GNS: Sanitize APIs and align with LSD0001

author: Martin Schanzenbach <schanzen@gnunet.org> 2022-03-27 12:25:01 +0200
committer: Martin Schanzenbach <schanzen@gnunet.org> 2022-03-27 12:25:01 +0200
commit: 1e4d6256731d69f1309ff8439569c65d2e1384a0 (patch)
tree: 164e7b5cd860ba30e315caba7a1ac08919dee90b /src/include
parent: e598ffe0a3a3d3db0df1fcc04f52bbefe93d3779 (diff)
download: gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.tar.gz
gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.zip
2 files changed, 98 insertions, 13 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 72d783148..77abab45d 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -2018,6 +2018,26 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (
  const char *context,
  struct GNUNET_CRYPTO_EcdsaPublicKey *result);
+/**
+ * This is a signature function for ECDSA which takes a
+ * private key, derives/blinds it and signs the message.
+ *
+ * @param pkey original private key
+ * @param label label to use for key deriviation
+ * @param context additional context to use for HKDF of 'h';
+ *        typically the name of the subsystem/application
+ * @param purp the signature purpose
+ * @param sig the resulting signature
+ * @return GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_ecdsa_sign_derived (
+  const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
+  const char *label,
+  const char *context,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+  struct GNUNET_CRYPTO_EcdsaSignature *sig);
 /**
 * @ingroup crypto
@@ -2063,23 +2083,23 @@ GNUNET_CRYPTO_eddsa_public_key_derive (
 /**
- * This is a signature function for EdDSA which takes the
+ * This is a signature function for EdDSA which takes a
- * secret scalar sk instead of the private seed which is
+ * private key and derives it using the label and context
- * usually the case for crypto APIs. We require this functionality
+ * before signing.
- * in order to use derived private keys for signatures we
- * cannot calculate the inverse of a sk to find the seed
- * efficiently.
 *
- * The resulting signature is a standard EdDSA signature
+ * @param pkey original private key
- * which can be verified using the usual APIs.
+ * @param label label to use for key deriviation
- *
+ * @param context additional context to use for HKDF of 'h';
- * @param sk the secret scalar
+ *        typically the name of the subsystem/application
 * @param purp the signature purpose
 * @param sig the resulting signature
+ * @return GNUNET_OK on success
 */
-void
+enum GNUNET_GenericReturnValue
-GNUNET_CRYPTO_eddsa_sign_with_scalar (
+GNUNET_CRYPTO_eddsa_sign_derived (
-  const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,
+  const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
+  const char *label,
+  const char *context,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
  struct GNUNET_CRYPTO_EddsaSignature *sig);
diff --git a/src/include/gnunet_namestore_plugin.h b/src/include/gnunet_namestore_plugin.h
index 9cc8abc6e..3dca5a853 100644
--- a/src/include/gnunet_namestore_plugin.h
+++ b/src/include/gnunet_namestore_plugin.h
@@ -150,6 +150,71 @@ struct GNUNET_NAMESTORE_PluginFunctions
                   const struct GNUNET_IDENTITY_PublicKey *value_zone,
                   GNUNET_NAMESTORE_RecordIterator iter,
                   void *iter_cls);
+  /** Transaction-based API draft **/
+  /**
+   * Start a transaction in the database
+   *
+   * @param cls closure (internal context for the plugin)
+   * @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
+   */
+  enum GNUNET_GenericReturnValue
+  (*transaction_begin) (void *cls);
+  /**
+   * Abort a transaction in the database
+   *
+   * @param cls closure (internal context for the plugin)
+   * @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
+   */
+  enum GNUNET_GenericReturnValue
+  (*transaction_abort) (void *cls);
+  /**
+   * Commit a transaction in the database
+   *
+   * @param cls closure (internal context for the plugin)
+   * @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
+   */
+  enum GNUNET_GenericReturnValue
+  (*transaction_commit) (void *cls);
+  /**
+   * Replace a record in the datastore for which we are the authority.
