fix sign api for to address #6164

author: Christian Grothoff <christian@grothoff.org> 2020-04-08 16:56:33 +0200
committer: Christian Grothoff <christian@grothoff.org> 2020-04-08 16:56:33 +0200
commit: 11ae9f030e13d07c505a4d5477d592ddb4b3acf6 (patch)
tree: 69ce120a7c60c84d0d074bab8fe2cd26e77300dc /src/include/gnunet_crypto_lib.h
parent: 2348fe4ae8ffe93765d5c56c3cc5d4490eae946d (diff)
download: gnunet-11ae9f030e13d07c505a4d5477d592ddb4b3acf6.tar.gz
gnunet-11ae9f030e13d07c505a4d5477d592ddb4b3acf6.zip
1 files changed, 142 insertions, 30 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index c64fb4926..ba992ed56 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -1639,19 +1639,21 @@ GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
 /**
 * @ingroup crypto
- * EdDSA sign a given block.  The @a purpose data is the
+ * @brief EdDSA sign a given block.
- * beginning of the data of which the signature is to be
+ *
- * created. The `size` field in @a purpose must correctly
+ * The @a purpose data is the beginning of the data of which the signature is
- * indicate the number of bytes of the data structure, including
+ * to be created. The `size` field in @a purpose must correctly indicate the
- * its header.
+ * number of bytes of the data structure, including its header.  If possible,
+ * use #GNUNET_CRYPTO_eddsa_sign() instead of this function (only if @a validate
+ * is not fixed-size, you must use this function directly).
 *
 * @param priv private key to use for the signing
 * @param purpose what to sign (size, purpose)
- * @param sig where to write the signature
+ * @param[out] sig where to write the signature
 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
 */
 int
-GNUNET_CRYPTO_eddsa_sign (
+GNUNET_CRYPTO_eddsa_sign_ (
  const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
  struct GNUNET_CRYPTO_EddsaSignature *sig);
@@ -1659,32 +1661,87 @@ GNUNET_CRYPTO_eddsa_sign (
 /**
 * @ingroup crypto
- * ECDSA Sign a given block.  The @a purpose data is the
+ * @brief EdDSA sign a given block.
- * beginning of the data of which the signature is to be
+ *
- * created. The `size` field in @a purpose must correctly
+ * The @a ps data must be a fixed-size struct for which the signature is to be
- * indicate the number of bytes of the data structure, including
+ * created. The `size` field in @a ps->purpose must correctly indicate the
- * its header.
+ * number of bytes of the data structure, including its header.
+ *
+ * @param priv private key to use for the signing
+ * @param ps packed struct with what to sign, MUST begin with a purpose
+ * @param[out] sig where to write the signature
+ */
+#define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do {                 \
+    /* check size is set correctly */                              \
+    GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*ps));    \
+    /* check 'ps' begins with the purpose */                       \
+    GNUNET_static_assert (((void*) (ps)) ==                        \
+                          ((void*) &(ps)->purpose));               \
+    GNUNET_assert (GNUNET_OK ==                                    \
+                   GNUNET_CRYPTO_eddsa_sign_ (priv,                \
+                                              &(ps)->purpose,      \
+                                              sig));               \
+} while (0)
+/**
+ * @ingroup crypto
+ * @brief ECDSA Sign a given block.
+ *
+ * The @a purpose data is the beginning of the data of which the signature is
+ * to be created. The `size` field in @a purpose must correctly indicate the
+ * number of bytes of the data structure, including its header. If possible,
+ * use #GNUNET_CRYPTO_ecdsa_sign() instead of this function (only if @a validate
+ * is not fixed-size, you must use this function directly).
