GNS: Sanitize APIs and align with LSD0001

author: Martin Schanzenbach <schanzen@gnunet.org> 2022-03-27 12:25:01 +0200
committer: Martin Schanzenbach <schanzen@gnunet.org> 2022-03-27 12:25:01 +0200
commit: 1e4d6256731d69f1309ff8439569c65d2e1384a0 (patch)
tree: 164e7b5cd860ba30e315caba7a1ac08919dee90b /src
parent: e598ffe0a3a3d3db0df1fcc04f52bbefe93d3779 (diff)
download: gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.tar.gz
gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.zip
5 files changed, 156 insertions, 57 deletions
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c
index ff92911de..b5e8be82b 100644
--- a/src/gnsrecord/gnsrecord_crypto.c
+++ b/src/gnsrecord/gnsrecord_crypto.c
@@ -219,7 +219,6 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
                                                           rd);
  struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;
  struct GNRBlockPS *gnr_block;
-  struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
  unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
  struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
@@ -270,11 +269,10 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
    gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);
    ecblock->expiration_time = gnr_block->expiration_time;
    /* encrypt and sign */
-    dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key,
+    GNUNET_CRYPTO_ecdsa_public_key_derive (pkey,
-                                                   label,
+                                           label,
-                                                   "gns");
+                                           "gns",
-    GNUNET_CRYPTO_ecdsa_key_get_public (dkey,
+                                           &ecblock->derived_key);
-                                        &ecblock->derived_key);
    GNR_derive_block_aes_key (ctr,
                              skey,
                              label,
@@ -289,18 +287,18 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
    GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len);
  }
  if (GNUNET_OK !=
-      GNUNET_CRYPTO_ecdsa_sign_ (dkey,
+      GNUNET_CRYPTO_ecdsa_sign_derived (key,
-                                 &gnr_block->purpose,
+                                        label,
-                                 &ecblock->signature))
+                                        "gns",
+                                        &gnr_block->purpose,
+                                        &ecblock->signature))
  {
    GNUNET_break (0);
    GNUNET_free (*block);
-    GNUNET_free (dkey);
    GNUNET_free (gnr_block);
    return GNUNET_SYSERR;
  }
  GNUNET_free (gnr_block);
-  GNUNET_free (dkey);
  return GNUNET_OK;
 }
@@ -344,7 +342,6 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
                                                           rd);
  struct GNUNET_GNSRECORD_EddsaBlock *edblock;
  struct GNRBlockPS *gnr_block;
-  struct GNUNET_CRYPTO_EddsaPrivateScalar dkey;
  unsigned char nonce[crypto_secretbox_NONCEBYTES];
  unsigned char skey[crypto_secretbox_KEYBYTES];
  struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
@@ -402,12 +399,10 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
    gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);
    edblock->expiration_time = gnr_block->expiration_time;
    /* encrypt and sign */
-    GNUNET_CRYPTO_eddsa_private_key_derive (key,
+    GNUNET_CRYPTO_eddsa_public_key_derive (pkey,
-                                            label,
+                                           label,
-                                            "gns",
+                                           "gns",
-                                            &dkey);
+                                           &edblock->derived_key);
-    GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey,
-                                                    &edblock->derived_key);
    GNR_derive_block_xsalsa_key (nonce,
                                 skey,
                                 label,
@@ -422,9 +417,11 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
    GNUNET_memcpy (&gnr_block[1], &edblock[1],
                   payload_len + crypto_secretbox_MACBYTES);
-    GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey,
+    GNUNET_CRYPTO_eddsa_sign_derived (key,
-                                          &gnr_block->purpose,
+                                      label,
-                                          &edblock->signature);
+                                      "gns",
+                                      &gnr_block->purpose,
+                                      &edblock->signature);
  }
  return GNUNET_OK;
 }
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 72d783148..77abab45d 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -2018,6 +2018,26 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (
  const char *context,
  struct GNUNET_CRYPTO_EcdsaPublicKey *result);
+/**
+ * This is a signature function for ECDSA which takes a
+ * private key, derives/blinds it and signs the message.
