moving to new, fixed-size encoding of public and private ECC keys everywhere, also improving ECC API to better support ECRS/GADS operations

author: Christian Grothoff <christian@grothoff.org> 2013-08-06 14:18:31 +0000
committer: Christian Grothoff <christian@grothoff.org> 2013-08-06 14:18:31 +0000
commit: fe76c075e315c0351e2fe465434ae39087daf014 (patch)
tree: 436887ccaf331932a3c13a8b9d2a2a710dad4be6 /src/include/gnunet_crypto_lib.h
parent: 7eb2835d8a494c83aedb720a2ac6f6e5ba23f22f (diff)
download: gnunet-fe76c075e315c0351e2fe465434ae39087daf014.tar.gz
gnunet-fe76c075e315c0351e2fe465434ae39087daf014.zip
1 files changed, 65 insertions, 81 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index da2fe860e..5f209efea 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -43,6 +43,14 @@ extern "C"
 #include "gnunet_common.h"
 #include "gnunet_scheduler_lib.h"
+/**
+ * Maximum length of an ECC signature.
+ * Note: round up to multiple of 8 minus 2 for alignment.
+ */
+#define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 126
 /**
 * Desired quality level for cryptographic operations.
 */
@@ -77,24 +85,6 @@ enum GNUNET_CRYPTO_Quality
 #define GNUNET_CRYPTO_HASH_LENGTH (512/8)
 /**
- * Maximum length of an ECC signature.
- * Note: round up to multiple of 8 minus 2 for alignment.
- */
-#define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 126
-/**
- * Maximum length of the public key (q-point, Q = dP) when encoded.
- */
-#define GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH 76 
-/**
- * The private information of an ECC private key.
- */
-struct GNUNET_CRYPTO_EccPrivateKey;
-/**
 * @brief 0-terminated ASCII encoding of a struct GNUNET_HashCode.
 */
 struct GNUNET_CRYPTO_HashAsciiEncoded
@@ -112,7 +102,6 @@ struct GNUNET_CRYPTO_ShortHashAsciiEncoded
 };
 GNUNET_NETWORK_STRUCT_BEGIN
@@ -146,54 +135,50 @@ struct GNUNET_CRYPTO_EccSignaturePurpose
 */
 struct GNUNET_CRYPTO_EccSignature
 {
  /**
-   * Overall size of the signature data.
+   * R value.
   */
-  uint16_t size GNUNET_PACKED;
+  unsigned char r[256 / 8];
  /**
-   * S-expression, padded with zeros.
+   * S value.
   */
-  char sexpr[GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH];
+  unsigned char s[256 / 8];
 };
 /**
 * Public ECC key (always for NIST P-521) encoded in a format suitable
- * for network transmission as created using 'gcry_sexp_sprint'.
+ * for network transmission.
 */
-struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded 
+struct GNUNET_CRYPTO_EccPublicKey 
 {
  /**
-   * Size of the encoding, in network byte order.
+   * Q consists of an x- and a y-value, each mod p (256 bits),
+   * given here in affine coordinates.
   */
-  uint16_t size GNUNET_PACKED;
+  unsigned char q_x[256 / 8];
  /**
-   * Actual length of the q-point binary encoding.
+   * Q consists of an x- and a y-value, each mod p (256 bits),
+   * given here in affine coordinates.
   */
-  uint16_t len GNUNET_PACKED;
+  unsigned char q_y[256 / 8];
-  /**
-   * 0-padded q-point in binary encoding (GCRYPT_MPI_FMT_USG).
-   */
-  unsigned char key[GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH];
 };
 /**
- * Private ECC key encoded for transmission (with length prefix).
+ * Private ECC key encoded for transmission.
 */
-struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded
+struct GNUNET_CRYPTO_EccPrivateKey
 {
  /**
-   * Overall size of the private key in network byte order.
+   * d is a value mod n, where n has at most 256 bits.
