ABE: Remove unused attribute-based encryption component

18 files changed, 17 insertions, 1328 deletions

diff --git a/README b/README
index 7c4dfe8c0..5b3a5ccf5 100644
--- a/README
+++ b/README
@@ -141,9 +141,6 @@ Dependencies of optional components/functionality:
   * texi2mdoc                         (for automatic mdoc generation [*2], not
                                       the texi2mdoc script distributed with
                                       autogen but the texi2mdoc C application)
-- Attribute-Based Encryption (experimental):
-  * libpbc             >= 0.5.14
-  * libgabe
 - PABC credential support
   * libpabc            any            (for re:claimID zero-knowledge privacy
                                       credentials)
diff --git a/configure.ac b/configure.ac
index b1bc03e91..20258d622 100644
--- a/configure.ac
+++ b/configure.ac
@@ -736,18 +736,6 @@ CHECK_WITH_LIB([opus], [opus_decode_float], [opus/opus.h], [HAVE_OPUS])
 # check for libogg
 CHECK_WITH_LIB([ogg], [ogg_stream_flush_fill], [ogg/ogg.h], [HAVE_OGG])
 
-PKG_CHECK_MODULES([GLIB], [glib-2.0],
-  [AC_CHECK_HEADER([pbc/pbc.h], [pbc=1], [pbc=0])
-   AC_CHECK_HEADER([gabe.h], [abe=1], [abe=0])
-   AM_CONDITIONAL([HAVE_PBC], [test "x$pbc" = "x1"])
-   AM_CONDITIONAL([HAVE_ABE], [test "x$abe" = "x1"])
-   AC_DEFINE_UNQUOTED([HAVE_PBC], [$pbc], [Define to 1 if pbc is available])
-   AC_DEFINE_UNQUOTED([HAVE_ABE], [$abe], [Define to 1 if abe is available])],
-  [AM_CONDITIONAL([HAVE_PBC], [false])
-   AM_CONDITIONAL([HAVE_ABE], [false])
-   AC_DEFINE([HAVE_PBC], [0], [Define to 1 if pbc is available])
-   AC_DEFINE([HAVE_ABE], [0], [Define to 1 if abe is available])])
-
 PKG_CHECK_MODULES([GST],
   [glib-2.0 gobject-2.0 gstreamer-1.0 gstreamer-app-1.0 gstreamer-audio-1.0],
   [gst=1],
@@ -1444,7 +1432,6 @@ src/zonemaster/zonemaster.conf
 src/rest/Makefile
 src/abd/Makefile
 src/abd/abd.conf
-src/abe/Makefile
 src/reclaim/Makefile
 src/messenger/Makefile
 src/messenger/messenger.conf
diff --git a/po/POTFILES.in b/po/POTFILES.in
index b7e7684c6..5be8fd86c 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -4,7 +4,6 @@ src/abd/delegate_misc.c
 src/abd/gnunet-abd.c
 src/abd/gnunet-service-abd.c
 src/abd/plugin_gnsrecord_abd.c
-src/abe/abe.c
 src/arm/arm_api.c
 src/arm/arm_monitor_api.c
 src/arm/gnunet-arm.c
diff --git a/po/de.po b/po/de.po
index 85674809e..93e5268b6 100644
--- a/po/de.po
+++ b/po/de.po
@@ -10,7 +10,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnunet 0.10.1\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2015-03-08 16:16+0100\n"
 "Last-Translator: Mario Blättermann <mario.blaettermann@gmail.com>\n"
 "Language-Team: German <translation-team-de@lists.sourceforge.net>\n"
@@ -5876,7 +5876,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 #, fuzzy
 msgid "OpenID Connect REST API initialized\n"
 msgstr " Verbindung fehlgeschlagen\n"
diff --git a/po/es.po b/po/es.po
index a6c044142..2d3b936c2 100644
--- a/po/es.po
+++ b/po/es.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnunet 0.9.5a\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2013-02-23 17:50+0100\n"
 "Last-Translator: Miguel Ángel Arruga Vivas <rosen644835@gmail.com>\n"
 "Language-Team: Spanish <es@li.org>\n"
@@ -6065,7 +6065,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 #, fuzzy
 msgid "OpenID Connect REST API initialized\n"
 msgstr "Conexión fallida\n"
diff --git a/po/fr.po b/po/fr.po
index a1e383fb7..a3fe805be 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnunet 0.10.1\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2021-11-21 00:53+0100\n"
 "Last-Translator: Stéphane  Aulery <lkppo@free.fr>\n"
 "Language-Team: French <traduc@traduc.org>\n"
@@ -5650,7 +5650,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 msgid "OpenID Connect REST API initialized\n"
 msgstr ""
 
diff --git a/po/it.po b/po/it.po
index a98ead37e..b64d43cdd 100644
--- a/po/it.po
+++ b/po/it.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnunet 0.10.1\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2019-10-16 11:00+0200\n"
 "Last-Translator: Sebastiano Pistore <sebastianopistore.info@protonmail.ch>\n"
 "Language-Team: Italian <tp@lists.linux.it>\n"
@@ -5676,7 +5676,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 msgid "OpenID Connect REST API initialized\n"
 msgstr ""
 
diff --git a/po/sr.po b/po/sr.po
index 0f21eace4..945cda86d 100644
--- a/po/sr.po
+++ b/po/sr.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnunet-0.10.1\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2020-10-23 18:39+0200\n"