+   * Removes any existing record in the same zone with the same name.
+   *
+   * @param cls closure (internal context for the plugin)
+   * @param zone private key of the zone
+   * @param label name of the record in the zone
+   * @param rd_count number of entries in @a rd array, 0 to delete all records
+   * @param rd array of records with data to store
+   * @return #GNUNET_OK on success, else #GNUNET_SYSERR
+   */
+  int
+  (*replace_records) (void *cls,
+                    const struct GNUNET_IDENTITY_PrivateKey *zone,
+                    const char *label,
+                    unsigned int rd_count,
+                    const struct GNUNET_GNSRECORD_Data *rd);
+  /**
+   * Lookup records in the datastore for which we are the authority.
+   *
+   * @param cls closure (internal context for the plugin)
+   * @param zone private key of the zone
+   * @param label name of the record in the zone
+   * @param iter function to call with the result
+   * @param iter_cls closure for @a iter
+   * @return #GNUNET_OK on success, #GNUNET_NO for no results, else #GNUNET_SYSERR
+   */
+  int
+  (*select_records) (void *cls,
+                     const struct GNUNET_IDENTITY_PrivateKey *zone,
+                     const char *label,
+                     GNUNET_NAMESTORE_RecordIterator iter,
+                     void *iter_cls);
 };
author	Martin Schanzenbach <schanzen@gnunet.org>	2022-03-27 12:25:01 +0200
committer	Martin Schanzenbach <schanzen@gnunet.org>	2022-03-27 12:25:01 +0200
commit	1e4d6256731d69f1309ff8439569c65d2e1384a0 (patch)
tree	164e7b5cd860ba30e315caba7a1ac08919dee90b /src/include
parent	e598ffe0a3a3d3db0df1fcc04f52bbefe93d3779 (diff)
download	gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.tar.gz gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.zip

diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 72d783148..77abab45d 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h
@@ -2018,6 +2018,26 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (
2018	const char *context,	2018	const char *context,
2019	struct GNUNET_CRYPTO_EcdsaPublicKey *result);	2019	struct GNUNET_CRYPTO_EcdsaPublicKey *result);
2020		2020
		2021	/**
		2022	* This is a signature function for ECDSA which takes a
		2023	* private key, derives/blinds it and signs the message.
		2024	*
		2025	* @param pkey original private key
		2026	* @param label label to use for key deriviation
		2027	* @param context additional context to use for HKDF of 'h';
		2028	* typically the name of the subsystem/application
		2029	* @param purp the signature purpose
		2030	* @param sig the resulting signature
		2031	* @return GNUNET_OK on success
		2032	*/
		2033	enum GNUNET_GenericReturnValue
		2034	GNUNET_CRYPTO_ecdsa_sign_derived (
		2035	const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
		2036	const char *label,
		2037	const char *context,
		2038	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
		2039	struct GNUNET_CRYPTO_EcdsaSignature *sig);
		2040
2021		2041
2022	/**	2042	/**
2023	* @ingroup crypto	2043	* @ingroup crypto
@@ -2063,23 +2083,23 @@ GNUNET_CRYPTO_eddsa_public_key_derive (
2063		2083
2064		2084
2065	/**	2085	/**
2066	* This is a signature function for EdDSA which takes the	2086	* This is a signature function for EdDSA which takes a
2067	* secret scalar sk instead of the private seed which is	2087	* private key and derives it using the label and context
2068	* usually the case for crypto APIs. We require this functionality	2088	* before signing.
2069	* in order to use derived private keys for signatures we
2070	* cannot calculate the inverse of a sk to find the seed
2071	* efficiently.
