diff options
Diffstat (limited to 'src/include/gnunet_crypto_lib.h')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 325 |
1 files changed, 242 insertions, 83 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index bd1a2f3bf..da4de4c87 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -148,9 +148,10 @@ struct GNUNET_CRYPTO_EccSignaturePurpose | |||
148 | 148 | ||
149 | 149 | ||
150 | /** | 150 | /** |
151 | * @brief an ECC signature | 151 | * @brief an ECC signature using EdDSA. |
152 | * See https://gnunet.org/ed25519 | ||
152 | */ | 153 | */ |
153 | struct GNUNET_CRYPTO_EccSignature | 154 | struct GNUNET_CRYPTO_EddsaSignature |
154 | { | 155 | { |
155 | 156 | ||
156 | /** | 157 | /** |
@@ -166,11 +167,54 @@ struct GNUNET_CRYPTO_EccSignature | |||
166 | }; | 167 | }; |
167 | 168 | ||
168 | 169 | ||
170 | |||
169 | /** | 171 | /** |
170 | * Public ECC key (always for NIST P-521) encoded in a format suitable | 172 | * @brief an ECC signature using ECDSA |
171 | * for network transmission and signatures (ECDSA/EdDSA). | ||
172 | */ | 173 | */ |
173 | struct GNUNET_CRYPTO_EccPublicSignKey | 174 | struct GNUNET_CRYPTO_EcdsaSignature |
175 | { | ||
176 | |||
177 | /** | ||
178 | * R value. | ||
179 | */ | ||
180 | unsigned char r[256 / 8]; | ||
181 | |||
182 | /** | ||
183 | * S value. | ||
184 | */ | ||
185 | unsigned char s[256 / 8]; | ||
186 | |||
187 | }; | ||
188 | |||
189 | |||
190 | /** | ||
191 | * Public ECC key (always for Curve25519) encoded in a format suitable | ||
192 | * for network transmission and EdDSA signatures. | ||
193 | */ | ||
194 | struct GNUNET_CRYPTO_EddsaPublicKey | ||
195 | { | ||
196 | /** | ||
197 | * Q consists of an x- and a y-value, each mod p (256 bits), | ||
198 | * given here in affine coordinates. | ||
199 | * | ||
200 | * FIXME: this coordinate will be removed in the future (compressed point!). | ||
201 | */ | ||
202 | unsigned char q_x[256 / 8]; | ||
203 | |||
204 | /** | ||
205 | * Q consists of an x- and a y-value, each mod p (256 bits), | ||
206 | * given here in affine coordinates. | ||
207 | */ | ||
208 | unsigned char q_y[256 / 8]; | ||
209 | |||
210 | }; | ||
211 | |||
212 | |||
213 | /** | ||
214 | * Public ECC key (always for Curve25519) encoded in a format suitable | ||
215 | * for network transmission and ECDSA signatures. | ||
216 | */ | ||
217 | struct GNUNET_CRYPTO_EcdsaPublicKey | ||
174 | { | 218 | { |
175 | /** | 219 | /** |
176 | * Q consists of an x- and a y-value, each mod p (256 bits), | 220 | * Q consists of an x- and a y-value, each mod p (256 bits), |
@@ -194,15 +238,16 @@ struct GNUNET_CRYPTO_EccPublicSignKey | |||
194 | */ | 238 | */ |
195 | struct GNUNET_PeerIdentity | 239 | struct GNUNET_PeerIdentity |
196 | { | 240 | { |
197 | struct GNUNET_CRYPTO_EccPublicSignKey public_key; | 241 | struct GNUNET_CRYPTO_EddsaPublicKey public_key; |
198 | }; | 242 | }; |
199 | 243 | ||
200 | 244 | ||
201 | /** | 245 | /** |
202 | * Public ECC key (always for NIST P-521) encoded in a format suitable | 246 | * Public ECC key (always for Curve25519) encoded in a format suitable |
203 | * for network transmission and encryption (ECDH). | 247 | * for network transmission and encryption (ECDH), |
248 | * See http://cr.yp.to/ecdh.html | ||
204 | */ | 249 | */ |
205 | struct GNUNET_CRYPTO_EccPublicEncryptKey | 250 | struct GNUNET_CRYPTO_EcdhePublicKey |
206 | { | 251 | { |
207 | /** | 252 | /** |
208 | * Q consists of an x- and a y-value, each mod p (256 bits), | 253 | * Q consists of an x- and a y-value, each mod p (256 bits), |
@@ -222,9 +267,36 @@ struct GNUNET_CRYPTO_EccPublicEncryptKey | |||