 *
 * @param priv private key to use for the signing
 * @param purpose what to sign (size, purpose)
- * @param sig where to write the signature
+ * @param[out] sig where to write the signature
 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
 */
 int
-GNUNET_CRYPTO_ecdsa_sign (
+GNUNET_CRYPTO_ecdsa_sign_ (
  const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
  struct GNUNET_CRYPTO_EcdsaSignature *sig);
+/**
+ * @ingroup crypto
+ * @brief ECDSA sign a given block.
+ *
+ * The @a ps data must be a fixed-size struct for which the signature is to be
+ * created. The `size` field in @a ps->purpose must correctly indicate the
+ * number of bytes of the data structure, including its header.
+ *
+ * @param priv private key to use for the signing
+ * @param ps packed struct with what to sign, MUST begin with a purpose
+ * @param[out] sig where to write the signature
+ */
+#define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do {                 \
+    /* check size is set correctly */                              \
+    GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps)));  \
+    /* check 'ps' begins with the purpose */                       \
+    GNUNET_static_assert (((void*) (ps)) ==                        \
+                          ((void*) &(ps)->purpose));               \
+    GNUNET_assert (GNUNET_OK ==                                    \
+                   GNUNET_CRYPTO_ecdsa_sign_ (priv,                \
+                                              &(ps)->purpose,      \
+                                              sig));               \
+} while (0)
 /**
 * @ingroup crypto
- * Verify EdDSA signature.  The @a validate data is the
+ * @brief Verify EdDSA signature.
- * beginning of the data of which the signature is to be
+ *
- * verified. The `size` field in @a validate must correctly
+ * The @a validate data is the beginning of the data of which the signature
- * indicate the number of bytes of the data structure, including
+ * is to be verified. The `size` field in @a validate must correctly indicate
- * its header.  If @a purpose does not match the purpose given
+ * the number of bytes of the data structure, including its header.  If @a
- * in @a validate (the latter must be in big endian), signature
+ * purpose does not match the purpose given in @a validate (the latter must be
- * verification fails.
+ * in big endian), signature verification fails.  If possible,
+ * use #GNUNET_CRYPTO_eddsa_verify() instead of this function (only if @a validate
+ * is not fixed-size, you must use this function directly).
 *
 * @param purpose what is the purpose that the signature should have?
 * @param validate block to validate (size, purpose, data)
@@ -1693,7 +1750,7 @@ GNUNET_CRYPTO_ecdsa_sign (
 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
 */
 int
-GNUNET_CRYPTO_eddsa_verify (
+GNUNET_CRYPTO_eddsa_verify_ (
  uint32_t purpose,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
  const struct GNUNET_CRYPTO_EddsaSignature *sig,
@@ -1702,13 +1759,42 @@ GNUNET_CRYPTO_eddsa_verify (
 /**
 * @ingroup crypto
- * Verify ECDSA signature.  The @a validate data is the
+ * @brief Verify EdDSA signature.
- * beginning of the data of which the signature is to be
+ *
- * verified. The `size` field in @a validate must correctly
+ * The @a ps data must be a fixed-size struct for which the signature is to be
- * indicate the number of bytes of the data structure, including
+ * created. The `size` field in @a ps->purpose must correctly indicate the
- * its header.  If @a purpose does not match the purpose given
+ * number of bytes of the data structure, including its header.
- * in @a validate (the latter must be in big endian), signature
+ *
- * verification fails.
+ * @param purp purpose of the signature, must match 'ps->purpose.purpose'
+ *              (except in host byte order)
+ * @param priv private key to use for the signing
+ * @param ps packed struct with what to sign, MUST begin with a purpose
+ * @param sig where to write the signature
+ */
+#define GNUNET_CRYPTO_eddsa_verify(purp,ps,sig,pub) ({             \
+    /* check size is set correctly */                              \
+    GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps))); \
+    /* check 'ps' begins with the purpose */                       \
+    GNUNET_static_assert (((void*) (ps)) ==                        \
+                          ((void*) &(ps)->purpose));               \
+    GNUNET_CRYPTO_eddsa_verify_ (purp,                             \
+                                 &(ps)->purpose,                   \
+                                 sig,                              \
+                                 pub);                             \
+  })
+/**
+ * @ingroup crypto
+ * @brief Verify ECDSA signature.