 "Last-Translator: Мирослав Николић <miroslavnikolic@rocketmail.com>\n"
 "Language-Team: Serbian <(nothing)>\n"
@@ -5898,7 +5898,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 msgid "OpenID Connect REST API initialized\n"
 msgstr ""
 
diff --git a/po/sv.po b/po/sv.po
index 2747c8e40..7975078c0 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: GNUnet 0.7.0b\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2006-01-21 17:16+0100\n"
 "Last-Translator: Daniel Nylander <po@danielnylander.se>\n"
 "Language-Team: Swedish <tp-sv@listor.tp-sv.se>\n"
@@ -5909,7 +5909,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 #, fuzzy
 msgid "OpenID Connect REST API initialized\n"
 msgstr " Anslutning misslyckades\n"
diff --git a/po/vi.po b/po/vi.po
index 484f23c70..d605f4509 100644
--- a/po/vi.po
+++ b/po/vi.po
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnunet 0.8.0a\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2008-09-10 22:05+0930\n"
 "Last-Translator: Clytie Siddall <clytie@riverland.net.au>\n"
 "Language-Team: Vietnamese <vi-VN@googlegroups.com>\n"
@@ -5965,7 +5965,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 #, fuzzy
 msgid "OpenID Connect REST API initialized\n"
 msgstr "Lỗi sơ khởi lõi.\n"
diff --git a/po/zh_CN.po b/po/zh_CN.po
index a7c3d43e4..ba0486a4f 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: gnunet-0.8.1\n"
 "Report-Msgid-Bugs-To: gnunet-developers@mail.gnu.org\n"
-"POT-Creation-Date: 2022-06-04 22:36+0200\n"
+"POT-Creation-Date: 2022-06-13 12:32+0200\n"
 "PO-Revision-Date: 2011-07-09 12:12+0800\n"
 "Last-Translator: Wylmer Wang <wantinghard@gmail.com>\n"
 "Language-Team: Chinese (simplified) <i18n-zh@googlegroups.com>\n"
@@ -5758,7 +5758,7 @@ msgstr ""
 msgid "re:claimID command line tool"
 msgstr ""
 
-#: src/reclaim/plugin_rest_openid_connect.c:2793
+#: src/reclaim/plugin_rest_openid_connect.c:3003
 msgid "OpenID Connect REST API initialized\n"
 msgstr ""
 
diff --git a/src/Makefile.am b/src/Makefile.am
index 4c665c3b3..d7c0b51f0 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -6,12 +6,7 @@ TESTBED = testbed-logger testbed
 if HAVE_EXPERIMENTAL
  EXP_DIR = \
   rps \
-  abd
-if HAVE_ABE
- EXP_DIR += \
-  abe
-endif
- EXP_DIR += \
+  abd \
   auction
 endif
 
diff --git a/src/abe/Makefile.am b/src/abe/Makefile.am
deleted file mode 100644
index cccd3ccb0..000000000
--- a/src/abe/Makefile.am
+++ /dev/null
@@ -1,49 +0,0 @@
-# This Makefile.am is in the public domain
-AM_CPPFLAGS = -I$(top_srcdir)/src/include
-
-plugindir = $(libdir)/gnunet
-
-libexecdir= $(pkglibdir)/libexec/
-
-pkgcfgdir= $(pkgdatadir)/config.d/
-
-if USE_COVERAGE
-  AM_CFLAGS = --coverage -O0
-  XLIB = -lgcov
-endif
-
-libgnunetabe_la_SOURCES = abe.c 
-
-libgnunetabe_la_LIBADD = \
-  $(GCLIBADD)\
-  $(LIBGCRYPT_LIBS) \
-  $(LTLIBICONV) \
-  $(LTLIBINTL) \
-        $(ABE_LIBADD) \
-        $(top_builddir)/src/util/libgnunetutil.la \
-        -lgmp \
-        -lgabe \
-        -lpbc \
-        -lglib-2.0 \
-  -lltdl $(Z_LIBS) -lunistring $(XLIB)
-
-libgnunetabe_la_LDFLAGS = \
-  $(GN_LIB_LDFLAGS) \
-  -version-info 1:0:0
-
-lib_LTLIBRARIES = libgnunetabe.la
-
-if ENABLE_TEST_RUN
-AM_TESTS_ENVIRONMENT=export GNUNET_PREFIX=$${GNUNET_PREFIX:-@libdir@};export PATH=$${GNUNET_PREFIX:-@prefix@}/bin:$$PATH;unset XDG_DATA_HOME;unset XDG_CONFIG_HOME;
-TESTS = $(check_PROGRAMS)
-endif
-
-check_PROGRAMS = test_cpabe 
-
-test_cpabe_SOURCES = \
- test_cpabe.c
-test_cpabe_LDADD = \
- libgnunetabe.la \
- $(top_builddir)/src/util/libgnunetutil.la
-check_PROGRAMS += \
- test_cpabe
diff --git a/src/abe/abe.c b/src/abe/abe.c
deleted file mode 100644
index a03944821..000000000
--- a/src/abe/abe.c
+++ /dev/null
@@ -1,519 +0,0 @@
-/*
-     This file is part of GNUnet.  Copyright (C) 2001-2018 Christian Grothoff
-     (and other contributing authors)
-
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-     SPDX-License-Identifier: AGPL3.0-or-later
-
- */
-
-/**
- * @file abe/abe.c
- * @brief functions for Attribute-Based Encryption
- * @author Martin Schanzenbach
- */
-
-
-#include "platform.h"
-#include <pbc/pbc.h>
-#include <gabe.h>
-
-#include "gnunet_crypto_lib.h"
-#include "gnunet_abe_lib.h"
-
-struct GNUNET_ABE_AbeMasterKey
-{
-  gabe_pub_t*pub;
-  gabe_msk_t*msk;
-};
-
-struct GNUNET_ABE_AbeKey
-{
-  gabe_pub_t*pub;
-  gabe_prv_t*prv;
-};
-
-static int
-init_aes (element_t k, int enc,
-          gcry_cipher_hd_t*handle,
-          struct GNUNET_CRYPTO_SymmetricSessionKey *key,