222 | 267 | ||
223 | 268 | ||
224 | /** | 269 | /** |
225 | * Private ECC key encoded for transmission. | 270 | * Private ECC key encoded for transmission. To be used only for ECDH |
271 | * key exchange (ECDHE to be precise). | ||
226 | */ | 272 | */ |
227 | struct GNUNET_CRYPTO_EccPrivateKey | 273 | struct GNUNET_CRYPTO_EcdhePrivateKey |
274 | { | ||
275 | /** | ||
276 | * d is a value mod n, where n has at most 256 bits. | ||
277 | */ | ||
278 | unsigned char d[256 / 8]; | ||
279 | |||
280 | }; | ||
281 | |||
282 | /** | ||
283 | * Private ECC key encoded for transmission. To be used only for ECDSA | ||
284 | * signatures. | ||
285 | */ | ||
286 | struct GNUNET_CRYPTO_EcdsaPrivateKey | ||
287 | { | ||
288 | /** | ||
289 | * d is a value mod n, where n has at most 256 bits. | ||
290 | */ | ||
291 | unsigned char d[256 / 8]; | ||
292 | |||
293 | }; | ||
294 | |||
295 | /** | ||
296 | * Private ECC key encoded for transmission. To be used only for EdDSA | ||
297 | * signatures. | ||
298 | */ | ||
299 | struct GNUNET_CRYPTO_EddsaPrivateKey | ||
228 | { | 300 | { |
229 | /** | 301 | /** |
230 | * d is a value mod n, where n has at most 256 bits. | 302 | * d is a value mod n, where n has at most 256 bits. |
@@ -743,11 +815,11 @@ GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, | |||
743 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... | 815 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... |
744 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... | 816 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... |
745 | * @param xts salt | 817 | * @param xts salt |
746 | * @param xts_len length of xts | 818 | * @param xts_len length of @a xts |
747 | * @param skm source key material | 819 | * @param skm source key material |
748 | * @param skm_len length of skm | 820 | * @param skm_len length of @a skm |
749 | * @param ... pair of void * & size_t for context chunks, terminated by NULL | 821 | * @param ... pair of void * & size_t for context chunks, terminated by NULL |
750 | * @return GNUNET_YES on success | 822 | * @return #GNUNET_YES on success |
751 | */ | 823 | */ |
752 | int | 824 | int |
753 | GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo, | 825 | GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo, |
@@ -763,11 +835,11 @@ GNUNET_CRYPTO_hkdf (void *result, size_t out_len, int xtr_algo, int prf_algo, | |||
763 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... | 835 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... |
764 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... | 836 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... |
765 | * @param xts salt | 837 | * @param xts salt |
766 | * @param xts_len length of xts | 838 | * @param xts_len length of @a xts |
767 | * @param skm source key material | 839 | * @param skm source key material |
768 | * @param skm_len length of skm | 840 | * @param skm_len length of @a skm |
769 | * @param argp va_list of void * & size_t pairs for context chunks | 841 | * @param argp va_list of void * & size_t pairs for context chunks |
770 | * @return GNUNET_YES on success | 842 | * @return #GNUNET_YES on success |
771 | */ | 843 | */ |
772 | int | 844 | int |
773 | GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, | 845 | GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, |
@@ -780,11 +852,11 @@ GNUNET_CRYPTO_hkdf_v (void *result, size_t out_len, int xtr_algo, int prf_algo, | |||
780 | * @param result buffer for the derived key, allocated by caller | 852 | * @param result buffer for the derived key, allocated by caller |
