Merge branch 'master' of ssh://git.gnunet.org/gnunet

1 files changed, 6 insertions, 569 deletions

diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h
index d4192a77f..270f4d26f 100644
--- a/src/include/gnunet_identity_service.h
+++ b/src/include/gnunet_identity_service.h
@@ -62,20 +62,6 @@ extern "C" {
  */
 #define GNUNET_IDENTITY_VERSION 0x00000100
 
-enum GNUNET_IDENTITY_KeyType
-{
-  /**
-   * The identity type. The value is the same as the
-   * PKEY record type.
-   */
-  GNUNET_IDENTITY_TYPE_ECDSA = 65536,
-
-  /**
-   * EDDSA identity. The value is the same as the EDKEY
-   * record type.
-   */
-  GNUNET_IDENTITY_TYPE_EDDSA = 65556
-};
 
 /**
  * Handle to access the identity service.
@@ -88,89 +74,6 @@ struct GNUNET_IDENTITY_Handle;
 struct GNUNET_IDENTITY_Ego;
 
 /**
- * A private key for an identity as per LSD0001.
- * Note that these types are NOT packed and MUST NOT be used in RPC
- * messages. Use the respective serialization functions.
- */
-struct GNUNET_IDENTITY_PrivateKey
-{
-  /**
-   * Type of public key.
-   * Defined by the GNS zone type value.
-   * In NBO.
-   */
-  uint32_t type;
-
-  union
-  {
-    /**
-     * An ECDSA identity key.
-     */
-    struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_key;
-
-    /**
-     * AN EdDSA identtiy key
-     */
-    struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_key;
-  };
-};
-
-
-/**
- * An identity key as per LSD0001.
- */
-struct GNUNET_IDENTITY_PublicKey
-{
-  /**
-   * Type of public key.
-   * Defined by the GNS zone type value.
-   * In NBO.
-   */
-  uint32_t type;
-
-  union
-  {
-    /**
-     * An ECDSA identity key.
-     */
-    struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key;
-
-    /**
-     * AN EdDSA identtiy key
-     */
-    struct GNUNET_CRYPTO_EddsaPublicKey eddsa_key;
-  };
-};
-
-
-/**
- * An identity signature as per LSD0001.
- */
-struct GNUNET_IDENTITY_Signature
-{
-  /**
-   * Type of signature.
-   * Defined by the GNS zone type value.
-   * In NBO.
-   */
-  uint32_t type;
-
-  union
-  {
-    /**
-     * An ECDSA signature
-     */
-    struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature;
-
-    /**
-     * AN EdDSA signature
-     */
-    struct GNUNET_CRYPTO_EddsaSignature eddsa_signature;
-  };
-};
-
-
-/**
  * Handle for an operation with the identity service.
  */
 struct GNUNET_IDENTITY_Operation;
@@ -182,7 +85,7 @@ struct GNUNET_IDENTITY_Operation;
  * @param ego the ego
  * @return associated ECC key, valid as long as the ego is valid
  */
-const struct GNUNET_IDENTITY_PrivateKey *
+const struct GNUNET_CRYPTO_PrivateKey *
 GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego);
 
 
@@ -203,7 +106,7 @@ GNUNET_IDENTITY_ego_get_anonymous (void);
  */
 void
 GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego,
-                                    struct GNUNET_IDENTITY_PublicKey *pk);
+                                    struct GNUNET_CRYPTO_PublicKey *pk);
 
 
 /**
@@ -336,7 +239,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h);
 typedef void
 (*GNUNET_IDENTITY_CreateContinuation) (
   void *cls,
-  const struct GNUNET_IDENTITY_PrivateKey *pk,
+  const struct GNUNET_CRYPTO_PrivateKey *pk,
   enum GNUNET_ErrorCode ec);
 
