separating ECC crypto into functions/structs for ECDHE, ECDSA and EDDSA

author: Christian Grothoff <christian@grothoff.org> 2013-10-10 14:38:55 +0000
committer: Christian Grothoff <christian@grothoff.org> 2013-10-10 14:38:55 +0000
commit: 9351b1e9bdf2b067b6db06562c26ba658cff42b8 (patch)
tree: 68dc4ab447e7e8b6a20a706858cd36238c1c7c5f /src/core
parent: 8beabcd96c0cf1e1873c0b5ff96e537f1beb0b34 (diff)
download: gnunet-9351b1e9bdf2b067b6db06562c26ba658cff42b8.tar.gz
gnunet-9351b1e9bdf2b067b6db06562c26ba658cff42b8.zip
3 files changed, 32 insertions, 44 deletions
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c
index ada9b7bd9..c6eeb070b 100644
--- a/src/core/gnunet-service-core.c
+++ b/src/core/gnunet-service-core.c
@@ -91,7 +91,7 @@ static void
 run (void *cls, struct GNUNET_SERVER_Handle *server,
     const struct GNUNET_CONFIGURATION_Handle *c)
 {
-  struct GNUNET_CRYPTO_EccPrivateKey *pk;
+  struct GNUNET_CRYPTO_EddsaPrivateKey *pk;
  char *keyfile;
  GSC_cfg = c;
@@ -111,7 +111,7 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
                                NULL);
  GNUNET_SERVER_suspend (server);
  GSC_TYPEMAP_init ();
-  pk = GNUNET_CRYPTO_ecc_key_create_from_file (keyfile);
+  pk = GNUNET_CRYPTO_eddsa_key_create_from_file (keyfile);
  GNUNET_free (keyfile);
  GNUNET_assert (NULL != pk);
  if ((GNUNET_OK != GSC_KX_init (pk)) ||
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c
index a74b3ae74..25db9c750 100644
--- a/src/core/gnunet-service-core_kx.c
+++ b/src/core/gnunet-service-core_kx.c
@@ -90,7 +90,7 @@ struct EphemeralKeyMessage
   * An ECC signature of the 'origin' asserting the validity of
   * the given ephemeral key.
   */
-  struct GNUNET_CRYPTO_EccSignature signature;
+  struct GNUNET_CRYPTO_EddsaSignature signature;
  /**
   * Information about what is being signed.
@@ -111,7 +111,7 @@ struct EphemeralKeyMessage
   * Ephemeral public ECC key (always for NIST P-521) encoded in a format suitable
   * for network transmission as created using 'gcry_sexp_sprint'.
   */
-  struct GNUNET_CRYPTO_EccPublicEncryptKey ephemeral_key;
+  struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
  /**
   * Public key of the signing peer (persistent version, not the ephemeral public key).
@@ -377,12 +377,12 @@ struct GSC_KeyExchangeInfo
 /**
 * Our private key.
 */
-static struct GNUNET_CRYPTO_EccPrivateKey *my_private_key;
+static struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key;
 /**
 * Our ephemeral private key.
 */
-static struct GNUNET_CRYPTO_EccPrivateKey *my_ephemeral_key;
+static struct GNUNET_CRYPTO_EcdhePrivateKey *my_ephemeral_key;
 /**
 * Current message we send for a key exchange.
@@ -675,7 +675,7 @@ GSC_KX_start (const struct GNUNET_PeerIdentity *pid)
                               kx);
  GNUNET_CRYPTO_hash (pid, sizeof (struct GNUNET_PeerIdentity), &h1);
  GNUNET_CRYPTO_hash (&GSC_my_identity, sizeof (struct GNUNET_PeerIdentity), &h2);
-                
  if (0 < GNUNET_CRYPTO_hash_cmp (&h1,
                                  &h2))
  {
@@ -785,10 +785,10 @@ GSC_KX_handle_ephemeral_key (struct GSC_KeyExchangeInfo *kx,
       sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
       sizeof (struct GNUNET_TIME_AbsoluteNBO) +
       sizeof (struct GNUNET_TIME_AbsoluteNBO) +
-       sizeof (struct GNUNET_CRYPTO_EccPublicSignKey) +
+       sizeof (struct GNUNET_CRYPTO_EddsaPublicKey) +
-       sizeof (struct GNUNET_CRYPTO_EccPublicSignKey)) ||
+       sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) ||
      (GNUNET_OK !=
-       GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY,
+       GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY,
                                 &m->purpose,
                                 &m->signature, &m->origin_identity.public_key)))
  {
@@ -810,7 +810,7 @@ GSC_KX_handle_ephemeral_key (struct GSC_KeyExchangeInfo *kx,
  }
  if (GNUNET_OK !=
      GNUNET_CRYPTO_ecc_ecdh (my_ephemeral_key,
-                              &m->ephemeral_key,                        
+                              &m->ephemeral_key,
                              &key_material))
  {
    GNUNET_break (0);
@@ -1478,8 +1478,8 @@ sign_ephemeral_key ()
  current_ekm.purpose.size = htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
                                    sizeof (struct GNUNET_TIME_AbsoluteNBO) +
                                    sizeof (struct GNUNET_TIME_AbsoluteNBO) +
-                                    sizeof (struct GNUNET_CRYPTO_EccPublicSignKey) +
+                                    sizeof (struct GNUNET_CRYPTO_EddsaPublicKey) +
