) sizeof (priv->d),
+ priv->d);
if (0 != rc)
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
@@ -221,8 +238,9 @@ decode_private_ecdhe_key (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv)
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_key_get_public (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
gcry_sexp_t sexp;
gcry_ctx_t ctx;
@@ -251,8 +269,9 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_key_get_public (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
gcry_sexp_t sexp;
gcry_ctx_t ctx;
@@ -281,8 +300,9 @@ GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
- struct GNUNET_CRYPTO_EcdhePublicKey *pub)
+GNUNET_CRYPTO_ecdhe_key_get_public (
+ const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdhePublicKey *pub)
{
gcry_sexp_t sexp;
gcry_ctx_t ctx;
@@ -311,7 +331,8 @@ GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
char *pubkeybuf;
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
@@ -321,10 +342,11 @@ GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublic
keylen += 5 - keylen % 5;
keylen /= 5;
pubkeybuf = GNUNET_malloc (keylen + 1);
- end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
- pubkeybuf,
- keylen);
+ end =
+ GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
+ pubkeybuf,
+ keylen);
if (NULL == end)
{
GNUNET_free (pubkeybuf);
@@ -342,7 +364,8 @@ GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublic
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
char *pubkeybuf;
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
@@ -352,10 +375,11 @@ GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublic
keylen += 5 - keylen % 5;
keylen /= 5;
pubkeybuf = GNUNET_malloc (keylen + 1);
- end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
- sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),
- pubkeybuf,
- keylen);
+ end =
+ GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
+ sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),
+ pubkeybuf,
+ keylen);
if (NULL == end)
{
GNUNET_free (pubkeybuf);
@@ -373,7 +397,8 @@ GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublic
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
+GNUNET_CRYPTO_eddsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
{
char *privkeybuf;
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
@@ -384,9 +409,43 @@ GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPriva
keylen /= 5;
privkeybuf = GNUNET_malloc (keylen + 1);
end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
- sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey),
- privkeybuf,
- keylen);
+ sizeof (
+ struct GNUNET_CRYPTO_EddsaPrivateKey),
+ privkeybuf,
+ keylen);
+ if (NULL == end)
+ {
+ GNUNET_free (privkeybuf);
+ return NULL;
+ }
+ *end = '\0';
+ return privkeybuf;
+}
+
+
+/**
+ * Convert a private key to a string.
+ *
+ * @param priv key to convert
+ * @return string representing @a priv
+ */
+char *
+GNUNET_CRYPTO_ecdsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
+{
+ char *privkeybuf;
+ size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) * 8;
+ char *end;
+
+ if (keylen % 5 > 0)
+ keylen += 5 - keylen % 5;
+ keylen /= 5;
+ privkeybuf = GNUNET_malloc (keylen + 1);
+ end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
+ sizeof (
+ struct GNUNET_CRYPTO_EcdsaPrivateKey),
+ privkeybuf,
+ keylen);
if (NULL == end)
{
GNUNET_free (privkeybuf);
@@ -406,9 +465,10 @@ GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPriva
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
@@ -419,9 +479,11 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
return GNUNET_SYSERR;
if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (enc, enclen,
- pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ GNUNET_STRINGS_string_to_data (enc,
+ enclen,
+ pub,
+ sizeof (
+ struct GNUNET_CRYPTO_EcdsaPublicKey)))
return GNUNET_SYSERR;
return GNUNET_OK;
}
@@ -436,9 +498,10 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
@@ -449,9 +512,11 @@ GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
return GNUNET_SYSERR;
if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (enc, enclen,
- pub,
- sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
+ GNUNET_STRINGS_string_to_data (enc,