   */
-  uint16_t size;
+  unsigned char d[256 / 8];
-  /* followd by S-expression, opaque to applications */
-  /* FIXME: consider defining padding to make this a fixed-size struct */
 };
@@ -828,10 +813,10 @@ typedef void (*GNUNET_CRYPTO_EccKeyCallback)(void *cls,
 /**
 * Free memory occupied by ECC key
 *
- * @param privatekey pointer to the memory to free
+ * @param priv pointer to the memory to free
 */
 void
-GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *privatekey);
+GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *priv);
 /**
@@ -842,7 +827,7 @@ GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *privatekey);
 */
 void
 GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv,
-                                  struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub);
+                                  struct GNUNET_CRYPTO_EccPublicKey *pub);
 /**
@@ -852,7 +837,7 @@ GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv
 * @return string representing  'pub'
 */
 char *
-GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub);
+GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKey *pub);
 /**
@@ -866,36 +851,7 @@ GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyB
 int
 GNUNET_CRYPTO_ecc_public_key_from_string (const char *enc, 
                                          size_t enclen,
-                                          struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub);
+                                          struct GNUNET_CRYPTO_EccPublicKey *pub);
-/**
- * Encode the private key in a format suitable for
- * storing it into a file.
- *
- * @param key key to encode
- * @return encoding of the private key.
- *    The first 4 bytes give the size of the array, as usual.
- */
-struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *
-GNUNET_CRYPTO_ecc_encode_key (const struct GNUNET_CRYPTO_EccPrivateKey *key);
-/**
- * Decode the private key from the file-format back
- * to the "normal", internal format.
- *
- * @param buf the buffer where the private key data is stored
- * @param len the length of the data in 'buffer'
- * @param validate GNUNET_YES to validate that the key is well-formed,
- *                 GNUNET_NO if the key comes from a totally trusted source 
- *                 and validation is considered too expensive
- * @return NULL on error
- */
-struct GNUNET_CRYPTO_EccPrivateKey *
-GNUNET_CRYPTO_ecc_decode_key (const char *buf, 
-                              size_t len,
-                              int validate);
 /**
@@ -972,20 +928,20 @@ GNUNET_CRYPTO_get_host_identity (const struct GNUNET_CONFIGURATION_Handle *cfg,
 */
 int
 GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *key,
-                        const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub,
+                        const struct GNUNET_CRYPTO_EccPublicKey *pub,
                        struct GNUNET_HashCode *key_material);
 /**
 * Sign a given block.
 *
- * @param key private key to use for the signing
+ * @param priv private key to use for the signing
 * @param purpose what to sign (size, purpose)
 * @param sig where to write the signature
 * @return GNUNET_SYSERR on error, GNUNET_OK on success
 */
 int
-GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *key,
+GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *priv,
                        const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
                        struct GNUNET_CRYPTO_EccSignature *sig);
@@ -996,7 +952,7 @@ GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *key,
 * @param purpose what is the purpose that the signature should have?
 * @param validate block to validate (size, purpose, data)
 * @param sig signature that is being validated
- * @param publicKey public key of the signer
+ * @param pub public key of the signer
 * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
 */
 int
@@ -1004,8 +960,36 @@ GNUNET_CRYPTO_ecc_verify (uint32_t purpose,
                          const struct GNUNET_CRYPTO_EccSignaturePurpose
                          *validate,
                          const struct GNUNET_CRYPTO_EccSignature *sig,
-                          const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
+                          const struct GNUNET_CRYPTO_EccPublicKey *pub);
-                          *publicKey);
+/**
+ * Derive a private key from a given private key and a label.
+ * Essentially calculates a private key 'h = H(l,P) * d mod n'
+ * where n is the size of the ECC group and P is the public
+ * key associated with the private key 'd'.
+ *
+ * @param priv original private key
+ * @param label label to use for key deriviation
+ * @return derived private key
+ */
+struct GNUNET_CRYPTO_EccPrivateKey *
+GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv,
+                              const char *label);
+/**
+ * Derive a public key from a given public key and a label.
+ * Essentially calculates a public key 'V = H(l,P) * P'.
