diff options
author | Martin Schanzenbach <schanzen@gnunet.org> | 2023-07-16 19:26:09 +0200 |
---|---|---|
committer | Martin Schanzenbach <schanzen@gnunet.org> | 2023-07-16 19:26:09 +0200 |
commit | a2c3a72d0157c0de4966cea417d1802727c3ed1e (patch) | |
tree | 6e938c29b09fb646a387f3ca55528dc999ece248 /src/include/gnunet_identity_service.h | |
parent | 7eb848d29db698432b25283b994383d2f35465b5 (diff) | |
download | gnunet-a2c3a72d0157c0de4966cea417d1802727c3ed1e.tar.gz gnunet-a2c3a72d0157c0de4966cea417d1802727c3ed1e.zip |
NEWS: Added new CCA-secure KEM and use in IDENTITY encryption
Diffstat (limited to 'src/include/gnunet_identity_service.h')
-rw-r--r-- | src/include/gnunet_identity_service.h | 61 |
1 files changed, 55 insertions, 6 deletions
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index f38e373b1..15e49d781 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h | |||
@@ -721,11 +721,11 @@ GNUNET_IDENTITY_signature_verify_raw_ ( | |||
721 | * this size should be the same as @c len. | 721 | * this size should be the same as @c len. |
722 | */ | 722 | */ |
723 | ssize_t | 723 | ssize_t |
724 | GNUNET_IDENTITY_encrypt (const void *block, | 724 | GNUNET_IDENTITY_encrypt_old (const void *block, |
725 | size_t size, | 725 | size_t size, |
726 | const struct GNUNET_IDENTITY_PublicKey *pub, | 726 | const struct GNUNET_IDENTITY_PublicKey *pub, |
727 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 727 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, |
728 | void *result); | 728 | void *result); |
729 | 729 | ||
730 | 730 | ||
731 | /** | 731 | /** |
@@ -743,13 +743,62 @@ GNUNET_IDENTITY_encrypt (const void *block, | |||
743 | * this size should be the same as @c size. | 743 | * this size should be the same as @c size. |
744 | */ | 744 | */ |
745 | ssize_t | 745 | ssize_t |
746 | GNUNET_IDENTITY_decrypt ( | 746 | GNUNET_IDENTITY_decrypt_old ( |
747 | const void *block, | 747 | const void *block, |
748 | size_t size, | 748 | size_t size, |
749 | const struct GNUNET_IDENTITY_PrivateKey *priv, | 749 | const struct GNUNET_IDENTITY_PrivateKey *priv, |
750 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 750 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, |
751 | void *result); | 751 | void *result); |
752 | 752 | ||
753 | /** | ||
754 | * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a | ||
755 | * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption | ||
756 | * using ecdh to derive a symmetric key. | ||
757 | * | ||
758 | * Note that the result buffer for the ciphertext must be the length of | ||
759 | * the message to encrypt plus: | ||
760 | * - Length of a struct GNUNET_CRYPTO_FoKemC | ||
761 | * - the authentication tag of libsodium, e.g. crypto_secretbox_NONCEBYTES | ||
762 | * | ||
763 | * @param block the block to encrypt | ||
764 | * @param size the size of the @a block | ||
765 | * @param pub public key to use for ecdh | ||
766 | * @param ecc where to write the ecc public key | ||
767 | * @param result the output parameter in which to store the encrypted result | ||
768 | * can be the same or overlap with @c block | ||
769 | * @returns the size of the encrypted block, -1 for errors. | ||
770 | * Due to the use of CFB and therefore an effective stream cipher, | ||
771 | * this size should be the same as @c len. | ||
772 | */ | ||
773 | ssize_t | ||
774 | GNUNET_IDENTITY_encrypt2 (const void *block, | ||
775 | size_t size, | ||
776 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
777 | void *result, | ||
778 | size_t result_size); | ||
779 | |||
780 | |||
781 | /** | ||
782 | * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given | ||
783 | * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key. | ||
784 | * | ||
785 | * @param block the data to decrypt, encoded as returned by encrypt | ||
786 | * @param size the size of the @a block to decrypt | ||
787 | * @param priv private key to use for ecdh | ||
788 | * @param result address to store the result at | ||
789 | * can be the same or overlap with @c block | ||
790 | * @return -1 on failure, size of decrypted block on success. | ||
791 | * Due to the use of CFB and therefore an effective stream cipher, | ||
792 | * this size should be the same as @c size. | ||
793 | */ | ||
794 | ssize_t | ||
795 | GNUNET_IDENTITY_decrypt2 ( | ||
796 | const void *block, | ||
797 | size_t size, | ||
798 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
799 | void *result, | ||
800 | size_t result_size); | ||
801 | |||
753 | 802 | ||
754 | /** | 803 | /** |
755 | * Creates a (Base32) string representation of the public key. | 804 | * Creates a (Base32) string representation of the public key. |