-          unsigned char*iv)
-{
-  int rc;
-  int key_len;
-  unsigned char*key_buf;
-
-  key_len = element_length_in_bytes (k) < 33 ? 3 : element_length_in_bytes (k);
-  key_buf = (unsigned char *) malloc (key_len);
-  element_to_bytes (key_buf, k);
-
-  GNUNET_memcpy (key->aes_key, key_buf, GNUNET_CRYPTO_AES_KEY_LENGTH);
-  GNUNET_assert (0 ==
-                 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
-                                   GCRY_CIPHER_MODE_CFB, 0));
-  rc = gcry_cipher_setkey (*handle,
-                           key->aes_key,
-                           sizeof(key->aes_key));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-  memset (iv, 0, 16);  // TODO make reasonable
-  rc = gcry_cipher_setiv (*handle,
-                          iv,
-                          16);
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-
-  free (key_buf);
-  return rc;
-}
-
-
-static int
-aes_128_cbc_encrypt (char*pt,
-                     int size,
-                     element_t k,
-                     char **ct)
-{
-  gcry_cipher_hd_t handle;
-  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
-  unsigned char iv[16];
-  char*buf;
-  int padding;
-  int buf_size;
-  uint8_t len[4];
-
-  init_aes (k, 1, &handle, &skey, iv);
-
-  /* TODO make less crufty */
-
-  /* stuff in real length (big endian) before padding */
-  len[0] = (size & 0xff000000) >> 24;
-  len[1] = (size & 0xff0000) >> 16;
-  len[2] = (size & 0xff00) >> 8;
-  len[3] = (size & 0xff) >> 0;
-  padding = 16 - ((4 + size) % 16);
-  buf_size = 4 + size + padding;
-  buf = GNUNET_malloc (buf_size);
-  GNUNET_memcpy (buf, len, 4);
-  GNUNET_memcpy (buf + 4, pt, size);
-  *ct = GNUNET_malloc (buf_size);
-
-  GNUNET_assert (0 == gcry_cipher_encrypt (handle, *ct, buf_size, buf,
-                                           buf_size));
-  gcry_cipher_close (handle);
-  // AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
-  GNUNET_free (buf);
-  return buf_size;
-}
-
-
-static int
-aes_128_cbc_decrypt (char*ct,
-                     int size,
-                     element_t k,
-                     char **pt)
-{
-  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
-  gcry_cipher_hd_t handle;
-  unsigned char iv[16];
-  char*tmp;
-  uint32_t len;
-
-  init_aes (k, 1, &handle, &skey, iv);
-
-  tmp = GNUNET_malloc (size);
-
-  // AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
-  GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, ct, size));
-  gcry_cipher_close (handle);
-  /* TODO make less crufty */
-
-  /* get real length */
-  len = 0;
-  len = len
-        | ((tmp[0]) << 24) | ((tmp[1]) << 16)
-        | ((tmp[2]) << 8) | ((tmp[3]) << 0);
-  /* truncate any garbage from the padding */
-  *pt = GNUNET_malloc (len);
-  GNUNET_memcpy (*pt, tmp + 4, len);
-  GNUNET_free (tmp);
-  return len;
-}
-
-
-/**
- * @ingroup abe
- * Create a new CP-ABE master key. Caller must free return value.
- *
- * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_master_key
- */
-struct GNUNET_ABE_AbeMasterKey*
-GNUNET_ABE_cpabe_create_master_key (void)
-{
-  struct GNUNET_ABE_AbeMasterKey*key;
-
-  key = GNUNET_new (struct GNUNET_ABE_AbeMasterKey);
-  gabe_setup (&key->pub, &key->msk);
-  GNUNET_assert (NULL != key->pub);
-  GNUNET_assert (NULL != key->msk);
-  return key;
-}
-
-
-/**
- * @ingroup abe
- * Delete a CP-ABE master key.
- *
- * @param key the master key
- * @return fresh private key; free using #GNUNET_free
- */
-void
-GNUNET_ABE_cpabe_delete_master_key (struct GNUNET_ABE_AbeMasterKey *key)
-{
-  gabe_msk_free (key->msk);
-  gabe_pub_free (key->pub);
-  // GNUNET_free (key->msk);
-  // gabe_msk_free (key->msk); //For some reason free of pub implicit?
-  GNUNET_free (key);
-}
-
-
-/**
- * @ingroup abe
- * Create a new CP-ABE key. Caller must free return value.
- *
- * @param key the master key
- * @param attrs the attributes to append to the key
- * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_key
- */
-struct GNUNET_ABE_AbeKey*
-GNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key,
-                             char **attrs)
-{
-  struct GNUNET_ABE_AbeKey *prv_key;
-  int size;
-  char *tmp;
-
-  prv_key = GNUNET_new (struct GNUNET_ABE_AbeKey);
-  prv_key->prv = gabe_keygen (key->pub, key->msk, attrs);
-  size = gabe_pub_serialize (key->pub, &tmp);
-  prv_key->pub = gabe_pub_unserialize (tmp, size);
-  GNUNET_free (tmp);
-  GNUNET_assert (NULL != prv_key->prv);
-  return prv_key;
-}
-
-
-/**
- * @ingroup abe
- * Delete a CP-ABE key.