+ *
+ * The @a validate data is the beginning of the data of which the signature is
+ * to be verified. The `size` field in @a validate must correctly indicate the
+ * number of bytes of the data structure, including its header.  If @a purpose
+ * does not match the purpose given in @a validate (the latter must be in big
+ * endian), signature verification fails.  If possible, use
+ * #GNUNET_CRYPTO_eddsa_verify() instead of this function (only if @a validate
+ * is not fixed-size, you must use this function directly).
 *
 * @param purpose what is the purpose that the signature should have?
 * @param validate block to validate (size, purpose, data)
@@ -1717,7 +1803,7 @@ GNUNET_CRYPTO_eddsa_verify (
 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
 */
 int
-GNUNET_CRYPTO_ecdsa_verify (
+GNUNET_CRYPTO_ecdsa_verify_ (
  uint32_t purpose,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
  const struct GNUNET_CRYPTO_EcdsaSignature *sig,
@@ -1726,6 +1812,32 @@ GNUNET_CRYPTO_ecdsa_verify (
 /**
 * @ingroup crypto
+ * @brief Verify ECDSA signature.
+ *
+ * The @a ps data must be a fixed-size struct for which the signature is to be
+ * created. The `size` field in @a ps->purpose must correctly indicate the
+ * number of bytes of the data structure, including its header.
+ *
+ * @param purp purpose of the signature, must match 'ps->purpose.purpose'
+ *              (except in host byte order)
+ * @param priv private key to use for the signing
+ * @param ps packed struct with what to sign, MUST begin with a purpose
+ * @param sig where to write the signature
+ */
+#define GNUNET_CRYPTO_ecdsa_verify(purp,ps,sig,pub) ({             \
+    /* check size is set correctly */                              \
+    GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps)));  \
+    /* check 'ps' begins with the purpose */                       \
+    GNUNET_static_assert (((void*) (ps)) ==                        \
+                          ((void*) &(ps)->purpose));               \
+    GNUNET_CRYPTO_ecdsa_verify_ (purp,                             \
+                                 &(ps)->purpose,                   \
+                                 sig,                              \
+                                 pub);                             \
+  })
+/**
+ * @ingroup crypto
 * Derive a private key from a given private key and a label.
 * Essentially calculates a private key 'h = H(l,P) * d mod n'
 * where n is the size of the ECC group and P is the public
author	Christian Grothoff <christian@grothoff.org>	2020-04-08 16:56:33 +0200
committer	Christian Grothoff <christian@grothoff.org>	2020-04-08 16:56:33 +0200
commit	11ae9f030e13d07c505a4d5477d592ddb4b3acf6 (patch)
tree	69ce120a7c60c84d0d074bab8fe2cd26e77300dc /src/include/gnunet_crypto_lib.h
parent	2348fe4ae8ffe93765d5c56c3cc5d4490eae946d (diff)
download	gnunet-11ae9f030e13d07c505a4d5477d592ddb4b3acf6.tar.gz gnunet-11ae9f030e13d07c505a4d5477d592ddb4b3acf6.zip

diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index c64fb4926..ba992ed56 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h
@@ -1639,19 +1639,21 @@ GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1639		1639
1640	/**	1640	/**
1641	* @ingroup crypto	1641	* @ingroup crypto
1642	* EdDSA sign a given block. The @a purpose data is the	1642	* @brief EdDSA sign a given block.
1643	* beginning of the data of which the signature is to be	1643	*
1644	* created. The `size` field in @a purpose must correctly	1644	* The @a purpose data is the beginning of the data of which the signature is
1645	* indicate the number of bytes of the data structure, including	1645	* to be created. The `size` field in @a purpose must correctly indicate the
1646	* its header.	1646	* number of bytes of the data structure, including its header. If possible,
		1647	* use #GNUNET_CRYPTO_eddsa_sign() instead of this function (only if @a validate
		1648	* is not fixed-size, you must use this function directly).