 
@@ -354,8 +257,8 @@ typedef void
 struct GNUNET_IDENTITY_Operation *
 GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *id,
                         const char *name,
-                        const struct GNUNET_IDENTITY_PrivateKey *privkey,
-                        enum GNUNET_IDENTITY_KeyType ktype,
+                        const struct GNUNET_CRYPTO_PrivateKey *privkey,
+                        enum GNUNET_CRYPTO_KeyType ktype,
                         GNUNET_IDENTITY_CreateContinuation cont,
                         void *cont_cls);
 
@@ -406,472 +309,6 @@ void
 GNUNET_IDENTITY_cancel (struct GNUNET_IDENTITY_Operation *op);
 
 
-/**
- * Get the compacted length of a #GNUNET_IDENTITY_PublicKey.
- * Compacted means that it returns the minimum number of bytes this
- * key is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_PublicKey.
- * Useful for compact serializations.
- *
- * @param key the key.
- * @return -1 on error, else the compacted length of the key.
- */
-ssize_t
-GNUNET_IDENTITY_public_key_get_length (const struct
-                                       GNUNET_IDENTITY_PublicKey *key);
-
-/**
- * Reads a #GNUNET_IDENTITY_PublicKey from a compact buffer.
- * The buffer has to contain at least the compacted length of
- * a #GNUNET_IDENTITY_PublicKey in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the buffer does not contain a valid key, it returns -2 as error.
- *
- * @param buffer the buffer
- * @param len the length of buffer
- * @param key the key
- * @param the amount of bytes read from the buffer
- * @return #GNUNET_SYSERR on error
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_read_public_key_from_buffer (
-  const void *buffer,
-  size_t len,
-  struct GNUNET_IDENTITY_PublicKey *key,
-  size_t *read);
-
-/**
- * Get the compacted length of a #GNUNET_IDENTITY_PrivateKey.
- * Compacted means that it returns the minimum number of bytes this
- * key is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_PrivateKey.
- * Useful for compact serializations.
- *
- * @param key the key.
- * @return -1 on error, else the compacted length of the key.
- */
-ssize_t
-GNUNET_IDENTITY_private_key_get_length (
-  const struct GNUNET_IDENTITY_PrivateKey *key);
-
-
-/**
- * Writes a #GNUNET_IDENTITY_PublicKey to a compact buffer.
- * The buffer requires space for at least the compacted length of
- * a #GNUNET_IDENTITY_PublicKey in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the key is not valid, it returns -2 as error.
- *
- * @param key the key
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes written to the buffer
- */
-ssize_t
-GNUNET_IDENTITY_write_public_key_to_buffer (const struct
-                                            GNUNET_IDENTITY_PublicKey *key,
-                                            void*buffer,
-                                            size_t len);
-
-
-/**
- * Reads a #GNUNET_IDENTITY_PrivateKey from a compact buffer.
- * The buffer has to contain at least the compacted length of
- * a #GNUNET_IDENTITY_PrivateKey in bytes.
- * If the buffer is too small, the function returns GNUNET_SYSERR as error.
- *
- * @param buffer the buffer
- * @param len the length of buffer
- * @param key the key
- * @param the amount of bytes read from the buffer
- * @return #GNUNET_SYSERR on error
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_read_private_key_from_buffer (
-  const void*buffer,
-  size_t len,
-  struct GNUNET_IDENTITY_PrivateKey *key,
-  size_t *read);
-
-
-/**
- * Writes a #GNUNET_IDENTITY_PrivateKey to a compact buffer.
- * The buffer requires space for at least the compacted length of
- * a #GNUNET_IDENTITY_PrivateKey in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the key is not valid, it returns -2 as error.
- *
- * @param key the key
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes written to the buffer
- */
-ssize_t
-GNUNET_IDENTITY_write_private_key_to_buffer (
-  const struct GNUNET_IDENTITY_PrivateKey *key,
-  void*buffer,
-  size_t len);
-
-
-/**
- * Get the compacted length of a #GNUNET_IDENTITY_Signature.
- * Compacted means that it returns the minimum number of bytes this
- * signature is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_Signature.
- * Useful for compact serializations.
- *
- * @param sig the signature.
- * @return -1 on error, else the compacted length of the signature.
- */
-ssize_t
-GNUNET_IDENTITY_signature_get_length (
-  const struct GNUNET_IDENTITY_Signature *sig);
-
-
-/**