- *
- * @param key the key to delete
- * @param delete_pub GNUNE_YES if the public key should also be freed (bug in gabe)
- * @return fresh private key; free using #GNUNET_free
- */
-void
-GNUNET_ABE_cpabe_delete_key (struct GNUNET_ABE_AbeKey *key,
-                             int delete_pub)
-{
-  // Memory management in gabe is buggy
-  gabe_prv_free (key->prv);
-  if (GNUNET_YES == delete_pub)
-    gabe_pub_free (key->pub);
-  GNUNET_free (key);
-}
-
-
-static ssize_t
-write_cpabe (void **result,
-             uint32_t file_len,
-             char*cph_buf,
-             int cph_buf_len,
-             char*aes_buf,
-             int aes_buf_len)
-{
-  char *ptr;
-  uint32_t *len;
-
-  *result = GNUNET_malloc (12 + cph_buf_len + aes_buf_len);
-  ptr = *result;
-  len = (uint32_t *) ptr;
-  *len = htonl (file_len);
-  ptr += 4;
-  len = (uint32_t *) ptr;
-  *len = htonl (aes_buf_len);
-  ptr += 4;
-  GNUNET_memcpy (ptr, aes_buf, aes_buf_len);
-  ptr += aes_buf_len;
-  len = (uint32_t *) ptr;
-  *len = htonl (cph_buf_len);
-  ptr += 4;
-  GNUNET_memcpy (ptr, cph_buf, cph_buf_len);
-  return 12 + cph_buf_len + aes_buf_len;
-}
-
-
-static ssize_t
-read_cpabe (const void *data,
-            char**cph_buf,
-            int *cph_buf_len,
-            char**aes_buf,
-            int *aes_buf_len)
-{
-  int buf_len;
-  char *ptr;
-  uint32_t *len;
-
-  ptr = (char *) data;
-  len = (uint32_t *) ptr;
-  buf_len = ntohl (*len);
-  ptr += 4;
-  len = (uint32_t *) ptr;
-  *aes_buf_len = ntohl (*len);
-  ptr += 4;
-  *aes_buf = GNUNET_malloc (*aes_buf_len);
-  GNUNET_memcpy (*aes_buf, ptr, *aes_buf_len);
-  ptr += *aes_buf_len;
-  len = (uint32_t *) ptr;
-  *cph_buf_len = ntohl (*len);
-  ptr += 4;
-  *cph_buf = GNUNET_malloc (*cph_buf_len);
-  GNUNET_memcpy (*cph_buf, ptr, *cph_buf_len);
-
-  return buf_len;
-}
-
-
-/**
- * @ingroup abe
- * Encrypt a block using  sessionkey.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param policy the ABE policy
- * @param key the key used to encrypt
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_encrypt (const void *block,
-                          size_t size,
-                          const char *policy,
-                          const struct GNUNET_ABE_AbeMasterKey *key,
-                          void **result)
-{
-  gabe_cph_t*cph;
-  char*plt;
-  char*cph_buf;
-  char*aes_buf;
-  element_t m;
-  int cph_buf_len;
-  int aes_buf_len;
-  ssize_t result_len;
-
-  if (! (cph = gabe_enc (key->pub, m, (char *) policy)))
-    return GNUNET_SYSERR;
-  cph_buf_len = gabe_cph_serialize (cph,
-                                    &cph_buf);
-  gabe_cph_free (cph);
-  GNUNET_free (cph);
-  plt = GNUNET_memdup (block, size);
-  aes_buf_len = aes_128_cbc_encrypt (plt, size, m, &aes_buf);
-  GNUNET_free (plt);
-  element_clear (m);
-  result_len = write_cpabe (result, size, cph_buf, cph_buf_len, aes_buf,
-                            aes_buf_len);
-  GNUNET_free (cph_buf);
-  GNUNET_free (aes_buf);
-  return result_len;
-}
-
-
-/**
- * @ingroup abe
- * Decrypt a block using the ABE key.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param key the key used to decrypt
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_decrypt (const void *block,
-                          size_t size,
-                          const struct GNUNET_ABE_AbeKey *key,
-                          void **result)
-{
-  char*aes_buf;
-  char*cph_buf;
-  gabe_cph_t*cph;
-  element_t m;
-  int cph_buf_size;
-  int aes_buf_size;
-  int plt_len;
-
-  read_cpabe (block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size);
-  cph = gabe_cph_unserialize (key->pub, cph_buf, cph_buf_size);
-  if (! gabe_dec (key->pub, key->prv, cph, m))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "%s\n", gabe_error ());
-    GNUNET_free (aes_buf);
-    GNUNET_free (cph_buf);
-    gabe_cph_free (cph);
-    GNUNET_free (cph);
-    element_clear (m);
-    return GNUNET_SYSERR;
-  }
-  gabe_cph_free (cph);
-  GNUNET_free (cph);
-  plt_len = aes_128_cbc_decrypt (aes_buf, aes_buf_size, m, (char **) result);
-  GNUNET_free (cph_buf);
-  GNUNET_free (aes_buf);
-  element_clear (m);
-  // freeing is buggy in gabe
-  // gabe_prv_free (prv);
-  // gabe_pub_free (pub);
-  return plt_len;
-}
-
-
-/**
- * @ingroup abe
- * Serialize an ABE key.
- *
- * @param key the key to serialize
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_serialize_key (const struct GNUNET_ABE_AbeKey *key,
-                                void **result)
-{
-  ssize_t len;
-  char *pub;
-  char *prv;
-  int pub_len;
-  int prv_len;
-
-  pub_len = gabe_pub_serialize (key->pub, &pub);
-  prv_len = gabe_prv_serialize (key->prv, &prv);
-
-  len = pub_len + prv_len + 12;
-  write_cpabe (result, len, pub, pub_len, prv, prv_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (prv);
-
-  return len;
-}
-
-
-/**
- * @ingroup abe
- * Deserialize a serialized ABE key.
- *
- * @param data the data to deserialize
- * @param len the length of the data.
- * @return the ABE key. NULL of unsuccessful
- */
-struct GNUNET_ABE_AbeKey*
-GNUNET_ABE_cpabe_deserialize_key (const void *data,
-                                  size_t len)
-{
-  struct GNUNET_ABE_AbeKey *key;
-  char *pub;
-  char *prv;
-  int prv_len;
-  int pub_len;
-
-  key = GNUNET_new (struct GNUNET_ABE_AbeKey);
-  read_cpabe (data,
-              &pub,
-              &pub_len,
-              &prv,
-              &prv_len);
-  key->pub = gabe_pub_unserialize (pub, pub_len);
-  key->prv = gabe_prv_unserialize (key->pub, prv, prv_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (prv);
-  return key;
-}
-
-
-/**
- * @ingroup abe
- * Serialize an ABE master key.
