diff options
Diffstat (limited to 'src/include/gnunet_crypto_lib.h')
| -rw-r--r-- | src/include/gnunet_crypto_lib.h | 177 |
1 files changed, 116 insertions, 61 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index 50937324d..f0266537f 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
| @@ -973,7 +973,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, | |||
| 973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding | 973 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
| 974 | */ | 974 | */ |
| 975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ | 975 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ |
| 976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) | 976 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) |
| 977 | 977 | ||
| 978 | 978 | ||
| 979 | /** | 979 | /** |
| @@ -1328,11 +1328,63 @@ GNUNET_CRYPTO_hmac_derive_key ( | |||
| 1328 | 1328 | ||
| 1329 | /** | 1329 | /** |
| 1330 | * @ingroup hash | 1330 | * @ingroup hash |
| 1331 | * @brief Derive key | 1331 | * @brief HKDF-Extract using SHA256. RFC 5869 |
| 1332 | * @param prk the PRK | ||
| 1333 | * @param salt salt | ||
| 1334 | * @param salt_len length of @a xts | ||
| 1335 | * @param ikm source key material | ||
| 1336 | * @param ikm_len length of @a skm | ||
| 1337 | * @return #GNUNET_YES on success | ||
| 1338 | */ | ||
| 1339 | enum GNUNET_GenericReturnValue | ||
| 1340 | GNUNET_CRYPTO_hkdf_extract (struct GNUNET_ShortHashCode *prk, | ||
| 1341 | const void *salt, | ||
| 1342 | size_t salt_len, | ||
| 1343 | const void *ikm, | ||
| 1344 | size_t ikm_len); | ||
| 1345 | |||
| 1346 | /** | ||
| 1347 | * @ingroup hash | ||
| 1348 | * @brief HKDF-Expand using SHA256. RFC 5869 | ||
| 1349 | * @param result buffer for the derived key, allocated by caller | ||
| 1350 | * @param out_len desired length of the derived key | ||
| 1351 | * @param ... pair of void * & size_t for context chunks, terminated by NULL | ||
| 1352 | * @return #GNUNET_YES on success | ||
| 1353 | */ | ||
| 1354 | enum GNUNET_GenericReturnValue | ||
| 1355 | GNUNET_CRYPTO_hkdf_expand (void *result, | ||
| 1356 | size_t out_len, | ||
| 1357 | const struct GNUNET_ShortHashCode *prk, | ||
| 1358 | ...); | ||
| 1359 | |||
| 1360 | /** | ||
| 1361 | * @ingroup hash | ||
| 1362 | * @brief HKDF-Expand using SHA256. See #GNUNET_CRYPTO_hkdf_expand | ||
| 1363 | * @param result buffer for the derived key, allocated by caller | ||
| 1364 | * @param out_len desired length of the derived key | ||
| 1365 | * @param argp va_list of void * & size_t pairs for context chunks | ||
| 1366 | * @return #GNUNET_YES on success | ||
| 1367 | */ | ||
| 1368 | enum GNUNET_GenericReturnValue | ||
| 1369 | GNUNET_CRYPTO_hkdf_expand_v (void *result, | ||
| 1370 | size_t out_len, | ||
| 1371 | const struct GNUNET_ShortHashCode *prk, | ||
| 1372 | va_list argp); | ||
| 1373 | |||
| 1374 | |||
| 1375 | /** | ||
| 1376 | * @ingroup hash | ||
| 1377 | * @brief A peculiar HKDF instantiation that tried to mimic Truncated NMAC. | ||
| 1378 | * But, what it actually does is HKDF-Extract with SHA512 and instead of | ||
| 1379 | * truncating the PRK, it uses it as a 64 byte key in the HKDF-Expand | ||
| 1380 | * phase with SHA256. | ||
| 1381 | * (Truncated NMAC would require us to, well, truncate it to 32 byte.) | ||
| 1382 | * ONLY USE FOR COMPATIBLITY WITH OLDER KEY DERIVATIONS. | ||
| 1383 | * Use the more standard #GNUNET_CRYPTO_hkdf_extract and | ||
| 1384 | * #GNUNET_CRYPTO_HKDF_expand instead! | ||
| 1385 | * | ||
| 1332 | * @param result buffer for the derived key, allocated by caller | 1386 | * @param result buffer for the derived key, allocated by caller |
| 1333 | * @param out_len desired length of the derived key | 1387 | * @param out_len desired length of the derived key |
| 1334 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... | ||
| 1335 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... | ||
| 1336 | * @param xts salt | 1388 | * @param xts salt |
| 1337 | * @param xts_len length of @a xts | 1389 | * @param xts_len length of @a xts |
| 1338 | * @param skm source key material | 1390 | * @param skm source key material |
| @@ -1341,24 +1393,20 @@ GNUNET_CRYPTO_hmac_derive_key ( | |||
| 1341 | * @return #GNUNET_YES on success | 1393 | * @return #GNUNET_YES on success |
| 1342 | */ | 1394 | */ |
| 1343 | enum GNUNET_GenericReturnValue | 1395 | enum GNUNET_GenericReturnValue |
| 1344 | GNUNET_CRYPTO_hkdf (void *result, | 1396 | GNUNET_CRYPTO_hkdf_gnunet (void *result, |
| 1345 | size_t out_len, | 1397 | size_t out_len, |
| 1346 | int xtr_algo, | 1398 | const void *xts, |
| 1347 | int prf_algo, | 1399 | size_t xts_len, |
