diff options
Diffstat (limited to 'src/identity/identity_api.c')
-rw-r--r-- | src/identity/identity_api.c | 391 |
1 files changed, 370 insertions, 21 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index f7aca1655..64c088923 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c | |||
@@ -74,7 +74,7 @@ struct GNUNET_IDENTITY_Operation | |||
74 | /** | 74 | /** |
75 | * Private key to return to @e create_cont, or NULL. | 75 | * Private key to return to @e create_cont, or NULL. |
76 | */ | 76 | */ |
77 | struct GNUNET_CRYPTO_EcdsaPrivateKey pk; | 77 | struct GNUNET_IDENTITY_PrivateKey pk; |
78 | 78 | ||
79 | /** | 79 | /** |
80 | * Continuation to invoke with the result of the transmission for | 80 | * Continuation to invoke with the result of the transmission for |
@@ -157,13 +157,12 @@ GNUNET_IDENTITY_ego_get_anonymous () | |||
157 | { | 157 | { |
158 | static struct GNUNET_IDENTITY_Ego anon; | 158 | static struct GNUNET_IDENTITY_Ego anon; |
159 | static int setup; | 159 | static int setup; |
160 | struct GNUNET_CRYPTO_EcdsaPublicKey pub; | ||
161 | 160 | ||
162 | if (setup) | 161 | if (setup) |
163 | return &anon; | 162 | return &anon; |
164 | anon.pk = *GNUNET_CRYPTO_ecdsa_key_get_anonymous (); | 163 | anon.pk.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA); |
165 | GNUNET_CRYPTO_ecdsa_key_get_public (&anon.pk, | 164 | anon.pub.type = htonl (GNUNET_IDENTITY_TYPE_ECDSA); |
166 | &pub); | 165 | anon.pk.ecdsa_key = *GNUNET_CRYPTO_ecdsa_key_get_anonymous (); |
167 | GNUNET_CRYPTO_hash (&anon.pk, | 166 | GNUNET_CRYPTO_hash (&anon.pk, |
168 | sizeof(anon.pk), | 167 | sizeof(anon.pk), |
169 | &anon.id); | 168 | &anon.id); |
@@ -172,6 +171,51 @@ GNUNET_IDENTITY_ego_get_anonymous () | |||
172 | } | 171 | } |
173 | 172 | ||
174 | 173 | ||
174 | enum GNUNET_GenericReturnValue | ||
175 | GNUNET_IDENTITY_key_get_public (const struct | ||
176 | GNUNET_IDENTITY_PrivateKey *privkey, | ||
177 | struct GNUNET_IDENTITY_PublicKey *key) | ||
178 | { | ||
179 | key->type = privkey->type; | ||
180 | switch (ntohl (privkey->type)) | ||
181 | { | ||
182 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
183 | GNUNET_CRYPTO_ecdsa_key_get_public (&privkey->ecdsa_key, | ||
184 | &key->ecdsa_key); | ||
185 | break; | ||
186 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
187 | GNUNET_CRYPTO_eddsa_key_get_public (&privkey->eddsa_key, | ||
188 | &key->eddsa_key); | ||
189 | break; | ||
190 | default: | ||
191 | GNUNET_break (0); | ||
192 | return GNUNET_SYSERR; | ||
193 | } | ||
194 | return GNUNET_OK; | ||
195 | } | ||
196 | |||
197 | |||
198 | static int | ||
199 | private_key_create (enum GNUNET_IDENTITY_KeyType ktype, | ||
200 | struct GNUNET_IDENTITY_PrivateKey *key) | ||
201 | { | ||
202 | key->type = htonl (ktype); | ||
203 | switch (ktype) | ||
204 | { | ||
205 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
206 | GNUNET_CRYPTO_ecdsa_key_create (&key->ecdsa_key); | ||
207 | break; | ||
208 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
209 | GNUNET_CRYPTO_eddsa_key_create (&key->eddsa_key); | ||
210 | break; | ||
211 | default: | ||
212 | GNUNET_break (0); | ||
213 | return GNUNET_SYSERR; | ||
214 | } | ||
215 | return GNUNET_OK; | ||
216 | } | ||
217 | |||
218 | |||
175 | /** | 219 | /** |
176 | * Try again to connect to the identity service. | 220 | * Try again to connect to the identity service. |
177 | * | 221 | * |
@@ -591,7 +635,7 @@ GNUNET_IDENTITY_connect (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
591 | * @param ego the ego | 635 | * @param ego the ego |
592 | * @return associated ECC key, valid as long as the ego is valid | 636 | * @return associated ECC key, valid as long as the ego is valid |
593 | */ | 637 | */ |
594 | const struct GNUNET_CRYPTO_EcdsaPrivateKey * | 638 | const struct GNUNET_IDENTITY_PrivateKey * |
595 | GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego) | 639 | GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego) |
596 | { | 640 | { |
597 | return &ego->pk; | 641 | return &ego->pk; |
@@ -606,12 +650,11 @@ GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego) | |||
606 | */ | 650 | */ |
607 | void | 651 | void |
608 | GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego, | 652 | GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego, |
609 | struct GNUNET_CRYPTO_EcdsaPublicKey *pk) | 653 | struct GNUNET_IDENTITY_PublicKey *pk) |
