diff options
Diffstat (limited to 'src/identity/identity_api.c')
-rw-r--r-- | src/identity/identity_api.c | 190 |
1 files changed, 107 insertions, 83 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 6f7c5d860..f40472240 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c | |||
@@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h) | |||
953 | GNUNET_free (h); | 953 | GNUNET_free (h); |
954 | } | 954 | } |
955 | 955 | ||
956 | |||
956 | ssize_t | 957 | ssize_t |
957 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | 958 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) |
958 | { | 959 | { |
@@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | |||
971 | } | 972 | } |
972 | 973 | ||
973 | 974 | ||
974 | |||
975 | ssize_t | 975 | ssize_t |
976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | 976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) |
977 | { | 977 | { |
@@ -992,106 +992,116 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | |||
992 | 992 | ||
993 | ssize_t | 993 | ssize_t |
994 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | 994 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, |
995 | const void* buffer, | 995 | const void*buffer, |
996 | size_t len) | 996 | size_t len) |
997 | { | 997 | { |
998 | if (len < sizeof (key->type)) | 998 | if (len < sizeof (key->type)) |
999 | return -1; | 999 | return -1; |
1000 | GNUNET_memcpy(&(key->type), buffer, sizeof (key->type)); | 1000 | GNUNET_memcpy (&(key->type), buffer, sizeof (key->type)); |
1001 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | 1001 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); |
1002 | if (len < length) | 1002 | if (len < length) |
1003 | return -1; | 1003 | return -1; |
1004 | if (length < 0) | 1004 | if (length < 0) |
1005 | return -2; | 1005 | return -2; |
1006 | GNUNET_memcpy(&(key->ecdsa_key), buffer + sizeof (key->type), length - sizeof (key->type)); | 1006 | GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length |
1007 | - sizeof (key->type)); | ||
1007 | return length; | 1008 | return length; |
1008 | } | 1009 | } |
1009 | 1010 | ||
1010 | 1011 | ||
1011 | ssize_t | 1012 | ssize_t |
1012 | GNUNET_IDENTITY_write_key_to_buffer (const struct GNUNET_IDENTITY_PublicKey *key, | 1013 | GNUNET_IDENTITY_write_key_to_buffer (const struct |
1013 | void* buffer, | 1014 | GNUNET_IDENTITY_PublicKey *key, |
1014 | size_t len) | 1015 | void*buffer, |
1016 | size_t len) | ||
1015 | { | 1017 | { |
1016 | const ssize_t length = GNUNET_IDENTITY_key_get_length(key); | 1018 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); |
1017 | if (len < length) | 1019 | if (len < length) |
1018 | return -1; | 1020 | return -1; |
1019 | if (length < 0) | 1021 | if (length < 0) |
1020 | return -2; | 1022 | return -2; |
1021 | GNUNET_memcpy(buffer, &(key->type), sizeof (key->type)); | 1023 | GNUNET_memcpy (buffer, key, length); |
1022 | GNUNET_memcpy(buffer + sizeof (key->type), &(key->ecdsa_key), length - sizeof (key->type)); | ||
1023 | return length; | 1024 | return length; |
1024 | } | 1025 | } |
1025 | 1026 | ||
1026 | 1027 | ||
1027 | ssize_t | 1028 | ssize_t |
1028 | GNUNET_IDENTITY_signature_get_length (const struct GNUNET_IDENTITY_Signature *sig) | 1029 | GNUNET_IDENTITY_signature_get_length (const struct |
1030 | GNUNET_IDENTITY_Signature *sig) | ||
1029 | { | 1031 | { |
1030 | switch (ntohl (sig->type)) | 1032 | switch (ntohl (sig->type)) |
1031 | { | 1033 | { |
1032 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1034 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1033 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); | 1035 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); |
1034 | break; | 1036 | break; |
1035 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1037 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1036 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); | 1038 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); |
1037 | break; | 1039 | break; |
1038 | default: | 1040 | default: |
1039 | GNUNET_break (0); | 1041 | GNUNET_break (0); |
1040 | } | 1042 | } |