+ *
+ * @param pkey original private key
+ * @param label label to use for key deriviation
+ * @param context additional context to use for HKDF of 'h';
+ *        typically the name of the subsystem/application
+ * @param purp the signature purpose
+ * @param sig the resulting signature
+ * @return GNUNET_OK on success
+ */
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_ecdsa_sign_derived (
+  const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
+  const char *label,
+  const char *context,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+  struct GNUNET_CRYPTO_EcdsaSignature *sig);
 /**
 * @ingroup crypto
@@ -2063,23 +2083,23 @@ GNUNET_CRYPTO_eddsa_public_key_derive (
 /**
- * This is a signature function for EdDSA which takes the
+ * This is a signature function for EdDSA which takes a
- * secret scalar sk instead of the private seed which is
+ * private key and derives it using the label and context
- * usually the case for crypto APIs. We require this functionality
+ * before signing.
- * in order to use derived private keys for signatures we
- * cannot calculate the inverse of a sk to find the seed
- * efficiently.
 *
- * The resulting signature is a standard EdDSA signature
+ * @param pkey original private key
- * which can be verified using the usual APIs.
+ * @param label label to use for key deriviation
- *
+ * @param context additional context to use for HKDF of 'h';
- * @param sk the secret scalar
+ *        typically the name of the subsystem/application
 * @param purp the signature purpose
 * @param sig the resulting signature
+ * @return GNUNET_OK on success
 */
-void
+enum GNUNET_GenericReturnValue
-GNUNET_CRYPTO_eddsa_sign_with_scalar (
+GNUNET_CRYPTO_eddsa_sign_derived (
-  const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,
+  const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
+  const char *label,
+  const char *context,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
  struct GNUNET_CRYPTO_EddsaSignature *sig);
diff --git a/src/include/gnunet_namestore_plugin.h b/src/include/gnunet_namestore_plugin.h
index 9cc8abc6e..3dca5a853 100644
--- a/src/include/gnunet_namestore_plugin.h
+++ b/src/include/gnunet_namestore_plugin.h
@@ -150,6 +150,71 @@ struct GNUNET_NAMESTORE_PluginFunctions
                   const struct GNUNET_IDENTITY_PublicKey *value_zone,
                   GNUNET_NAMESTORE_RecordIterator iter,
                   void *iter_cls);
+  /** Transaction-based API draft **/
+  /**
+   * Start a transaction in the database
+   *
+   * @param cls closure (internal context for the plugin)
+   * @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
+   */
+  enum GNUNET_GenericReturnValue
+  (*transaction_begin) (void *cls);
+  /**
+   * Abort a transaction in the database
+   *
+   * @param cls closure (internal context for the plugin)
+   * @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
+   */
+  enum GNUNET_GenericReturnValue
+  (*transaction_abort) (void *cls);
+  /**
+   * Commit a transaction in the database
+   *
+   * @param cls closure (internal context for the plugin)
+   * @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
+   */
+  enum GNUNET_GenericReturnValue
+  (*transaction_commit) (void *cls);
+  /**
+   * Replace a record in the datastore for which we are the authority.
+   * Removes any existing record in the same zone with the same name.
+   *
+   * @param cls closure (internal context for the plugin)
+   * @param zone private key of the zone
+   * @param label name of the record in the zone
+   * @param rd_count number of entries in @a rd array, 0 to delete all records
+   * @param rd array of records with data to store
+   * @return #GNUNET_OK on success, else #GNUNET_SYSERR
+   */
+  int
+  (*replace_records) (void *cls,
+                    const struct GNUNET_IDENTITY_PrivateKey *zone,
+                    const char *label,
+                    unsigned int rd_count,
+                    const struct GNUNET_GNSRECORD_Data *rd);
+  /**
+   * Lookup records in the datastore for which we are the authority.
