diff options
author | Christian Grothoff <christian@grothoff.org> | 2021-04-18 21:11:08 +0200 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2021-04-18 21:11:08 +0200 |
commit | 75cfa6370bc902765c26b50bb858c9a5bc1e8e48 (patch) | |
tree | fdadaf6e2736ad79c9f79576bf9a056ea9d0a6f5 /src/include | |
parent | 5ec7af75ea9f8ed86cf28a8efed9a917345d1681 (diff) | |
download | gnunet-75cfa6370bc902765c26b50bb858c9a5bc1e8e48.tar.gz gnunet-75cfa6370bc902765c26b50bb858c9a5bc1e8e48.zip |
SCALARPRODUCT: migrating logic from libgcrypt to libsodium (#6818).
Diffstat (limited to 'src/include')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 132 | ||||
-rw-r--r-- | src/include/gnunet_scalarproduct_service.h | 50 |
2 files changed, 78 insertions, 104 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index d01457b4a..2a552e212 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -1443,9 +1443,16 @@ struct GNUNET_CRYPTO_EccPoint | |||
1443 | * Q consists of an x- and a y-value, each mod p (256 bits), given | 1443 | * Q consists of an x- and a y-value, each mod p (256 bits), given |
1444 | * here in affine coordinates and Ed25519 standard compact format. | 1444 | * here in affine coordinates and Ed25519 standard compact format. |
1445 | */ | 1445 | */ |
1446 | unsigned char q_y[256 / 8]; | 1446 | unsigned char v[256 / 8]; |
1447 | }; | 1447 | }; |
1448 | 1448 | ||
1449 | /** | ||
1450 | * A ECC scalar for use in point multiplications | ||
1451 | */ | ||
1452 | struct GNUNET_CRYPTO_EccScalar | ||
1453 | { | ||
1454 | unsigned char v[256 / 8]; | ||
1455 | }; | ||
1449 | 1456 | ||
1450 | /** | 1457 | /** |
1451 | * Do pre-calculation for ECC discrete logarithm for small factors. | 1458 | * Do pre-calculation for ECC discrete logarithm for small factors. |
@@ -1455,7 +1462,8 @@ struct GNUNET_CRYPTO_EccPoint | |||
1455 | * @return NULL on error | 1462 | * @return NULL on error |
1456 | */ | 1463 | */ |
1457 | struct GNUNET_CRYPTO_EccDlogContext * | 1464 | struct GNUNET_CRYPTO_EccDlogContext * |
1458 | GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max, unsigned int mem); | 1465 | GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max, |
1466 | unsigned int mem); | ||
1459 | 1467 | ||
1460 | 1468 | ||
1461 | /** | 1469 | /** |
@@ -1468,7 +1476,7 @@ GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max, unsigned int mem); | |||
1468 | */ | 1476 | */ |
1469 | int | 1477 | int |
1470 | GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc, | 1478 | GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc, |
1471 | gcry_mpi_point_t input); | 1479 | const struct GNUNET_CRYPTO_EccPoint *input); |
1472 | 1480 | ||
1473 | 1481 | ||
1474 | /** | 1482 | /** |
@@ -1479,138 +1487,107 @@ GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc, | |||
1479 | * convert a point back to an integer (as long as the | 1487 | * convert a point back to an integer (as long as the |
1480 | * integer is smaller than the MAX of the @a edc context). | 1488 | * integer is smaller than the MAX of the @a edc context). |
1481 | * | 1489 | * |
1482 | * @param edc calculation context for ECC operations | ||
1483 | * @param val value to encode into a point | 1490 | * @param val value to encode into a point |