- * Get the compacted length of a signature by type.
- * Compacted means that it returns the minimum number of bytes this
- * signature is long, as opposed to the union structure inside
- * #GNUNET_IDENTITY_Signature.
- * Useful for compact serializations.
- *
- * @param sig the signature.
- * @return -1 on error, else the compacted length of the signature.
- */
-ssize_t
-GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type);
-
-
-/**
- * Reads a #GNUNET_IDENTITY_Signature from a compact buffer.
- * The buffer has to contain at least the compacted length of
- * a #GNUNET_IDENTITY_Signature in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the buffer does not contain a valid key, it returns -2 as error.
- *
- * @param sig the signature
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes read from the buffer
- */
-ssize_t
-GNUNET_IDENTITY_read_signature_from_buffer (
-  struct GNUNET_IDENTITY_Signature *sig,
-  const void*buffer,
-  size_t len);
-
-
-/**
- * Writes a #GNUNET_IDENTITY_Signature to a compact buffer.
- * The buffer requires space for at least the compacted length of
- * a #GNUNET_IDENTITY_Signature in bytes.
- * If the buffer is too small, the function returns -1 as error.
- * If the key is not valid, it returns -2 as error.
- *
- * @param sig the signature
- * @param buffer the buffer
- * @param len the length of buffer
- * @return -1 or -2 on error, else the amount of bytes written to the buffer
- */
-ssize_t
-GNUNET_IDENTITY_write_signature_to_buffer (
-  const struct GNUNET_IDENTITY_Signature *sig,
-  void*buffer,
-  size_t len);
-
-
-/**
- * @brief Sign a given block.
- *
- * The @a purpose data is the beginning of the data of which the signature is
- * to be created. The `size` field in @a purpose must correctly indicate the
- * number of bytes of the data structure, including its header. If possible,
- * use #GNUNET_IDENTITY_sign() instead of this function.
- *
- * @param priv private key to use for the signing
- * @param purpose what to sign (size, purpose)
- * @param[out] sig where to write the signature
- * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_sign_ (
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
-  struct GNUNET_IDENTITY_Signature *sig);
-
-/**
- * @brief Sign a given block.
- *
- * The @a purpose data is the beginning of the data of which the signature is
- * to be created. The `size` field in @a purpose must correctly indicate the
- * number of bytes of the data structure, including its header.
- * The signature payload and length depends on the key type.
- *
- * @param priv private key to use for the signing
- * @param purpose what to sign (size, purpose)
- * @param[out] sig where to write the signature
- * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_sign_raw_ (
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
-  unsigned char *sig);
-
-
-/**
- * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey.
- *
- * The @a ps data must be a fixed-size struct for which the signature is to be
- * created. The `size` field in @a ps->purpose must correctly indicate the
- * number of bytes of the data structure, including its header.
- *
- * @param priv private key to use for the signing
- * @param ps packed struct with what to sign, MUST begin with a purpose
- * @param[out] sig where to write the signature
- */
-#define GNUNET_IDENTITY_sign(priv,ps,sig) do {                \
-          /* check size is set correctly */                                     \
-          GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));         \
-          /* check 'ps' begins with the purpose */                              \
-          GNUNET_static_assert (((void*) (ps)) ==                               \
-                                ((void*) &(ps)->purpose));                      \
-          GNUNET_assert (GNUNET_OK ==                                           \
-                         GNUNET_IDENTITY_sign_ (priv,               \
-                                                &(ps)->purpose,             \
-                                                sig));                      \
-} while (0)
-
-
-/**
- * @brief Verify a given signature.
- *
- * The @a validate data is the beginning of the data of which the signature
- * is to be verified. The `size` field in @a validate must correctly indicate
- * the number of bytes of the data structure, including its header.  If @a
- * purpose does not match the purpose given in @a validate (the latter must be
