diff options
Diffstat (limited to 'src/include/gnunet_crypto_lib.h')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 177 |
1 files changed, 116 insertions, 61 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 50937324d..f0266537f 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -973,7 +973,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, | |||
973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding | 973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
974 | */ | 974 | */ |
975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ | 975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ |
976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) | 976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) |
977 | 977 | ||
978 | 978 | ||
979 | /** | 979 | /** |
@@ -1328,11 +1328,63 @@ GNUNET_CRYPTO_hmac_derive_key ( | |||
1328 | 1328 | ||
1329 | /** | 1329 | /** |
1330 | * @ingroup hash | 1330 | * @ingroup hash |
1331 | * @brief Derive key | 1331 | * @brief HKDF-Extract using SHA256. RFC 5869 |
1332 | * @param prk the PRK | ||
1333 | * @param salt salt | ||
1334 | * @param salt_len length of @a xts | ||
1335 | * @param ikm source key material | ||
1336 | * @param ikm_len length of @a skm | ||
1337 | * @return #GNUNET_YES on success | ||
1338 | */ | ||
1339 | enum GNUNET_GenericReturnValue | ||
1340 | GNUNET_CRYPTO_hkdf_extract (struct GNUNET_ShortHashCode *prk, | ||
1341 | const void *salt, | ||
1342 | size_t salt_len, | ||
1343 | const void *ikm, | ||
1344 | size_t ikm_len); | ||
1345 | |||
1346 | /** | ||
1347 | * @ingroup hash | ||
1348 | * @brief HKDF-Expand using SHA256. RFC 5869 | ||
1349 | * @param result buffer for the derived key, allocated by caller | ||
1350 | * @param out_len desired length of the derived key | ||
1351 | * @param ... pair of void * & size_t for context chunks, terminated by NULL | ||
1352 | * @return #GNUNET_YES on success | ||
1353 | */ | ||
1354 | enum GNUNET_GenericReturnValue | ||
1355 | GNUNET_CRYPTO_hkdf_expand (void *result, | ||
1356 | size_t out_len, | ||
1357 | const struct GNUNET_ShortHashCode *prk, | ||
1358 | ...); | ||
1359 | |||
1360 | /** | ||
1361 | * @ingroup hash | ||
1362 | * @brief HKDF-Expand using SHA256. See #GNUNET_CRYPTO_hkdf_expand | ||
1363 | * @param result buffer for the derived key, allocated by caller | ||
1364 | * @param out_len desired length of the derived key | ||
1365 | * @param argp va_list of void * & size_t pairs for context chunks | ||
1366 | * @return #GNUNET_YES on success | ||
1367 | */ | ||
1368 | enum GNUNET_GenericReturnValue | ||
1369 | GNUNET_CRYPTO_hkdf_expand_v (void *result, | ||
1370 | size_t out_len, | ||
1371 | const struct GNUNET_ShortHashCode *prk, | ||
1372 | va_list argp); | ||
1373 | |||
1374 | |||
1375 | /** | ||
1376 | * @ingroup hash | ||
1377 | * @brief A peculiar HKDF instantiation that tried to mimic Truncated NMAC. | ||
1378 | * But, what it actually does is HKDF-Extract with SHA512 and instead of | ||
1379 | * truncating the PRK, it uses it as a 64 byte key in the HKDF-Expand | ||
1380 | * phase with SHA256. | ||
1381 | * (Truncated NMAC would require us to, well, truncate it to 32 byte.) | ||
1382 | * ONLY USE FOR COMPATIBLITY WITH OLDER KEY DERIVATIONS. | ||
1383 | * Use the more standard #GNUNET_CRYPTO_hkdf_extract and | ||
1384 | * #GNUNET_CRYPTO_HKDF_expand instead! | ||
1385 | * | ||
1332 | * @param result buffer for the derived key, allocated by caller | 1386 | * @param result buffer for the derived key, allocated by caller |
1333 | * @param out_len desired length of the derived key | 1387 | * @param out_len desired length of the derived key |
1334 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... | ||
1335 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... | ||
1336 | * @param xts salt | 1388 | * @param xts salt |