+ enclen,
+ pub,
+ sizeof (
+ struct GNUNET_CRYPTO_EddsaPublicKey)))
return GNUNET_SYSERR;
return GNUNET_OK;
}
@@ -466,9 +531,10 @@ GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
+GNUNET_CRYPTO_eddsa_private_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
{
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
@@ -479,13 +545,14 @@ GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
return GNUNET_SYSERR;
if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (enc, enclen,
+ GNUNET_STRINGS_string_to_data (enc,
+ enclen,
priv,
- sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)))
+ sizeof (
+ struct GNUNET_CRYPTO_EddsaPrivateKey)))
return GNUNET_SYSERR;
#if CRYPTO_BUG
- if (GNUNET_OK !=
- check_eddsa_key (priv))
+ if (GNUNET_OK != check_eddsa_key (priv))
{
GNUNET_break (0);
return GNUNET_OK;
@@ -545,8 +612,7 @@ GNUNET_CRYPTO_ecdhe_key_create ()
struct GNUNET_CRYPTO_EcdhePrivateKey *priv;
priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey);
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdhe_key_create2 (priv))
+ if (GNUNET_OK != GNUNET_CRYPTO_ecdhe_key_create2 (priv))
{
GNUNET_free (priv);
return NULL;
@@ -577,7 +643,8 @@ GNUNET_CRYPTO_ecdhe_key_create2 (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
disables an expensive key testing routine. We do not want to run
the expensive check for ECDHE, as we generate TONS of keys to
use for a very short time. */
- if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
+ if (0 != (rc = gcry_sexp_build (&s_keyparam,
+ NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags eddsa no-keytest)))")))
{
@@ -631,7 +698,8 @@ GNUNET_CRYPTO_ecdsa_key_create ()
BENCHMARK_START (ecdsa_key_create);
- if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
+ if (0 != (rc = gcry_sexp_build (&s_keyparam,
+ NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags)))")))
{
@@ -686,9 +754,10 @@ GNUNET_CRYPTO_eddsa_key_create ()
BENCHMARK_START (eddsa_key_create);
#if CRYPTO_BUG
- again:
+again:
#endif
- if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
+ if (0 != (rc = gcry_sexp_build (&s_keyparam,
+ NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags eddsa)))")))
{
@@ -722,8 +791,7 @@ GNUNET_CRYPTO_eddsa_key_create ()
gcry_mpi_release (d);
#if CRYPTO_BUG
- if (GNUNET_OK !=
- check_eddsa_key (priv))
+ if (GNUNET_OK != check_eddsa_key (priv))
{
GNUNET_break (0);
GNUNET_free (priv);
@@ -755,8 +823,8 @@ GNUNET_CRYPTO_ecdsa_key_get_anonymous ()
if (once)
return &anonymous;
GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d,
- sizeof (anonymous.d),
- GCRYMPI_CONST_ONE);
+ sizeof (anonymous.d),
+ GCRYMPI_CONST_ONE);
once = 1;
return &anonymous;
}
@@ -779,31 +847,27 @@ data_to_eddsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
#if 1
struct GNUNET_HashCode hc;
- GNUNET_CRYPTO_hash (purpose,
- ntohl (purpose->size),
- &hc);
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags eddsa)(hash-algo %s)(value %b))",
- "sha512",
- (int)sizeof (hc),
- &hc)))
+ GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags eddsa)(hash-algo %s)(value %b))",
+ "sha512",
+ (int) sizeof (hc),
+ &hc)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#else
GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags eddsa)(hash-algo %s)(value %b))",
- "sha512",
- ntohl (purpose->size),
- purpose)))
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags eddsa)(hash-algo %s)(value %b))",
+ "sha512",
+ ntohl (purpose->size),
+ purpose)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#endif
@@ -828,29 +892,26 @@ data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
#if 1
struct GNUNET_HashCode hc;
- GNUNET_CRYPTO_hash (purpose,
- ntohl (purpose->size),
- &hc);
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags rfc6979)(hash %s %b))",
- "sha512",
- (int)sizeof (hc), &hc)))
+ GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags rfc6979)(hash %s %b))",
+ "sha512",
+ (int) sizeof (hc),
+ &hc)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#else
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags rfc6979)(hash %s %b))",
- "sha512",
- ntohl (purpose->size),
- purpose)))
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags rfc6979)(hash %s %b))",
