diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-08-06 14:18:31 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-08-06 14:18:31 +0000 |
commit | fe76c075e315c0351e2fe465434ae39087daf014 (patch) | |
tree | 436887ccaf331932a3c13a8b9d2a2a710dad4be6 /src/include/gnunet_crypto_lib.h | |
parent | 7eb2835d8a494c83aedb720a2ac6f6e5ba23f22f (diff) | |
download | gnunet-fe76c075e315c0351e2fe465434ae39087daf014.tar.gz gnunet-fe76c075e315c0351e2fe465434ae39087daf014.zip |
moving to new, fixed-size encoding of public and private ECC keys everywhere, also improving ECC API to better support ECRS/GADS operations
Diffstat (limited to 'src/include/gnunet_crypto_lib.h')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 146 |
1 files changed, 65 insertions, 81 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index da2fe860e..5f209efea 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -43,6 +43,14 @@ extern "C" | |||
43 | #include "gnunet_common.h" | 43 | #include "gnunet_common.h" |
44 | #include "gnunet_scheduler_lib.h" | 44 | #include "gnunet_scheduler_lib.h" |
45 | 45 | ||
46 | |||
47 | /** | ||
48 | * Maximum length of an ECC signature. | ||
49 | * Note: round up to multiple of 8 minus 2 for alignment. | ||
50 | */ | ||
51 | #define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 126 | ||
52 | |||
53 | |||
46 | /** | 54 | /** |
47 | * Desired quality level for cryptographic operations. | 55 | * Desired quality level for cryptographic operations. |
48 | */ | 56 | */ |
@@ -77,24 +85,6 @@ enum GNUNET_CRYPTO_Quality | |||
77 | #define GNUNET_CRYPTO_HASH_LENGTH (512/8) | 85 | #define GNUNET_CRYPTO_HASH_LENGTH (512/8) |
78 | 86 | ||
79 | /** | 87 | /** |
80 | * Maximum length of an ECC signature. | ||
81 | * Note: round up to multiple of 8 minus 2 for alignment. | ||
82 | */ | ||
83 | #define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 126 | ||
84 | |||
85 | /** | ||
86 | * Maximum length of the public key (q-point, Q = dP) when encoded. | ||
87 | */ | ||
88 | #define GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH 76 | ||
89 | |||
90 | |||
91 | /** | ||
92 | * The private information of an ECC private key. | ||
93 | */ | ||
94 | struct GNUNET_CRYPTO_EccPrivateKey; | ||
95 | |||
96 | |||
97 | /** | ||
98 | * @brief 0-terminated ASCII encoding of a struct GNUNET_HashCode. | 88 | * @brief 0-terminated ASCII encoding of a struct GNUNET_HashCode. |
99 | */ | 89 | */ |
100 | struct GNUNET_CRYPTO_HashAsciiEncoded | 90 | struct GNUNET_CRYPTO_HashAsciiEncoded |
@@ -112,7 +102,6 @@ struct GNUNET_CRYPTO_ShortHashAsciiEncoded | |||
112 | }; | 102 | }; |
113 | 103 | ||
114 | 104 | ||
115 | |||
116 | GNUNET_NETWORK_STRUCT_BEGIN | 105 | GNUNET_NETWORK_STRUCT_BEGIN |
117 | 106 | ||
118 | 107 | ||
@@ -146,54 +135,50 @@ struct GNUNET_CRYPTO_EccSignaturePurpose | |||
146 | */ | 135 | */ |
147 | struct GNUNET_CRYPTO_EccSignature | 136 | struct GNUNET_CRYPTO_EccSignature |
148 | { | 137 | { |
138 | |||
149 | /** | 139 | /** |
150 | * Overall size of the signature data. | 140 | * R value. |
151 | */ | 141 | */ |
152 | uint16_t size GNUNET_PACKED; | 142 | unsigned char r[256 / 8]; |
153 | 143 | ||
154 | /** | 144 | /** |
155 | * S-expression, padded with zeros. | 145 | * S value. |
156 | */ | 146 | */ |
157 | char sexpr[GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH]; | 147 | unsigned char s[256 / 8]; |
148 | |||
158 | }; | 149 | }; |
159 | 150 | ||
160 | 151 | ||
161 | /** | 152 | /** |
162 | * Public ECC key (always for NIST P-521) encoded in a format suitable | 153 | * Public ECC key (always for NIST P-521) encoded in a format suitable |
163 | * for network transmission as created using 'gcry_sexp_sprint'. | 154 | * for network transmission. |
164 | */ | 155 | */ |
165 | struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded | 156 | struct GNUNET_CRYPTO_EccPublicKey |
166 | { | 157 | { |
167 | /** | 158 | /** |
168 | * Size of the encoding, in network byte order. | 159 | * Q consists of an x- and a y-value, each mod p (256 bits), |
160 | * given here in affine coordinates. | ||
169 | */ | 161 | */ |
170 | uint16_t size GNUNET_PACKED; | 162 | unsigned char q_x[256 / 8]; |
171 | 163 | ||
172 | /** | 164 | /** |