781 | * @param out_len desired length of the derived key | 853 | * @param out_len desired length of the derived key |
782 | * @param xts salt | 854 | * @param xts salt |
783 | * @param xts_len length of xts | 855 | * @param xts_len length of @a xts |
784 | * @param skm source key material | 856 | * @param skm source key material |
785 | * @param skm_len length of skm | 857 | * @param skm_len length of @a skm |
786 | * @param argp va_list of void * & size_t pairs for context chunks | 858 | * @param argp va_list of void * & size_t pairs for context chunks |
787 | * @return GNUNET_YES on success | 859 | * @return #GNUNET_YES on success |
788 | */ | 860 | */ |
789 | int | 861 | int |
790 | GNUNET_CRYPTO_kdf_v (void *result, size_t out_len, const void *xts, | 862 | GNUNET_CRYPTO_kdf_v (void *result, size_t out_len, const void *xts, |
@@ -798,9 +870,9 @@ GNUNET_CRYPTO_kdf_v (void *result, size_t out_len, const void *xts, | |||
798 | * @param result buffer for the derived key, allocated by caller | 870 | * @param result buffer for the derived key, allocated by caller |
799 | * @param out_len desired length of the derived key | 871 | * @param out_len desired length of the derived key |
800 | * @param xts salt | 872 | * @param xts salt |
801 | * @param xts_len length of xts | 873 | * @param xts_len length of @a xts |
802 | * @param skm source key material | 874 | * @param skm source key material |
803 | * @param skm_len length of skm | 875 | * @param skm_len length of @a skm |
804 | * @param ... void * & size_t pairs for context chunks | 876 | * @param ... void * & size_t pairs for context chunks |
805 | * @return #GNUNET_YES on success | 877 | * @return #GNUNET_YES on success |
806 | */ | 878 | */ |
@@ -810,16 +882,15 @@ GNUNET_CRYPTO_kdf (void *result, size_t out_len, const void *xts, | |||
810 | 882 | ||
811 | 883 | ||
812 | /** | 884 | /** |
813 | * Function called upon completion of 'GNUNET_CRYPTO_ecc_key_create_async'. | 885 | * @ingroup crypto |
886 | * Extract the public key for the given private key. | ||
814 | * | 887 | * |
815 | * @param cls closure | 888 | * @param priv the private key |
816 | * @param pk NULL on error, otherwise the private key (which must be free'd by the callee) | 889 | * @param pub where to write the public key |
817 | * @param emsg NULL on success, otherwise an error message | ||
818 | */ | 890 | */ |
819 | typedef void (*GNUNET_CRYPTO_EccKeyCallback)(void *cls, | 891 | void |
820 | struct GNUNET_CRYPTO_EccPrivateKey *pk, | 892 | GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, |
821 | const char *emsg); | 893 | struct GNUNET_CRYPTO_EcdsaPublicKey *pub); |
822 | |||
823 | 894 | ||
824 | /** | 895 | /** |
825 | * @ingroup crypto | 896 | * @ingroup crypto |
@@ -829,9 +900,8 @@ typedef void (*GNUNET_CRYPTO_EccKeyCallback)(void *cls, | |||
829 | * @param pub where to write the public key | 900 | * @param pub where to write the public key |
830 | */ | 901 | */ |
831 | void | 902 | void |
832 | GNUNET_CRYPTO_ecc_key_get_public_for_signature (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | 903 | GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, |
833 | struct GNUNET_CRYPTO_EccPublicSignKey *pub); | 904 | struct GNUNET_CRYPTO_EddsaPublicKey *pub); |
834 | |||
835 | 905 | ||
836 | 906 | ||
837 | /** | 907 | /** |
@@ -842,8 +912,18 @@ GNUNET_CRYPTO_ecc_key_get_public_for_signature (const struct GNUNET_CRYPTO_EccPr | |||
842 | * @param pub where to write the public key | 912 | * @param pub where to write the public key |
843 | */ | 913 | */ |