1337 | * @param xts_len length of @a xts | 1389 | * @param xts_len length of @a xts |
1338 | * @param skm source key material | 1390 | * @param skm source key material |
@@ -1341,24 +1393,20 @@ GNUNET_CRYPTO_hmac_derive_key ( | |||
1341 | * @return #GNUNET_YES on success | 1393 | * @return #GNUNET_YES on success |
1342 | */ | 1394 | */ |
1343 | enum GNUNET_GenericReturnValue | 1395 | enum GNUNET_GenericReturnValue |
1344 | GNUNET_CRYPTO_hkdf (void *result, | 1396 | GNUNET_CRYPTO_hkdf_gnunet (void *result, |
1345 | size_t out_len, | 1397 | size_t out_len, |
1346 | int xtr_algo, | 1398 | const void *xts, |
1347 | int prf_algo, | 1399 | size_t xts_len, |
1348 | const void *xts, | 1400 | const void *skm, |
1349 | size_t xts_len, | 1401 | size_t skm_len, |
1350 | const void *skm, | 1402 | ...); |
1351 | size_t skm_len, | ||
1352 | ...); | ||
1353 | 1403 | ||
1354 | 1404 | ||
1355 | /** | 1405 | /** |
1356 | * @ingroup hash | 1406 | * @ingroup hash |
1357 | * @brief Derive key | 1407 | * @brief Derive key. See #GNUNET_CRYPTO_hkdf_gnunet |
1358 | * @param result buffer for the derived key, allocated by caller | 1408 | * @param result buffer for the derived key, allocated by caller |
1359 | * @param out_len desired length of the derived key | 1409 | * @param out_len desired length of the derived key |
1360 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... | ||
1361 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... | ||
1362 | * @param xts salt | 1410 | * @param xts salt |
1363 | * @param xts_len length of @a xts | 1411 | * @param xts_len length of @a xts |
1364 | * @param skm source key material | 1412 | * @param skm source key material |
@@ -1367,15 +1415,13 @@ GNUNET_CRYPTO_hkdf (void *result, | |||
1367 | * @return #GNUNET_YES on success | 1415 | * @return #GNUNET_YES on success |
1368 | */ | 1416 | */ |
1369 | enum GNUNET_GenericReturnValue | 1417 | enum GNUNET_GenericReturnValue |
1370 | GNUNET_CRYPTO_hkdf_v (void *result, | 1418 | GNUNET_CRYPTO_hkdf_gnunet_v (void *result, |
1371 | size_t out_len, | 1419 | size_t out_len, |
1372 | int xtr_algo, | 1420 | const void *xts, |
1373 | int prf_algo, | 1421 | size_t xts_len, |
1374 | const void *xts, | 1422 | const void *skm, |
1375 | size_t xts_len, | 1423 | size_t skm_len, |
1376 | const void *skm, | 1424 | va_list argp); |
1377 | size_t skm_len, | ||
1378 | va_list argp); | ||
1379 | 1425 | ||
1380 | 1426 | ||
1381 | /** | 1427 | /** |
@@ -1736,6 +1782,15 @@ GNUNET_CRYPTO_edx25519_key_clear (struct GNUNET_CRYPTO_Edx25519PrivateKey *pk); | |||
1736 | void | 1782 | void |
1737 | GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk); | 1783 | GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk); |
1738 | 1784 | ||
1785 | /** | ||
1786 | * @ingroup crypto | ||
1787 | * Clear memory that was used to store a private key. | ||
1788 | * | ||
1789 | * @param pk location of the key | ||
1790 | */ | ||
1791 | void | ||
1792 | GNUNET_CRYPTO_private_key_clear (struct GNUNET_CRYPTO_PrivateKey *pk); | ||
1793 | |||
1739 | 1794 | ||
1740 | /** | 1795 | /** |
1741 | * @ingroup crypto | 1796 | * @ingroup crypto |
@@ -2215,15 +2270,15 @@ GNUNET_CRYPTO_eddsa_sign_ ( | |||
2215 | * @param[out] sig where to write the signature | 2270 | * @param[out] sig where to write the signature |
2216 | */ | 2271 | */ |
2217 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ | 2272 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ |
2218 | /* check size is set correctly */ \ | 2273 | /* check size is set correctly */ \ |
2219 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ | 2274 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ |
2220 | /* check 'ps' begins with the purpose */ \ | 2275 | /* check 'ps' begins with the purpose */ \ |
2221 | GNUNET_static_assert (((void*) (ps)) == \ | 2276 | GNUNET_static_assert (((void*) (ps)) == \ |
2222 | ((void*) &(ps)->purpose)); \ | 2277 | ((void*) &(ps)->purpose)); \ |
