diff options
| author | TheJackiMonster <thejackimonster@gmail.com> | 2020-11-05 21:20:38 +0100 |
|---|---|---|
| committer | TheJackiMonster <thejackimonster@gmail.com> | 2020-11-05 21:20:38 +0100 |
| commit | c07ae5c8d29202466f066e4dcddbfd091513db7c (patch) | |
| tree | c99961354915549f33643414720a5432b25b4847 /src/identity/identity_api.c | |
| parent | 77842546903ef7296c863987f9a60e5f0ead14d1 (diff) | |
| download | gnunet-c07ae5c8d29202466f066e4dcddbfd091513db7c.tar.gz gnunet-c07ae5c8d29202466f066e4dcddbfd091513db7c.zip | |
additional abstraction for identity keys
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com>
Diffstat (limited to 'src/identity/identity_api.c')
| -rw-r--r-- | src/identity/identity_api.c | 164 |
1 files changed, 164 insertions, 0 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 213b6966e..242527c23 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c | |||
| @@ -990,6 +990,170 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | |||
| 990 | } | 990 | } |
| 991 | 991 | ||
| 992 | 992 | ||
| 993 | ssize_t | ||
| 994 | GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig) | ||
| 995 | { | ||
| 996 | switch (ntohl (sig->type)) | ||
| 997 | { | ||
| 998 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
| 999 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); | ||
| 1000 | break; | ||
| 1001 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
| 1002 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); | ||
| 1003 | break; | ||
| 1004 | default: | ||
| 1005 | GNUNET_break (0); | ||
| 1006 | } | ||
| 1007 | return -1; | ||
| 1008 | } | ||
| 1009 | |||
| 1010 | |||
| 1011 | ssize_t | ||
| 1012 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | ||
| 1013 | const void* buffer, | ||
| 1014 | size_t len) | ||
| 1015 | { | ||
| 1016 | if (len < sizeof (key->type)) | ||
| 1017 | return -1; | ||
| 1018 | GNUNET_memcpy(& (key->type), buffer, sizeof (key->type)); | ||
| 1019 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | ||
| 1020 | if (len < length) | ||
| 1021 | return -1; | ||
| 1022 | if (length < 0) | ||
| 1023 | return -2; | ||
| 1024 | GNUNET_memcpy(key, buffer, length); | ||
| 1025 | return length; | ||
| 1026 | } | ||
| 1027 | |||
| 1028 | |||
| 1029 | ssize_t | ||
| 1030 | GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, | ||
| 1031 | void* buffer, | ||
| 1032 | size_t len) | ||
| 1033 | { | ||
| 1034 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | ||
| 1035 | if (len < length) | ||
| 1036 | return -1; | ||
| 1037 | if (length < 0) | ||
| 1038 | return -2; | ||
| 1039 | GNUNET_memcpy(buffer, key, length); | ||
| 1040 | return length; | ||
| 1041 | } | ||
| 1042 | |||
| 1043 | |||
| 1044 | int | ||
| 1045 | GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
| 1046 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
| 1047 | struct GNUNET_IDENTITY_Signature *sig) | ||
| 1048 | { | ||
| 1049 | sig->type = priv->type; | ||
| 1050 | switch (ntohl (priv->type)) | ||
| 1051 | { | ||
| 1052 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
| 1053 | return GNUNET_CRYPTO_ecdsa_sign_ (& (priv->ecdsa_key), purpose, & (sig->ecdsa_signature)); | ||
| 1054 | break; | ||
| 1055 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
| 1056 | return GNUNET_CRYPTO_eddsa_sign_ (& (priv->eddsa_key), purpose, & (sig->eddsa_signature)); | ||
| 1057 | break; | ||
| 1058 | default: | ||
| 1059 | GNUNET_break (0); | ||
| 1060 | } | ||
| 1061 | |||
| 1062 | return GNUNET_SYSERR; | ||
| 1063 | } | ||
| 1064 | |||
| 1065 | |||
| 1066 | int | ||
| 1067 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | ||
| 1068 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
| 1069 | const struct GNUNET_IDENTITY_Signature *sig, | ||
| 1070 | const struct GNUNET_IDENTITY_PublicKey *pub) | ||
| 1071 | { | ||
| 1072 | /* check type matching of 'sig' and 'pub' */ | ||