844 | void | 914 | void |
845 | GNUNET_CRYPTO_ecc_key_get_public_for_encryption (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | 915 | GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, |
846 | struct GNUNET_CRYPTO_EccPublicEncryptKey *pub); | 916 | struct GNUNET_CRYPTO_EcdhePublicKey *pub); |
917 | |||
918 | |||
919 | /** | ||
920 | * Convert a public key to a string. | ||
921 | * | ||
922 | * @param pub key to convert | ||
923 | * @return string representing @a pub | ||
924 | */ | ||
925 | char * | ||
926 | GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub); | ||
847 | 927 | ||
848 | 928 | ||
849 | /** | 929 | /** |
@@ -853,7 +933,7 @@ GNUNET_CRYPTO_ecc_key_get_public_for_encryption (const struct GNUNET_CRYPTO_EccP | |||
853 | * @return string representing @a pub | 933 | * @return string representing @a pub |
854 | */ | 934 | */ |
855 | char * | 935 | char * |
856 | GNUNET_CRYPTO_ecc_public_sign_key_to_string (const struct GNUNET_CRYPTO_EccPublicSignKey *pub); | 936 | GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub); |
857 | 937 | ||
858 | 938 | ||
859 | /** | 939 | /** |
@@ -865,20 +945,9 @@ GNUNET_CRYPTO_ecc_public_sign_key_to_string (const struct GNUNET_CRYPTO_EccPubli | |||
865 | * @return #GNUNET_OK on success | 945 | * @return #GNUNET_OK on success |
866 | */ | 946 | */ |
867 | int | 947 | int |
868 | GNUNET_CRYPTO_ecc_public_sign_key_from_string (const char *enc, | 948 | GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc, |
869 | size_t enclen, | 949 | size_t enclen, |
870 | struct GNUNET_CRYPTO_EccPublicSignKey *pub); | 950 | struct GNUNET_CRYPTO_EcdsaPublicKey *pub); |
871 | |||
872 | |||
873 | |||
874 | /** | ||
875 | * Convert a public key to a string. | ||
876 | * | ||
877 | * @param pub key to convert | ||
878 | * @return string representing @a pub | ||
879 | */ | ||
880 | char * | ||
881 | GNUNET_CRYPTO_ecc_public_encrypt_key_to_string (const struct GNUNET_CRYPTO_EccPublicEncryptKey *pub); | ||
882 | 951 | ||
883 | 952 | ||
884 | /** | 953 | /** |
@@ -890,9 +959,28 @@ GNUNET_CRYPTO_ecc_public_encrypt_key_to_string (const struct GNUNET_CRYPTO_EccPu | |||
890 | * @return #GNUNET_OK on success | 959 | * @return #GNUNET_OK on success |
891 | */ | 960 | */ |
892 | int | 961 | int |
893 | GNUNET_CRYPTO_ecc_public_encrypt_key_from_string (const char *enc, | 962 | GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc, |
894 | size_t enclen, | 963 | size_t enclen, |
895 | struct GNUNET_CRYPTO_EccPublicEncryptKey *pub); | 964 | struct GNUNET_CRYPTO_EddsaPublicKey *pub); |
965 | |||
966 | |||
967 | /** | ||
968 | * @ingroup crypto | ||
969 | * Create a new private key by reading it from a file. If the | ||
970 | * files does not exist, create a new key and write it to the | ||
971 | * file. Caller must free return value. Note that this function | ||
972 | * can not guarantee that another process might not be trying | ||
973 | * the same operation on the same file at the same time. | ||
974 | * If the contents of the file | ||
975 | * are invalid the old file is deleted and a fresh key is | ||
976 | * created. | ||
977 | * | ||
978 | * @param filename name of file to use to store the key | ||
979 | * @return new private key, NULL on error (for example, | ||
980 | * permission denied); free using #GNUNET_free | ||
981 | */ | ||
982 | struct GNUNET_CRYPTO_EcdsaPrivateKey * | ||
983 | GNUNET_CRYPTO_ecdsa_key_create_from_file (const char *filename); | ||
896 | 984 | ||
897 | 985 | ||
898 | /** | 986 | /** |
@@ -910,8 +998,8 @@ GNUNET_CRYPTO_ecc_public_encrypt_key_from_string (const char *enc, | |||