1041 | return -1; | 1043 | return -1; |
1042 | } | 1044 | } |
1043 | 1045 | ||
1044 | 1046 | ||
1045 | ssize_t | 1047 | ssize_t |
1046 | GNUNET_IDENTITY_read_signature_from_buffer (struct GNUNET_IDENTITY_Signature *sig, | 1048 | GNUNET_IDENTITY_read_signature_from_buffer (struct |
1047 | const void* buffer, | 1049 | GNUNET_IDENTITY_Signature *sig, |
1048 | size_t len) | 1050 | const void*buffer, |
1051 | size_t len) | ||
1049 | { | 1052 | { |
1050 | if (len < sizeof (sig->type)) | 1053 | if (len < sizeof (sig->type)) |
1051 | return -1; | 1054 | return -1; |
1052 | GNUNET_memcpy(&(sig->type), buffer, sizeof (sig->type)); | 1055 | GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type)); |
1053 | const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); | 1056 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); |
1054 | if (len < length) | 1057 | if (len < length) |
1055 | return -1; | 1058 | return -1; |
1056 | if (length < 0) | 1059 | if (length < 0) |
1057 | return -2; | 1060 | return -2; |
1058 | GNUNET_memcpy(&(sig->ecdsa_signature), buffer + sizeof (sig->type), length - sizeof (sig->type)); | 1061 | GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length |
1062 | - sizeof (sig->type)); | ||
1059 | return length; | 1063 | return length; |
1060 | } | 1064 | } |
1061 | 1065 | ||
1062 | 1066 | ||
1063 | ssize_t | 1067 | ssize_t |
1064 | GNUNET_IDENTITY_write_signature_to_buffer (const struct GNUNET_IDENTITY_Signature *sig, | 1068 | GNUNET_IDENTITY_write_signature_to_buffer (const struct |
1065 | void* buffer, | 1069 | GNUNET_IDENTITY_Signature *sig, |
1066 | size_t len) | 1070 | void*buffer, |
1071 | size_t len) | ||
1067 | { | 1072 | { |
1068 | const ssize_t length = GNUNET_IDENTITY_signature_get_length(sig); | 1073 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); |
1069 | if (len < length) | 1074 | if (len < length) |
1070 | return -1; | 1075 | return -1; |
1071 | if (length < 0) | 1076 | if (length < 0) |
1072 | return -2; | 1077 | return -2; |
1073 | GNUNET_memcpy(buffer, &(sig->type), sizeof (sig->type)); | 1078 | GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type)); |
1074 | GNUNET_memcpy(buffer + sizeof (sig->type), &(sig->ecdsa_signature), length - sizeof (sig->type)); | 1079 | GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length |
1080 | - sizeof (sig->type)); | ||
1075 | return length; | 1081 | return length; |
1076 | } | 1082 | } |
1077 | 1083 | ||
1078 | 1084 | ||
1079 | int | 1085 | int |
1080 | GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv, | 1086 | GNUNET_IDENTITY_private_key_sign_ (const struct |
1081 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | 1087 | GNUNET_IDENTITY_PrivateKey *priv, |
1082 | struct GNUNET_IDENTITY_Signature *sig) | 1088 | const struct |
1089 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
1090 | struct GNUNET_IDENTITY_Signature *sig) | ||
1083 | { | 1091 | { |
1084 | sig->type = priv->type; | 1092 | sig->type = priv->type; |
1085 | switch (ntohl (priv->type)) | 1093 | switch (ntohl (priv->type)) |
1086 | { | 1094 | { |
1087 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1095 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1088 | return GNUNET_CRYPTO_ecdsa_sign_ (& (priv->ecdsa_key), purpose, & (sig->ecdsa_signature)); | 1096 | return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, |
1089 | break; | 1097 | &(sig->ecdsa_signature)); |
1098 | break; | ||
1090 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1099 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1091 | return GNUNET_CRYPTO_eddsa_sign_ (& (priv->eddsa_key), purpose, & (sig->eddsa_signature)); | 1100 | return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, |
1092 | break; | 1101 | &(sig->eddsa_signature)); |
1102 | break; | ||
1093 | default: | 1103 | default: |
1094 | GNUNET_break (0); | 1104 | GNUNET_break (0); |
1095 | } | 1105 | } |
1096 | 1106 | ||
1097 | return GNUNET_SYSERR; | 1107 | return GNUNET_SYSERR; |
@@ -1100,22 +1110,27 @@ GNUNET_IDENTITY_private_key_sign_ (const struct GNUNET_IDENTITY_PrivateKey *priv | |||
1100 | 1110 | ||
1101 | int | 1111 | int |
