diff options
Diffstat (limited to 'src/identity')
-rw-r--r-- | src/identity/identity_api.c | 229 |
1 files changed, 226 insertions, 3 deletions
diff --git a/src/identity/identity_api.c b/src/identity/identity_api.c index 213b6966e..d44e8da96 100644 --- a/src/identity/identity_api.c +++ b/src/identity/identity_api.c | |||
@@ -953,6 +953,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h) | |||
953 | GNUNET_free (h); | 953 | GNUNET_free (h); |
954 | } | 954 | } |
955 | 955 | ||
956 | |||
956 | ssize_t | 957 | ssize_t |
957 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | 958 | private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) |
958 | { | 959 | { |
@@ -971,7 +972,6 @@ private_key_get_length (const struct GNUNET_IDENTITY_PrivateKey *key) | |||
971 | } | 972 | } |
972 | 973 | ||
973 | 974 | ||
974 | |||
975 | ssize_t | 975 | ssize_t |
976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | 976 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) |
977 | { | 977 | { |
@@ -990,6 +990,229 @@ GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key) | |||
990 | } | 990 | } |
991 | 991 | ||
992 | 992 | ||
993 | ssize_t | ||
994 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | ||
995 | const void*buffer, | ||
996 | size_t len) | ||
997 | { | ||
998 | if (len < sizeof (key->type)) | ||
999 | return -1; | ||
1000 | GNUNET_memcpy (&(key->type), buffer, sizeof (key->type)); | ||
1001 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); | ||
1002 | if (len < length) | ||
1003 | return -1; | ||
1004 | if (length < 0) | ||
1005 | return -2; | ||
1006 | GNUNET_memcpy (&(key->ecdsa_key), buffer + sizeof (key->type), length | ||
1007 | - sizeof (key->type)); | ||
1008 | return length; | ||
1009 | } | ||
1010 | |||
1011 | |||
1012 | ssize_t | ||
1013 | GNUNET_IDENTITY_write_key_to_buffer (const struct | ||
1014 | GNUNET_IDENTITY_PublicKey *key, | ||
1015 | void*buffer, | ||
1016 | size_t len) | ||
1017 | { | ||
1018 | const ssize_t length = GNUNET_IDENTITY_key_get_length (key); | ||
1019 | if (len < length) | ||
1020 | return -1; | ||
1021 | if (length < 0) | ||
1022 | return -2; | ||
1023 | GNUNET_memcpy (buffer, key, length); | ||
1024 | return length; | ||
1025 | } | ||
1026 | |||
1027 | |||
1028 | ssize_t | ||
1029 | GNUNET_IDENTITY_signature_get_length (const struct | ||
1030 | GNUNET_IDENTITY_Signature *sig) | ||
1031 | { | ||
1032 | switch (ntohl (sig->type)) | ||
1033 | { | ||
1034 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1035 | return sizeof (sig->type) + sizeof (sig->ecdsa_signature); | ||
1036 | break; | ||
1037 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1038 | return sizeof (sig->type) + sizeof (sig->eddsa_signature); | ||
1039 | break; | ||
1040 | default: | ||
1041 | GNUNET_break (0); | ||
1042 | } | ||
1043 | return -1; | ||
1044 | } | ||
1045 | |||
1046 | |||
1047 | ssize_t | ||
1048 | GNUNET_IDENTITY_read_signature_from_buffer (struct | ||
1049 | GNUNET_IDENTITY_Signature *sig, | ||
1050 | const void*buffer, | ||
1051 | size_t len) | ||
1052 | { | ||
1053 | if (len < sizeof (sig->type)) | ||
1054 | return -1; | ||
1055 | GNUNET_memcpy (&(sig->type), buffer, sizeof (sig->type)); | ||
1056 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); | ||
1057 | if (len < length) | ||
1058 | return -1; | ||
1059 | if (length < 0) | ||
1060 | return -2; | ||
1061 | GNUNET_memcpy (&(sig->ecdsa_signature), buffer + sizeof (sig->type), length | ||
