diff options
author | Christian Grothoff <christian@grothoff.org> | 2012-10-17 19:35:13 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2012-10-17 19:35:13 +0000 |
commit | 69c3f226a7e62844b7dc08da92affeed8a062f4b (patch) | |
tree | 0a725aa1e16458a78a1dd0de6dc2f99b8dcbf1d7 /src/util/gnunet-ecc.c | |
parent | 5ad33cbc7aa715b7c154196aab7b4e1db76487b3 (diff) | |
download | gnunet-69c3f226a7e62844b7dc08da92affeed8a062f4b.tar.gz gnunet-69c3f226a7e62844b7dc08da92affeed8a062f4b.zip |
-fixing obvious ecc issues, adding gnunet-ecc based on gnunet-rsa
Diffstat (limited to 'src/util/gnunet-ecc.c')
-rw-r--r-- | src/util/gnunet-ecc.c | 246 |
1 files changed, 246 insertions, 0 deletions
diff --git a/src/util/gnunet-ecc.c b/src/util/gnunet-ecc.c new file mode 100644 index 000000000..f966763a8 --- /dev/null +++ b/src/util/gnunet-ecc.c | |||
@@ -0,0 +1,246 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet. | ||
3 | (C) 2012 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file util/gnunet-ecc.c | ||
23 | * @brief tool to manipulate ECC key files | ||
24 | * @author Christian Grothoff | ||
25 | */ | ||
26 | #include "platform.h" | ||
27 | #include "gnunet_util_lib.h" | ||
28 | #include "gnunet_testing_lib-new.h" | ||
29 | #include <gcrypt.h> | ||
30 | |||
31 | |||
32 | /** | ||
33 | * Flag for printing public key. | ||
34 | */ | ||
35 | static int print_public_key; | ||
36 | |||
37 | /** | ||
38 | * Flag for printing hash of public key. | ||
39 | */ | ||
40 | static int print_peer_identity; | ||
41 | |||
42 | /** | ||
43 | * Flag for printing short hash of public key. | ||
44 | */ | ||
45 | static int print_short_identity; | ||
46 | |||
47 | /** | ||
48 | * Use weak random number generator for key generation. | ||
49 | */ | ||
50 | static int weak_random; | ||
51 | |||
52 | /** | ||
53 | * Option set to create a bunch of keys at once. | ||
54 | */ | ||
55 | static unsigned int make_keys; | ||
56 | |||
57 | /** | ||
58 | * The private information of an ECC key pair. | ||
59 | * NOTE: this must match the definition in crypto_ksk.c and crypto_ecc.c! | ||
60 | */ | ||
61 | struct GNUNET_CRYPTO_EccPrivateKey | ||
62 | { | ||
63 | gcry_sexp_t sexp; | ||
64 | }; | ||
65 | |||
66 | |||
67 | /** | ||
68 | * Create a new private key. Caller must free return value. | ||
69 | * | ||
70 | * @return fresh private key | ||
71 | */ | ||
72 | static struct GNUNET_CRYPTO_EccPrivateKey * | ||
73 | ecc_key_create () | ||
74 | { | ||
75 | struct GNUNET_CRYPTO_EccPrivateKey *ret; | ||
76 | gcry_sexp_t s_key; | ||
77 | gcry_sexp_t s_keyparam; | ||
78 | |||
79 | GNUNET_assert (0 == | ||
80 | gcry_sexp_build (&s_keyparam, NULL, | ||
81 | "(genkey(ecc(nbits %d)(ecc-use-e 3:257)))", | ||
82 | 2048)); | ||
83 | GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam)); | ||
84 | gcry_sexp_release (s_keyparam); | ||
85 | #if EXTRA_CHECKS | ||
86 | GNUNET_assert (0 == gcry_pk_testkey (s_key)); | ||
87 | #endif | ||
88 | ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccPrivateKey)); | ||
89 | ret->sexp = s_key; | ||
90 | return ret; | ||
91 | } | ||
92 | |||
93 | |||
94 | /** | ||
95 | * Create a flat file with a large number of key pairs for testing. | ||
96 | */ | ||
97 | static void | ||
98 | create_keys (const char *fn) | ||
99 | { | ||
100 | FILE *f; | ||
101 | struct GNUNET_CRYPTO_EccPrivateKey *pk; | ||
102 | struct GNUNET_CRYPTO_EccPrivateKeyBinaryEncoded *enc; | ||
103 | |||
104 | if (NULL == (f = fopen (fn, "w+"))) | ||
105 | { | ||
106 | fprintf (stderr, | ||
107 | _("Failed to open `%s': %s\n"), | ||
108 | fn, | ||
109 | STRERROR (errno)); | ||
110 | return; | ||
111 | } | ||
112 | fprintf (stderr, | ||
113 | _("Generating %u keys, please wait"), | ||
114 | make_keys); | ||
115 | while (0 < make_keys--) | ||
116 | { | ||
117 | fprintf (stderr, | ||
118 | "."); | ||
119 | if (NULL == (pk = ecc_key_create ())) | ||
120 | { | ||
121 | GNUNET_break (0); | ||
122 | break; | ||
123 | } | ||
124 | enc = GNUNET_CRYPTO_ecc_encode_key (pk); | ||
125 | if (htons (enc->size) != fwrite (enc, 1, htons (enc->size), f)) | ||
126 | { | ||
127 | fprintf (stderr, | ||
128 | _("\nFailed to write to `%s': %s\n"), | ||
129 | fn, | ||
130 | STRERROR (errno)); | ||
131 | GNUNET_CRYPTO_ecc_key_free (pk); | ||
132 | GNUNET_free (enc); | ||