1647	*	1649	*
1648	* @param priv private key to use for the signing	1650	* @param priv private key to use for the signing
1649	* @param purpose what to sign (size, purpose)	1651	* @param purpose what to sign (size, purpose)
1650	* @param sig where to write the signature	1652	* @param[out] sig where to write the signature
1651	* @return #GNUNET_SYSERR on error, #GNUNET_OK on success	1653	* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1652	*/	1654	*/
1653	int	1655	int
1654	GNUNET_CRYPTO_eddsa_sign (	1656	GNUNET_CRYPTO_eddsa_sign_ (
1655	const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,	1657	const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1656	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,	1658	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1657	struct GNUNET_CRYPTO_EddsaSignature *sig);	1659	struct GNUNET_CRYPTO_EddsaSignature *sig);
@@ -1659,32 +1661,87 @@ GNUNET_CRYPTO_eddsa_sign (
1659		1661
1660	/**	1662	/**
1661	* @ingroup crypto	1663	* @ingroup crypto
1662	* ECDSA Sign a given block. The @a purpose data is the	1664	* @brief EdDSA sign a given block.
1663	* beginning of the data of which the signature is to be	1665	*
1664	* created. The `size` field in @a purpose must correctly	1666	* The @a ps data must be a fixed-size struct for which the signature is to be
1665	* indicate the number of bytes of the data structure, including	1667	* created. The `size` field in @a ps->purpose must correctly indicate the
1666	* its header.	1668	* number of bytes of the data structure, including its header.
		1669	*
		1670	* @param priv private key to use for the signing
		1671	* @param ps packed struct with what to sign, MUST begin with a purpose
		1672	* @param[out] sig where to write the signature
		1673	*/
		1674	#define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \
		1675	/* check size is set correctly */ \
		1676	GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*ps)); \
		1677	/* check 'ps' begins with the purpose */ \
		1678	GNUNET_static_assert (((void*) (ps)) == \
		1679	((void*) &(ps)->purpose)); \
		1680	GNUNET_assert (GNUNET_OK == \
		1681	GNUNET_CRYPTO_eddsa_sign_ (priv, \
		1682	&(ps)->purpose, \
		1683	sig)); \
		1684	} while (0)
		1685
		1686
		1687	/**
		1688	* @ingroup crypto
		1689	* @brief ECDSA Sign a given block.
		1690	*
		1691	* The @a purpose data is the beginning of the data of which the signature is
		1692	* to be created. The `size` field in @a purpose must correctly indicate the
		1693	* number of bytes of the data structure, including its header. If possible,
		1694	* use #GNUNET_CRYPTO_ecdsa_sign() instead of this function (only if @a validate
		1695	* is not fixed-size, you must use this function directly).
1667	*	1696	*
1668	* @param priv private key to use for the signing	1697	* @param priv private key to use for the signing
1669	* @param purpose what to sign (size, purpose)	1698	* @param purpose what to sign (size, purpose)
1670	* @param sig where to write the signature	1699	* @param[out] sig where to write the signature
1671	* @return #GNUNET_SYSERR on error, #GNUNET_OK on success	1700	* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1672	*/	1701	*/
1673	int	1702	int
1674	GNUNET_CRYPTO_ecdsa_sign (	1703	GNUNET_CRYPTO_ecdsa_sign_ (
1675	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,	1704	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1676	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,	1705	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1677	struct GNUNET_CRYPTO_EcdsaSignature *sig);	1706	struct GNUNET_CRYPTO_EcdsaSignature *sig);
1678		1707
		1708
		1709	/**
		1710	* @ingroup crypto
		1711	* @brief ECDSA sign a given block.