2223 | GNUNET_assert (GNUNET_OK == \ | 2278 | GNUNET_assert (GNUNET_OK == \ |
2224 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ | 2279 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ |
2225 | &(ps)->purpose, \ | 2280 | &(ps)->purpose, \ |
2226 | sig)); \ | 2281 | sig)); \ |
2227 | } while (0) | 2282 | } while (0) |
2228 | 2283 | ||
2229 | 2284 | ||
@@ -2277,15 +2332,15 @@ GNUNET_CRYPTO_eddsa_sign_raw ( | |||
2277 | * @param[out] sig where to write the signature | 2332 | * @param[out] sig where to write the signature |
2278 | */ | 2333 | */ |
2279 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ | 2334 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ |
2280 | /* check size is set correctly */ \ | 2335 | /* check size is set correctly */ \ |
2281 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2336 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
2282 | /* check 'ps' begins with the purpose */ \ | 2337 | /* check 'ps' begins with the purpose */ \ |
2283 | GNUNET_static_assert (((void*) (ps)) == \ | 2338 | GNUNET_static_assert (((void*) (ps)) == \ |
2284 | ((void*) &(ps)->purpose)); \ | 2339 | ((void*) &(ps)->purpose)); \ |
2285 | GNUNET_assert (GNUNET_OK == \ | 2340 | GNUNET_assert (GNUNET_OK == \ |
2286 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ | 2341 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ |
2287 | &(ps)->purpose, \ | 2342 | &(ps)->purpose, \ |
2288 | sig)); \ | 2343 | sig)); \ |
2289 | } while (0) | 2344 | } while (0) |
2290 | 2345 | ||
2291 | /** | 2346 | /** |
@@ -2324,15 +2379,15 @@ GNUNET_CRYPTO_edx25519_sign_ ( | |||
2324 | * @param[out] sig where to write the signature | 2379 | * @param[out] sig where to write the signature |
2325 | */ | 2380 | */ |
2326 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ | 2381 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ |
2327 | /* check size is set correctly */ \ | 2382 | /* check size is set correctly */ \ |
2328 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2383 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
2329 | /* check 'ps' begins with the purpose */ \ | 2384 | /* check 'ps' begins with the purpose */ \ |
2330 | GNUNET_static_assert (((void*) (ps)) == \ | 2385 | GNUNET_static_assert (((void*) (ps)) == \ |
2331 | ((void*) &(ps)->purpose)); \ | 2386 | ((void*) &(ps)->purpose)); \ |
2332 | GNUNET_assert (GNUNET_OK == \ | 2387 | GNUNET_assert (GNUNET_OK == \ |
2333 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ | 2388 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ |
2334 | &(ps)->purpose, \ | 2389 | &(ps)->purpose, \ |
2335 | sig)); \ | 2390 | sig)); \ |
2336 | } while (0) | 2391 | } while (0) |
2337 | 2392 | ||
2338 | 2393 | ||
@@ -4239,15 +4294,15 @@ GNUNET_CRYPTO_sign_raw_ ( | |||
4239 | * @param[out] sig where to write the signature | 4294 | * @param[out] sig where to write the signature |
4240 | */ | 4295 | */ |
4241 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ | 4296 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ |
4242 | /* check size is set correctly */ \ | 4297 | /* check size is set correctly */ \ |
4243 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 4298 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
4244 | /* check 'ps' begins with the purpose */ \ | 4299 | /* check 'ps' begins with the purpose */ \ |
4245 | GNUNET_static_assert (((void*) (ps)) == \ | 4300 | GNUNET_static_assert (((void*) (ps)) == \ |
4246 | ((void*) &(ps)->purpose)); \ | 4301 | ((void*) &(ps)->purpose)); \ |
4247 | GNUNET_assert (GNUNET_OK == \ | 4302 | GNUNET_assert (GNUNET_OK == \ |
4248 | GNUNET_CRYPTO_sign_ (priv, \ | 4303 | GNUNET_CRYPTO_sign_ (priv, \ |
4249 | &(ps)->purpose, \ | 4304 | &(ps)->purpose, \ |
4250 | sig)); \ | 4305 | sig)); \ |
4251 | } while (0) | 4306 | } while (0) |
4252 | 4307 | ||
4253 | 4308 | ||