- secretsharing api proposal

author: Florian Dold <florian.dold@gmail.com> 2013-11-03 23:19:47 +0000
committer: Florian Dold <florian.dold@gmail.com> 2013-11-03 23:19:47 +0000
commit: eea0c33154728a2b8272ee533aa7fbb43172fc09 (patch)
tree: 9b971cc446f38af2fa80b341501d829f6afee1af /src
parent: 1b28e1d54ca4d0680f02fc35389443ad020d7606 (diff)
download: gnunet-eea0c33154728a2b8272ee533aa7fbb43172fc09.tar.gz
gnunet-eea0c33154728a2b8272ee533aa7fbb43172fc09.zip
1 files changed, 204 insertions, 0 deletions
diff --git a/src/include/gnunet_secretsharing_service.h b/src/include/gnunet_secretsharing_service.h
new file mode 100644
index 000000000..f8235fb36
--- /dev/null
+++ b/src/include/gnunet_secretsharing_service.h
@@ -0,0 +1,204 @@
+/*
+      This file is part of GNUnet
+      (C) 2013 Christian Grothoff (and other contributing authors)
+      GNUnet is free software; you can redistribute it and/or modify
+      it under the terms of the GNU General Public License as published
+      by the Free Software Foundation; either version 3, or (at your
+      option) any later version.
+      GNUnet is distributed in the hope that it will be useful, but
+      WITHOUT ANY WARRANTY; without even the implied warranty of
+      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+      General Public License for more details.
+      You should have received a copy of the GNU General Public License
+      along with GNUnet; see the file COPYING.  If not, write to the
+      Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+      Boston, MA 02111-1307, USA.
+ */
+/**
+ * @file include/gnunet_secretsharing_service.h
+ * @brief verified additive secret sharing and cooperative decryption
+ * @author Florian Dold
+ */
+#ifndef GNUNET_CONSENSUS_SERVICE_H
+#define GNUNET_CONSENSUS_SERVICE_H
+#ifdef __cplusplus
+extern "C"
+{
+#if 0                           /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+#include "platform.h"
+#include "gnunet_common.h"
+#include "gnunet_time_lib.h"
+#include "gnunet_configuration_lib.h"
+#include <gcrypt.h>
+/**
+ * Session that will eventually establish a shared secred between
+ * the involved peers and allow encryption and cooperative decryption.
+ */
+struct GNUNET_SECRETSHARING_Session;
+/**
+ * Handle to cancel a cooperative decryption operation.
+ */
+struct GNUNET_SECRETSHARING_DecryptionHandle;
+/**
+ * Parameters of the crypto system.
+ */
+struct GNUNET_SECRETSHARING_Parameters
+{
+  /**
+   * Threshold, that is, minimum number of peers that
+   * must cooperate to decrypt a value.
+   */
+  unsigned int k;
+  /**
+   * Prime with p = 2q+1.
+   */
+  gcry_mpi_t p;
+  /**
+   * Prime.
+   */
+  gcry_mpi_t q;
+  /**
+   * Generator of G_q.
+   */
+  gcry_mpi_t g;
+};
+/**
+ * Encrypted field element.
+ */
+struct GNUNET_SECRETSHARING_Ciphertext 
+{
+  /**
+   * First component.
+   */
+  gcry_mpi_t c1;
+  /**
+   * Second component.
+   */
+  gcry_mpi_t c2;
+};
+/**
+ * Called once the secret has been established.
+ *
+ * @param cls closure
+ * @param public_key public key of the session
+ * @param num_ready_peers number of peers in @ready_peers
+ * @parem ready_peers peers that successfuly participated in establishing
+ *                    the shared secret
+ */
+typedef void (*GNUNET_SECRETSHARING_SecretReadyCallback) (void *cls,
+                                                          gcry_mpi_t public_key,
+                                                          unsigned int num_ready_peers,
+                                                          const struct GNUNET_PeerIdentity *ready_peers);
+/**
+ * Create a session that will eventually establish a shared secret
+ * with the other peers.
+ *
+ * @param cfg configuration to use
+ * @param num_peers number of peers in @peers
+ * @param session_id unique session id
+ * @param deadline point in time where the session must be established; taken as hint
+ *                 by underlying consensus sessions
+ * @param cb called when the secret has been established
+ * @param cls closure for cb
+ */
+struct GNUNET_SECRETSHARING_Session *
+GNUNET_SECRETSHARING_create_session (const struct GNUNET_CONFIGURATION_Handle *cfg,
+                                     unsigned int num_peers,
+                                     const struct GNUNET_PeerIdentity *peers,
+                                     const struct GNUNET_HashCode *session_id,
+                                     struct GNUNET_TIME_Absolute deadline,
+                                     struct GNUNET_SECRETSHARING_Parameters *parameters,
+                                     GNUNET_SECRETSHARING_SecretReadyCallback *cb,
+                                     void *cls);
+/**
+ * Destroy a secret sharing session.