173 | * Actual length of the q-point binary encoding. | 165 | * Q consists of an x- and a y-value, each mod p (256 bits), |
166 | * given here in affine coordinates. | ||
174 | */ | 167 | */ |
175 | uint16_t len GNUNET_PACKED; | 168 | unsigned char q_y[256 / 8]; |
176 | 169 | ||
177 | /** | ||
178 | * 0-padded q-point in binary encoding (GCRYPT_MPI_FMT_USG). | ||
179 | */ | ||
180 | unsigned char key[GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH]; | ||
181 | }; | 170 | }; |
182 | 171 | ||
183 | 172 | ||
184 | /** | 173 | /** |
185 | * Private ECC key encoded for transmission (with length prefix). | 174 | * Private ECC key encoded for transmission. |
186 | */ | 175 | */ |
187 | struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded | 176 | struct GNUNET_CRYPTO_EccPrivateKey |
188 | { | 177 | { |
189 | /** | 178 | /** |
190 | * Overall size of the private key in network byte order. | 179 | * d is a value mod n, where n has at most 256 bits. |
191 | */ | 180 | */ |
192 | uint16_t size; | 181 | unsigned char d[256 / 8]; |
193 | |||
194 | /* followd by S-expression, opaque to applications */ | ||
195 | |||
196 | /* FIXME: consider defining padding to make this a fixed-size struct */ | ||
197 | 182 | ||
198 | }; | 183 | }; |
199 | 184 | ||
@@ -828,10 +813,10 @@ typedef void (*GNUNET_CRYPTO_EccKeyCallback)(void *cls, | |||
828 | /** | 813 | /** |
829 | * Free memory occupied by ECC key | 814 | * Free memory occupied by ECC key |
830 | * | 815 | * |
831 | * @param privatekey pointer to the memory to free | 816 | * @param priv pointer to the memory to free |
832 | */ | 817 | */ |
833 | void | 818 | void |
834 | GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *privatekey); | 819 | GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *priv); |
835 | 820 | ||
836 | 821 | ||
837 | /** | 822 | /** |
@@ -842,7 +827,7 @@ GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *privatekey); | |||
842 | */ | 827 | */ |
843 | void | 828 | void |
844 | GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | 829 | GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv, |
845 | struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub); | 830 | struct GNUNET_CRYPTO_EccPublicKey *pub); |
846 | 831 | ||
847 | 832 | ||
848 | /** | 833 | /** |
@@ -852,7 +837,7 @@ GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv | |||
852 | * @return string representing 'pub' | 837 | * @return string representing 'pub' |
853 | */ | 838 | */ |
854 | char * | 839 | char * |
855 | GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub); | 840 | GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKey *pub); |
856 | 841 | ||
857 | 842 | ||
858 | /** | 843 | /** |
@@ -866,36 +851,7 @@ GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyB | |||
866 | int | 851 | int |
867 | GNUNET_CRYPTO_ecc_public_key_from_string (const char *enc, | 852 | GNUNET_CRYPTO_ecc_public_key_from_string (const char *enc, |
868 | size_t enclen, | 853 | size_t enclen, |
869 | struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub); | 854 | struct GNUNET_CRYPTO_EccPublicKey *pub); |
870 | |||
871 | |||
872 | /** | ||
873 | * Encode the private key in a format suitable for | ||
874 | * storing it into a file. | ||
875 | * | ||
876 | * @param key key to encode | ||
877 | * @return encoding of the private key. | ||
878 | * The first 4 bytes give the size of the array, as usual. | ||
879 | */ | ||
880 | struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded * | ||
881 | GNUNET_CRYPTO_ecc_encode_key (const struct GNUNET_CRYPTO_EccPrivateKey *key); | ||
882 | |||
883 | |||
884 | /** | ||
885 | * Decode the private key from the file-format back | ||
886 | * to the "normal", internal format. | ||
887 | * | ||
888 | * @param buf the buffer where the private key data is stored | ||
889 | * @param len the length of the data in 'buffer' | ||
890 | * @param validate GNUNET_YES to validate that the key is well-formed, | ||
891 | * GNUNET_NO if the key comes from a totally trusted source | ||
892 | * and validation is considered too expensive | ||
893 | * @return NULL on error | ||
894 | */ | ||
895 | struct GNUNET_CRYPTO_EccPrivateKey * | ||