- *
- * @param key the key to serialize
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_serialize_master_key (const struct
-                                       GNUNET_ABE_AbeMasterKey *key,
-                                       void **result)
-{
-  ssize_t len;
-  char *pub;
-  char *msk;
-  int pub_len;
-  int msk_len;
-
-  pub_len = gabe_pub_serialize (key->pub, &pub);
-  msk_len = gabe_msk_serialize (key->msk, &msk);
-
-  len = pub_len + msk_len + 12;
-  write_cpabe (result, len, pub, pub_len, msk, msk_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (msk);
-
-  return len;
-}
-
-
-/**
- * @ingroup abe
- * Deserialize an ABE master key.
- *
- * @param data the data to deserialize
- * @param len the length of the data.
- * @return the ABE key. NULL of unsuccessful
- */
-struct GNUNET_ABE_AbeMasterKey*
-GNUNET_ABE_cpabe_deserialize_master_key (const void *data,
-                                         size_t len)
-{
-  struct GNUNET_ABE_AbeMasterKey *key;
-  char *msk;
-  char *pub;
-  int msk_len;
-  int pub_len;
-
-  key = GNUNET_new (struct GNUNET_ABE_AbeMasterKey);
-  read_cpabe (data,
-              &pub,
-              &pub_len,
-              &msk,
-              &msk_len);
-  key->pub = gabe_pub_unserialize (pub, pub_len);
-  key->msk = gabe_msk_unserialize (key->pub, msk, msk_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (msk);
-
-  return key;
-}
diff --git a/src/abe/test_cpabe.c b/src/abe/test_cpabe.c
deleted file mode 100644
index aefb0f99f..000000000
--- a/src/abe/test_cpabe.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2002, 2003, 2004, 2006 GNUnet e.V.
-
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-     SPDX-License-Identifier: AGPL3.0-or-later
-
- */
-/**
- * @author Martin Schanzenbach
- * @file util/test_crypto_abe.c
- * @brief test for ABE ciphers
- */
-#include "platform.h"
-#include "gnunet_util_lib.h"
-#include "gnunet_abe_lib.h"
-
-#define TESTSTRING "Hello World!"
-
-static int
-testAbecipher ()
-{
-  struct GNUNET_ABE_AbeMasterKey *msk;
-  struct GNUNET_ABE_AbeKey *key;
-  char *result;
-  char **attrs;
-  int size;
-  char *res;
-
-  msk = GNUNET_ABE_cpabe_create_master_key ();
-  size = GNUNET_ABE_cpabe_encrypt (TESTSTRING, strlen (TESTSTRING) + 1,
-                                   "testattr",    // Policy
-                                   msk,
-                                   (void *) &result);
-  GNUNET_assert (-1 != size);
-  attrs = GNUNET_malloc (2 * sizeof(char*));
-  attrs[0] = "testattr";
-  attrs[1] = NULL;
-  key = GNUNET_ABE_cpabe_create_key (msk,
-                                     attrs);
-
-  size = GNUNET_ABE_cpabe_decrypt (result, size,
-                                   key,
-                                   (void *) &res);
-  if (strlen (TESTSTRING) + 1 != size)
-  {
-    printf ("abeciphertest failed: decryptBlock returned %d\n", size);
-    return 1;
-  }
-  if (0 != strcmp (res, TESTSTRING))
-  {
-    printf ("abeciphertest failed: %s != %s\n", res, TESTSTRING);
-    return 1;
-  }
-  else
-    return 0;
-}
-
-
-int
-main (int argc, char *argv[])
-{
-  int failureCount = 0;
-
-  GNUNET_log_setup ("test-crypto-abe", "WARNING", NULL);
-  failureCount += testAbecipher ();
-
-  if (failureCount != 0)
-  {
-    printf ("%d TESTS FAILED!\n", failureCount);
-    return -1;
-  }
-  return 0;
-}
-
-
-/* end of test_crypto_aes.c */
diff --git a/src/include/Makefile.am b/src/include/Makefile.am
index 67c29208c..586645567 100644
--- a/src/include/Makefile.am
+++ b/src/include/Makefile.am
@@ -61,7 +61,6 @@ gnunetinclude_HEADERS = \
   gnunet_hello_uri_lib.h \
   gnunet_helper_lib.h \
   gnunet_identity_service.h \
-  gnunet_abe_lib.h \
   gnunet_reclaim_lib.h \
   gnunet_reclaim_plugin.h \
   gnunet_reclaim_service.h \
diff --git a/src/include/gnunet_abe_lib.h b/src/include/gnunet_abe_lib.h
deleted file mode 100644
index 7aeb3520d..000000000
--- a/src/include/gnunet_abe_lib.h
+++ /dev/null
@@ -1,193 +0,0 @@
-/*
-     This file is part of GNUnet.
-     Copyright (C) 2001-2018 GNUnet e.V.
-
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-     SPDX-License-Identifier: AGPL3.0-or-later
- */
-
-/**
- * @file include/gnunet_abe_lib.h
- * @brief Attribute-Based Encryption primitives for GNUnet
- *
- * @author Martin Schanzenbach
- *
- * @defgroup abe  ABE Crypto library: Attribute-Based Encryption operations
- *
- */
-#ifndef GNUNET_ABE_LIB_H
-#define GNUNET_ABE_LIB_H
-
-#ifdef __cplusplus
-extern "C"
-{
-#if 0                           /* keep Emacsens' auto-indent happy */
-}
-#endif
-#endif
-
-#include "gnunet_common.h"
-#include <gcrypt.h>
-
-/**
- * @brief type for ABE master keys
- */
-struct GNUNET_CRYPTO_AbeMasterKey;
-
-/**
- * @brief type for ABE keys
- */
-struct GNUNET_CRYPTO_AbeKey;
-
-
-/**
- * @ingroup abe
- * Create a new CP-ABE master key. Caller must free return value.
- *
- * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_master_key
- */
-struct GNUNET_ABE_AbeMasterKey *
-GNUNET_ABE_cpabe_create_master_key (void);
-
-/**
- * @ingroup abe
- * Delete a CP-ABE master key.