1484 | * @return representation of the value as an ECC point, | 1491 | * @param r where to write the point (must be allocated) |
1485 | * must be freed using #GNUNET_CRYPTO_ecc_free() | ||
1486 | */ | 1492 | */ |
1487 | gcry_mpi_point_t | 1493 | void |
1488 | GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc, int val); | 1494 | GNUNET_CRYPTO_ecc_dexp (int val, |
1495 | struct GNUNET_CRYPTO_EccPoint*r); | ||
1489 | 1496 | ||
1490 | 1497 | ||
1491 | /** | 1498 | /** |
1492 | * Multiply the generator g of the elliptic curve by @a val | 1499 | * Multiply the generator g of the elliptic curve by @a val |
1493 | * to obtain the point on the curve representing @a val. | 1500 | * to obtain the point on the curve representing @a val. |
1494 | * | 1501 | * |
1495 | * @param edc calculation context for ECC operations | ||
1496 | * @param val (positive) value to encode into a point | 1502 | * @param val (positive) value to encode into a point |
1497 | * @return representation of the value as an ECC point, | 1503 | * @param r where to write the point (must be allocated) |
1498 | * must be freed using #GNUNET_CRYPTO_ecc_free() | 1504 | * @return #GNUNET_OK on success. |
1499 | */ | 1505 | */ |
1500 | gcry_mpi_point_t | 1506 | enum GNUNET_GenericReturnValue |
1501 | GNUNET_CRYPTO_ecc_dexp_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc, | 1507 | GNUNET_CRYPTO_ecc_dexp_mpi (const struct GNUNET_CRYPTO_EccScalar *val, |
1502 | gcry_mpi_t val); | 1508 | struct GNUNET_CRYPTO_EccPoint *r); |
1503 | 1509 | ||
1504 | 1510 | ||
1505 | /** | 1511 | /** |
1506 | * Multiply the point @a p on the elliptic curve by @a val. | 1512 | * Multiply the point @a p on the elliptic curve by @a val. |
1507 | * | 1513 | * |
1508 | * @param edc calculation context for ECC operations | ||
1509 | * @param p point to multiply | 1514 | * @param p point to multiply |
1510 | * @param val (positive) value to encode into a point | 1515 | * @param val (positive) value to encode into a point |
1511 | * @return representation of the value as an ECC point, | 1516 | * @param r where to write the point (must be allocated) |
1512 | * must be freed using #GNUNET_CRYPTO_ecc_free() | 1517 | * @return #GNUNET_OK on success. |
1513 | */ | ||
1514 | gcry_mpi_point_t | ||
1515 | GNUNET_CRYPTO_ecc_pmul_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc, | ||
1516 | gcry_mpi_point_t p, | ||
1517 | gcry_mpi_t val); | ||
1518 | |||
1519 | |||
1520 | /** | ||
1521 | * Convert point value to binary representation. | ||
1522 | * | ||
1523 | * @param edc calculation context for ECC operations | ||
1524 | * @param point computational point representation | ||
1525 | * @param[out] bin binary point representation | ||
1526 | */ | ||
1527 | void | ||
1528 | GNUNET_CRYPTO_ecc_point_to_bin (struct GNUNET_CRYPTO_EccDlogContext *edc, | ||
1529 | gcry_mpi_point_t point, | ||
1530 | struct GNUNET_CRYPTO_EccPoint *bin); | ||
1531 | |||
1532 | |||
1533 | /** | ||
1534 | * Convert binary representation of a point to computational representation. | ||
1535 | * | ||
1536 | * @param edc calculation context for ECC operations | ||
1537 | * @param bin binary point representation | ||
1538 | * @return computational representation | ||
