diff options
author | Florian Dold <florian.dold@gmail.com> | 2013-11-03 23:19:47 +0000 |
---|---|---|
committer | Florian Dold <florian.dold@gmail.com> | 2013-11-03 23:19:47 +0000 |
commit | eea0c33154728a2b8272ee533aa7fbb43172fc09 (patch) | |
tree | 9b971cc446f38af2fa80b341501d829f6afee1af /src | |
parent | 1b28e1d54ca4d0680f02fc35389443ad020d7606 (diff) | |
download | gnunet-eea0c33154728a2b8272ee533aa7fbb43172fc09.tar.gz gnunet-eea0c33154728a2b8272ee533aa7fbb43172fc09.zip |
- secretsharing api proposal
Diffstat (limited to 'src')
-rw-r--r-- | src/include/gnunet_secretsharing_service.h | 204 |
1 files changed, 204 insertions, 0 deletions
diff --git a/src/include/gnunet_secretsharing_service.h b/src/include/gnunet_secretsharing_service.h new file mode 100644 index 000000000..f8235fb36 --- /dev/null +++ b/src/include/gnunet_secretsharing_service.h | |||
@@ -0,0 +1,204 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet | ||
3 | (C) 2013 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | GNUnet is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as published | ||
7 | by the Free Software Foundation; either version 3, or (at your | ||
8 | option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public License | ||
16 | along with GNUnet; see the file COPYING. If not, write to the | ||
17 | Free Software Foundation, Inc., 59 Temple Place - Suite 330, | ||
18 | Boston, MA 02111-1307, USA. | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file include/gnunet_secretsharing_service.h | ||
23 | * @brief verified additive secret sharing and cooperative decryption | ||
24 | * @author Florian Dold | ||
25 | */ | ||
26 | |||
27 | #ifndef GNUNET_CONSENSUS_SERVICE_H | ||
28 | #define GNUNET_CONSENSUS_SERVICE_H | ||
29 | |||
30 | #ifdef __cplusplus | ||
31 | extern "C" | ||
32 | { | ||
33 | #if 0 /* keep Emacsens' auto-indent happy */ | ||
34 | } | ||
35 | #endif | ||
36 | #endif | ||
37 | |||
38 | #include "platform.h" | ||
39 | #include "gnunet_common.h" | ||
40 | #include "gnunet_time_lib.h" | ||
41 | #include "gnunet_configuration_lib.h" | ||
42 | #include <gcrypt.h> | ||
43 | |||
44 | |||
45 | /** | ||
46 | * Session that will eventually establish a shared secred between | ||
47 | * the involved peers and allow encryption and cooperative decryption. | ||
48 | */ | ||
49 | struct GNUNET_SECRETSHARING_Session; | ||
50 | |||
51 | |||
52 | /** | ||
53 | * Handle to cancel a cooperative decryption operation. | ||
54 | */ | ||
55 | struct GNUNET_SECRETSHARING_DecryptionHandle; | ||
56 | |||
57 | |||
58 | /** | ||
59 | * Parameters of the crypto system. | ||
60 | */ | ||
61 | struct GNUNET_SECRETSHARING_Parameters | ||
62 | { | ||
63 | /** | ||
64 | * Threshold, that is, minimum number of peers that | ||
65 | * must cooperate to decrypt a value. | ||
66 | */ | ||
67 | unsigned int k; | ||
68 | /** | ||
69 | * Prime with p = 2q+1. | ||
70 | */ | ||
71 | gcry_mpi_t p; | ||
72 | /** | ||
73 | * Prime. | ||
74 | */ | ||
75 | gcry_mpi_t q; | ||
76 | /** | ||
77 | * Generator of G_q. | ||
78 | */ | ||
79 | gcry_mpi_t g; | ||
80 | }; | ||
81 | |||
82 | |||
83 | /** | ||
84 | * Encrypted field element. | ||
85 | */ | ||
86 | struct GNUNET_SECRETSHARING_Ciphertext | ||
87 | { | ||
88 | /** | ||
89 | * First component. | ||
90 | */ | ||
91 | gcry_mpi_t c1; | ||
92 | /** | ||
93 | * Second component. | ||
94 | */ | ||
95 | gcry_mpi_t c2; | ||
96 | }; | ||
97 | |||
98 | |||
99 | /** | ||
100 | * Called once the secret has been established. | ||
101 | * | ||
102 | * @param cls closure | ||
103 | * @param public_key public key of the session | ||
104 | * @param num_ready_peers number of peers in @ready_peers | ||
105 | * @parem ready_peers peers that successfuly participated in establishing | ||
106 | * the shared secret | ||
107 | */ | ||
108 | typedef void (*GNUNET_SECRETSHARING_SecretReadyCallback) (void *cls, | ||
109 | gcry_mpi_t public_key, | ||