- * in big endian), signature verification fails.  If possible,
- * use #GNUNET_IDENTITY_signature_verify() instead of this function (only if @a validate
- * is not fixed-size, you must use this function directly).
- *
- * @param purpose what is the purpose that the signature should have?
- * @param validate block to validate (size, purpose, data)
- * @param sig signature that is being validated
- * @param pub public key of the signer
- * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_signature_verify_ (
-  uint32_t purpose,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
-  const struct GNUNET_IDENTITY_Signature *sig,
-  const struct GNUNET_IDENTITY_PublicKey *pub);
-
-/**
- * @brief Verify a given signature.
- *
- * The @a validate data is the beginning of the data of which the signature
- * is to be verified. The `size` field in @a validate must correctly indicate
- * the number of bytes of the data structure, including its header.  If @a
- * purpose does not match the purpose given in @a validate (the latter must be
- * in big endian), signature verification fails.
- *
- * @param purpose what is the purpose that the signature should have?
- * @param validate block to validate (size, purpose, data)
- * @param sig signature that is being validated
- * @param pub public key of the signer
- * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_signature_verify_raw_ (
-  uint32_t purpose,
-  const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
-  const unsigned char *sig,
-  const struct GNUNET_IDENTITY_PublicKey *pub);
-
-
-/**
- * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey.
- *
- * The @a ps data must be a fixed-size struct for which the signature is to be
- * created. The `size` field in @a ps->purpose must correctly indicate the
- * number of bytes of the data structure, including its header.
- *
- * @param purp purpose of the signature, must match 'ps->purpose.purpose'
- *              (except in host byte order)
- * @param ps packed struct with what to sign, MUST begin with a purpose
- * @param sig where to read the signature from
- * @param pub public key to use for the verifying
- */
-#define GNUNET_IDENTITY_signature_verify(purp,ps,sig,pub) ({             \
-    /* check size is set correctly */                                     \
-    GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps)));         \
-    /* check 'ps' begins with the purpose */                              \
-    GNUNET_static_assert (((void*) (ps)) ==                               \
-                          ((void*) &(ps)->purpose));                      \
-    GNUNET_IDENTITY_signature_verify_ (purp,                              \
-                                       &(ps)->purpose,                    \
-                                       sig,                               \
-                                       pub);                              \
-  })
-
-
-/**
- * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a
- * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption
- * using ecdh to derive a symmetric key.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param pub public key to use for ecdh
- * @param ecc where to write the ecc public key
- * @param result the output parameter in which to store the encrypted result
- *               can be the same or overlap with @c block
- * @returns the size of the encrypted block, -1 for errors.
- *          Due to the use of CFB and therefore an effective stream cipher,
- *          this size should be the same as @c len.
- */
-ssize_t
-GNUNET_IDENTITY_encrypt_old (const void *block,
-                             size_t size,
-                             const struct GNUNET_IDENTITY_PublicKey *pub,
-                             struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
-                             void *result);
-
-
-/**
- * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given
- * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key.
- *
- * @param block the data to decrypt, encoded as returned by encrypt
- * @param size the size of the @a block to decrypt
- * @param priv private key to use for ecdh
- * @param ecc the ecc public key
- * @param result address to store the result at
- *               can be the same or overlap with @c block
- * @return -1 on failure, size of decrypted block on success.
- *         Due to the use of CFB and therefore an effective stream cipher,