610 | { | 654 | { |
611 | if (GNUNET_NO == ego->pub_initialized) | 655 | if (GNUNET_NO == ego->pub_initialized) |
612 | { | 656 | { |
613 | GNUNET_CRYPTO_ecdsa_key_get_public (&ego->pk, | 657 | GNUNET_IDENTITY_key_get_public (&ego->pk, &ego->pub); |
614 | &ego->pub); | ||
615 | ego->pub_initialized = GNUNET_YES; | 658 | ego->pub_initialized = GNUNET_YES; |
616 | } | 659 | } |
617 | *pk = ego->pub; | 660 | *pk = ego->pub; |
@@ -710,20 +753,11 @@ GNUNET_IDENTITY_set (struct GNUNET_IDENTITY_Handle *h, | |||
710 | } | 753 | } |
711 | 754 | ||
712 | 755 | ||
713 | /** | ||
714 | * Create a new identity with the given name. | ||
715 | * | ||
716 | * @param h identity service to use | ||
717 | * @param name desired name | ||
718 | * @param privkey desired private key or NULL to create one | ||
719 | * @param cont function to call with the result (will only be called once) | ||
720 | * @param cont_cls closure for @a cont | ||
721 | * @return handle to abort the operation | ||
722 | */ | ||
723 | struct GNUNET_IDENTITY_Operation * | 756 | struct GNUNET_IDENTITY_Operation * |
724 | GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *h, | 757 | GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *h, |
725 | const char *name, | 758 | const char *name, |
726 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey, | 759 | const struct GNUNET_IDENTITY_PrivateKey *privkey, |
760 | enum GNUNET_IDENTITY_KeyType ktype, | ||
727 | GNUNET_IDENTITY_CreateContinuation cont, | 761 | GNUNET_IDENTITY_CreateContinuation cont, |
728 | void *cont_cls) | 762 | void *cont_cls) |
729 | { | 763 | { |
@@ -749,7 +783,10 @@ GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *h, | |||
749 | crm->name_len = htons (slen); | 783 | crm->name_len = htons (slen); |
750 | crm->reserved = htons (0); | 784 | crm->reserved = htons (0); |
751 | if (NULL == privkey) | 785 | if (NULL == privkey) |
752 | GNUNET_CRYPTO_ecdsa_key_create (&crm->private_key); | 786 | { |
787 | GNUNET_assert (GNUNET_OK == | ||
788 | private_key_create (ktype, &crm->private_key)); | ||
789 | } | ||
753 | else | 790 | else |
754 | crm->private_key = *privkey; | 791 | crm->private_key = *privkey; |
755 | op->pk = crm->private_key; | 792 | op->pk = crm->private_key; |
@@ -917,4 +954,316 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h) | |||
917 | } | 954 | } |
918 | 955 | ||
919 | 956 | ||
957 | ssize_t | ||
958 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | ||
959 | { | ||
960 | switch (ntohl (key->type)) | ||
961 | { | ||
962 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
963 | return sizeof (key->type) + sizeof (key->ecdsa_key); | ||
964 | break; | ||
965 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
966 | return sizeof (key->type) + sizeof (key->eddsa_key); | ||
967 | break; | ||
968 | default: | ||
969 | GNUNET_break (0); | ||
970 | } | ||
971 | return -1; | ||
972 | } | ||
973 | |||
974 | |||
975 | ssize_t | ||
976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | ||
977 | { | ||
978 | switch (ntohl (key->type)) | ||
979 | { | ||
980 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
981 | return sizeof (key->type) + sizeof (key->ecdsa_key); | ||
982 | break; | ||
983 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
984 | return sizeof (key->type) + sizeof (key->eddsa_key); | ||
985 | break; | ||
986 | default: | ||
987 | GNUNET_break (0); | ||
988 | } | ||
989 | return -1; | ||
990 | } | ||
991 | |||
992 | |||
993 | ssize_t | ||
994 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | ||
995 | const void*buffer, | ||
996 | size_t len) | ||
997 | { | ||
998 | if (len < sizeof (key->type)) | ||
999 | return -1; | ||
1000 | GNUNET_memcpy (&(key->type), buffer, sizeof (key->type)); | ||
1001 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); | ||
1002 | if (len < length) | ||
1003 | return -1; | ||
1004 | if (length < 0) | ||
1005 | return -2; | ||
1006 | GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length | ||
1007 | - sizeof (key->type)); | ||
1008 | return length; | ||
1009 | } | ||
1010 | |||
1011 | |||
1012 | ssize_t | ||
1013 | GNUNET_IDENTITY_write_key_to_buffer (const struct | ||
1014 | GNUNET_IDENTITY_PublicKey *key, | ||
1015 | void*buffer, | ||
1016 | size_t len) | ||
1017 | { | ||
1018 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); | ||
1019 | if (len < length) | ||
1020 | return -1; | ||