+   *
+   * @param cls closure (internal context for the plugin)
+   * @param zone private key of the zone
+   * @param label name of the record in the zone
+   * @param iter function to call with the result
+   * @param iter_cls closure for @a iter
+   * @return #GNUNET_OK on success, #GNUNET_NO for no results, else #GNUNET_SYSERR
+   */
+  int
+  (*select_records) (void *cls,
+                     const struct GNUNET_IDENTITY_PrivateKey *zone,
+                     const char *label,
+                     GNUNET_NAMESTORE_RecordIterator iter,
+                     void *iter_cls);
 };
diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c
index ce41a4699..0ee0570c0 100644
--- a/src/util/crypto_ecc_gnsrecord.c
+++ b/src/util/crypto_ecc_gnsrecord.c
@@ -68,28 +68,15 @@ derive_h (const void *pub,
 }
-/**
+enum GNUNET_GenericReturnValue
- * This is a signature function for EdDSA which takes the
+GNUNET_CRYPTO_eddsa_sign_derived (
- * secret scalar sk instead of the private seed which is
+  const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
- * usually the case for crypto APIs. We require this functionality
+  const char *label,
- * in order to use derived private keys for signatures we
+  const char *context,
- * cannot calculate the inverse of a sk to find the seed
- * efficiently.
- *
- * The resulting signature is a standard EdDSA signature
- * which can be verified using the usual APIs.
- *
- * @param sk the secret scalar
- * @param purp the signature purpose
- * @param sig the resulting signature
- */
-void
-GNUNET_CRYPTO_eddsa_sign_with_scalar (
-  const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,
  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
  struct GNUNET_CRYPTO_EddsaSignature *sig)
 {
+  struct GNUNET_CRYPTO_EddsaPrivateScalar priv;
  crypto_hash_sha512_state hs;
  unsigned char sk[64];
  unsigned char r[64];
@@ -98,6 +85,14 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
  unsigned char zk[32];
  unsigned char tmp[32];
+  /**
+   * Derive the private key
+   */
+  GNUNET_CRYPTO_eddsa_private_key_derive (pkey,
+                                          label,
+                                          context,
+                                          &priv);
  crypto_hash_sha512_init (&hs);
  /**
@@ -108,7 +103,7 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
   * sk[0..31] = h * SHA512 (d)[0..31]
   * sk[32..63] = SHA512 (d)[32..63]
   */
-  memcpy (sk, priv->s, 64);
+  memcpy (sk, priv.s, 64);
  /**
   * Calculate the derived zone key zk' from the
@@ -172,8 +167,28 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
  sodium_memzero (sk, sizeof (sk));
  sodium_memzero (r, sizeof (r));
  sodium_memzero (r_mod, sizeof (r_mod));
+  return GNUNET_OK;
 }
+enum GNUNET_GenericReturnValue
+GNUNET_CRYPTO_ecdsa_sign_derived (
+  const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+  const char *label,
+  const char *context,
+  const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+  struct GNUNET_CRYPTO_EcdsaSignature *sig)
+{
+  struct GNUNET_CRYPTO_EcdsaPrivateKey *key;
+  enum GNUNET_GenericReturnValue res;
+  key = GNUNET_CRYPTO_ecdsa_private_key_derive (priv,
+                                                label,
+                                                context);
+  res = GNUNET_CRYPTO_ecdsa_sign_ (key,
+                                   purpose,
+                                   sig);
+  GNUNET_free (key);
+  return res;
+}
 struct GNUNET_CRYPTO_EcdsaPrivateKey *
 GNUNET_CRYPTO_ecdsa_private_key_derive (
diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c
index 459619ff2..e9573a307 100644
--- a/src/util/test_crypto_eddsa.c