+ *
+ * @param pub original public key
+ * @param label label to use for key deriviation
+ * @param result where to write the derived public key
+ */
+void
+GNUNET_CRYPTO_ecc_public_key_derive (const struct GNUNET_CRYPTO_EccPublicKey *pub,
+                                     const char *label,
+                                     struct GNUNET_CRYPTO_EccPublicKey *result);
 #if 0                           /* keep Emacsens' auto-indent happy */
author	Christian Grothoff <christian@grothoff.org>	2013-08-06 14:18:31 +0000
committer	Christian Grothoff <christian@grothoff.org>	2013-08-06 14:18:31 +0000
commit	fe76c075e315c0351e2fe465434ae39087daf014 (patch)
tree	436887ccaf331932a3c13a8b9d2a2a710dad4be6 /src/include/gnunet_crypto_lib.h
parent	7eb2835d8a494c83aedb720a2ac6f6e5ba23f22f (diff)
download	gnunet-fe76c075e315c0351e2fe465434ae39087daf014.tar.gz gnunet-fe76c075e315c0351e2fe465434ae39087daf014.zip

diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index da2fe860e..5f209efea 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h
@@ -43,6 +43,14 @@ extern "C"
43	#include "gnunet_common.h"	43	#include "gnunet_common.h"
44	#include "gnunet_scheduler_lib.h"	44	#include "gnunet_scheduler_lib.h"
45		45
		46
		47	/**
		48	* Maximum length of an ECC signature.
		49	* Note: round up to multiple of 8 minus 2 for alignment.
		50	*/
		51	#define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 126
		52
		53
46	/**	54	/**
47	* Desired quality level for cryptographic operations.	55	* Desired quality level for cryptographic operations.
48	*/	56	*/
@@ -77,24 +85,6 @@ enum GNUNET_CRYPTO_Quality
77	#define GNUNET_CRYPTO_HASH_LENGTH (512/8)	85	#define GNUNET_CRYPTO_HASH_LENGTH (512/8)
78		86
79	/**	87	/**
80	* Maximum length of an ECC signature.
81	* Note: round up to multiple of 8 minus 2 for alignment.
82	*/
83	#define GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH 126
84
85	/**
86	* Maximum length of the public key (q-point, Q = dP) when encoded.
87	*/
88	#define GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH 76
89
90
91	/**
92	* The private information of an ECC private key.
93	*/
94	struct GNUNET_CRYPTO_EccPrivateKey;
95
96
97	/**
98	* @brief 0-terminated ASCII encoding of a struct GNUNET_HashCode.	88	* @brief 0-terminated ASCII encoding of a struct GNUNET_HashCode.
99	*/	89	*/
100	struct GNUNET_CRYPTO_HashAsciiEncoded	90	struct GNUNET_CRYPTO_HashAsciiEncoded
@@ -112,7 +102,6 @@ struct GNUNET_CRYPTO_ShortHashAsciiEncoded
112	};	102	};
113		103
114		104
115
116	GNUNET_NETWORK_STRUCT_BEGIN	105	GNUNET_NETWORK_STRUCT_BEGIN
117		106
118		107
@@ -146,54 +135,50 @@ struct GNUNET_CRYPTO_EccSignaturePurpose
146	*/	135	*/
147	struct GNUNET_CRYPTO_EccSignature	136	struct GNUNET_CRYPTO_EccSignature
148	{	137	{
		138
149	/**	139	/**
150	* Overall size of the signature data.	140	* R value.
151	*/	141	*/
152	uint16_t size GNUNET_PACKED;	142	unsigned char r[256 / 8];
153		143
154	/**	144	/**
155	* S-expression, padded with zeros.	145	* S value.
156	*/	146	*/
157	char sexpr[GNUNET_CRYPTO_ECC_SIGNATURE_DATA_ENCODING_LENGTH];	147	unsigned char s[256 / 8];
		148
158	};	149	};
159		150
160		151
161	/**	152	/**
162	* Public ECC key (always for NIST P-521) encoded in a format suitable	153	* Public ECC key (always for NIST P-521) encoded in a format suitable
163	* for network transmission as created using 'gcry_sexp_sprint'.	154	* for network transmission.