910 | * @return new private key, NULL on error (for example, | 998 | * @return new private key, NULL on error (for example, |
911 | * permission denied); free using #GNUNET_free | 999 | * permission denied); free using #GNUNET_free |
912 | */ | 1000 | */ |
913 | struct GNUNET_CRYPTO_EccPrivateKey * | 1001 | struct GNUNET_CRYPTO_EddsaPrivateKey * |
914 | GNUNET_CRYPTO_ecc_key_create_from_file (const char *filename); | 1002 | GNUNET_CRYPTO_eddsa_key_create_from_file (const char *filename); |
915 | 1003 | ||
916 | 1004 | ||
917 | /** | 1005 | /** |
@@ -923,8 +1011,28 @@ GNUNET_CRYPTO_ecc_key_create_from_file (const char *filename); | |||
923 | * @return new private key, NULL on error (for example, | 1011 | * @return new private key, NULL on error (for example, |
924 | * permission denied); free using #GNUNET_free | 1012 | * permission denied); free using #GNUNET_free |
925 | */ | 1013 | */ |
926 | struct GNUNET_CRYPTO_EccPrivateKey * | 1014 | struct GNUNET_CRYPTO_EddsaPrivateKey * |
927 | GNUNET_CRYPTO_ecc_key_create_from_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg); | 1015 | GNUNET_CRYPTO_eddsa_key_create_from_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg); |
1016 | |||
1017 | |||
1018 | /** | ||
1019 | * @ingroup crypto | ||
1020 | * Create a new private key. Caller must free return value. | ||
1021 | * | ||
1022 | * @return fresh private key; free using #GNUNET_free | ||
1023 | */ | ||
1024 | struct GNUNET_CRYPTO_EcdsaPrivateKey * | ||
1025 | GNUNET_CRYPTO_ecdsa_key_create (void); | ||
1026 | |||
1027 | |||
1028 | /** | ||
1029 | * @ingroup crypto | ||
1030 | * Create a new private key. Caller must free return value. | ||
1031 | * | ||
1032 | * @return fresh private key; free using #GNUNET_free | ||
1033 | */ | ||
1034 | struct GNUNET_CRYPTO_EddsaPrivateKey * | ||
1035 | GNUNET_CRYPTO_eddsa_key_create (void); | ||
928 | 1036 | ||
929 | 1037 | ||
930 | /** | 1038 | /** |
@@ -933,8 +1041,8 @@ GNUNET_CRYPTO_ecc_key_create_from_configuration (const struct GNUNET_CONFIGURATI | |||
933 | * | 1041 | * |
934 | * @return fresh private key; free using #GNUNET_free | 1042 | * @return fresh private key; free using #GNUNET_free |
935 | */ | 1043 | */ |
936 | struct GNUNET_CRYPTO_EccPrivateKey * | 1044 | struct GNUNET_CRYPTO_EcdhePrivateKey * |
937 | GNUNET_CRYPTO_ecc_key_create (void); | 1045 | GNUNET_CRYPTO_ecdhe_key_create (void); |
938 | 1046 | ||
939 | 1047 | ||
940 | /** | 1048 | /** |
@@ -944,7 +1052,26 @@ GNUNET_CRYPTO_ecc_key_create (void); | |||
944 | * @param pk location of the key | 1052 | * @param pk location of the key |
945 | */ | 1053 | */ |
946 | void | 1054 | void |
947 | GNUNET_CRYPTO_ecc_key_clear (struct GNUNET_CRYPTO_EccPrivateKey *pk); | 1055 | GNUNET_CRYPTO_eddsa_key_clear (struct GNUNET_CRYPTO_EddsaPrivateKey *pk); |
1056 | |||
1057 | |||
1058 | /** | ||
1059 | * @ingroup crypto | ||
1060 | * Clear memory that was used to store a private key. | ||
1061 | * | ||
1062 | * @param pk location of the key | ||
1063 | */ | ||
1064 | void | ||
1065 | GNUNET_CRYPTO_ecdsa_key_clear (struct GNUNET_CRYPTO_EcdsaPrivateKey *pk); | ||
1066 | |||
1067 | /** | ||
1068 | * @ingroup crypto | ||
1069 | * Clear memory that was used to store a private key. | ||
1070 | * | ||
1071 | * @param pk location of the key | ||
1072 | */ | ||
1073 | void | ||
1074 | GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk); | ||
948 | 1075 | ||
949 | 1076 | ||
950 | /** | 1077 | /** |
@@ -953,8 +1080,8 @@ GNUNET_CRYPTO_ecc_key_clear (struct GNUNET_CRYPTO_EccPrivateKey *pk); | |||
953 | * | 1080 | * |