+++ b/src/util/test_crypto_eddsa.c
@@ -130,9 +130,11 @@ testDeriveSignVerify (void)
    return GNUNET_SYSERR;
  }
-  GNUNET_CRYPTO_eddsa_sign_with_scalar (&dpriv,
+  GNUNET_CRYPTO_eddsa_sign_derived (&key,
-                                        &purp,
+                                    "test-derive",
-                                        &sig);
+                                    "test-CTX",
+                                    &purp,
+                                    &sig);
  if (GNUNET_SYSERR ==
      GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
                                   &purp,
author	Martin Schanzenbach <schanzen@gnunet.org>	2022-03-27 12:25:01 +0200
committer	Martin Schanzenbach <schanzen@gnunet.org>	2022-03-27 12:25:01 +0200
commit	1e4d6256731d69f1309ff8439569c65d2e1384a0 (patch)
tree	164e7b5cd860ba30e315caba7a1ac08919dee90b /src
parent	e598ffe0a3a3d3db0df1fcc04f52bbefe93d3779 (diff)
download	gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.tar.gz gnunet-1e4d6256731d69f1309ff8439569c65d2e1384a0.zip

diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index ff92911de..b5e8be82b 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c
@@ -219,7 +219,6 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
219	rd);	219	rd);
220	struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;	220	struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;
221	struct GNRBlockPS *gnr_block;	221	struct GNRBlockPS *gnr_block;
222	struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
223	unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];	222	unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
224	unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];	223	unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
225	struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];	224	struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
@@ -270,11 +269,10 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
270	gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);	269	gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);
271	ecblock->expiration_time = gnr_block->expiration_time;	270	ecblock->expiration_time = gnr_block->expiration_time;
272	/* encrypt and sign */	271	/* encrypt and sign */
273	dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key,	272	GNUNET_CRYPTO_ecdsa_public_key_derive (pkey,
274	label,	273	label,
275	"gns");	274	"gns",
276	GNUNET_CRYPTO_ecdsa_key_get_public (dkey,	275	&ecblock->derived_key);
277	&ecblock->derived_key);
278	GNR_derive_block_aes_key (ctr,	276	GNR_derive_block_aes_key (ctr,
279	skey,	277	skey,
280	label,	278	label,
@@ -289,18 +287,18 @@ block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
289	GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len);	287	GNUNET_memcpy (&gnr_block[1], &ecblock[1], payload_len);
290	}	288	}
291	if (GNUNET_OK !=	289	if (GNUNET_OK !=
292	GNUNET_CRYPTO_ecdsa_sign_ (dkey,	290	GNUNET_CRYPTO_ecdsa_sign_derived (key,
293	&gnr_block->purpose,	291	label,
294	&ecblock->signature))	292	"gns",
		293	&gnr_block->purpose,
		294	&ecblock->signature))
295	{	295	{
296	GNUNET_break (0);	296	GNUNET_break (0);
297	GNUNET_free (*block);	297	GNUNET_free (*block);
298	GNUNET_free (dkey);
299	GNUNET_free (gnr_block);	298	GNUNET_free (gnr_block);
300	return GNUNET_SYSERR;	299	return GNUNET_SYSERR;
301	}	300	}
302	GNUNET_free (gnr_block);	301	GNUNET_free (gnr_block);
303	GNUNET_free (dkey);
304	return GNUNET_OK;	302	return GNUNET_OK;
305	}	303	}
306		304
@@ -344,7 +342,6 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
344	rd);	342	rd);
345	struct GNUNET_GNSRECORD_EddsaBlock *edblock;	343	struct GNUNET_GNSRECORD_EddsaBlock *edblock;