2072	*	2089	*
2073	* The resulting signature is a standard EdDSA signature	2090	* @param pkey original private key
2074	* which can be verified using the usual APIs.	2091	* @param label label to use for key deriviation
2075	*	2092	* @param context additional context to use for HKDF of 'h';
2076	* @param sk the secret scalar	2093	* typically the name of the subsystem/application
2077	* @param purp the signature purpose	2094	* @param purp the signature purpose
2078	* @param sig the resulting signature	2095	* @param sig the resulting signature
		2096	* @return GNUNET_OK on success
2079	*/	2097	*/
2080	void	2098	enum GNUNET_GenericReturnValue
2081	GNUNET_CRYPTO_eddsa_sign_with_scalar (	2099	GNUNET_CRYPTO_eddsa_sign_derived (
2082	const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,	2100	const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
		2101	const char *label,
		2102	const char *context,
2083	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,	2103	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
2084	struct GNUNET_CRYPTO_EddsaSignature *sig);	2104	struct GNUNET_CRYPTO_EddsaSignature *sig);
2085		2105


diff --git a/src/include/gnunet_namestore_plugin.h b/src/include/gnunet_namestore_plugin.h index 9cc8abc6e..3dca5a853 100644 --- a/src/include/gnunet_namestore_plugin.h +++ b/src/include/gnunet_namestore_plugin.h
@@ -150,6 +150,71 @@ struct GNUNET_NAMESTORE_PluginFunctions
150	const struct GNUNET_IDENTITY_PublicKey *value_zone,	150	const struct GNUNET_IDENTITY_PublicKey *value_zone,
151	GNUNET_NAMESTORE_RecordIterator iter,	151	GNUNET_NAMESTORE_RecordIterator iter,
152	void *iter_cls);	152	void *iter_cls);
		153
		154	/ Transaction-based API draft /
		155
		156	/**
		157	* Start a transaction in the database
		158	*
		159	* @param cls closure (internal context for the plugin)
		160	* @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
		161	*/
		162	enum GNUNET_GenericReturnValue
		163	(transaction_begin) (void cls);
		164
		165	/**
		166	* Abort a transaction in the database
		167	*
		168	* @param cls closure (internal context for the plugin)
		169	* @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
		170	*/
		171	enum GNUNET_GenericReturnValue
		172	(transaction_abort) (void cls);
		173
		174	/**
		175	* Commit a transaction in the database
		176	*
		177	* @param cls closure (internal context for the plugin)
		178	* @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
		179	*/
		180	enum GNUNET_GenericReturnValue
		181	(transaction_commit) (void cls);
		182
		183	/**
		184	* Replace a record in the datastore for which we are the authority.
		185	* Removes any existing record in the same zone with the same name.
		186	*
		187	* @param cls closure (internal context for the plugin)
		188	* @param zone private key of the zone
		189	* @param label name of the record in the zone
		190	* @param rd_count number of entries in @a rd array, 0 to delete all records
		191	* @param rd array of records with data to store
		192	* @return #GNUNET_OK on success, else #GNUNET_SYSERR
		193	*/
		194	int
		195	(replace_records) (void cls,
		196	const struct GNUNET_IDENTITY_PrivateKey *zone,
		197	const char *label,
		198	unsigned int rd_count,
		199	const struct GNUNET_GNSRECORD_Data *rd);
		200
		201	/**
		202	* Lookup records in the datastore for which we are the authority.
		203	*
		204	* @param cls closure (internal context for the plugin)
		205	* @param zone private key of the zone
		206	* @param label name of the record in the zone
		207	* @param iter function to call with the result
		208	* @param iter_cls closure for @a iter
		209	* @return #GNUNET_OK on success, #GNUNET_NO for no results, else #GNUNET_SYSERR
		210	*/
		211	int
		212	(select_records) (void cls,
		213	const struct GNUNET_IDENTITY_PrivateKey *zone,
		214	const char *label,
		215	GNUNET_NAMESTORE_RecordIterator iter,
		216	void *iter_cls);
		217
153	};	218	};
154		219
155		220