+ "sha512",
+ ntohl (purpose->size),
+ purpose)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#endif
@@ -867,9 +928,10 @@ data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EcdsaSignature *sig)
+GNUNET_CRYPTO_ecdsa_sign (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig)
{
gcry_sexp_t priv_sexp;
gcry_sexp_t sig_sexp;
@@ -884,8 +946,10 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
{
LOG (GNUNET_ERROR_TYPE_WARNING,
- _("ECC signing failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("ECC signing failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
gcry_sexp_release (data);
gcry_sexp_release (priv_sexp);
return GNUNET_SYSERR;
@@ -902,12 +966,8 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
return GNUNET_SYSERR;
}
gcry_sexp_release (sig_sexp);
- GNUNET_CRYPTO_mpi_print_unsigned (sig->r,
- sizeof (sig->r),
- rs[0]);
- GNUNET_CRYPTO_mpi_print_unsigned (sig->s,
- sizeof (sig->s),
- rs[1]);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]);
gcry_mpi_release (rs[0]);
gcry_mpi_release (rs[1]);
@@ -926,9 +986,10 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EddsaSignature *sig)
+GNUNET_CRYPTO_eddsa_sign (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EddsaSignature *sig)
{
gcry_sexp_t priv_sexp;
gcry_sexp_t sig_sexp;
@@ -943,8 +1004,10 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
{
LOG (GNUNET_ERROR_TYPE_WARNING,
- _("EdDSA signing failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("EdDSA signing failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
gcry_sexp_release (data);
gcry_sexp_release (priv_sexp);
return GNUNET_SYSERR;
@@ -982,10 +1045,11 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EcdsaSignature *sig,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
gcry_sexp_t data;
gcry_sexp_t sig_sexpr;
@@ -995,21 +1059,26 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
BENCHMARK_START (ecdsa_verify);
if (purpose != ntohl (validate->purpose))
- return GNUNET_SYSERR; /* purpose mismatch */
+ return GNUNET_SYSERR; /* purpose mismatch */
/* build s-expression for signature */
- if (0 != (rc = gcry_sexp_build (&sig_sexpr, NULL,
- "(sig-val(ecdsa(r %b)(s %b)))",
- (int) sizeof (sig->r), sig->r,
- (int) sizeof (sig->s), sig->s)))
+ if (0 != (rc = gcry_sexp_build (&sig_sexpr,
+ NULL,
+ "(sig-val(ecdsa(r %b)(s %b)))",
+ (int) sizeof (sig->r),
+ sig->r,
+ (int) sizeof (sig->s),
+ sig->s)))
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return GNUNET_SYSERR;
}
data = data_to_ecdsa_value (validate);
- if (0 != (rc = gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != (rc = gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int) sizeof (pub->q_y), pub->q_y)))
+ (int) sizeof (pub->q_y),
+ pub->q_y)))
{
gcry_sexp_release (data);
gcry_sexp_release (sig_sexpr);
@@ -1022,8 +1091,10 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
if (0 != rc)
{
LOG (GNUNET_ERROR_TYPE_INFO,
- _("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("ECDSA signature verification failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
BENCHMARK_END (ecdsa_verify);
return GNUNET_SYSERR;
}
@@ -1032,7 +1103,6 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
}
-
/**
* Verify signature.
*
@@ -1043,10 +1113,11 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EddsaSignature *sig,
- const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EddsaSignature *sig,
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
gcry_sexp_t data;
gcry_sexp_t sig_sexpr;
@@ -1056,21 +1127,27 @@ GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
BENCHMARK_START (eddsa_verify);
if (purpose != ntohl (validate->purpose))
- return GNUNET_SYSERR; /* purpose mismatch */
+ return GNUNET_SYSERR; /* purpose mismatch */
/* build s-expression for signature */
- if (0 != (rc = gcry_sexp_build (&sig_sexpr, NULL,
- "(sig-val(eddsa(r %b)(s %b)))",
- (int)sizeof (sig->r), sig->r,
- (int)sizeof (sig->s), sig->s)))
+ if (0 != (rc = gcry_sexp_build (&sig_sexpr,
+ NULL,
+ "(sig-val(eddsa(r %b)(s %b)))",
+ (int) sizeof (sig->r),
+ sig->r,
+ (int) sizeof (sig->s),
+ sig->s)))
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return GNUNET_SYSERR;
}
data = data_to_eddsa_value (validate);