954 | * @return "anonymous" private key; do not free | 1081 | * @return "anonymous" private key; do not free |
955 | */ | 1082 | */ |
956 | const struct GNUNET_CRYPTO_EccPrivateKey * | 1083 | const struct GNUNET_CRYPTO_EcdsaPrivateKey * |
957 | GNUNET_CRYPTO_ecc_key_get_anonymous (void); | 1084 | GNUNET_CRYPTO_ecdsa_key_get_anonymous (void); |
958 | 1085 | ||
959 | 1086 | ||
960 | /** | 1087 | /** |
@@ -967,7 +1094,7 @@ GNUNET_CRYPTO_ecc_key_get_anonymous (void); | |||
967 | * @param cfg_name name of the configuration file to use | 1094 | * @param cfg_name name of the configuration file to use |
968 | */ | 1095 | */ |
969 | void | 1096 | void |
970 | GNUNET_CRYPTO_ecc_setup_hostkey (const char *cfg_name); | 1097 | GNUNET_CRYPTO_eddsa_setup_hostkey (const char *cfg_name); |
971 | 1098 | ||
972 | 1099 | ||
973 | /** | 1100 | /** |
@@ -989,19 +1116,34 @@ GNUNET_CRYPTO_get_peer_identity (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
989 | * Derive key material from a public and a private ECC key. | 1116 | * Derive key material from a public and a private ECC key. |
990 | * | 1117 | * |
991 | * @param priv private key to use for the ECDH (x) | 1118 | * @param priv private key to use for the ECDH (x) |
992 | * @param pub public key to use for the ECDY (yG) | 1119 | * @param pub public key to use for the ECDH (yG) |
993 | * @param key_material where to write the key material (xyG) | 1120 | * @param key_material where to write the key material (xyG) |
994 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | 1121 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success |
995 | */ | 1122 | */ |
996 | int | 1123 | int |
997 | GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | 1124 | GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, |
998 | const struct GNUNET_CRYPTO_EccPublicEncryptKey *pub, | 1125 | const struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
999 | struct GNUNET_HashCode *key_material); | 1126 | struct GNUNET_HashCode *key_material); |
1000 | 1127 | ||
1001 | 1128 | ||
1002 | /** | 1129 | /** |
1003 | * @ingroup crypto | 1130 | * @ingroup crypto |
1004 | * Sign a given block. | 1131 | * EdDSA sign a given block. |
1132 | * | ||
1133 | * @param priv private key to use for the signing | ||
1134 | * @param purpose what to sign (size, purpose) | ||
1135 | * @param sig where to write the signature | ||
1136 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1137 | */ | ||
1138 | int | ||
1139 | GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, | ||
1140 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
1141 | struct GNUNET_CRYPTO_EddsaSignature *sig); | ||
1142 | |||
1143 | |||
1144 | /** | ||
1145 | * @ingroup crypto | ||
1146 | * ECDSA Sign a given block. | ||
1005 | * | 1147 | * |
1006 | * @param priv private key to use for the signing | 1148 | * @param priv private key to use for the signing |
1007 | * @param purpose what to sign (size, purpose) | 1149 | * @param purpose what to sign (size, purpose) |
@@ -1009,14 +1151,31 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | |||
1009 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | 1151 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success |
1010 | */ | 1152 | */ |
1011 | int | 1153 | int |
1012 | GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | 1154 | GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, |
1013 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | 1155 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, |
1014 | struct GNUNET_CRYPTO_EccSignature *sig); | 1156 | struct GNUNET_CRYPTO_EcdsaSignature *sig); |