1021 | if (length < 0) | ||
1022 | return -2; | ||
1023 | GNUNET_memcpy (buffer, key, length); | ||
1024 | return length; | ||
1025 | } | ||
1026 | |||
1027 | |||
1028 | ssize_t | ||
1029 | GNUNET_IDENTITY_signature_get_length (const struct | ||
1030 | GNUNET_IDENTITY_Signature *sig) | ||
1031 | { | ||
1032 | switch (ntohl (sig->type)) | ||
1033 | { | ||
1034 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1035 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); | ||
1036 | break; | ||
1037 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1038 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); | ||
1039 | break; | ||
1040 | default: | ||
1041 | GNUNET_break (0); | ||
1042 | } | ||
1043 | return -1; | ||
1044 | } | ||
1045 | |||
1046 | |||
1047 | ssize_t | ||
1048 | GNUNET_IDENTITY_read_signature_from_buffer (struct | ||
1049 | GNUNET_IDENTITY_Signature *sig, | ||
1050 | const void*buffer, | ||
1051 | size_t len) | ||
1052 | { | ||
1053 | if (len < sizeof (sig->type)) | ||
1054 | return -1; | ||
1055 | GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type)); | ||
1056 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); | ||
1057 | if (len < length) | ||
1058 | return -1; | ||
1059 | if (length < 0) | ||
1060 | return -2; | ||
1061 | GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length | ||
1062 | - sizeof (sig->type)); | ||
1063 | return length; | ||
1064 | } | ||
1065 | |||
1066 | |||
1067 | ssize_t | ||
1068 | GNUNET_IDENTITY_write_signature_to_buffer (const struct | ||
1069 | GNUNET_IDENTITY_Signature *sig, | ||
1070 | void*buffer, | ||
1071 | size_t len) | ||
1072 | { | ||
1073 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); | ||
1074 | if (len < length) | ||
1075 | return -1; | ||
1076 | if (length < 0) | ||
1077 | return -2; | ||
1078 | GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type)); | ||
1079 | GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length | ||
1080 | - sizeof (sig->type)); | ||
1081 | return length; | ||
1082 | } | ||
1083 | |||
1084 | |||
1085 | int | ||
1086 | GNUNET_IDENTITY_sign_ (const struct | ||
1087 | GNUNET_IDENTITY_PrivateKey *priv, | ||
1088 | const struct | ||
1089 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
1090 | struct GNUNET_IDENTITY_Signature *sig) | ||
1091 | { | ||
1092 | sig->type = priv->type; | ||
1093 | switch (ntohl (priv->type)) | ||
1094 | { | ||
1095 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1096 | return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, | ||
1097 | &(sig->ecdsa_signature)); | ||
1098 | break; | ||
1099 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1100 | return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, | ||
1101 | &(sig->eddsa_signature)); | ||
1102 | break; | ||
1103 | default: | ||
1104 | GNUNET_break (0); | ||
1105 | } | ||
1106 | |||
1107 | return GNUNET_SYSERR; | ||
1108 | } | ||
1109 | |||
1110 | |||
1111 | int | ||
1112 | GNUNET_IDENTITY_signature_verify_ (uint32_t purpose, | ||
1113 | const struct | ||
1114 | GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
1115 | const struct GNUNET_IDENTITY_Signature *sig, | ||
1116 | const struct GNUNET_IDENTITY_PublicKey *pub) | ||
1117 | { | ||
1118 | /* check type matching of 'sig' and 'pub' */ | ||
1119 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); | ||
1120 | switch (ntohl (pub->type)) | ||
1121 | { | ||
1122 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1123 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, | ||
1124 | &(sig->ecdsa_signature), | ||
1125 | &(pub->ecdsa_key)); | ||
1126 | break; | ||
1127 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1128 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, | ||
1129 | &(sig->eddsa_signature), | ||
1130 | &(pub->eddsa_key)); | ||
1131 | break; | ||
1132 | default: | ||
1133 | GNUNET_break (0); | ||
1134 | } | ||
1135 | |||
1136 | return GNUNET_SYSERR; | ||
1137 | } | ||
1138 | |||
1139 | |||
1140 | ssize_t | ||
1141 | GNUNET_IDENTITY_encrypt (const void *block, | ||
1142 | size_t size, | ||
1143 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
1144 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1145 | void *result) | ||
1146 | { | ||
1147 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | ||
1148 | GNUNET_CRYPTO_ecdhe_key_create (&pk); | ||
1149 | struct GNUNET_HashCode hash; | ||