		1712	*
		1713	* The @a ps data must be a fixed-size struct for which the signature is to be
		1714	* created. The `size` field in @a ps->purpose must correctly indicate the
		1715	* number of bytes of the data structure, including its header.
		1716	*
		1717	* @param priv private key to use for the signing
		1718	* @param ps packed struct with what to sign, MUST begin with a purpose
		1719	* @param[out] sig where to write the signature
		1720	*/
		1721	#define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \
		1722	/* check size is set correctly */ \
		1723	GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps))); \
		1724	/* check 'ps' begins with the purpose */ \
		1725	GNUNET_static_assert (((void*) (ps)) == \
		1726	((void*) &(ps)->purpose)); \
		1727	GNUNET_assert (GNUNET_OK == \
		1728	GNUNET_CRYPTO_ecdsa_sign_ (priv, \
		1729	&(ps)->purpose, \
		1730	sig)); \
		1731	} while (0)
		1732
		1733
1679	/**	1734	/**
1680	* @ingroup crypto	1735	* @ingroup crypto
1681	* Verify EdDSA signature. The @a validate data is the	1736	* @brief Verify EdDSA signature.
1682	* beginning of the data of which the signature is to be	1737	*
1683	* verified. The `size` field in @a validate must correctly	1738	* The @a validate data is the beginning of the data of which the signature
1684	* indicate the number of bytes of the data structure, including	1739	* is to be verified. The `size` field in @a validate must correctly indicate
1685	* its header. If @a purpose does not match the purpose given	1740	* the number of bytes of the data structure, including its header. If @a
1686	* in @a validate (the latter must be in big endian), signature	1741	* purpose does not match the purpose given in @a validate (the latter must be
1687	* verification fails.	1742	* in big endian), signature verification fails. If possible,
		1743	* use #GNUNET_CRYPTO_eddsa_verify() instead of this function (only if @a validate
		1744	* is not fixed-size, you must use this function directly).
1688	*	1745	*
1689	* @param purpose what is the purpose that the signature should have?	1746	* @param purpose what is the purpose that the signature should have?
1690	* @param validate block to validate (size, purpose, data)	1747	* @param validate block to validate (size, purpose, data)
@@ -1693,7 +1750,7 @@ GNUNET_CRYPTO_ecdsa_sign (
1693	* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid	1750	* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
1694	*/	1751	*/
1695	int	1752	int
1696	GNUNET_CRYPTO_eddsa_verify (	1753	GNUNET_CRYPTO_eddsa_verify_ (
1697	uint32_t purpose,	1754	uint32_t purpose,
1698	const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,	1755	const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
1699	const struct GNUNET_CRYPTO_EddsaSignature *sig,	1756	const struct GNUNET_CRYPTO_EddsaSignature *sig,
@@ -1702,13 +1759,42 @@ GNUNET_CRYPTO_eddsa_verify (
1702		1759
1703	/**	1760	/**
1704	* @ingroup crypto	1761	* @ingroup crypto
1705	* Verify ECDSA signature. The @a validate data is the	1762	* @brief Verify EdDSA signature.
1706	* beginning of the data of which the signature is to be	1763	*
1707	* verified. The `size` field in @a validate must correctly	1764	* The @a ps data must be a fixed-size struct for which the signature is to be
1708	* indicate the number of bytes of the data structure, including	1765	* created. The `size` field in @a ps->purpose must correctly indicate the
1709	* its header. If @a purpose does not match the purpose given	1766	* number of bytes of the data structure, including its header.