+ *
+ * @param session session to destroy
+ */
+void
+GNUNET_SECRETSHARING_destroy_session (struct GNUNET_SECRETSHARING_Session *session);
+/**
+ * Encrypt a value.  This operation is executed locally, no communication is
+ * necessary.
+ *
+ * This is a helper function, encryption can be done soley with a session's public key
+ * and the crypto system parameters.
+ *
+ * @param session session to take the key for encryption from,
+ *                the session's ready callback must have been already called
+ * @param message message to encrypt
+ * @param result_cyphertext pointer to store the resulting ciphertext
+ * @return GNUNET_YES on succes, GNUNET_SYSERR if the message is invalid (invalid range)
+ */
+int 
+GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_Session *session,
+                              gcry_mpi_t message,
+                              struct GNUNET_SECRETSHARING_Ciphertext *result_ciphertext);
+/**
+ * Publish the given ciphertext for decryption.  Once a sufficient (>=k) number of peers has
+ * published the same value, it will be decrypted.
+ *
+ * When the operation is canceled, the decrypt_cb is not called anymore, but the calling
+ * peer may already have irrevocably contributed his share for the decryption of the value.
+ *
+ * @param session session to use for the decryption
+ * @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree)
+ * @param decrypt_cb callback called once the decryption succeeded
+ * @param cls closure for decrypt_cb
+ * @return handle to cancel the operation
+ */
+struct GNUNET_SECRETSHARING_DecryptionHandle
+GNUNET_SECRETSHARING_publish_decrypt (struct GNUNET_SECRETSHARING_Session *session,
+                                      struct GNUNET_SECRETSHARING_Ciphertext *ciphertext,
+                                      GNUNET_SECRETSHARING_DecryptCallback decrypt_cb,
+                                      void *cls);
+/**
+ * Cancel a decryption.
+ *
+ * The decrypt_cb is not called anymore, but the calling
+ * peer may already have irrevocably contributed his share for the decryption of the value.
+ */
+void
+GNUNET_SECRETSHARING_cancel_decrypt (struct GNUNET_SECRETSHARING_DecryptionHandle *decryption_handle);
+#if 0                           /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+#endif
author	Florian Dold <florian.dold@gmail.com>	2013-11-03 23:19:47 +0000
committer	Florian Dold <florian.dold@gmail.com>	2013-11-03 23:19:47 +0000
commit	eea0c33154728a2b8272ee533aa7fbb43172fc09 (patch)
tree	9b971cc446f38af2fa80b341501d829f6afee1af /src
parent	1b28e1d54ca4d0680f02fc35389443ad020d7606 (diff)
download	gnunet-eea0c33154728a2b8272ee533aa7fbb43172fc09.tar.gz gnunet-eea0c33154728a2b8272ee533aa7fbb43172fc09.zip

diff --git a/src/include/gnunet_secretsharing_service.h b/src/include/gnunet_secretsharing_service.h new file mode 100644 index 000000000..f8235fb36 --- /dev/null +++ b/src/include/gnunet_secretsharing_service.h
@@ -0,0 +1,204 @@
	1	/*
	2	This file is part of GNUnet
	3	(C) 2013 Christian Grothoff (and other contributing authors)
	4
	5	GNUnet is free software; you can redistribute it and/or modify
	6	it under the terms of the GNU General Public License as published
	7	by the Free Software Foundation; either version 3, or (at your
	8	option) any later version.
	9
	10	GNUnet is distributed in the hope that it will be useful, but
	11	WITHOUT ANY WARRANTY; without even the implied warranty of
	12	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	13	General Public License for more details.
	14
	15	You should have received a copy of the GNU General Public License
	16	along with GNUnet; see the file COPYING. If not, write to the
	17	Free Software Foundation, Inc., 59 Temple Place - Suite 330,
	18	Boston, MA 02111-1307, USA.
	19	*/
	20
	21	/**
	22	* @file include/gnunet_secretsharing_service.h
	23	* @brief verified additive secret sharing and cooperative decryption
	24	* @author Florian Dold
	25	*/
	26
	27	#ifndef GNUNET_CONSENSUS_SERVICE_H
	28	#define GNUNET_CONSENSUS_SERVICE_H
	29
	30	#ifdef __cplusplus
	31	extern "C"
	32	{
	33	#if 0 /* keep Emacsens' auto-indent happy */
	34	}
	35	#endif
	36	#endif
	37
	38	#include "platform.h"
	39	#include "gnunet_common.h"
	40	#include "gnunet_time_lib.h"
	41	#include "gnunet_configuration_lib.h"
	42	#include <gcrypt.h>
	43
	44
	45	/**
	46	* Session that will eventually establish a shared secred between
	47	* the involved peers and allow encryption and cooperative decryption.
	48	*/
	49	struct GNUNET_SECRETSHARING_Session;
	50
	51
	52	/**
	53	* Handle to cancel a cooperative decryption operation.
	54	*/
	55	struct GNUNET_SECRETSHARING_DecryptionHandle;
	56
	57
	58	/**
	59	* Parameters of the crypto system.