- if (0 != (rc = gcry_sexp_build (&pub_sexpr, NULL,
- "(public-key(ecc(curve " CURVE ")(flags eddsa)(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y)))
+ if (0 != (rc = gcry_sexp_build (&pub_sexpr,
+ NULL,
+ "(public-key(ecc(curve " CURVE
+ ")(flags eddsa)(q %b)))",
+ (int) sizeof (pub->q_y),
+ pub->q_y)))
{
gcry_sexp_release (data);
gcry_sexp_release (sig_sexpr);
@@ -1083,8 +1160,10 @@ GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
if (0 != rc)
{
LOG (GNUNET_ERROR_TYPE_INFO,
- _("EdDSA signature verification failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("EdDSA signature verification failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
BENCHMARK_END (eddsa_verify);
return GNUNET_SYSERR;
}
@@ -1118,9 +1197,11 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
BENCHMARK_START (ecc_ecdh);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
@@ -1153,12 +1234,9 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
as that does not include the sign bit; x should be a 255-bit
value, so with the sign it should fit snugly into the 256-bit
xbuf */
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize,
- result_x));
- GNUNET_CRYPTO_hash (xbuf,
- rsize,
- key_material);
+ GNUNET_assert (
+ 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
+ GNUNET_CRYPTO_hash (xbuf, rsize, key_material);
gcry_mpi_release (result_x);
BENCHMARK_END (ecc_ecdh);
return GNUNET_OK;
@@ -1177,22 +1255,26 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
*/
static gcry_mpi_t
derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
- const char *label,
- const char *context)
+ const char *label,
+ const char *context)
{
gcry_mpi_t h;
struct GNUNET_HashCode hc;
static const char *const salt = "key-derivation";
- GNUNET_CRYPTO_kdf (&hc, sizeof (hc),
- salt, strlen (salt),
- pub, sizeof (*pub),
- label, strlen (label),
- context, strlen (context),
- NULL, 0);
- GNUNET_CRYPTO_mpi_scan_unsigned (&h,
- (unsigned char *) &hc,
- sizeof (hc));
+ GNUNET_CRYPTO_kdf (&hc,
+ sizeof (hc),
+ salt,
+ strlen (salt),
+ pub,
+ sizeof (*pub),
+ label,
+ strlen (label),
+ context,
+ strlen (context),
+ NULL,
+ 0);
+ GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc));
return h;
}
@@ -1210,9 +1292,10 @@ derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
* @return derived private key
*/
struct GNUNET_CRYPTO_EcdsaPrivateKey *
-GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const char *label,
- const char *context)
+GNUNET_CRYPTO_ecdsa_private_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const char *label,
+ const char *context)
{
struct GNUNET_CRYPTO_EcdsaPublicKey pub;
struct GNUNET_CRYPTO_EcdsaPrivateKey *ret;
@@ -1228,9 +1311,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK
GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub);
h = derive_h (&pub, label, context);
- GNUNET_CRYPTO_mpi_scan_unsigned (&x,
- priv->d,
- sizeof (priv->d));
+ GNUNET_CRYPTO_mpi_scan_unsigned (&x, priv->d, sizeof (priv->d));
d = gcry_mpi_new (256);
gcry_mpi_mulm (d, h, x, n);
gcry_mpi_release (h);
@@ -1255,10 +1336,11 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK
* @param result where to write the derived public key
*/
void
-GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
- const char *label,
- const char *context,
- struct GNUNET_CRYPTO_EcdsaPublicKey *result)
+GNUNET_CRYPTO_ecdsa_public_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
+ const char *label,
+ const char *context,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *result)
{
gcry_ctx_t ctx;
gcry_mpi_t q_y;
@@ -1273,7 +1355,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
/* obtain point 'q' from original public key. The provided 'q' is
compressed thus we first store it in the context and then get it
back as a (decompresssed) point. */
- q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8*sizeof (pub->q_y));
+ q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8 * sizeof (pub->q_y));
GNUNET_assert (NULL != q_y);
GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx));
gcry_mpi_release (q_y);
@@ -1298,9 +1380,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
gcry_mpi_point_release (v);
q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