1539 | */ | 1518 | */ |
1540 | gcry_mpi_point_t | 1519 | enum GNUNET_GenericReturnValue |
1541 | GNUNET_CRYPTO_ecc_bin_to_point (struct GNUNET_CRYPTO_EccDlogContext *edc, | 1520 | GNUNET_CRYPTO_ecc_pmul_mpi (const struct GNUNET_CRYPTO_EccPoint *p, |
1542 | const struct GNUNET_CRYPTO_EccPoint *bin); | 1521 | const struct GNUNET_CRYPTO_EccScalar *val, |
1522 | struct GNUNET_CRYPTO_EccPoint *r); | ||
1543 | 1523 | ||
1544 | 1524 | ||
1545 | /** | 1525 | /** |
1546 | * Add two points on the elliptic curve. | 1526 | * Add two points on the elliptic curve. |
1547 | * | 1527 | * |
1548 | * @param edc calculation context for ECC operations | ||
1549 | * @param a some value | 1528 | * @param a some value |
1550 | * @param b some value | 1529 | * @param b some value |
1551 | * @return @a a + @a b, must be freed using #GNUNET_CRYPTO_ecc_free() | 1530 | * @param r where to write the point (must be allocated) |
1531 | * @return #GNUNET_OK on success. | ||
1552 | */ | 1532 | */ |
1553 | gcry_mpi_point_t | 1533 | enum GNUNET_GenericReturnValue |
1554 | GNUNET_CRYPTO_ecc_add (struct GNUNET_CRYPTO_EccDlogContext *edc, | 1534 | GNUNET_CRYPTO_ecc_add (const struct GNUNET_CRYPTO_EccPoint *a, |
1555 | gcry_mpi_point_t a, | 1535 | const struct GNUNET_CRYPTO_EccPoint *b, |
1556 | gcry_mpi_point_t b); | 1536 | struct GNUNET_CRYPTO_EccPoint *r); |
1557 | 1537 | ||
1558 | 1538 | ||
1559 | /** | 1539 | /** |
1560 | * Obtain a random point on the curve and its | 1540 | * Obtain a random point on the curve and its |
1561 | * additive inverse. Both returned values | 1541 | * additive inverse. |
1562 | * must be freed using #GNUNET_CRYPTO_ecc_free(). | ||
1563 | * | 1542 | * |
1564 | * @param edc calculation context for ECC operations | ||
1565 | * @param[out] r set to a random point on the curve | 1543 | * @param[out] r set to a random point on the curve |
1566 | * @param[out] r_inv set to the additive inverse of @a r | 1544 | * @param[out] r_inv set to the additive inverse of @a r |
1545 | * @return #GNUNET_OK on success. | ||
1567 | */ | 1546 | */ |
1568 | void | 1547 | enum GNUNET_GenericReturnValue |
1569 | GNUNET_CRYPTO_ecc_rnd (struct GNUNET_CRYPTO_EccDlogContext *edc, | 1548 | GNUNET_CRYPTO_ecc_rnd (struct GNUNET_CRYPTO_EccPoint *r, |
1570 | gcry_mpi_point_t *r, | 1549 | struct GNUNET_CRYPTO_EccPoint *r_inv); |
1571 | gcry_mpi_point_t *r_inv); | ||
1572 | 1550 | ||
1573 | 1551 | ||
1574 | /** | 1552 | /** |
1575 | * Obtain a random scalar for point multiplication on the curve and | 1553 | * Obtain a random scalar for point multiplication on the curve and |
1576 | * its multiplicative inverse. | 1554 | * its additive inverse. |
1577 | * | 1555 | * |
1578 | * @param edc calculation context for ECC operations | ||
1579 | * @param[out] r set to a random scalar on the curve | 1556 | * @param[out] r set to a random scalar on the curve |
1580 | * @param[out] r_inv set to the multiplicative inverse of @a r | 1557 | * @param[out] r_neg set to the negation of @a |
1581 | */ | 1558 | */ |
1582 | void | 1559 | void |
1583 | GNUNET_CRYPTO_ecc_rnd_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc, | 1560 | GNUNET_CRYPTO_ecc_rnd_mpi (struct GNUNET_CRYPTO_EccScalar *r, |
1584 | gcry_mpi_t *r, | 1561 | struct GNUNET_CRYPTO_EccScalar *r_neg); |