	60	*/
	61	struct GNUNET_SECRETSHARING_Parameters
	62	{
	63	/**
	64	* Threshold, that is, minimum number of peers that
	65	* must cooperate to decrypt a value.
	66	*/
	67	unsigned int k;
	68	/**
	69	* Prime with p = 2q+1.
	70	*/
	71	gcry_mpi_t p;
	72	/**
	73	* Prime.
	74	*/
	75	gcry_mpi_t q;
	76	/**
	77	* Generator of G_q.
	78	*/
	79	gcry_mpi_t g;
	80	};
	81
	82
	83	/**
	84	* Encrypted field element.
	85	*/
	86	struct GNUNET_SECRETSHARING_Ciphertext
	87	{
	88	/**
	89	* First component.
	90	*/
	91	gcry_mpi_t c1;
	92	/**
	93	* Second component.
	94	*/
	95	gcry_mpi_t c2;
	96	};
	97
	98
	99	/**
	100	* Called once the secret has been established.
	101	*
	102	* @param cls closure
	103	* @param public_key public key of the session
	104	* @param num_ready_peers number of peers in @ready_peers
	105	* @parem ready_peers peers that successfuly participated in establishing
	106	* the shared secret
	107	*/
	108	typedef void (GNUNET_SECRETSHARING_SecretReadyCallback) (void cls,
	109	gcry_mpi_t public_key,
	110	unsigned int num_ready_peers,
	111	const struct GNUNET_PeerIdentity *ready_peers);
	112
	113
	114	/**
	115	* Create a session that will eventually establish a shared secret
	116	* with the other peers.
	117	*
	118	* @param cfg configuration to use
	119	* @param num_peers number of peers in @peers
	120	* @param session_id unique session id
	121	* @param deadline point in time where the session must be established; taken as hint
	122	* by underlying consensus sessions
	123	* @param cb called when the secret has been established
	124	* @param cls closure for cb
	125	*/
	126	struct GNUNET_SECRETSHARING_Session *
	127	GNUNET_SECRETSHARING_create_session (const struct GNUNET_CONFIGURATION_Handle *cfg,
	128	unsigned int num_peers,
	129	const struct GNUNET_PeerIdentity *peers,
	130	const struct GNUNET_HashCode *session_id,
	131	struct GNUNET_TIME_Absolute deadline,
	132	struct GNUNET_SECRETSHARING_Parameters *parameters,
	133	GNUNET_SECRETSHARING_SecretReadyCallback *cb,
	134	void *cls);
	135
	136
	137	/**
	138	* Destroy a secret sharing session.
	139	*
	140	* @param session session to destroy
	141	*/
	142	void
	143	GNUNET_SECRETSHARING_destroy_session (struct GNUNET_SECRETSHARING_Session *session);
	144
	145
	146	/**
	147	* Encrypt a value. This operation is executed locally, no communication is
	148	* necessary.
	149	*
	150	* This is a helper function, encryption can be done soley with a session's public key
	151	* and the crypto system parameters.
	152	*
	153	* @param session session to take the key for encryption from,
	154	* the session's ready callback must have been already called
	155	* @param message message to encrypt
	156	* @param result_cyphertext pointer to store the resulting ciphertext
	157	* @return GNUNET_YES on succes, GNUNET_SYSERR if the message is invalid (invalid range)
	158	*/
	159	int
	160	GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_Session *session,
	161	gcry_mpi_t message,
	162	struct GNUNET_SECRETSHARING_Ciphertext *result_ciphertext);
	163
	164
	165	/**
	166	* Publish the given ciphertext for decryption. Once a sufficient (>=k) number of peers has
	167	* published the same value, it will be decrypted.
	168	*
	169	* When the operation is canceled, the decrypt_cb is not called anymore, but the calling
	170	* peer may already have irrevocably contributed his share for the decryption of the value.
	171	*
	172	* @param session session to use for the decryption
	173	* @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree)
	174	* @param decrypt_cb callback called once the decryption succeeded
	175	* @param cls closure for decrypt_cb
	176	* @return handle to cancel the operation
	177	*/
	178	struct GNUNET_SECRETSHARING_DecryptionHandle
	179	GNUNET_SECRETSHARING_publish_decrypt (struct GNUNET_SECRETSHARING_Session *session,
	180	struct GNUNET_SECRETSHARING_Ciphertext *ciphertext,
	181	GNUNET_SECRETSHARING_DecryptCallback decrypt_cb,
	182	void *cls);
	183
	184	/**
	185	* Cancel a decryption.
	186	*
	187	* The decrypt_cb is not called anymore, but the calling
	188	* peer may already have irrevocably contributed his share for the decryption of the value.
	189	*/
	190	void
	191	GNUNET_SECRETSHARING_cancel_decrypt (struct GNUNET_SECRETSHARING_DecryptionHandle *decryption_handle);
	192
	193
	194
	195
	196
	197	#if 0 /* keep Emacsens' auto-indent happy */
	198	{
	199	#endif
	200	#ifdef __cplusplus
	201	}
	202	#endif
	203
	204	#endif