- *         this size should be the same as @c size.
- */
-ssize_t
-GNUNET_IDENTITY_decrypt_old (
-  const void *block,
-  size_t size,
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
-  const struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
-  void *result);
-
-#define GNUNET_IDENTITY_ENCRYPT_OVERHEAD_BYTES (crypto_secretbox_MACBYTES \
-                                                + sizeof (struct \
-                                                          GNUNET_CRYPTO_FoKemC))
-
-/**
- * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a
- * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption
- * using ecdh to derive a symmetric key.
- *
- * Note that the result buffer for the ciphertext must be the length of
- * the message to encrypt plus #GNUNET_IDENTITY_ENCRYPT_OVERHEAD_BYTES.
- *
- * @param block the block to encrypt
- * @param size the size of the @a block
- * @param pub public key to encrypt for
- * @param result the output parameter in which to store the encrypted result
- *               can be the same or overlap with @c block
- * @returns GNUNET_OK on success.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_encrypt (const void *block,
-                         size_t size,
-                         const struct GNUNET_IDENTITY_PublicKey *pub,
-                         void *result,
-                         size_t result_size);
-
-
-/**
- * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given
- * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key.
- *
- * @param block the data to decrypt, encoded as returned by encrypt
- * @param size the size of the @a block to decrypt
- * @param priv private key to use for ecdh
- * @param result address to store the result at
- *               can be the same or overlap with @c block
- * @returns GNUNET_OK on success.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_decrypt (const void *block,
-                         size_t size,
-                         const struct GNUNET_IDENTITY_PrivateKey *priv,
-                         void *result,
-                         size_t result_size);
-
-
-/**
- * Creates a (Base32) string representation of the public key.
- * The resulting string encodes a compacted representation of the key.
- * See also #GNUNET_IDENTITY_key_get_length.
- *
- * @param key the key.
- * @return the string representation of the key, or NULL on error.
- */
-char *
-GNUNET_IDENTITY_public_key_to_string (
-  const struct GNUNET_IDENTITY_PublicKey *key);
-
-
-/**
- * Creates a (Base32) string representation of the private key.
- * The resulting string encodes a compacted representation of the key.
- * See also #GNUNET_IDENTITY_key_get_length.
- *
- * @param key the key.
- * @return the string representation of the key, or NULL on error.
- */
-char *
-GNUNET_IDENTITY_private_key_to_string (
-  const struct GNUNET_IDENTITY_PrivateKey *key);
-
-
-/**
- * Parses a (Base32) string representation of the public key.
- * See also #GNUNET_IDENTITY_public_key_to_string.
- *
- * @param str the encoded key.
- * @param key where to write the key.
- * @return GNUNET_SYSERR on error.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_public_key_from_string (const char*str,
-                                        struct GNUNET_IDENTITY_PublicKey *key);
-
-
-/**
- * Parses a (Base32) string representation of the private key.
- * See also #GNUNET_IDENTITY_private_key_to_string.
- *
- * @param str the encoded key.
- * @param key where to write the key.
- * @return GNUNET_SYSERR on error.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_private_key_from_string (const char*str,
-                                         struct GNUNET_IDENTITY_PrivateKey *key);
-
-
-/**
- * Retrieves the public key representation of a private key.
- *
- * @param privkey the private key.
- * @param key the public key result.
- * @return GNUNET_SYSERR on error.
- */
-enum GNUNET_GenericReturnValue
-GNUNET_IDENTITY_key_get_public (const struct
-                                GNUNET_IDENTITY_PrivateKey *privkey,
-                                struct GNUNET_IDENTITY_PublicKey *key);
-
-
 /* ************* convenience API to lookup an ego ***************** */
 
 /**
@@ -924,7 +361,7 @@ GNUNET_IDENTITY_ego_lookup_cancel (struct GNUNET_IDENTITY_EgoLookup *el);
 typedef void
 (*GNUNET_IDENTITY_EgoSuffixCallback) (
   void *cls,
-  const struct GNUNET_IDENTITY_PrivateKey *priv,
+  const struct GNUNET_CRYPTO_PrivateKey *priv,
   const char *ego_name);