133 | break; | ||
134 | } | ||
135 | GNUNET_CRYPTO_ecc_key_free (pk); | ||
136 | GNUNET_free (enc); | ||
137 | } | ||
138 | if (0 == make_keys) | ||
139 | fprintf (stderr, | ||
140 | _("Finished!\n")); | ||
141 | fclose (f); | ||
142 | } | ||
143 | |||
144 | |||
145 | /** | ||
146 | * Main function that will be run by the scheduler. | ||
147 | * | ||
148 | * @param cls closure | ||
149 | * @param args remaining command-line arguments | ||
150 | * @param cfgfile name of the configuration file used (for saving, can be NULL!) | ||
151 | * @param cfg configuration | ||
152 | */ | ||
153 | static void | ||
154 | run (void *cls, char *const *args, const char *cfgfile, | ||
155 | const struct GNUNET_CONFIGURATION_Handle *cfg) | ||
156 | { | ||
157 | struct GNUNET_CRYPTO_EccPrivateKey *pk; | ||
158 | struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded pub; | ||
159 | struct GNUNET_PeerIdentity pid; | ||
160 | |||
161 | if (NULL == args[0]) | ||
162 | { | ||
163 | fprintf (stderr, _("No hostkey file specified on command line\n")); | ||
164 | return; | ||
165 | } | ||
166 | if (0 != weak_random) | ||
167 | GNUNET_CRYPTO_random_disable_entropy_gathering (); | ||
168 | if (make_keys > 0) | ||
169 | { | ||
170 | create_keys (args[0]); | ||
171 | return; | ||
172 | } | ||
173 | pk = GNUNET_CRYPTO_ecc_key_create_from_file (args[0]); | ||
174 | if (NULL == pk) | ||
175 | return; | ||
176 | if (print_public_key) | ||
177 | { | ||
178 | char *s; | ||
179 | |||
180 | GNUNET_CRYPTO_ecc_key_get_public (pk, &pub); | ||
181 | s = GNUNET_CRYPTO_ecc_public_key_to_string (&pub); | ||
182 | fprintf (stdout, "%s\n", s); | ||
183 | GNUNET_free (s); | ||
184 | } | ||
185 | if (print_peer_identity) | ||
186 | { | ||
187 | struct GNUNET_CRYPTO_HashAsciiEncoded enc; | ||
188 | |||
189 | GNUNET_CRYPTO_ecc_key_get_public (pk, &pub); | ||
190 | GNUNET_CRYPTO_hash (&pub, sizeof (pub), &pid.hashPubKey); | ||
191 | GNUNET_CRYPTO_hash_to_enc (&pid.hashPubKey, &enc); | ||
192 | fprintf (stdout, "%s\n", enc.encoding); | ||
193 | } | ||
194 | if (print_short_identity) | ||
195 | { | ||
196 | struct GNUNET_CRYPTO_ShortHashAsciiEncoded enc; | ||
197 | struct GNUNET_CRYPTO_ShortHashCode sh; | ||
198 | |||
199 | GNUNET_CRYPTO_ecc_key_get_public (pk, &pub); | ||
200 | GNUNET_CRYPTO_short_hash (&pub, sizeof (pub), &sh); | ||
201 | GNUNET_CRYPTO_short_hash_to_enc (&sh, &enc); | ||
202 | fprintf (stdout, "%s\n", enc.short_encoding); | ||
203 | } | ||
204 | GNUNET_CRYPTO_ecc_key_free (pk); | ||
205 | } | ||
206 | |||
207 | |||
208 | /** | ||
209 | * Program to manipulate ECC key files. | ||
210 | * | ||
211 | * @param argc number of arguments from the command line | ||
212 | * @param argv command line arguments | ||
213 | * @return 0 ok, 1 on error | ||
214 | */ | ||
215 | int | ||
216 | main (int argc, char *const *argv) | ||
217 | { | ||
218 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { | ||
219 | { 'g', "generate-keys", "COUNT", | ||
220 | gettext_noop ("create COUNT public-private key pairs (for testing)"), | ||
221 | 1, &GNUNET_GETOPT_set_uint, &make_keys }, | ||
222 | { 'p', "print-public-key", NULL, | ||
223 | gettext_noop ("print the public key in ASCII format"), | ||
224 | 0, &GNUNET_GETOPT_set_one, &print_public_key }, | ||
225 | { 'P', "print-peer-identity", NULL, | ||
226 | gettext_noop ("print the hash of the public key in ASCII format"), | ||
227 | 0, &GNUNET_GETOPT_set_one, &print_peer_identity }, | ||
228 | { 's', "print-short-identity", NULL, | ||
229 | gettext_noop ("print the short hash of the public key in ASCII format"), | ||
230 | 0, &GNUNET_GETOPT_set_one, &print_short_identity }, | ||
231 | { 'w', "weak-random", NULL, | ||
232 | gettext_noop ("use insecure, weak random number generator for key generation (for testing only)"), | ||
233 | 0, &GNUNET_GETOPT_set_one, &weak_random }, | ||
234 | GNUNET_GETOPT_OPTION_END | ||
235 | }; | ||
236 | |||
237 | if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv)) | ||
238 | return 2; | ||
239 | |||
240 | return (GNUNET_OK == | ||
241 | GNUNET_PROGRAM_run (argc, argv, "gnunet-ecc [OPTIONS] keyfile", | ||
242 | gettext_noop ("Manipulate GNUnet private ECC key files"), | ||
243 | options, &run, NULL)) ? 0 : 1; | ||
244 | } | ||
245 | |||
246 | /* end of gnunet-ecc.c */ | ||