1102 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | 1112 | GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, |
1103 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | 1113 | const struct |
1104 | const struct GNUNET_IDENTITY_Signature *sig, | 1114 | GNUNET_CRYPTO_EccSignaturePurpose *validate, |
1105 | const struct GNUNET_IDENTITY_PublicKey *pub) | 1115 | const struct GNUNET_IDENTITY_Signature *sig, |
1116 | const struct GNUNET_IDENTITY_PublicKey *pub) | ||
1106 | { | 1117 | { |
1107 | /* check type matching of 'sig' and 'pub' */ | 1118 | /* check type matching of 'sig' and 'pub' */ |
1108 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); | 1119 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); |
1109 | switch (ntohl (pub->type)) | 1120 | switch (ntohl (pub->type)) |
1110 | { | 1121 | { |
1111 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1122 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1112 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, & (sig->ecdsa_signature), & (pub->ecdsa_key)); | 1123 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, |
1113 | break; | 1124 | &(sig->ecdsa_signature), |
1125 | &(pub->ecdsa_key)); | ||
1126 | break; | ||
1114 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1127 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1115 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, & (sig->eddsa_signature), & (pub->eddsa_key)); | 1128 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, |
1116 | break; | 1129 | &(sig->eddsa_signature), |
1130 | &(pub->eddsa_key)); | ||
1131 | break; | ||
1117 | default: | 1132 | default: |
1118 | GNUNET_break (0); | 1133 | GNUNET_break (0); |
1119 | } | 1134 | } |
1120 | 1135 | ||
1121 | return GNUNET_SYSERR; | 1136 | return GNUNET_SYSERR; |
@@ -1123,56 +1138,64 @@ GNUNET_IDENTITY_public_key_verify_ (uint32_t purpose, | |||
1123 | 1138 | ||
1124 | 1139 | ||
1125 | ssize_t | 1140 | ssize_t |
1126 | GNUNET_IDENTITY_public_key_encrypt(const void *block, | 1141 | GNUNET_IDENTITY_public_key_encrypt (const void *block, |
1127 | size_t size, | 1142 | size_t size, |
1128 | const struct GNUNET_IDENTITY_PublicKey *pub, | 1143 | const struct GNUNET_IDENTITY_PublicKey *pub, |
1129 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 1144 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, |
1130 | void *result) | 1145 | void *result) |
1131 | { | 1146 | { |
1132 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | 1147 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; |
1133 | GNUNET_CRYPTO_ecdhe_key_create(&pk); | 1148 | GNUNET_CRYPTO_ecdhe_key_create (&pk); |
1134 | struct GNUNET_HashCode hash; | 1149 | struct GNUNET_HashCode hash; |
1135 | switch (ntohl (pub->type)) | 1150 | switch (ntohl (pub->type)) |
1136 | { | 1151 | { |
1137 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1152 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1138 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa(&pk, &(pub->ecdsa_key), &hash)) | 1153 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key), |
1154 | &hash)) | ||
1139 | return -1; | 1155 | return -1; |
1140 | break; | 1156 | break; |
1141 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1157 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1142 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa(&pk, &(pub->eddsa_key), &hash)) | 1158 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key), |
1159 | &hash)) | ||
1143 | return -1; | 1160 | return -1; |
1144 | break; | 1161 | break; |
1145 | default: | 1162 | default: |
1146 | return -1; | 1163 | return -1; |
1147 | } | 1164 | } |
1148 | GNUNET_CRYPTO_ecdhe_key_get_public(&pk, ecc); | 1165 | GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc); |
1149 | GNUNET_CRYPTO_ecdhe_key_clear(&pk); | 1166 | GNUNET_CRYPTO_ecdhe_key_clear (&pk); |
1150 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | 1167 | struct GNUNET_CRYPTO_SymmetricSessionKey key; |
1151 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 1168 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