896 | GNUNET_CRYPTO_ecc_decode_key (const char *buf, | ||
897 | size_t len, | ||
898 | int validate); | ||
899 | 855 | ||
900 | 856 | ||
901 | /** | 857 | /** |
@@ -972,20 +928,20 @@ GNUNET_CRYPTO_get_host_identity (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
972 | */ | 928 | */ |
973 | int | 929 | int |
974 | GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *key, | 930 | GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *key, |
975 | const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub, | 931 | const struct GNUNET_CRYPTO_EccPublicKey *pub, |
976 | struct GNUNET_HashCode *key_material); | 932 | struct GNUNET_HashCode *key_material); |
977 | 933 | ||
978 | 934 | ||
979 | /** | 935 | /** |
980 | * Sign a given block. | 936 | * Sign a given block. |
981 | * | 937 | * |
982 | * @param key private key to use for the signing | 938 | * @param priv private key to use for the signing |
983 | * @param purpose what to sign (size, purpose) | 939 | * @param purpose what to sign (size, purpose) |
984 | * @param sig where to write the signature | 940 | * @param sig where to write the signature |
985 | * @return GNUNET_SYSERR on error, GNUNET_OK on success | 941 | * @return GNUNET_SYSERR on error, GNUNET_OK on success |
986 | */ | 942 | */ |
987 | int | 943 | int |
988 | GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *key, | 944 | GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *priv, |
989 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | 945 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, |
990 | struct GNUNET_CRYPTO_EccSignature *sig); | 946 | struct GNUNET_CRYPTO_EccSignature *sig); |
991 | 947 | ||
@@ -996,7 +952,7 @@ GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *key, | |||
996 | * @param purpose what is the purpose that the signature should have? | 952 | * @param purpose what is the purpose that the signature should have? |
997 | * @param validate block to validate (size, purpose, data) | 953 | * @param validate block to validate (size, purpose, data) |
998 | * @param sig signature that is being validated | 954 | * @param sig signature that is being validated |
999 | * @param publicKey public key of the signer | 955 | * @param pub public key of the signer |
1000 | * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid | 956 | * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid |
1001 | */ | 957 | */ |
1002 | int | 958 | int |
@@ -1004,8 +960,36 @@ GNUNET_CRYPTO_ecc_verify (uint32_t purpose, | |||
1004 | const struct GNUNET_CRYPTO_EccSignaturePurpose | 960 | const struct GNUNET_CRYPTO_EccSignaturePurpose |
1005 | *validate, | 961 | *validate, |
1006 | const struct GNUNET_CRYPTO_EccSignature *sig, | 962 | const struct GNUNET_CRYPTO_EccSignature *sig, |
1007 | const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded | 963 | const struct GNUNET_CRYPTO_EccPublicKey *pub); |
1008 | *publicKey); | 964 | |
965 | |||
966 | /** | ||
967 | * Derive a private key from a given private key and a label. | ||
968 | * Essentially calculates a private key 'h = H(l,P) * d mod n' | ||
969 | * where n is the size of the ECC group and P is the public | ||
970 | * key associated with the private key 'd'. | ||
971 | * | ||
972 | * @param priv original private key | ||
973 | * @param label label to use for key deriviation | ||
974 | * @return derived private key | ||
975 | */ | ||
976 | struct GNUNET_CRYPTO_EccPrivateKey * | ||
977 | GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | ||
978 | const char *label); | ||
979 | |||
980 | |||
981 | /** | ||
982 | * Derive a public key from a given public key and a label. | ||
983 | * Essentially calculates a public key 'V = H(l,P) * P'. | ||
984 | * | ||
985 | * @param pub original public key | ||
986 | * @param label label to use for key deriviation | ||
987 | * @param result where to write the derived public key | ||
988 | */ | ||
989 | void | ||
990 | GNUNET_CRYPTO_ecc_public_key_derive (const struct GNUNET_CRYPTO_EccPublicKey *pub, | ||
991 | const char *label, | ||
992 | struct GNUNET_CRYPTO_EccPublicKey *result); | ||
1009 | 993 | ||
1010 | 994 | ||
1011 | #if 0 /* keep Emacsens' auto-indent happy */ | 995 | #if 0 /* keep Emacsens' auto-indent happy */ |