| 1073 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); | ||
| 1074 | switch (ntohl (pub->type)) | ||
| 1075 | { | ||
| 1076 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
| 1077 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, & (sig->ecdsa_signature), & (pub->ecdsa_key)); | ||
| 1078 | break; | ||
| 1079 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
| 1080 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, & (sig->eddsa_signature), & (pub->eddsa_key)); | ||
| 1081 | break; | ||
| 1082 | default: | ||
| 1083 | GNUNET_break (0); | ||
| 1084 | } | ||
| 1085 | |||
| 1086 | return GNUNET_SYSERR; | ||
| 1087 | } | ||
| 1088 | |||
| 1089 | |||
| 1090 | ssize_t | ||
| 1091 | GNUNET_IDENTITY_public_key_encrypt(const void *block, | ||
| 1092 | size_t size, | ||
| 1093 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
| 1094 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
| 1095 | void *result) | ||
| 1096 | { | ||
| 1097 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | ||
| 1098 | GNUNET_CRYPTO_ecdhe_key_create(&pk); | ||
| 1099 | struct GNUNET_HashCode hash; | ||
| 1100 | switch (ntohl (pub->type)) | ||
| 1101 | { | ||
| 1102 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
| 1103 | if (GNUNET_CRYPTO_ecdh_ecdsa(&pk, &(pub->ecdsa_key), &hash) == GNUNET_SYSERR) | ||
| 1104 | return -1; | ||
| 1105 | break; | ||
| 1106 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
| 1107 | if (GNUNET_CRYPTO_ecdh_eddsa(&pk, &(pub->eddsa_key), &hash) == GNUNET_SYSERR) | ||
| 1108 | return -1; | ||
| 1109 | break; | ||
| 1110 | default: | ||
| 1111 | return -1; | ||
| 1112 | } | ||
| 1113 | GNUNET_CRYPTO_ecdhe_key_get_public(&pk, ecc); | ||
| 1114 | GNUNET_CRYPTO_ecdhe_key_clear(&pk); | ||
| 1115 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
| 1116 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
| 1117 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | ||
| 1118 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | ||
| 1119 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt(block, size, &key, &iv, result); | ||
| 1120 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | ||
| 1121 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | ||
| 1122 | return encrypted; | ||
| 1123 | } | ||
| 1124 | |||
| 1125 | |||
| 1126 | ssize_t | ||
| 1127 | GNUNET_IDENTITY_private_key_decrypt(const void *block, | ||
| 1128 | size_t size, | ||
| 1129 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
| 1130 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
| 1131 | void *result) { | ||
| 1132 | struct GNUNET_HashCode hash; | ||
| 1133 | switch (ntohl (priv->type)) | ||
| 1134 | { | ||
| 1135 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
| 1136 | if (GNUNET_CRYPTO_ecdsa_ecdh(&(priv->ecdsa_key), ecc, &hash) == GNUNET_SYSERR) | ||
| 1137 | return -1; | ||
| 1138 | break; | ||
| 1139 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
| 1140 | if (GNUNET_CRYPTO_eddsa_ecdh(&(priv->eddsa_key), ecc, &hash) == GNUNET_SYSERR) | ||
| 1141 | return -1; | ||
| 1142 | break; | ||
| 1143 | default: | ||
| 1144 | return -1; | ||
| 1145 | } | ||
| 1146 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
| 1147 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
| 1148 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | ||
| 1149 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | ||
| 1150 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt(block, size, &key, &iv, result); | ||
| 1151 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | ||
| 1152 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | ||
| 1153 | return decrypted; | ||
| 1154 | } | ||
| 1155 | |||
| 1156 | |||
| 993 | char * | 1157 | char * |
| 994 | GNUNET_IDENTITY_public_key_to_string (const struct | 1158 | GNUNET_IDENTITY_public_key_to_string (const struct |
| 995 | GNUNET_IDENTITY_PublicKey *key) | 1159 | GNUNET_IDENTITY_PublicKey *key) |