346	struct GNRBlockPS *gnr_block;	344	struct GNRBlockPS *gnr_block;
347	struct GNUNET_CRYPTO_EddsaPrivateScalar dkey;
348	unsigned char nonce[crypto_secretbox_NONCEBYTES];	345	unsigned char nonce[crypto_secretbox_NONCEBYTES];
349	unsigned char skey[crypto_secretbox_KEYBYTES];	346	unsigned char skey[crypto_secretbox_KEYBYTES];
350	struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];	347	struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
@@ -402,12 +399,10 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
402	gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);	399	gnr_block->expiration_time = GNUNET_TIME_absolute_hton (expire);
403	edblock->expiration_time = gnr_block->expiration_time;	400	edblock->expiration_time = gnr_block->expiration_time;
404	/* encrypt and sign */	401	/* encrypt and sign */
405	GNUNET_CRYPTO_eddsa_private_key_derive (key,	402	GNUNET_CRYPTO_eddsa_public_key_derive (pkey,
406	label,	403	label,
407	"gns",	404	"gns",
408	&dkey);	405	&edblock->derived_key);
409	GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey,
410	&edblock->derived_key);
411	GNR_derive_block_xsalsa_key (nonce,	406	GNR_derive_block_xsalsa_key (nonce,
412	skey,	407	skey,
413	label,	408	label,
@@ -422,9 +417,11 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key,
422	GNUNET_memcpy (&gnr_block[1], &edblock[1],	417	GNUNET_memcpy (&gnr_block[1], &edblock[1],
423	payload_len + crypto_secretbox_MACBYTES);	418	payload_len + crypto_secretbox_MACBYTES);
424		419
425	GNUNET_CRYPTO_eddsa_sign_with_scalar (&dkey,	420	GNUNET_CRYPTO_eddsa_sign_derived (key,
426	&gnr_block->purpose,	421	label,
427	&edblock->signature);	422	"gns",
		423	&gnr_block->purpose,
		424	&edblock->signature);
428	}	425	}
429	return GNUNET_OK;	426	return GNUNET_OK;
430	}	427	}


diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 72d783148..77abab45d 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h
@@ -2018,6 +2018,26 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (
2018	const char *context,	2018	const char *context,
2019	struct GNUNET_CRYPTO_EcdsaPublicKey *result);	2019	struct GNUNET_CRYPTO_EcdsaPublicKey *result);
2020		2020
		2021	/**
		2022	* This is a signature function for ECDSA which takes a
		2023	* private key, derives/blinds it and signs the message.
		2024	*
		2025	* @param pkey original private key
		2026	* @param label label to use for key deriviation
		2027	* @param context additional context to use for HKDF of 'h';
		2028	* typically the name of the subsystem/application
		2029	* @param purp the signature purpose
		2030	* @param sig the resulting signature
		2031	* @return GNUNET_OK on success
		2032	*/
		2033	enum GNUNET_GenericReturnValue
		2034	GNUNET_CRYPTO_ecdsa_sign_derived (
		2035	const struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey,
		2036	const char *label,
		2037	const char *context,
		2038	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
		2039	struct GNUNET_CRYPTO_EcdsaSignature *sig);
		2040
2021		2041
2022	/**	2042	/**
2023	* @ingroup crypto	2043	* @ingroup crypto
@@ -2063,23 +2083,23 @@ GNUNET_CRYPTO_eddsa_public_key_derive (
2063		2083
2064		2084
2065	/**	2085	/**
2066	* This is a signature function for EdDSA which takes the	2086	* This is a signature function for EdDSA which takes a
2067	* secret scalar sk instead of the private seed which is	2087	* private key and derives it using the label and context
2068	* usually the case for crypto APIs. We require this functionality	2088	* before signing.
2069	* in order to use derived private keys for signatures we
2070	* cannot calculate the inverse of a sk to find the seed
2071	* efficiently.
