aboutsummaryrefslogtreecommitdiff
path: root/src/identity
diff options
context:
space:
mode:
Diffstat (limited to 'src/identity')
-rw-r--r--src/identity/identity_api.c229
1 files changed, 226 insertions, 3 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c
index 213b6966e..d44e8da96 100644
--- a/src/identity/identity_api.c
+++ b/src/identity/identity_api.c
@@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h)
953 GNUNET_free (h); 953 GNUNET_free (h);
954} 954}
955 955
956
956ssize_t 957ssize_t
957private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) 958private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key)
958{ 959{
@@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key)
971} 972}
972 973
973 974
974
975ssize_t 975ssize_t
976GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) 976GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key)
977{ 977{
@@ -990,6 +990,229 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key)
990} 990}
991 991
992 992
993ssize_t
994GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key,
995 const void*buffer,
996 size_t len)
997{
998 if (len < sizeof (key->type))
999 return -1;
1000 GNUNET_memcpy (&(key->type), buffer, sizeof (key->type));
1001 const ssize_t length = GNUNET_IDENTITY_key_get_length (key);
1002 if (len < length)
1003 return -1;
1004 if (length < 0)
1005 return -2;
1006 GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length
1007 - sizeof (key->type));
1008 return length;
1009}
1010
1011
1012ssize_t
1013GNUNET_IDENTITY_write_key_to_buffer (const struct
1014 GNUNET_IDENTITY_PublicKey *key,
1015 void*buffer,
1016 size_t len)
1017{
1018 const ssize_t length = GNUNET_IDENTITY_key_get_length (key);
1019 if (len < length)
1020 return -1;
1021 if (length < 0)
1022 return -2;
1023 GNUNET_memcpy (buffer, key, length);
1024 return length;
1025}
1026
1027
1028ssize_t
1029GNUNET_IDENTITY_signature_get_length (const struct
1030 GNUNET_IDENTITY_Signature *sig)
1031{
1032 switch (ntohl (sig->type))
1033 {
1034 case GNUNET_IDENTITY_TYPE_ECDSA:
1035 return sizeof (sig->type) + sizeof (sig->ecdsa_signature);
1036 break;
1037 case GNUNET_IDENTITY_TYPE_EDDSA:
1038 return sizeof (sig->type) + sizeof (sig->eddsa_signature);
1039 break;
1040 default:
1041 GNUNET_break (0);
1042 }
1043 return -1;
1044}
1045
1046
1047ssize_t
1048GNUNET_IDENTITY_read_signature_from_buffer (struct
1049 GNUNET_IDENTITY_Signature *sig,
1050 const void*buffer,
1051 size_t len)
1052{
1053 if (len < sizeof (sig->type))
1054 return -1;
1055 GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type));
1056 const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig);
1057 if (len < length)
1058 return -1;
1059 if (length < 0)
1060 return -2;
1061 GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length
1062 - sizeof (sig->type));
1063 return length;
1064}
1065
1066
1067ssize_t
1068GNUNET_IDENTITY_write_signature_to_buffer (const struct
1069 GNUNET_IDENTITY_Signature *sig,
1070 void*buffer,
1071 size_t len)
1072{
1073 const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig);
1074 if (len < length)
1075 return -1;
1076 if (length < 0)
1077 return -2;
1078 GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type));
1079 GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length
1080 - sizeof (sig->type));
1081 return length;
1082}
1083
1084
1085int
1086GNUNET_IDENTITY_sign_ (const struct
1087 GNUNET_IDENTITY_PrivateKey *priv,
1088 const struct
1089 GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1090 struct GNUNET_IDENTITY_Signature *sig)
1091{
1092 sig->type = priv->type;
1093 switch (ntohl (priv->type))
1094 {
1095 case GNUNET_IDENTITY_TYPE_ECDSA:
1096 return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose,
1097 &(sig->ecdsa_signature));
1098 break;
1099 case GNUNET_IDENTITY_TYPE_EDDSA:
1100 return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose,
1101 &(sig->eddsa_signature));
1102 break;
1103 default:
1104 GNUNET_break (0);
1105 }
1106
1107 return GNUNET_SYSERR;
1108}
1109
1110
1111int
1112GNUNET_IDENTITY_signature_verify_ (uint32_t purpose,
1113 const struct