1585 | gcry_mpi_t *r_inv); | ||
1586 | 1562 | ||
1587 | 1563 | ||
1588 | /** | 1564 | /** |
1589 | * Generate a random value mod n. | 1565 | * Generate a random value mod n. |
1590 | * | 1566 | * |
1591 | * @param edc ECC context | 1567 | * @param[out] r random value mod n. |
1592 | * @return random value mod n. | ||
1593 | */ | 1568 | */ |
1594 | gcry_mpi_t | 1569 | void |
1595 | GNUNET_CRYPTO_ecc_random_mod_n (struct GNUNET_CRYPTO_EccDlogContext *edc); | 1570 | GNUNET_CRYPTO_ecc_random_mod_n (struct GNUNET_CRYPTO_EccScalar*r); |
1596 | 1571 | ||
1597 | 1572 | ||
1598 | /** | 1573 | /** |
1599 | * Free a point value returned by the API. | 1574 | * Release precalculated values. |
1600 | * | 1575 | * |
1601 | * @param p point to free | 1576 | * @param dlc dlog context |
1602 | */ | 1577 | */ |
1603 | void | 1578 | void |
1604 | GNUNET_CRYPTO_ecc_free (gcry_mpi_point_t p); | 1579 | GNUNET_CRYPTO_ecc_dlog_release (struct GNUNET_CRYPTO_EccDlogContext *dlc); |
1605 | 1580 | ||
1606 | 1581 | ||
1607 | /** | 1582 | /** |
1608 | * Release precalculated values. | 1583 | * Create a scalar from int value. |
1609 | * | 1584 | * |
1610 | * @param dlc dlog context | 1585 | * @param val the int value |
1586 | * @param[out] r where to write the salar | ||
1611 | */ | 1587 | */ |
1612 | void | 1588 | void |
1613 | GNUNET_CRYPTO_ecc_dlog_release (struct GNUNET_CRYPTO_EccDlogContext *dlc); | 1589 | GNUNET_CRYPTO_ecc_scalar_from_int (int64_t val, |
1590 | struct GNUNET_CRYPTO_EccScalar *r); | ||
1614 | 1591 | ||
1615 | 1592 | ||
1616 | /** | 1593 | /** |
@@ -1643,6 +1620,7 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, | |||
1643 | const struct GNUNET_CRYPTO_EcdhePublicKey *pub, | 1620 | const struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
1644 | struct GNUNET_HashCode *key_material); | 1621 | struct GNUNET_HashCode *key_material); |
1645 | 1622 | ||
1623 | |||
1646 | /** | 1624 | /** |
1647 | * @ingroup crypto | 1625 | * @ingroup crypto |
1648 | * Derive key material from a ECDH public key and a private ECDSA key. | 1626 | * Derive key material from a ECDH public key and a private ECDSA key. |
@@ -1937,7 +1915,9 @@ GNUNET_CRYPTO_ecdsa_public_key_derive ( | |||
1937 | * @param val value to write to @a buf | 1915 | * @param val value to write to @a buf |
1938 | */ | 1916 | */ |
1939 | void | 1917 | void |
1940 | GNUNET_CRYPTO_mpi_print_unsigned (void *buf, size_t size, gcry_mpi_t val); | 1918 | GNUNET_CRYPTO_mpi_print_unsigned (void *buf, |
1919 | size_t size, | ||
1920 | gcry_mpi_t val); | ||
1941 | 1921 | ||
1942 | 1922 | ||
1943 | /** | 1923 | /** |
diff --git a/src/include/gnunet_scalarproduct_service.h b/src/include/gnunet_scalarproduct_service.h index b12a19a2f..1d775f659 100644 --- a/src/include/gnunet_scalarproduct_service.h +++ b/src/include/gnunet_scalarproduct_service.h | |||
@@ -17,7 +17,6 @@ | |||
17 | 17 | ||
18 | SPDX-License-Identifier: AGPL3.0-or-later | 18 | SPDX-License-Identifier: AGPL3.0-or-later |
19 | */ | 19 | */ |
20 | |||
21 | /** | 20 | /** |
22 | * @author Christian M. Fuchs | 21 | * @author Christian M. Fuchs |
23 | * @author Gaurav Kukreja | 22 | * @author Gaurav Kukreja |
@@ -118,10 +117,9 @@ GNUNET_NETWORK_STRUCT_END | |||