1062 | - sizeof (sig->type)); | ||
1063 | return length; | ||
1064 | } | ||
1065 | |||
1066 | |||
1067 | ssize_t | ||
1068 | GNUNET_IDENTITY_write_signature_to_buffer (const struct | ||
1069 | GNUNET_IDENTITY_Signature *sig, | ||
1070 | void*buffer, | ||
1071 | size_t len) | ||
1072 | { | ||
1073 | const ssize_t length = GNUNET_IDENTITY_signature_get_length (sig); | ||
1074 | if (len < length) | ||
1075 | return -1; | ||
1076 | if (length < 0) | ||
1077 | return -2; | ||
1078 | GNUNET_memcpy (buffer, &(sig->type), sizeof (sig->type)); | ||
1079 | GNUNET_memcpy (buffer + sizeof (sig->type), &(sig->ecdsa_signature), length | ||
1080 | - sizeof (sig->type)); | ||
1081 | return length; | ||
1082 | } | ||
1083 | |||
1084 | |||
1085 | int | ||
1086 | GNUNET_IDENTITY_sign_ (const struct | ||
1087 | GNUNET_IDENTITY_PrivateKey *priv, | ||
1088 | const struct | ||
1089 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
1090 | struct GNUNET_IDENTITY_Signature *sig) | ||
1091 | { | ||
1092 | sig->type = priv->type; | ||
1093 | switch (ntohl (priv->type)) | ||
1094 | { | ||
1095 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1096 | return GNUNET_CRYPTO_ecdsa_sign_ (&(priv->ecdsa_key), purpose, | ||
1097 | &(sig->ecdsa_signature)); | ||
1098 | break; | ||
1099 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1100 | return GNUNET_CRYPTO_eddsa_sign_ (&(priv->eddsa_key), purpose, | ||
1101 | &(sig->eddsa_signature)); | ||
1102 | break; | ||
1103 | default: | ||
1104 | GNUNET_break (0); | ||
1105 | } | ||
1106 | |||
1107 | return GNUNET_SYSERR; | ||
1108 | } | ||
1109 | |||
1110 | |||
1111 | int | ||
1112 | GNUNET_IDENTITY_signature_verify_ (uint32_t purpose, | ||
1113 | const struct | ||
1114 | GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
1115 | const struct GNUNET_IDENTITY_Signature *sig, | ||
1116 | const struct GNUNET_IDENTITY_PublicKey *pub) | ||
1117 | { | ||
1118 | /* check type matching of 'sig' and 'pub' */ | ||
1119 | GNUNET_assert (ntohl (pub->type) == ntohl (sig->type)); | ||
1120 | switch (ntohl (pub->type)) | ||
1121 | { | ||
1122 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1123 | return GNUNET_CRYPTO_ecdsa_verify_ (purpose, validate, | ||
1124 | &(sig->ecdsa_signature), | ||
1125 | &(pub->ecdsa_key)); | ||
1126 | break; | ||
1127 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1128 | return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, | ||
1129 | &(sig->eddsa_signature), | ||
1130 | &(pub->eddsa_key)); | ||
1131 | break; | ||
1132 | default: | ||
1133 | GNUNET_break (0); | ||
1134 | } | ||
1135 | |||
1136 | return GNUNET_SYSERR; | ||
1137 | } | ||
1138 | |||
1139 | |||
1140 | ssize_t | ||
1141 | GNUNET_IDENTITY_public_key_encrypt (const void *block, | ||
1142 | size_t size, | ||
1143 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
1144 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1145 | void *result) | ||
1146 | { | ||
1147 | struct GNUNET_CRYPTO_EcdhePrivateKey pk; | ||
1148 | GNUNET_CRYPTO_ecdhe_key_create (&pk); | ||
1149 | struct GNUNET_HashCode hash; | ||
1150 | switch (ntohl (pub->type)) | ||
1151 | { | ||
1152 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1153 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_ecdsa (&pk, &(pub->ecdsa_key), | ||
1154 | &hash)) | ||
1155 | return -1; | ||
1156 | break; | ||
1157 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1158 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdh_eddsa (&pk, &(pub->eddsa_key), | ||