- *
- * @param key the master key
- * @return fresh private key; free using #GNUNET_free
- */
-void
-GNUNET_ABE_cpabe_delete_master_key (struct GNUNET_ABE_AbeMasterKey *key);
-
-/**
- * @ingroup abe
- * Create a new CP-ABE key. Caller must free return value.
- *
- * @param key the master key
- * @param attrs the attributes to append to the key
- * @return fresh private key; free using #GNUNET_ABE_cpabe_delete_key
- */
-struct GNUNET_ABE_AbeKey *
-GNUNET_ABE_cpabe_create_key (struct GNUNET_ABE_AbeMasterKey *key,
-                             char **attrs);
-
-/**
- * @ingroup abe
- * Delete a CP-ABE key.
- *
- * @param key the key to delete
- * @param delete_pub GNUNET_YES if the public key should also be freed (bug in gabe)
- * @return fresh private key; free using #GNUNET_free
- */
-void
-GNUNET_ABE_cpabe_delete_key (struct GNUNET_ABE_AbeKey *key,
-                             int delete_pub);
-
-
-/**
- * @ingroup abe
- * Encrypt a block using  sessionkey.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param policy the ABE policy
- * @param key the key used to encrypt
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_encrypt (const void *block,
-                          size_t size,
-                          const char *policy,
-                          const struct GNUNET_ABE_AbeMasterKey *key,
-                          void **result);
-
-/**
- * @ingroup abe
- * Decrypt a block using the ABE key.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param key the key used to decrypt
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_decrypt (const void *block,
-                          size_t size,
-                          const struct GNUNET_ABE_AbeKey *key,
-                          void **result);
-
-/**
- * @ingroup abe
- * Serialize an ABE key.
- *
- * @param key the key to serialize
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_serialize_key (const struct GNUNET_ABE_AbeKey *key,
-                                void **result);
-
-/**
- * @ingroup abe
- * Deserialize a serialized ABE key.
- *
- * @param data the data to deserialize
- * @param len the length of the data.
- * @return the ABE key. NULL of unsuccessful
- */
-struct GNUNET_ABE_AbeKey*
-GNUNET_ABE_cpabe_deserialize_key (const void *data,
-                                  size_t len);
-
-/**
- * @ingroup abe
- * Serialize an ABE master key.
- *
- * @param key the key to serialize
- * @param result the result buffer. Will be allocated. Free using #GNUNET_free
- * @return the size of the encrypted block, -1 for errors
- */
-ssize_t
-GNUNET_ABE_cpabe_serialize_master_key (const struct
-                                       GNUNET_ABE_AbeMasterKey *key,
-                                       void **result);
-
-/**
- * @ingroup abe
- * Deserialize an ABE master key.
- *
- * @param data the data to deserialize
- * @param len the length of the data.
- * @return the ABE key. NULL of unsuccessful
- */
-struct GNUNET_ABE_AbeMasterKey*
-GNUNET_ABE_cpabe_deserialize_master_key (const void *data,
-                                         size_t len);
-
-
-#if 0                           /* keep Emacsens' auto-indent happy */
-{
-#endif
-#ifdef __cplusplus
-}
-#endif
-
-
-/* ifndef GNUNET_ABE_LIB_H */
-#endif
-/* end of gnunet_abe_lib.h */
diff --git a/src/util/crypto_abe.c b/src/util/crypto_abe.c
deleted file mode 100644
index c089b29db..000000000
--- a/src/util/crypto_abe.c
+++ /dev/null
@@ -1,438 +0,0 @@
-/*
-     This file is part of GNUnet.  Copyright (C) 2001-2014 Christian Grothoff
-     (and other contributing authors)
-
-     GNUnet is free software: you can redistribute it and/or modify it
-     under the terms of the GNU Affero General Public License as published
-     by the Free Software Foundation, either version 3 of the License,
-     or (at your option) any later version.
-
-     GNUnet is distributed in the hope that it will be useful, but
-     WITHOUT ANY WARRANTY; without even the implied warranty of
-     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-     Affero General Public License for more details.
-
-     You should have received a copy of the GNU Affero General Public License
-     along with this program.  If not, see <http://www.gnu.org/licenses/>.
-
-     SPDX-License-Identifier: AGPL3.0-or-later
-
- */
-
-/**
- * @file util/crypto_random.c
- * @brief functions to gather random numbers
- * @author Christian Grothoff
- */
-
-
-#include "platform.h"
-#include <pbc/pbc.h>
-#include <gabe.h>
-
-#include "gnunet_crypto_lib.h"
-
-struct GNUNET_CRYPTO_AbeMasterKey
-{
-  gabe_pub_t*pub;
-  gabe_msk_t*msk;
-};
-
-struct GNUNET_CRYPTO_AbeKey
-{
-  gabe_pub_t*pub;
-  gabe_prv_t*prv;
-};
-
-static int
-init_aes (element_t k, int enc,
-          gcry_cipher_hd_t*handle,
-          struct GNUNET_CRYPTO_SymmetricSessionKey *key,
-          unsigned char*iv)
-{
-  int rc;
-  int key_len;
-  unsigned char*key_buf;
-