-                                    sizeof (struct GNUNET_CRYPTO_EccPublicSignKey));
+                                    sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
  current_ekm.creation_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
  if (GNUNET_YES ==
      GNUNET_CONFIGURATION_get_value_yesno (GSC_cfg,
@@ -1493,11 +1493,11 @@ sign_ephemeral_key ()
  {
    current_ekm.expiration_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_UNIT_FOREVER_ABS);
  }
-  GNUNET_CRYPTO_ecc_key_get_public_for_encryption (my_ephemeral_key,
+  GNUNET_CRYPTO_ecdhe_key_get_public (my_ephemeral_key,
-                                                   &current_ekm.ephemeral_key);
+                                      &current_ekm.ephemeral_key);
  current_ekm.origin_identity = GSC_my_identity;
  GNUNET_assert (GNUNET_OK ==
-                 GNUNET_CRYPTO_ecc_sign (my_private_key,
+                 GNUNET_CRYPTO_eddsa_sign (my_private_key,
                                         &current_ekm.purpose,
                                         &current_ekm.signature));
 }
@@ -1520,7 +1520,7 @@ do_rekey (void *cls,
                                             NULL);
  if (NULL != my_ephemeral_key)
    GNUNET_free (my_ephemeral_key);
-  my_ephemeral_key = GNUNET_CRYPTO_ecc_key_create ();
+  my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create ();
  GNUNET_assert (NULL != my_ephemeral_key);
  sign_ephemeral_key ();
  for (pos = kx_head; NULL != pos; pos = pos->next)
@@ -1535,38 +1535,27 @@ do_rekey (void *cls,
 * Initialize KX subsystem.
 *
 * @param pk private key to use for the peer
- * @return GNUNET_OK on success, GNUNET_SYSERR on failure
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
 */
 int
-GSC_KX_init (struct GNUNET_CRYPTO_EccPrivateKey *pk)
+GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
 {
  GNUNET_assert (NULL != pk);
  my_private_key = pk;
-  GNUNET_CRYPTO_ecc_key_get_public_for_signature (my_private_key,
+  GNUNET_CRYPTO_eddsa_key_get_public (my_private_key,
                                                  &GSC_my_identity.public_key);
-  if (GNUNET_YES ==
+  my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create ();
-      GNUNET_CONFIGURATION_get_value_yesno (GSC_cfg,
+  if (NULL == my_ephemeral_key)
-                                            "core",
-                                            "USE_EPHEMERAL_KEYS"))
  {
-    my_ephemeral_key = GNUNET_CRYPTO_ecc_key_create ();
+    GNUNET_break (0);
-    if (NULL == my_ephemeral_key)
+    GNUNET_free (my_private_key);
-    {
+    my_private_key = NULL;
-      GNUNET_break (0);
+    return GNUNET_SYSERR;
-      GNUNET_free (my_private_key);
-      my_private_key = NULL;
-      return GNUNET_SYSERR;
-    }
-    sign_ephemeral_key ();
-    rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY,
-                                               &do_rekey,
-                                               NULL);
-  }
-  else
-  {
-    my_ephemeral_key = my_private_key;
-    sign_ephemeral_key ();
  }
+  sign_ephemeral_key ();
+  rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY,
+                                             &do_rekey,
+                                             NULL);
  mst = GNUNET_SERVER_mst_create (&deliver_message, NULL);
  return GNUNET_OK;
 }
@@ -1583,8 +1572,7 @@ GSC_KX_done ()
    GNUNET_SCHEDULER_cancel (rekey_task);
    rekey_task = GNUNET_SCHEDULER_NO_TASK;
  }
-  if ( (NULL != my_ephemeral_key) &&
+  if (NULL != my_ephemeral_key)
-       (my_ephemeral_key != my_private_key) )
  {
    GNUNET_free (my_ephemeral_key);
    my_ephemeral_key = NULL;
diff --git a/src/core/gnunet-service-core_kx.h b/src/core/gnunet-service-core_kx.h
index e1b860919..4c99669b2 100644
--- a/src/core/gnunet-service-core_kx.h
+++ b/src/core/gnunet-service-core_kx.h
@@ -121,7 +121,7 @@ GSC_KX_stop (struct GSC_KeyExchangeInfo *kx);
 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
 */
 int
-GSC_KX_init (struct GNUNET_CRYPTO_EccPrivateKey *pk);
+GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk);
 /**
author	Christian Grothoff <christian@grothoff.org>	2013-10-10 14:38:55 +0000
committer	Christian Grothoff <christian@grothoff.org>	2013-10-10 14:38:55 +0000
commit	9351b1e9bdf2b067b6db06562c26ba658cff42b8 (patch)
tree	68dc4ab447e7e8b6a20a706858cd36238c1c7c5f /src/core
parent	8beabcd96c0cf1e1873c0b5ff96e537f1beb0b34 (diff)
download	gnunet-9351b1e9bdf2b067b6db06562c26ba658cff42b8.tar.gz gnunet-9351b1e9bdf2b067b6db06562c26ba658cff42b8.zip