1157 | |||
1158 | /** | ||
1159 | * @ingroup crypto | ||
1160 | * Verify EdDSA signature. | ||
1161 | * | ||
1162 | * @param purpose what is the purpose that the signature should have? | ||
1163 | * @param validate block to validate (size, purpose, data) | ||
1164 | * @param sig signature that is being validated | ||
1165 | * @param pub public key of the signer | ||
1166 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid | ||
1167 | */ | ||
1168 | int | ||
1169 | GNUNET_CRYPTO_eddsa_verify (uint32_t purpose, | ||
1170 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
1171 | const struct GNUNET_CRYPTO_EddsaSignature *sig, | ||
1172 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub); | ||
1173 | |||
1015 | 1174 | ||
1016 | 1175 | ||
1017 | /** | 1176 | /** |
1018 | * @ingroup crypto | 1177 | * @ingroup crypto |
1019 | * Verify signature. | 1178 | * Verify ECDSA signature. |
1020 | * | 1179 | * |
1021 | * @param purpose what is the purpose that the signature should have? | 1180 | * @param purpose what is the purpose that the signature should have? |
1022 | * @param validate block to validate (size, purpose, data) | 1181 | * @param validate block to validate (size, purpose, data) |
@@ -1025,10 +1184,10 @@ GNUNET_CRYPTO_ecc_sign (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | |||
1025 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid | 1184 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid |
1026 | */ | 1185 | */ |
1027 | int | 1186 | int |
1028 | GNUNET_CRYPTO_ecc_verify (uint32_t purpose, | 1187 | GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose, |
1029 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | 1188 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, |
1030 | const struct GNUNET_CRYPTO_EccSignature *sig, | 1189 | const struct GNUNET_CRYPTO_EcdsaSignature *sig, |
1031 | const struct GNUNET_CRYPTO_EccPublicSignKey *pub); | 1190 | const struct GNUNET_CRYPTO_EcdsaPublicKey *pub); |
1032 | 1191 | ||
1033 | 1192 | ||
1034 | /** | 1193 | /** |
@@ -1044,10 +1203,10 @@ GNUNET_CRYPTO_ecc_verify (uint32_t purpose, | |||
1044 | * typically the name of the subsystem/application | 1203 | * typically the name of the subsystem/application |
1045 | * @return derived private key | 1204 | * @return derived private key |
1046 | */ | 1205 | */ |
1047 | struct GNUNET_CRYPTO_EccPrivateKey * | 1206 | struct GNUNET_CRYPTO_EcdsaPrivateKey * |
1048 | GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | 1207 | GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, |
1049 | const char *label, | 1208 | const char *label, |
1050 | const char *context); | 1209 | const char *context); |
1051 | 1210 | ||
1052 | 1211 | ||
1053 | /** | 1212 | /** |
@@ -1062,10 +1221,10 @@ GNUNET_CRYPTO_ecc_key_derive (const struct GNUNET_CRYPTO_EccPrivateKey *priv, | |||
1062 | * @param result where to write the derived public key | 1221 | * @param result where to write the derived public key |
1063 | */ | 1222 | */ |
1064 | void | 1223 | void |
1065 | GNUNET_CRYPTO_ecc_public_key_derive (const struct GNUNET_CRYPTO_EccPublicSignKey *pub, | 1224 | GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, |
1066 | const char *label, | 1225 | const char *label, |
1067 | const char *context, | 1226 | const char *context, |
1068 | struct GNUNET_CRYPTO_EccPublicSignKey *result); | 1227 | struct GNUNET_CRYPTO_EcdsaPublicKey *result); |
1069 | 1228 | ||
1070 | 1229 | ||
1071 | #if 0 /* keep Emacsens' auto-indent happy */ | 1230 | #if 0 /* keep Emacsens' auto-indent happy */ |