-  key_len = element_length_in_bytes (k) < 33 ? 3 : element_length_in_bytes (k);
-  key_buf = (unsigned char *) malloc (key_len);
-  element_to_bytes (key_buf, k);
-
-  GNUNET_memcpy (key->aes_key,
-                 key_buf,
-                 GNUNET_CRYPTO_AES_KEY_LENGTH);
-  GNUNET_assert (0 ==
-                 gcry_cipher_open (handle, GCRY_CIPHER_AES256,
-                                   GCRY_CIPHER_MODE_CFB, 0));
-  rc = gcry_cipher_setkey (*handle,
-                           key->aes_key,
-                           sizeof(key->aes_key));
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-  memset (iv, 0, 16);  // TODO make reasonable
-  rc = gcry_cipher_setiv (*handle,
-                          iv,
-                          16);
-  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
-
-  free (key_buf);
-  return rc;
-}
-
-
-static int
-aes_128_cbc_encrypt (char*pt,
-                     int size,
-                     element_t k,
-                     char **ct)
-{
-  gcry_cipher_hd_t handle;
-  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
-  unsigned char iv[16];
-  char*buf;
-  int padding;
-  int buf_size;
-  uint8_t len[4];
-
-  init_aes (k, 1, &handle, &skey, iv);
-
-  /* TODO make less crufty */
-
-  /* stuff in real length (big endian) before padding */
-  len[0] = (size & 0xff000000) >> 24;
-  len[1] = (size & 0xff0000) >> 16;
-  len[2] = (size & 0xff00) >> 8;
-  len[3] = (size & 0xff) >> 0;
-  padding = 16 - ((4 + size) % 16);
-  buf_size = 4 + size + padding;
-  buf = GNUNET_malloc (buf_size);
-  GNUNET_memcpy (buf, len, 4);
-  GNUNET_memcpy (buf + 4, pt, size);
-  *ct = GNUNET_malloc (buf_size);
-
-  GNUNET_assert (0 == gcry_cipher_encrypt (handle, *ct, buf_size, buf,
-                                           buf_size));
-  gcry_cipher_close (handle);
-  // AES_cbc_encrypt(pt->data, ct->data, pt->len, &key, iv, AES_ENCRYPT);
-  GNUNET_free (buf);
-  return buf_size;
-}
-
-
-static int
-aes_128_cbc_decrypt (char*ct,
-                     int size,
-                     element_t k,
-                     char **pt)
-{
-  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
-  gcry_cipher_hd_t handle;
-  unsigned char iv[16];
-  char*tmp;
-  uint32_t len;
-
-  init_aes (k, 1, &handle, &skey, iv);
-
-  tmp = GNUNET_malloc (size);
-
-  // AES_cbc_encrypt(ct->data, pt->data, ct->len, &key, iv, AES_DECRYPT);
-  GNUNET_assert (0 == gcry_cipher_decrypt (handle, tmp, size, ct, size));
-  gcry_cipher_close (handle);
-  /* TODO make less crufty */
-
-  /* get real length */
-  len = 0;
-  len = len
-        | ((tmp[0]) << 24) | ((tmp[1]) << 16)
-        | ((tmp[2]) << 8) | ((tmp[3]) << 0);
-  /* truncate any garbage from the padding */
-  *pt = GNUNET_malloc (len);
-  GNUNET_memcpy (*pt, tmp + 4, len);
-  GNUNET_free (tmp);
-  return len;
-}
-
-
-struct GNUNET_CRYPTO_AbeMasterKey*
-GNUNET_CRYPTO_cpabe_create_master_key (void)
-{
-  struct GNUNET_CRYPTO_AbeMasterKey*key;
-
-  key = GNUNET_new (struct GNUNET_CRYPTO_AbeMasterKey);
-  gabe_setup (&key->pub, &key->msk);
-  GNUNET_assert (NULL != key->pub);
-  GNUNET_assert (NULL != key->msk);
-  return key;
-}
-
-
-void
-GNUNET_CRYPTO_cpabe_delete_master_key (struct GNUNET_CRYPTO_AbeMasterKey *key)
-{
-  gabe_msk_free (key->msk);
-  gabe_pub_free (key->pub);
-  // GNUNET_free (key->msk);
-  // gabe_msk_free (key->msk); //For some reason free of pub implicit?
-  GNUNET_free (key);
-}
-
-
-struct GNUNET_CRYPTO_AbeKey*
-GNUNET_CRYPTO_cpabe_create_key (struct GNUNET_CRYPTO_AbeMasterKey *key,
-                                char **attrs)
-{
-  struct GNUNET_CRYPTO_AbeKey *prv_key;
-  int size;
-  char *tmp;
-
-  prv_key = GNUNET_new (struct GNUNET_CRYPTO_AbeKey);
-  prv_key->prv = gabe_keygen (key->pub, key->msk, attrs);
-  size = gabe_pub_serialize (key->pub, &tmp);
-  prv_key->pub = gabe_pub_unserialize (tmp, size);
-  GNUNET_free (tmp);
-  GNUNET_assert (NULL != prv_key->prv);
-  return prv_key;
-}
-
-
-void
-GNUNET_CRYPTO_cpabe_delete_key (struct GNUNET_CRYPTO_AbeKey *key,
-                                int delete_pub)
-{
-  // Memory management in gabe is buggy
-  gabe_prv_free (key->prv);
-  if (GNUNET_YES == delete_pub)
-    gabe_pub_free (key->pub);
-  GNUNET_free (key);
-}
-
-
-ssize_t
-write_cpabe (void **result,
-             uint32_t file_len,
-             char*cph_buf,
-             int cph_buf_len,
-             char*aes_buf,
-             int aes_buf_len)
-{
-  char *ptr;
-  uint32_t *len;
-
-  *result = GNUNET_malloc (12 + cph_buf_len + aes_buf_len);
-  ptr = *result;
-  len = (uint32_t *) ptr;
-  *len = htonl (file_len);
-  ptr += 4;
-  len = (uint32_t *) ptr;
-  *len = htonl (aes_buf_len);
-  ptr += 4;
-  GNUNET_memcpy (ptr, aes_buf, aes_buf_len);
-  ptr += aes_buf_len;
-  len = (uint32_t *) ptr;
-  *len = htonl (cph_buf_len);
-  ptr += 4;
-  GNUNET_memcpy (ptr, cph_buf, cph_buf_len);
-  return 12 + cph_buf_len + aes_buf_len;
-}
-
-
-ssize_t
-read_cpabe (const void *data,
-            char**cph_buf,