2072	*	2089	*
2073	* The resulting signature is a standard EdDSA signature	2090	* @param pkey original private key
2074	* which can be verified using the usual APIs.	2091	* @param label label to use for key deriviation
2075	*	2092	* @param context additional context to use for HKDF of 'h';
2076	* @param sk the secret scalar	2093	* typically the name of the subsystem/application
2077	* @param purp the signature purpose	2094	* @param purp the signature purpose
2078	* @param sig the resulting signature	2095	* @param sig the resulting signature
		2096	* @return GNUNET_OK on success
2079	*/	2097	*/
2080	void	2098	enum GNUNET_GenericReturnValue
2081	GNUNET_CRYPTO_eddsa_sign_with_scalar (	2099	GNUNET_CRYPTO_eddsa_sign_derived (
2082	const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,	2100	const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
		2101	const char *label,
		2102	const char *context,
2083	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,	2103	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
2084	struct GNUNET_CRYPTO_EddsaSignature *sig);	2104	struct GNUNET_CRYPTO_EddsaSignature *sig);
2085		2105


diff --git a/src/include/gnunet_namestore_plugin.h b/src/include/gnunet_namestore_plugin.h index 9cc8abc6e..3dca5a853 100644 --- a/src/include/gnunet_namestore_plugin.h +++ b/src/include/gnunet_namestore_plugin.h
@@ -150,6 +150,71 @@ struct GNUNET_NAMESTORE_PluginFunctions
150	const struct GNUNET_IDENTITY_PublicKey *value_zone,	150	const struct GNUNET_IDENTITY_PublicKey *value_zone,
151	GNUNET_NAMESTORE_RecordIterator iter,	151	GNUNET_NAMESTORE_RecordIterator iter,
152	void *iter_cls);	152	void *iter_cls);
		153
		154	/ Transaction-based API draft /
		155
		156	/**
		157	* Start a transaction in the database
		158	*
		159	* @param cls closure (internal context for the plugin)
		160	* @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
		161	*/
		162	enum GNUNET_GenericReturnValue
		163	(transaction_begin) (void cls);
		164
		165	/**
		166	* Abort a transaction in the database
		167	*
		168	* @param cls closure (internal context for the plugin)
		169	* @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
		170	*/
		171	enum GNUNET_GenericReturnValue
		172	(transaction_abort) (void cls);
		173
		174	/**
		175	* Commit a transaction in the database
		176	*
		177	* @param cls closure (internal context for the plugin)
		178	* @return #GNUNET_OK on success, #GNUNET_NO if there were no results, #GNUNET_SYSERR on error
		179	*/
		180	enum GNUNET_GenericReturnValue
		181	(transaction_commit) (void cls);
		182
		183	/**
		184	* Replace a record in the datastore for which we are the authority.
		185	* Removes any existing record in the same zone with the same name.
		186	*
		187	* @param cls closure (internal context for the plugin)
		188	* @param zone private key of the zone
		189	* @param label name of the record in the zone
		190	* @param rd_count number of entries in @a rd array, 0 to delete all records
		191	* @param rd array of records with data to store
		192	* @return #GNUNET_OK on success, else #GNUNET_SYSERR
		193	*/
		194	int
		195	(replace_records) (void cls,
		196	const struct GNUNET_IDENTITY_PrivateKey *zone,
		197	const char *label,
		198	unsigned int rd_count,
		199	const struct GNUNET_GNSRECORD_Data *rd);
		200
		201	/**
		202	* Lookup records in the datastore for which we are the authority.
		203	*
		204	* @param cls closure (internal context for the plugin)
		205	* @param zone private key of the zone
		206	* @param label name of the record in the zone
		207	* @param iter function to call with the result
		208	* @param iter_cls closure for @a iter
		209	* @return #GNUNET_OK on success, #GNUNET_NO for no results, else #GNUNET_SYSERR
		210	*/
		211	int
		212	(select_records) (void cls,
		213	const struct GNUNET_IDENTITY_PrivateKey *zone,
		214	const char *label,
		215	GNUNET_NAMESTORE_RecordIterator iter,
		216	void *iter_cls);
		217
153	};	218	};
154		219
155		220


diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c index ce41a4699..0ee0570c0 100644 --- a/src/util/crypto_ecc_gnsrecord.c +++ b/src/util/crypto_ecc_gnsrecord.c
@@ -68,28 +68,15 @@ derive_h (const void *pub,
68	}	68	}
69		69
70		70
71	/**	71	enum GNUNET_GenericReturnValue
72	* This is a signature function for EdDSA which takes the	72	GNUNET_CRYPTO_eddsa_sign_derived (
73	* secret scalar sk instead of the private seed which is	73	const struct GNUNET_CRYPTO_EddsaPrivateKey *pkey,
74	* usually the case for crypto APIs. We require this functionality	74	const char *label,
75	* in order to use derived private keys for signatures we	75	const char *context,
76	* cannot calculate the inverse of a sk to find the seed
77	* efficiently.
78	*
79	* The resulting signature is a standard EdDSA signature
80	* which can be verified using the usual APIs.