1159 | &hash)) | ||
1160 | return -1; | ||
1161 | break; | ||
1162 | default: | ||
1163 | return -1; | ||
1164 | } | ||
1165 | GNUNET_CRYPTO_ecdhe_key_get_public (&pk, ecc); | ||
1166 | GNUNET_CRYPTO_ecdhe_key_clear (&pk); | ||
1167 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1168 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1169 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); | ||
1170 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); | ||
1171 | const ssize_t encrypted = GNUNET_CRYPTO_symmetric_encrypt (block, size, &key, | ||
1172 | &iv, result); | ||
1173 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); | ||
1174 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1175 | return encrypted; | ||
1176 | } | ||
1177 | |||
1178 | |||
1179 | ssize_t | ||
1180 | GNUNET_IDENTITY_private_key_decrypt (const void *block, | ||
1181 | size_t size, | ||
1182 | const struct | ||
1183 | GNUNET_IDENTITY_PrivateKey *priv, | ||
1184 | const struct | ||
1185 | GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
1186 | void *result) | ||
1187 | { | ||
1188 | struct GNUNET_HashCode hash; | ||
1189 | switch (ntohl (priv->type)) | ||
1190 | { | ||
1191 | case GNUNET_IDENTITY_TYPE_ECDSA: | ||
1192 | if (GNUNET_SYSERR == GNUNET_CRYPTO_ecdsa_ecdh (&(priv->ecdsa_key), ecc, | ||
1193 | &hash)) | ||
1194 | return -1; | ||
1195 | break; | ||
1196 | case GNUNET_IDENTITY_TYPE_EDDSA: | ||
1197 | if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_ecdh (&(priv->eddsa_key), ecc, | ||
1198 | &hash)) | ||
1199 | return -1; | ||
1200 | break; | ||
1201 | default: | ||
1202 | return -1; | ||
1203 | } | ||
1204 | struct GNUNET_CRYPTO_SymmetricSessionKey key; | ||
1205 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
1206 | GNUNET_CRYPTO_hash_to_aes_key (&hash, &key, &iv); | ||
1207 | GNUNET_CRYPTO_zero_keys (&hash, sizeof(hash)); | ||
1208 | const ssize_t decrypted = GNUNET_CRYPTO_symmetric_decrypt (block, size, &key, | ||
1209 | &iv, result); | ||
1210 | GNUNET_CRYPTO_zero_keys (&key, sizeof(key)); | ||
1211 | GNUNET_CRYPTO_zero_keys (&iv, sizeof(iv)); | ||
1212 | return decrypted; | ||
1213 | } | ||
1214 | |||
1215 | |||
993 | char * | 1216 | char * |
994 | GNUNET_IDENTITY_public_key_to_string (const struct | 1217 | GNUNET_IDENTITY_public_key_to_string (const struct |
995 | GNUNET_IDENTITY_PublicKey *key) | 1218 | GNUNET_IDENTITY_PublicKey *key) |
@@ -1023,7 +1246,7 @@ GNUNET_IDENTITY_public_key_from_string (const char *str, | |||
1023 | if (GNUNET_OK != ret) | 1246 | if (GNUNET_OK != ret) |
1024 | return GNUNET_SYSERR; | 1247 | return GNUNET_SYSERR; |
1025 | ktype = ntohl (key->type); | 1248 | ktype = ntohl (key->type); |
1026 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1249 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1027 | 1250 | ||
1028 | } | 1251 | } |
1029 | 1252 | ||
@@ -1041,7 +1264,7 @@ GNUNET_IDENTITY_private_key_from_string (const char *str, | |||
1041 | if (GNUNET_OK != ret) | 1264 | if (GNUNET_OK != ret) |
1042 | return GNUNET_SYSERR; | 1265 | return GNUNET_SYSERR; |
1043 | ktype = ntohl (key->type); | 1266 | ktype = ntohl (key->type); |
1044 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; //FIXME other keys, cleaner way? | 1267 | return (GNUNET_IDENTITY_TYPE_ECDSA == ktype) ? GNUNET_OK : GNUNET_SYSERR; // FIXME other keys, cleaner way? |
1045 | } | 1268 | } |
1046 | 1269 | ||
1047 | 1270 | ||