1150 | switch (ntohl (pub->type)) | ||
1151 | { | ||
1152 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1153 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key), | ||
1154 | &hash)) | ||
1155 | return -1; | ||
1156 | break; | ||
1157 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1158 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key), | ||
1159 | &hash)) | ||
1160 | return -1; | ||
1161 | break; | ||
1162 | default: | ||
1163 | return -1; | ||
1164 | } | ||
1165 | GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc); | ||
1166 | GNUNET_CRYPTO_ecdhe_key_clear (&pk); | ||
1167 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1168 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1169 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); | ||
1170 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); | ||
1171 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key, | ||
1172 | &iv, result); | ||
1173 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); | ||
1174 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1175 | return encrypted; | ||
1176 | } | ||
1177 | |||
1178 | |||
1179 | ssize_t | ||
1180 | GNUNET_IDENTITY_decrypt (const void *block, | ||
1181 | size_t size, | ||
1182 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
1183 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1184 | void *result) | ||
1185 | { | ||
1186 | struct GNUNET_HashCode hash; | ||
1187 | switch (ntohl (priv->type)) | ||
1188 | { | ||
1189 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1190 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc, | ||
1191 | &hash)) | ||
1192 | return -1; | ||
1193 | break; | ||
1194 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1195 | if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc, | ||
1196 | &hash)) | ||
1197 | return -1; | ||
1198 | break; | ||
1199 | default: | ||
1200 | return -1; | ||
1201 | } | ||
1202 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1203 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1204 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); | ||
1205 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); | ||
1206 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key, | ||
1207 | &iv, result); | ||
1208 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); | ||
1209 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1210 | return decrypted; | ||
1211 | } | ||
1212 | |||
1213 | |||
1214 | char * | ||
1215 | GNUNET_IDENTITY_public_key_to_string (const struct | ||
1216 | GNUNET_IDENTITY_PublicKey *key) | ||
1217 | { | ||
1218 | size_t size = GNUNET_IDENTITY_key_get_length (key); | ||
1219 | return GNUNET_STRINGS_data_to_string_alloc (key, | ||
1220 | size); | ||
1221 | } | ||
1222 | |||
1223 | |||
1224 | char * | ||
1225 | GNUNET_IDENTITY_private_key_to_string (const struct | ||
1226 | GNUNET_IDENTITY_PrivateKey *key) | ||
1227 | { | ||
1228 | size_t size = private_key_get_length (key); | ||
1229 | return GNUNET_STRINGS_data_to_string_alloc (key, | ||
1230 | size); | ||
1231 | } | ||
1232 | |||
1233 | |||
1234 | enum GNUNET_GenericReturnValue | ||
1235 | GNUNET_IDENTITY_public_key_from_string (const char *str, | ||
1236 | struct GNUNET_IDENTITY_PublicKey *key) | ||
1237 | { | ||
1238 | enum GNUNET_GenericReturnValue ret; | ||
1239 | enum GNUNET_IDENTITY_KeyType ktype; | ||
1240 | ret = GNUNET_STRINGS_string_to_data (str, | ||
1241 | strlen (str), | ||
1242 | key, | ||
1243 | sizeof (*key)); | ||
1244 | if (GNUNET_OK != ret) | ||
1245 | return GNUNET_SYSERR; | ||
1246 | ktype = ntohl (key->type); | ||
1247 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? | ||
1248 | |||
1249 | } | ||
1250 | |||
1251 | |||
1252 | enum GNUNET_GenericReturnValue | ||
1253 | GNUNET_IDENTITY_private_key_from_string (const char *str, | ||
1254 | struct GNUNET_IDENTITY_PrivateKey *key) | ||
1255 | { | ||
1256 | enum GNUNET_GenericReturnValue ret; | ||
1257 | enum GNUNET_IDENTITY_KeyType ktype; | ||
1258 | ret = GNUNET_STRINGS_string_to_data (str, | ||
1259 | strlen (str), | ||
1260 | key, | ||
1261 | sizeof (*key)); | ||
1262 | if (GNUNET_OK != ret) | ||
1263 | return GNUNET_SYSERR; | ||
1264 | ktype = ntohl (key->type); | ||
1265 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? | ||
1266 | } | ||
1267 | |||
1268 | |||
920 | /* end of identity_api.c */ | 1269 | /* end of identity_api.c */ |