GNUNET_assert (q_y);
- GNUNET_CRYPTO_mpi_print_unsigned (result->q_y,
- sizeof (result->q_y),
- q_y);
+ GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof (result->q_y), q_y);
gcry_mpi_release (q_y);
gcry_ctx_release (ctx);
}
@@ -1313,17 +1393,16 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
* @param length number of bytes in @a buffer
*/
static void
-reverse_buffer (unsigned char *buffer,
- size_t length)
+reverse_buffer (unsigned char *buffer, size_t length)
{
unsigned char tmp;
size_t i;
- for (i=0; i < length/2; i++)
+ for (i = 0; i < length / 2; i++)
{
tmp = buffer[i];
- buffer[i] = buffer[length-1-i];
- buffer[length-1-i] = tmp;
+ buffer[i] = buffer[length - 1 - i];
+ buffer[length - 1 - i] = tmp;
}
}
@@ -1352,29 +1431,22 @@ eddsa_d_to_a (gcry_mpi_t d)
memset (digest, 0, sizeof digest);
memset (hvec, 0, sizeof hvec);
rawmpilen = sizeof (rawmpi);
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_USG,
- rawmpi, rawmpilen, &rawmpilen,
- d));
+ GNUNET_assert (
+ 0 == gcry_mpi_print (GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d));
hvec[0].data = digest;
hvec[0].off = 0;
hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
hvec[1].data = rawmpi;
hvec[1].off = 0;
hvec[1].len = rawmpilen;
- GNUNET_assert (0 ==
- gcry_md_hash_buffers (GCRY_MD_SHA512,
- 0 /* flags */,
- digest,
- hvec, 2));
+ GNUNET_assert (
+ 0 == gcry_md_hash_buffers (GCRY_MD_SHA512, 0 /* flags */, digest, hvec, 2));
/* Compute the A value. */
- reverse_buffer (digest, 32); /* Only the first half of the hash. */
- digest[0] = (digest[0] & 0x7f) | 0x40;
+ reverse_buffer (digest, 32); /* Only the first half of the hash. */
+ digest[0] = (digest[0] & 0x7f) | 0x40;
digest[31] &= 0xf8;
- GNUNET_CRYPTO_mpi_scan_unsigned (&a,
- digest,
- 32);
+ GNUNET_CRYPTO_mpi_scan_unsigned (&a, digest, 32);
return a;
}
@@ -1410,12 +1482,9 @@ point_to_hash (gcry_mpi_point_t result,
as that does not include the sign bit; x should be a 255-bit
value, so with the sign it should fit snugly into the 256-bit
xbuf */
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize,
- result_x));
- GNUNET_CRYPTO_hash (xbuf,
- rsize,
- key_material);
+ GNUNET_assert (
+ 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
+ GNUNET_CRYPTO_hash (xbuf, rsize, key_material);
gcry_mpi_release (result_x);
return GNUNET_OK;
}
@@ -1447,9 +1516,11 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
BENCHMARK_START (eddsa_ecdh);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
@@ -1468,9 +1539,7 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
gcry_mpi_point_release (q);
gcry_mpi_release (a);
- ret = point_to_hash (result,
- ctx,
- key_material);
+ ret = point_to_hash (result, ctx, key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
BENCHMARK_END (eddsa_ecdh);
@@ -1503,9 +1572,11 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
BENCHMARK_START (ecdsa_ecdh);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
@@ -1521,9 +1592,7 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
gcry_mpi_release (d);
/* finally, convert point to string for hashing */
- ret = point_to_hash (result,
- ctx,
- key_material);
+ ret = point_to_hash (result, ctx, key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
BENCHMARK_END (ecdsa_ecdh);
@@ -1531,7 +1600,6 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
}
-
/**
* @ingroup crypto
* Derive key material from a EdDSA public key and a private ECDH key.
@@ -1557,9 +1625,11 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
BENCHMARK_START (ecdh_eddsa);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
@@ -1575,9 +1645,7 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
gcry_mpi_release (d);
/* finally, convert point to string for hashing */
- ret = point_to_hash (result,
- ctx,
- key_material);
+ ret = point_to_hash (result, ctx, key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
BENCHMARK_END (ecdh_eddsa);
@@ -1600,7 +1668,8 @@ GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
struct GNUNET_HashCode *key_material)
{
return GNUNET_CRYPTO_ecdh_eddsa (priv,
- (const struct GNUNET_CRYPTO_EddsaPublicKey *)pub,
+ (const struct GNUNET_CRYPTO_EddsaPublicKey *)
+ pub,
key_material);
}