1114 GNUNET_CRYPTO_EccSignaturePurpose *validate,
1115 const struct GNUNET_IDENTITY_Signature *sig,
1116 const struct GNUNET_IDENTITY_PublicKey *pub)
1117{
1118 /* check type matching of 'sig' and 'pub' */
1119 GNUNET_assert (ntohl (pub->type) == ntohl (sig->type));
1120 switch (ntohl (pub->type))
1121 {
1122 case GNUNET_IDENTITY_TYPE_ECDSA:
1123 return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate,
1124 &(sig->ecdsa_signature),
1125 &(pub->ecdsa_key));
1126 break;
1127 case GNUNET_IDENTITY_TYPE_EDDSA:
1128 return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate,
1129 &(sig->eddsa_signature),
1130 &(pub->eddsa_key));
1131 break;
1132 default:
1133 GNUNET_break (0);
1134 }
1135
1136 return GNUNET_SYSERR;
1137}
1138
1139
1140ssize_t
1141GNUNET_IDENTITY_public_key_encrypt (const void *block,
1142 size_t size,
1143 const struct GNUNET_IDENTITY_PublicKey *pub,
1144 struct GNUNET_CRYPTO_EcdhePublicKey *ecc,
1145 void *result)
1146{
1147 struct GNUNET_CRYPTO_EcdhePrivateKey pk;
1148 GNUNET_CRYPTO_ecdhe_key_create (&pk);
1149 struct GNUNET_HashCode hash;
1150 switch (ntohl (pub->type))
1151 {
1152 case GNUNET_IDENTITY_TYPE_ECDSA:
1153 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key),
1154 &hash))
1155 return -1;
1156 break;
1157 case GNUNET_IDENTITY_TYPE_EDDSA:
1158 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key),
1159 &hash))
1160 return -1;
1161 break;
1162 default:
1163 return -1;
1164 }
1165 GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc);
1166 GNUNET_CRYPTO_ecdhe_key_clear (&pk);
1167 struct GNUNET_CRYPTO_SymmetricSessionKey key;
1168 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1169 GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv);
1170 GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash));
1171 const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key,
1172 &iv, result);
1173 GNUNET_CRYPTO_zero_keys (&key, sizeof(key));
1174 GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv));
1175 return encrypted;
1176}
1177
1178
1179ssize_t
1180GNUNET_IDENTITY_private_key_decrypt (const void *block,
1181 size_t size,
1182 const struct
1183 GNUNET_IDENTITY_PrivateKey *priv,
1184 const struct
1185 GNUNET_CRYPTO_EcdhePublicKey *ecc,
1186 void *result)
1187{
1188 struct GNUNET_HashCode hash;
1189 switch (ntohl (priv->type))
1190 {
1191 case GNUNET_IDENTITY_TYPE_ECDSA:
1192 if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc,
1193 &hash))
1194 return -1;
1195 break;
1196 case GNUNET_IDENTITY_TYPE_EDDSA:
1197 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc,
1198 &hash))
1199 return -1;
1200 break;
1201 default:
1202 return -1;
1203 }
1204 struct GNUNET_CRYPTO_SymmetricSessionKey key;
1205 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1206 GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv);
1207 GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash));
1208 const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key,
1209 &iv, result);
1210 GNUNET_CRYPTO_zero_keys (&key, sizeof(key));
1211 GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv));
1212 return decrypted;
1213}
1214
1215
993char * 1216char *
994GNUNET_IDENTITY_public_key_to_string (const struct 1217GNUNET_IDENTITY_public_key_to_string (const struct
995 GNUNET_IDENTITY_PublicKey *key) 1218 GNUNET_IDENTITY_PublicKey *key)
@@ -1023,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str,
1023 if (GNUNET_OK != ret) 1246 if (GNUNET_OK != ret)
1024 return GNUNET_SYSERR; 1247 return GNUNET_SYSERR;
1025 ktype = ntohl (key->type); 1248 ktype = ntohl (key->type);
1026 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? 1249 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way?
1027 1250
1028} 1251}
1029 1252
@@ -1041,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str,
1041 if (GNUNET_OK != ret) 1264 if (GNUNET_OK != ret)
1042 return GNUNET_SYSERR; 1265 return GNUNET_SYSERR;
1043 ktype = ntohl (key->type); 1266 ktype = ntohl (key->type);
1044 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? 1267 return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way?
1045} 1268}
1046 1269
1047 1270