1710	* in @a validate (the latter must be in big endian), signature	1767	*
1711	* verification fails.	1768	* @param purp purpose of the signature, must match 'ps->purpose.purpose'
		1769	* (except in host byte order)
		1770	* @param priv private key to use for the signing
		1771	* @param ps packed struct with what to sign, MUST begin with a purpose
		1772	* @param sig where to write the signature
		1773	*/
		1774	#define GNUNET_CRYPTO_eddsa_verify(purp,ps,sig,pub) ({ \
		1775	/* check size is set correctly */ \
		1776	GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps))); \
		1777	/* check 'ps' begins with the purpose */ \
		1778	GNUNET_static_assert (((void*) (ps)) == \
		1779	((void*) &(ps)->purpose)); \
		1780	GNUNET_CRYPTO_eddsa_verify_ (purp, \
		1781	&(ps)->purpose, \
		1782	sig, \
		1783	pub); \
		1784	})
		1785
		1786
		1787	/**
		1788	* @ingroup crypto
		1789	* @brief Verify ECDSA signature.
		1790	*
		1791	* The @a validate data is the beginning of the data of which the signature is
		1792	* to be verified. The `size` field in @a validate must correctly indicate the
		1793	* number of bytes of the data structure, including its header. If @a purpose
		1794	* does not match the purpose given in @a validate (the latter must be in big
		1795	* endian), signature verification fails. If possible, use
		1796	* #GNUNET_CRYPTO_eddsa_verify() instead of this function (only if @a validate
		1797	* is not fixed-size, you must use this function directly).
1712	*	1798	*
1713	* @param purpose what is the purpose that the signature should have?	1799	* @param purpose what is the purpose that the signature should have?
1714	* @param validate block to validate (size, purpose, data)	1800	* @param validate block to validate (size, purpose, data)
@@ -1717,7 +1803,7 @@ GNUNET_CRYPTO_eddsa_verify (
1717	* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid	1803	* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
1718	*/	1804	*/
1719	int	1805	int
1720	GNUNET_CRYPTO_ecdsa_verify (	1806	GNUNET_CRYPTO_ecdsa_verify_ (
1721	uint32_t purpose,	1807	uint32_t purpose,
1722	const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,	1808	const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
1723	const struct GNUNET_CRYPTO_EcdsaSignature *sig,	1809	const struct GNUNET_CRYPTO_EcdsaSignature *sig,
@@ -1726,6 +1812,32 @@ GNUNET_CRYPTO_ecdsa_verify (
1726		1812
1727	/**	1813	/**
1728	* @ingroup crypto	1814	* @ingroup crypto
		1815	* @brief Verify ECDSA signature.
		1816	*
		1817	* The @a ps data must be a fixed-size struct for which the signature is to be
		1818	* created. The `size` field in @a ps->purpose must correctly indicate the
		1819	* number of bytes of the data structure, including its header.
		1820	*
		1821	* @param purp purpose of the signature, must match 'ps->purpose.purpose'
		1822	* (except in host byte order)
		1823	* @param priv private key to use for the signing
		1824	* @param ps packed struct with what to sign, MUST begin with a purpose
		1825	* @param sig where to write the signature
		1826	*/
		1827	#define GNUNET_CRYPTO_ecdsa_verify(purp,ps,sig,pub) ({ \
		1828	/* check size is set correctly */ \
		1829	GNUNET_assert (htonl ((ps)->purpose.size) == sizeof (*(ps))); \
		1830	/* check 'ps' begins with the purpose */ \
		1831	GNUNET_static_assert (((void*) (ps)) == \
		1832	((void*) &(ps)->purpose)); \
		1833	GNUNET_CRYPTO_ecdsa_verify_ (purp, \
		1834	&(ps)->purpose, \
		1835	sig, \
		1836	pub); \
		1837	})
		1838
		1839	/**
		1840	* @ingroup crypto
1729	* Derive a private key from a given private key and a label.	1841	* Derive a private key from a given private key and a label.
1730	* Essentially calculates a private key 'h = H(l,P) * d mod n'	1842	* Essentially calculates a private key 'h = H(l,P) * d mod n'
1731	* where n is the size of the ECC group and P is the public	1843	* where n is the size of the ECC group and P is the public