1152 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | 1169 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); |
1153 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | 1170 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); |
1154 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt(block, size, &key, &iv, result); | 1171 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key, |
1155 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | 1172 | &iv, result); |
1156 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | 1173 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); |
1174 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1157 | return encrypted; | 1175 | return encrypted; |
1158 | } | 1176 | } |
1159 | 1177 | ||
1160 | 1178 | ||
1161 | ssize_t | 1179 | ssize_t |
1162 | GNUNET_IDENTITY_private_key_decrypt(const void *block, | 1180 | GNUNET_IDENTITY_private_key_decrypt (const void *block, |
1163 | size_t size, | 1181 | size_t size, |
1164 | const struct GNUNET_IDENTITY_PrivateKey *priv, | 1182 | const struct |
1165 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | 1183 | GNUNET_IDENTITY_PrivateKey *priv, |
1166 | void *result) { | 1184 | const struct |
1185 | GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1186 | void *result) | ||
1187 | { | ||
1167 | struct GNUNET_HashCode hash; | 1188 | struct GNUNET_HashCode hash; |
1168 | switch (ntohl (priv->type)) | 1189 | switch (ntohl (priv->type)) |
1169 | { | 1190 | { |
1170 | case GNUNET_IDENTITY_TYPE_ECDSA: | 1191 | case GNUNET_IDENTITY_TYPE_ECDSA: |
1171 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh(&(priv->ecdsa_key), ecc, &hash)) | 1192 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc, |
1193 | &hash)) | ||
1172 | return -1; | 1194 | return -1; |
1173 | break; | 1195 | break; |
1174 | case GNUNET_IDENTITY_TYPE_EDDSA: | 1196 | case GNUNET_IDENTITY_TYPE_EDDSA: |
1175 | if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh(&(priv->eddsa_key), ecc, &hash)) | 1197 | if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc, |
1198 | &hash)) | ||
1176 | return -1; | 1199 | return -1; |
1177 | break; | 1200 | break; |
1178 | default: | 1201 | default: |
@@ -1180,11 +1203,12 @@ GNUNET_IDENTITY_private_key_decrypt(const void *block, | |||
1180 | } | 1203 | } |
1181 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | 1204 | struct GNUNET_CRYPTO_SymmetricSessionKey key; |
1182 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 1205 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
1183 | GNUNET_CRYPTO_hash_to_aes_key(&hash, &key, &iv); | 1206 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); |
1184 | GNUNET_CRYPTO_zero_keys(&hash, sizeof(hash)); | 1207 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); |
1185 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt(block, size, &key, &iv, result); | 1208 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key, |
1186 | GNUNET_CRYPTO_zero_keys(&key, sizeof(key)); | 1209 | &iv, result); |
1187 | GNUNET_CRYPTO_zero_keys(&iv, sizeof(iv)); | 1210 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); |
1211 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1188 | return decrypted; | 1212 | return decrypted; |
1189 | } | 1213 | } |
1190 | 1214 | ||
@@ -1222,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str, | |||
1222 | if (GNUNET_OK != ret) | 1246 | if (GNUNET_OK != ret) |
1223 | return GNUNET_SYSERR; | 1247 | return GNUNET_SYSERR; |
1224 | ktype = ntohl (key->type); | 1248 | ktype = ntohl (key->type); |
1225 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1249 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1226 | 1250 | ||
1227 | } | 1251 | } |
1228 | 1252 | ||
@@ -1240,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str, | |||
1240 | if (GNUNET_OK != ret) | 1264 | if (GNUNET_OK != ret) |
1241 | return GNUNET_SYSERR; | 1265 | return GNUNET_SYSERR; |
1242 | ktype = ntohl (key->type); | 1266 | ktype = ntohl (key->type); |
1243 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1267 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1244 | } | 1268 | } |
1245 | 1269 | ||
1246 | 1270 | ||