-            int *cph_buf_len,
-            char**aes_buf,
-            int *aes_buf_len)
-{
-  int buf_len;
-  char *ptr;
-  uint32_t *len;
-
-  ptr = (char *) data;
-  len = (uint32_t *) ptr;
-  buf_len = ntohl (*len);
-  ptr += 4;
-  len = (uint32_t *) ptr;
-  *aes_buf_len = ntohl (*len);
-  ptr += 4;
-  *aes_buf = GNUNET_malloc (*aes_buf_len);
-  GNUNET_memcpy (*aes_buf, ptr, *aes_buf_len);
-  ptr += *aes_buf_len;
-  len = (uint32_t *) ptr;
-  *cph_buf_len = ntohl (*len);
-  ptr += 4;
-  *cph_buf = GNUNET_malloc (*cph_buf_len);
-  GNUNET_memcpy (*cph_buf, ptr, *cph_buf_len);
-
-  return buf_len;
-}
-
-
-ssize_t
-GNUNET_CRYPTO_cpabe_encrypt (const void *block,
-                             size_t size,
-                             const char *policy,
-                             const struct GNUNET_CRYPTO_AbeMasterKey *key,
-                             void **result)
-{
-  gabe_cph_t*cph;
-  char*plt;
-  char*cph_buf;
-  char*aes_buf;
-  element_t m;
-  int cph_buf_len;
-  int aes_buf_len;
-  ssize_t result_len;
-
-  if (! (cph = gabe_enc (key->pub, m, (char *) policy)))
-    return GNUNET_SYSERR;
-  cph_buf_len = gabe_cph_serialize (cph,
-                                    &cph_buf);
-  gabe_cph_free (cph);
-  GNUNET_free (cph);
-  plt = GNUNET_memdup (block, size);
-  aes_buf_len = aes_128_cbc_encrypt (plt, size, m, &aes_buf);
-  GNUNET_free (plt);
-  element_clear (m);
-  result_len = write_cpabe (result, size, cph_buf, cph_buf_len, aes_buf,
-                            aes_buf_len);
-  GNUNET_free (cph_buf);
-  GNUNET_free (aes_buf);
-  return result_len;
-}
-
-
-ssize_t
-GNUNET_CRYPTO_cpabe_decrypt (const void *block,
-                             size_t size,
-                             const struct GNUNET_CRYPTO_AbeKey *key,
-                             void **result)
-{
-  char*aes_buf;
-  char*cph_buf;
-  gabe_cph_t*cph;
-  element_t m;
-  int cph_buf_size;
-  int aes_buf_size;
-  int plt_len;
-
-  read_cpabe (block, &cph_buf, &cph_buf_size, &aes_buf, &aes_buf_size);
-  cph = gabe_cph_unserialize (key->pub, cph_buf, cph_buf_size);
-  if (! gabe_dec (key->pub, key->prv, cph, m))
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
-                "%s\n", gabe_error ());
-    GNUNET_free (aes_buf);
-    GNUNET_free (cph_buf);
-    gabe_cph_free (cph);
-    GNUNET_free (cph);
-    element_clear (m);
-    return GNUNET_SYSERR;
-  }
-  gabe_cph_free (cph);
-  GNUNET_free (cph);
-  plt_len = aes_128_cbc_decrypt (aes_buf, aes_buf_size, m, (char **) result);
-  GNUNET_free (cph_buf);
-  GNUNET_free (aes_buf);
-  element_clear (m);
-  // freeing is buggy in gabe
-  // gabe_prv_free (prv);
-  // gabe_pub_free (pub);
-  return plt_len;
-}
-
-
-ssize_t
-GNUNET_CRYPTO_cpabe_serialize_key (const struct GNUNET_CRYPTO_AbeKey *key,
-                                   void **result)
-{
-  ssize_t len;
-  char *pub;
-  char *prv;
-  int pub_len;
-  int prv_len;
-
-  pub_len = gabe_pub_serialize (key->pub, &pub);
-  prv_len = gabe_prv_serialize (key->prv, &prv);
-
-  len = pub_len + prv_len + 12;
-  write_cpabe (result, len, pub, pub_len, prv, prv_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (prv);
-
-  return len;
-}
-
-
-struct GNUNET_CRYPTO_AbeKey*
-GNUNET_CRYPTO_cpabe_deserialize_key (const void *data,
-                                     size_t len)
-{
-  struct GNUNET_CRYPTO_AbeKey *key;
-  char *pub;
-  char *prv;
-  int prv_len;
-  int pub_len;
-
-  key = GNUNET_new (struct GNUNET_CRYPTO_AbeKey);
-  read_cpabe (data,
-              &pub,
-              &pub_len,
-              &prv,
-              &prv_len);
-  key->pub = gabe_pub_unserialize (pub, pub_len);
-  key->prv = gabe_prv_unserialize (key->pub, prv, prv_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (prv);
-  return key;
-}
-
-
-ssize_t
-GNUNET_CRYPTO_cpabe_serialize_master_key (const struct
-                                          GNUNET_CRYPTO_AbeMasterKey *key,
-                                          void **result)
-{
-  ssize_t len;
-  char *pub;
-  char *msk;
-  int pub_len;
-  int msk_len;
-
-  pub_len = gabe_pub_serialize (key->pub, &pub);
-  msk_len = gabe_msk_serialize (key->msk, &msk);
-
-  len = pub_len + msk_len + 12;
-  write_cpabe (result, len, pub, pub_len, msk, msk_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (msk);
-
-  return len;
-}
-
-
-struct GNUNET_CRYPTO_AbeMasterKey*
-GNUNET_CRYPTO_cpabe_deserialize_master_key (const void *data,
-                                            size_t len)
-{
-  struct GNUNET_CRYPTO_AbeMasterKey *key;
-  char *msk;
-  char *pub;
-  int msk_len;
-  int pub_len;
-
-  key = GNUNET_new (struct GNUNET_CRYPTO_AbeMasterKey);
-  read_cpabe (data,
-              &pub,
-              &pub_len,
-              &msk,
-              &msk_len);
-  key->pub = gabe_pub_unserialize (pub, pub_len);
-  key->msk = gabe_msk_unserialize (key->pub, msk, msk_len);
-
-  GNUNET_free (pub);
-  GNUNET_free (msk);
-
-  return key;
-}