diff options
author | TheJackiMonster <thejackimonster@gmail.com> | 2020-11-05 21:20:38 +0100 |
---|---|---|
committer | TheJackiMonster <thejackimonster@gmail.com> | 2020-11-05 21:20:38 +0100 |
commit | c07ae5c8d29202466f066e4dcddbfd091513db7c (patch) | |
tree | c99961354915549f33643414720a5432b25b4847 /src/identity/identity_api.c | |
parent | 77842546903ef7296c863987f9a60e5f0ead14d1 (diff) | |
download | gnunet-c07ae5c8d29202466f066e4dcddbfd091513db7c.tar.gz gnunet-c07ae5c8d29202466f066e4dcddbfd091513db7c.zip |
additional abstraction for identity keys
Signed-off-by: TheJackiMonster <thejackimonster@gmail.com>
Diffstat (limited to 'src/identity/identity_api.c')
-rw-r--r-- | src/identity/identity_api.c | 164 |
1 files changed, 164 insertions, 0 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 213b6966e..242527c23 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c | |||
@@ -990,6 +990,170 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | |||
990 | } | 990 | } |
991 | 991 | ||
992 | 992 | ||
993 | ssize_t | ||
994 | GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig) | ||
995 | { | ||
996 | switch (ntohl (sig->type)) | ||
997 | { | ||
998 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
999 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); | ||
1000 | break; | ||
1001 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1002 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); | ||
1003 | break; | ||
1004 | default: | ||
1005 | GNUNET_break (0); | ||
1006 | } | ||
1007 | return -1; | ||
1008 | } | ||
1009 | |||
1010 | |||
1011 | ssize_t | ||
1012 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | ||
1013 | const void* buffer, | ||
1014 | size_t len) | ||
1015 | { | ||
1016 | if (len < sizeof (key->type)) | ||
1017 | return -1; | ||
1018 | GNUNET_memcpy(& (key->type), buffer, sizeof (key->type)); | ||
1019 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | ||
1020 | if (len < length) | ||
1021 | return -1; | ||
1022 | if (length < 0) | ||
1023 | return -2; | ||
1024 | GNUNET_memcpy(key, buffer, length); | ||
1025 | return length; | ||
1026 | } | ||
1027 | |||
1028 | |||
1029 | ssize_t | ||
1030 | GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, | ||
1031 | void* buffer, | ||
1032 | size_t len) | ||
1033 | { | ||
1034 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | ||
1035 | if (len < length) | ||
1036 | return -1; | ||
1037 | if (length < 0) | ||
1038 | return -2; | ||
1039 | GNUNET_memcpy(buffer, key, length); | ||
1040 | return length; | ||
1041 | } | ||
1042 | |||
1043 | |||
1044 | int | ||
1045 | GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
1046 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
1047 | struct GNUNET_IDENTITY_Signature *sig) | ||
1048 | { | ||
1049 | sig->type = priv->type; | ||
1050 | switch (ntohl (priv->type)) | ||
1051 | { | ||
1052 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1053 | return GNUNET_CRYPTO_ecdsa_sign_ (& (priv->ecdsa_key), purpose, & (sig->ecdsa_signature)); | ||
1054 | break; | ||
1055 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1056 | return GNUNET_CRYPTO_eddsa_sign_ (& (priv->eddsa_key), purpose, & (sig->eddsa_signature)); | ||
1057 | break; | ||
1058 | default: | ||
1059 | GNUNET_break (0); | ||
1060 | } | ||
1061 | |||
1062 | return GNUNET_SYSERR; | ||
1063 | } | ||
1064 | |||
1065 | |||
1066 | int | ||
1067 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | ||
1068 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
1069 | const struct GNUNET_IDENTITY_Signature *sig, | ||
1070 | const struct GNUNET_IDENTITY_PublicKey *pub) | ||
1071 | { | ||
1072 | /* check type matching of 'sig' and 'pub' */ | ||
1073 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); | ||
1074 | switch (ntohl (pub->type)) | ||
1075 | { | ||
1076 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1077 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, & (sig->ecdsa_signature), & (pub->ecdsa_key)); | ||
1078 | break; | ||
1079 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1080 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, & (sig->eddsa_signature), & (pub->eddsa_key)); | ||
1081 | break; | ||
1082 | default: | ||
1083 | GNUNET_break (0); | ||
1084 | } | ||
1085 | |||
1086 | return GNUNET_SYSERR; | ||
1087 | } | ||
1088 | |||
1089 | |||
1090 | ssize_t | ||
1091 | GNUNET_IDENTITY_public_key_encrypt(const void *block, | ||
1092 | size_t size, | ||
1093 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
1094 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1095 | void *result) | ||
1096 | { | ||
1097 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | ||
1098 | GNUNET_CRYPTO_ecdhe_key_create(&pk); | ||
1099 | struct GNUNET_HashCode hash; | ||
1100 | switch (ntohl (pub->type)) | ||
1101 | { | ||
1102 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1103 | if (GNUNET_CRYPTO_ecdh_ecdsa(&pk, &(pub->ecdsa_key), &hash) == GNUNET_SYSERR) | ||
1104 | return -1; | ||
1105 | break; | ||
1106 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1107 | if (GNUNET_CRYPTO_ecdh_eddsa(&pk, &(pub->eddsa_key), &hash) == GNUNET_SYSERR) | ||
1108 | return -1; | ||
1109 | break; | ||
1110 | default: | ||
1111 | return -1; | ||
1112 | } | ||
1113 | GNUNET_CRYPTO_ecdhe_key_get_public(&pk, ecc); | ||
1114 | GNUNET_CRYPTO_ecdhe_key_clear(&pk); | ||
1115 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1116 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1117 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | ||
1118 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | ||
1119 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt(block, size, &key, &iv, result); | ||
1120 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | ||
1121 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | ||
1122 | return encrypted; | ||
1123 | } | ||
1124 | |||
1125 | |||
1126 | ssize_t | ||
1127 | GNUNET_IDENTITY_private_key_decrypt(const void *block, | ||
1128 | size_t size, | ||
1129 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
1130 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1131 | void *result) { | ||
1132 | struct GNUNET_HashCode hash; | ||
1133 | switch (ntohl (priv->type)) | ||
1134 | { | ||
1135 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1136 | if (GNUNET_CRYPTO_ecdsa_ecdh(&(priv->ecdsa_key), ecc, &hash) == GNUNET_SYSERR) | ||
1137 | return -1; | ||
1138 | break; | ||
1139 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1140 | if (GNUNET_CRYPTO_eddsa_ecdh(&(priv->eddsa_key), ecc, &hash) == GNUNET_SYSERR) | ||
1141 | return -1; | ||
1142 | break; | ||
1143 | default: | ||
1144 | return -1; | ||
1145 | } | ||
1146 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1147 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1148 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | ||
1149 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | ||
1150 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt(block, size, &key, &iv, result); | ||
1151 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | ||
1152 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | ||
1153 | return decrypted; | ||
1154 | } | ||
1155 | |||
1156 | |||
993 | char * | 1157 | char * |
994 | GNUNET_IDENTITY_public_key_to_string (const struct | 1158 | GNUNET_IDENTITY_public_key_to_string (const struct |
995 | GNUNET_IDENTITY_PublicKey *key) | 1159 | GNUNET_IDENTITY_PublicKey *key) |