164	*/	155	*/
165	struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded	156	struct GNUNET_CRYPTO_EccPublicKey
166	{	157	{
167	/**	158	/**
168	* Size of the encoding, in network byte order.	159	* Q consists of an x- and a y-value, each mod p (256 bits),
		160	* given here in affine coordinates.
169	*/	161	*/
170	uint16_t size GNUNET_PACKED;	162	unsigned char q_x[256 / 8];
171		163
172	/**	164	/**
173	* Actual length of the q-point binary encoding.	165	* Q consists of an x- and a y-value, each mod p (256 bits),
		166	* given here in affine coordinates.
174	*/	167	*/
175	uint16_t len GNUNET_PACKED;	168	unsigned char q_y[256 / 8];
176		169
177	/**
178	* 0-padded q-point in binary encoding (GCRYPT_MPI_FMT_USG).
179	*/
180	unsigned char key[GNUNET_CRYPTO_ECC_MAX_PUBLIC_KEY_LENGTH];
181	};	170	};
182		171
183		172
184	/**	173	/**
185	* Private ECC key encoded for transmission (with length prefix).	174	* Private ECC key encoded for transmission.
186	*/	175	*/
187	struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded	176	struct GNUNET_CRYPTO_EccPrivateKey
188	{	177	{
189	/**	178	/**
190	* Overall size of the private key in network byte order.	179	* d is a value mod n, where n has at most 256 bits.
191	*/	180	*/
192	uint16_t size;	181	unsigned char d[256 / 8];
193
194	/* followd by S-expression, opaque to applications */
195
196	/* FIXME: consider defining padding to make this a fixed-size struct */
197		182
198	};	183	};
199		184
@@ -828,10 +813,10 @@ typedef void (GNUNET_CRYPTO_EccKeyCallback)(void cls,
828	/**	813	/**
829	* Free memory occupied by ECC key	814	* Free memory occupied by ECC key
830	*	815	*
831	* @param privatekey pointer to the memory to free	816	* @param priv pointer to the memory to free
832	*/	817	*/
833	void	818	void
834	GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *privatekey);	819	GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *priv);
835		820
836		821
837	/**	822	/**
@@ -842,7 +827,7 @@ GNUNET_CRYPTO_ecc_key_free (struct GNUNET_CRYPTO_EccPrivateKey *privatekey);
842	*/	827	*/
843	void	828	void
844	GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv,	829	GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv,
845	struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub);	830	struct GNUNET_CRYPTO_EccPublicKey *pub);
846		831
847		832
848	/**	833	/**
@@ -852,7 +837,7 @@ GNUNET_CRYPTO_ecc_key_get_public (const struct GNUNET_CRYPTO_EccPrivateKey *priv
852	* @return string representing 'pub'	837	* @return string representing 'pub'
853	*/	838	*/
854	char *	839	char *
855	GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub);	840	GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKey *pub);
856		841
857		842
858	/**	843	/**
@@ -866,36 +851,7 @@ GNUNET_CRYPTO_ecc_public_key_to_string (const struct GNUNET_CRYPTO_EccPublicKeyB
866	int	851	int
867	GNUNET_CRYPTO_ecc_public_key_from_string (const char *enc,	852	GNUNET_CRYPTO_ecc_public_key_from_string (const char *enc,
868	size_t enclen,	853	size_t enclen,
869	struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub);	854	struct GNUNET_CRYPTO_EccPublicKey *pub);
870
871
872	/**
873	* Encode the private key in a format suitable for
874	* storing it into a file.
875	*
876	* @param key key to encode
877	* @return encoding of the private key.
878	* The first 4 bytes give the size of the array, as usual.
879	*/
880	struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *
881	GNUNET_CRYPTO_ecc_encode_key (const struct GNUNET_CRYPTO_EccPrivateKey *key);
882
883
884	/**
885	* Decode the private key from the file-format back
886	* to the "normal", internal format.