118 | * @param status Status of the request | 117 | * @param status Status of the request |
119 | */ | 118 | */ |
120 | typedef void | 119 | typedef void |
121 | (*GNUNET_SCALARPRODUCT_ContinuationWithStatus) (void *cls, | 120 | (*GNUNET_SCALARPRODUCT_ContinuationWithStatus) ( |
122 | enum | 121 | void *cls, |
123 | GNUNET_SCALARPRODUCT_ResponseStatus | 122 | enum GNUNET_SCALARPRODUCT_ResponseStatus status); |
124 | status); | ||
125 | 123 | ||
126 | 124 | ||
127 | /** | 125 | /** |
@@ -132,10 +130,10 @@ typedef void | |||
132 | * @param result result of the computation | 130 | * @param result result of the computation |
133 | */ | 131 | */ |
134 | typedef void | 132 | typedef void |
135 | (*GNUNET_SCALARPRODUCT_DatumProcessor) (void *cls, | 133 | (*GNUNET_SCALARPRODUCT_DatumProcessor) ( |
136 | enum GNUNET_SCALARPRODUCT_ResponseStatus | 134 | void *cls, |
137 | status, | 135 | enum GNUNET_SCALARPRODUCT_ResponseStatus status, |
138 | gcry_mpi_t result); | 136 | gcry_mpi_t result); |
139 | 137 | ||
140 | 138 | ||
141 | /** | 139 | /** |
@@ -157,16 +155,14 @@ struct GNUNET_SCALARPRODUCT_ComputationHandle; | |||
157 | * @return a new handle for this computation | 155 | * @return a new handle for this computation |
158 | */ | 156 | */ |
159 | struct GNUNET_SCALARPRODUCT_ComputationHandle * | 157 | struct GNUNET_SCALARPRODUCT_ComputationHandle * |
160 | GNUNET_SCALARPRODUCT_start_computation (const struct | 158 | GNUNET_SCALARPRODUCT_start_computation ( |
161 | GNUNET_CONFIGURATION_Handle *cfg, | 159 | const struct GNUNET_CONFIGURATION_Handle *cfg, |
162 | const struct | 160 | const struct GNUNET_HashCode *session_key, |
163 | GNUNET_HashCode *session_key, | 161 | const struct GNUNET_PeerIdentity *peer, |
164 | const struct GNUNET_PeerIdentity *peer, | 162 | const struct GNUNET_SCALARPRODUCT_Element *elements, |
165 | const struct | 163 | uint32_t element_count, |
166 | GNUNET_SCALARPRODUCT_Element *elements, | 164 | GNUNET_SCALARPRODUCT_DatumProcessor cont, |
167 | uint32_t element_count, | 165 | void *cont_cls); |
168 | GNUNET_SCALARPRODUCT_DatumProcessor cont, | ||
169 | void *cont_cls); | ||
170 | 166 | ||
171 | 167 | ||
172 | /** | 168 | /** |
@@ -181,15 +177,13 @@ GNUNET_SCALARPRODUCT_start_computation (const struct | |||
181 | * @return a new handle for this computation | 177 | * @return a new handle for this computation |
182 | */ | 178 | */ |
183 | struct GNUNET_SCALARPRODUCT_ComputationHandle * | 179 | struct GNUNET_SCALARPRODUCT_ComputationHandle * |
184 | GNUNET_SCALARPRODUCT_accept_computation (const struct | 180 | GNUNET_SCALARPRODUCT_accept_computation ( |
185 | GNUNET_CONFIGURATION_Handle *cfg, | 181 | const struct GNUNET_CONFIGURATION_Handle *cfg, |
186 | const struct GNUNET_HashCode *key, | 182 | const struct GNUNET_HashCode *key, |
187 | const struct | 183 | const struct GNUNET_SCALARPRODUCT_Element *elements, |
188 | GNUNET_SCALARPRODUCT_Element *elements, | 184 | uint32_t element_count, |
189 | uint32_t element_count, | 185 | GNUNET_SCALARPRODUCT_ContinuationWithStatus cont, |
190 | GNUNET_SCALARPRODUCT_ContinuationWithStatus | 186 | void *cont_cls); |
191 | cont, | ||
192 | void *cont_cls); | ||
193 | 187 | ||
194 | 188 | ||
195 | /** | 189 | /** |