81	*
82	* @param sk the secret scalar
83	* @param purp the signature purpose
84	* @param sig the resulting signature
85	*/
86	void
87	GNUNET_CRYPTO_eddsa_sign_with_scalar (
88	const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv,
89	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,	76	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
90	struct GNUNET_CRYPTO_EddsaSignature *sig)	77	struct GNUNET_CRYPTO_EddsaSignature *sig)
91	{	78	{
92		79	struct GNUNET_CRYPTO_EddsaPrivateScalar priv;
93	crypto_hash_sha512_state hs;	80	crypto_hash_sha512_state hs;
94	unsigned char sk[64];	81	unsigned char sk[64];
95	unsigned char r[64];	82	unsigned char r[64];
@@ -98,6 +85,14 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
98	unsigned char zk[32];	85	unsigned char zk[32];
99	unsigned char tmp[32];	86	unsigned char tmp[32];
100		87
		88	/**
		89	* Derive the private key
		90	*/
		91	GNUNET_CRYPTO_eddsa_private_key_derive (pkey,
		92	label,
		93	context,
		94	&priv);
		95
101	crypto_hash_sha512_init (&hs);	96	crypto_hash_sha512_init (&hs);
102		97
103	/**	98	/**
@@ -108,7 +103,7 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
108	* sk[0..31] = h * SHA512 (d)[0..31]	103	* sk[0..31] = h * SHA512 (d)[0..31]
109	* sk[32..63] = SHA512 (d)[32..63]	104	* sk[32..63] = SHA512 (d)[32..63]
110	*/	105	*/
111	memcpy (sk, priv->s, 64);	106	memcpy (sk, priv.s, 64);
112		107
113	/**	108	/**
114	* Calculate the derived zone key zk' from the	109	* Calculate the derived zone key zk' from the
@@ -172,8 +167,28 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar (
172	sodium_memzero (sk, sizeof (sk));	167	sodium_memzero (sk, sizeof (sk));
173	sodium_memzero (r, sizeof (r));	168	sodium_memzero (r, sizeof (r));
174	sodium_memzero (r_mod, sizeof (r_mod));	169	sodium_memzero (r_mod, sizeof (r_mod));
		170	return GNUNET_OK;
175	}	171	}
176		172
		173	enum GNUNET_GenericReturnValue
		174	GNUNET_CRYPTO_ecdsa_sign_derived (
		175	const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
		176	const char *label,
		177	const char *context,
		178	const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
		179	struct GNUNET_CRYPTO_EcdsaSignature *sig)
		180	{
		181	struct GNUNET_CRYPTO_EcdsaPrivateKey *key;
		182	enum GNUNET_GenericReturnValue res;
		183	key = GNUNET_CRYPTO_ecdsa_private_key_derive (priv,
		184	label,
		185	context);
		186	res = GNUNET_CRYPTO_ecdsa_sign_ (key,
		187	purpose,
		188	sig);
		189	GNUNET_free (key);
		190	return res;
		191	}
177		192
178	struct GNUNET_CRYPTO_EcdsaPrivateKey *	193	struct GNUNET_CRYPTO_EcdsaPrivateKey *
179	GNUNET_CRYPTO_ecdsa_private_key_derive (	194	GNUNET_CRYPTO_ecdsa_private_key_derive (


diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c index 459619ff2..e9573a307 100644 --- a/src/util/test_crypto_eddsa.c +++ b/src/util/test_crypto_eddsa.c
@@ -130,9 +130,11 @@ testDeriveSignVerify (void)
130	return GNUNET_SYSERR;	130	return GNUNET_SYSERR;
131	}	131	}
132		132
133	GNUNET_CRYPTO_eddsa_sign_with_scalar (&dpriv,	133	GNUNET_CRYPTO_eddsa_sign_derived (&key,
134	&purp,	134	"test-derive",
135	&sig);	135	"test-CTX",
		136	&purp,
		137	&sig);
136	if (GNUNET_SYSERR ==	138	if (GNUNET_SYSERR ==
137	GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,	139	GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST,
138	&purp,	140	&purp,