887	*
888	* @param buf the buffer where the private key data is stored
889	* @param len the length of the data in 'buffer'
890	* @param validate GNUNET_YES to validate that the key is well-formed,
891	* GNUNET_NO if the key comes from a totally trusted source
892	* and validation is considered too expensive
893	* @return NULL on error
894	*/
895	struct GNUNET_CRYPTO_EccPrivateKey *
896	GNUNET_CRYPTO_ecc_decode_key (const char *buf,
897	size_t len,
898	int validate);
899		855
900		856
901	/**	857	/**
@@ -972,20 +928,20 @@ GNUNET_CRYPTO_get_host_identity (const struct GNUNET_CONFIGURATION_Handle *cfg,
972	*/	928	*/
973	int	929	int
974	GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *key,	930	GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *key,
975	const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded *pub,	931	const struct GNUNET_CRYPTO_EccPublicKey *pub,
976	struct GNUNET_HashCode *key_material);	932	struct GNUNET_HashCode *key_material);
977		933
978		934
979	/**	935	/**
980	* Sign a given block.	936	* Sign a given block.
981	*	937	*
982	* @param key private key to use for the signing	938	* @param priv private key to use for the signing
983	* @param purpose what to sign (size, purpose)	939	* @param purpose what to sign (size, purpose)
984	* @param sig where to write the signature	940	* @param sig where to write the signature
985	* @return GNUNET_SYSERR on error, GNUNET_OK on success	941	* @return GNUNET_SYSERR on error, GNUNET_OK on success
986	*/	942	*/
987	int	943	int
988	GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *key,	944	GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *priv,
989	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,	945	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
990	struct GNUNET_CRYPTO_EccSignature *sig);	946	struct GNUNET_CRYPTO_EccSignature *sig);
991		947
@@ -996,7 +952,7 @@ GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *key,
996	* @param purpose what is the purpose that the signature should have?	952	* @param purpose what is the purpose that the signature should have?
997	* @param validate block to validate (size, purpose, data)	953	* @param validate block to validate (size, purpose, data)
998	* @param sig signature that is being validated	954	* @param sig signature that is being validated
999	* @param publicKey public key of the signer	955	* @param pub public key of the signer
1000	* @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid	956	* @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
1001	*/	957	*/
1002	int	958	int
@@ -1004,8 +960,36 @@ GNUNET_CRYPTO_ecc_verify (uint32_t purpose,
1004	const struct GNUNET_CRYPTO_EccSignaturePurpose	960	const struct GNUNET_CRYPTO_EccSignaturePurpose
1005	*validate,	961	*validate,
1006	const struct GNUNET_CRYPTO_EccSignature *sig,	962	const struct GNUNET_CRYPTO_EccSignature *sig,
1007	const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded	963	const struct GNUNET_CRYPTO_EccPublicKey *pub);
1008	*publicKey);	964
		965
		966	/**
		967	* Derive a private key from a given private key and a label.
		968	* Essentially calculates a private key 'h = H(l,P) * d mod n'
		969	* where n is the size of the ECC group and P is the public
		970	* key associated with the private key 'd'.
		971	*
		972	* @param priv original private key
		973	* @param label label to use for key deriviation
		974	* @return derived private key
		975	*/
		976	struct GNUNET_CRYPTO_EccPrivateKey *
		977	GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv,
		978	const char *label);
		979
		980
		981	/**
		982	* Derive a public key from a given public key and a label.
		983	* Essentially calculates a public key 'V = H(l,P) * P'.
		984	*
		985	* @param pub original public key
		986	* @param label label to use for key deriviation
		987	* @param result where to write the derived public key
		988	*/
		989	void
		990	GNUNET_CRYPTO_ecc_public_key_derive (const struct GNUNET_CRYPTO_EccPublicKey *pub,
		991	const char *label,
		992	struct GNUNET_CRYPTO_EccPublicKey *result);
1009		993
1010		994
1011	#if 0 /* keep Emacsens' auto-indent happy */	995	#if 0 /* keep Emacsens' auto-indent happy */