110 | unsigned int num_ready_peers, | ||
111 | const struct GNUNET_PeerIdentity *ready_peers); | ||
112 | |||
113 | |||
114 | /** | ||
115 | * Create a session that will eventually establish a shared secret | ||
116 | * with the other peers. | ||
117 | * | ||
118 | * @param cfg configuration to use | ||
119 | * @param num_peers number of peers in @peers | ||
120 | * @param session_id unique session id | ||
121 | * @param deadline point in time where the session must be established; taken as hint | ||
122 | * by underlying consensus sessions | ||
123 | * @param cb called when the secret has been established | ||
124 | * @param cls closure for cb | ||
125 | */ | ||
126 | struct GNUNET_SECRETSHARING_Session * | ||
127 | GNUNET_SECRETSHARING_create_session (const struct GNUNET_CONFIGURATION_Handle *cfg, | ||
128 | unsigned int num_peers, | ||
129 | const struct GNUNET_PeerIdentity *peers, | ||
130 | const struct GNUNET_HashCode *session_id, | ||
131 | struct GNUNET_TIME_Absolute deadline, | ||
132 | struct GNUNET_SECRETSHARING_Parameters *parameters, | ||
133 | GNUNET_SECRETSHARING_SecretReadyCallback *cb, | ||
134 | void *cls); | ||
135 | |||
136 | |||
137 | /** | ||
138 | * Destroy a secret sharing session. | ||
139 | * | ||
140 | * @param session session to destroy | ||
141 | */ | ||
142 | void | ||
143 | GNUNET_SECRETSHARING_destroy_session (struct GNUNET_SECRETSHARING_Session *session); | ||
144 | |||
145 | |||
146 | /** | ||
147 | * Encrypt a value. This operation is executed locally, no communication is | ||
148 | * necessary. | ||
149 | * | ||
150 | * This is a helper function, encryption can be done soley with a session's public key | ||
151 | * and the crypto system parameters. | ||
152 | * | ||
153 | * @param session session to take the key for encryption from, | ||
154 | * the session's ready callback must have been already called | ||
155 | * @param message message to encrypt | ||
156 | * @param result_cyphertext pointer to store the resulting ciphertext | ||
157 | * @return GNUNET_YES on succes, GNUNET_SYSERR if the message is invalid (invalid range) | ||
158 | */ | ||
159 | int | ||
160 | GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_Session *session, | ||
161 | gcry_mpi_t message, | ||
162 | struct GNUNET_SECRETSHARING_Ciphertext *result_ciphertext); | ||
163 | |||
164 | |||
165 | /** | ||
166 | * Publish the given ciphertext for decryption. Once a sufficient (>=k) number of peers has | ||
167 | * published the same value, it will be decrypted. | ||
168 | * | ||
169 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling | ||
170 | * peer may already have irrevocably contributed his share for the decryption of the value. | ||
171 | * | ||
172 | * @param session session to use for the decryption | ||
173 | * @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree) | ||
174 | * @param decrypt_cb callback called once the decryption succeeded | ||
175 | * @param cls closure for decrypt_cb | ||
176 | * @return handle to cancel the operation | ||
177 | */ | ||
178 | struct GNUNET_SECRETSHARING_DecryptionHandle | ||
179 | GNUNET_SECRETSHARING_publish_decrypt (struct GNUNET_SECRETSHARING_Session *session, | ||
180 | struct GNUNET_SECRETSHARING_Ciphertext *ciphertext, | ||
181 | GNUNET_SECRETSHARING_DecryptCallback decrypt_cb, | ||
182 | void *cls); | ||
183 | |||
184 | /** | ||
185 | * Cancel a decryption. | ||
186 | * | ||
187 | * The decrypt_cb is not called anymore, but the calling | ||
188 | * peer may already have irrevocably contributed his share for the decryption of the value. | ||
189 | */ | ||
190 | void | ||
191 | GNUNET_SECRETSHARING_cancel_decrypt (struct GNUNET_SECRETSHARING_DecryptionHandle *decryption_handle); | ||
192 | |||
193 | |||
194 | |||
195 | |||
196 | |||
197 | #if 0 /* keep Emacsens' auto-indent happy */ | ||
198 | { | ||
199 | #endif | ||
200 | #ifdef __cplusplus | ||
201 | } | ||
202 | #endif | ||
203 | |||
204 | #endif | ||