| 1348 | const void *xts, | 1400 | const void *skm, |
| 1349 | size_t xts_len, | 1401 | size_t skm_len, |
| 1350 | const void *skm, | 1402 | ...); |
| 1351 | size_t skm_len, | ||
| 1352 | ...); | ||
| 1353 | 1403 | ||
| 1354 | 1404 | ||
| 1355 | /** | 1405 | /** |
| 1356 | * @ingroup hash | 1406 | * @ingroup hash |
| 1357 | * @brief Derive key | 1407 | * @brief Derive key. See #GNUNET_CRYPTO_hkdf_gnunet |
| 1358 | * @param result buffer for the derived key, allocated by caller | 1408 | * @param result buffer for the derived key, allocated by caller |
| 1359 | * @param out_len desired length of the derived key | 1409 | * @param out_len desired length of the derived key |
| 1360 | * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_... | ||
| 1361 | * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_... | ||
| 1362 | * @param xts salt | 1410 | * @param xts salt |
| 1363 | * @param xts_len length of @a xts | 1411 | * @param xts_len length of @a xts |
| 1364 | * @param skm source key material | 1412 | * @param skm source key material |
| @@ -1367,15 +1415,13 @@ GNUNET_CRYPTO_hkdf (void *result, | |||
| 1367 | * @return #GNUNET_YES on success | 1415 | * @return #GNUNET_YES on success |
| 1368 | */ | 1416 | */ |
| 1369 | enum GNUNET_GenericReturnValue | 1417 | enum GNUNET_GenericReturnValue |
| 1370 | GNUNET_CRYPTO_hkdf_v (void *result, | 1418 | GNUNET_CRYPTO_hkdf_gnunet_v (void *result, |
| 1371 | size_t out_len, | 1419 | size_t out_len, |
| 1372 | int xtr_algo, | 1420 | const void *xts, |
| 1373 | int prf_algo, | 1421 | size_t xts_len, |
| 1374 | const void *xts, | 1422 | const void *skm, |
| 1375 | size_t xts_len, | 1423 | size_t skm_len, |
| 1376 | const void *skm, | 1424 | va_list argp); |
| 1377 | size_t skm_len, | ||
| 1378 | va_list argp); | ||
| 1379 | 1425 | ||
| 1380 | 1426 | ||
| 1381 | /** | 1427 | /** |
| @@ -1736,6 +1782,15 @@ GNUNET_CRYPTO_edx25519_key_clear (struct GNUNET_CRYPTO_Edx25519PrivateKey *pk); | |||
| 1736 | void | 1782 | void |
| 1737 | GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk); | 1783 | GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk); |
| 1738 | 1784 | ||
| 1785 | /** | ||
| 1786 | * @ingroup crypto | ||
| 1787 | * Clear memory that was used to store a private key. | ||
| 1788 | * | ||
| 1789 | * @param pk location of the key | ||
| 1790 | */ | ||
| 1791 | void | ||
| 1792 | GNUNET_CRYPTO_private_key_clear (struct GNUNET_CRYPTO_PrivateKey *pk); | ||
| 1793 | |||
| 1739 | 1794 | ||
| 1740 | /** | 1795 | /** |
| 1741 | * @ingroup crypto | 1796 | * @ingroup crypto |
| @@ -2215,15 +2270,15 @@ GNUNET_CRYPTO_eddsa_sign_ ( | |||
| 2215 | * @param[out] sig where to write the signature | 2270 | * @param[out] sig where to write the signature |
| 2216 | */ | 2271 | */ |
| 2217 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ | 2272 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ |
| 2218 | /* check size is set correctly */ \ | 2273 | /* check size is set correctly */ \ |
| 2219 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ | 2274 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ |
| 2220 | /* check 'ps' begins with the purpose */ \ | 2275 | /* check 'ps' begins with the purpose */ \ |
| 2221 | GNUNET_static_assert (((void*) (ps)) == \ | 2276 | GNUNET_static_assert (((void*) (ps)) == \ |
| 2222 | ((void*) &(ps)->purpose)); \ | 2277 | ((void*) &(ps)->purpose)); \ |
| 2223 | GNUNET_assert (GNUNET_OK == \ | 2278 | GNUNET_assert (GNUNET_OK == \ |
| 2224 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ | 2279 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ |
| 2225 | &(ps)->purpose, \ | 2280 | &(ps)->purpose, \ |
| 2226 | sig)); \ | 2281 | sig)); \ |
| 2227 | } while (0) | 2282 | } while (0) |
| 2228 | 2283 | ||
| 2229 | 2284 | ||
| @@ -2277,15 +2332,15 @@ GNUNET_CRYPTO_eddsa_sign_raw ( | |||
| 2277 | * @param[out] sig where to write the signature | 2332 | * @param[out] sig where to write the signature |
| 2278 | */ | 2333 | */ |
| 2279 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ | 2334 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ |
| 2280 | /* check size is set correctly */ \ | 2335 | /* check size is set correctly */ \ |
| 2281 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2336 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
| 2282 | /* check 'ps' begins with the purpose */ \ | 2337 | /* check 'ps' begins with the purpose */ \ |
| 2283 | GNUNET_static_assert (((void*) (ps)) == \ | 2338 | GNUNET_static_assert (((void*) (ps)) == \ |
| 2284 | ((void*) &(ps)->purpose)); \ | 2339 | ((void*) &(ps)->purpose)); \ |
| 2285 | GNUNET_assert (GNUNET_OK == \ | 2340 | GNUNET_assert (GNUNET_OK == \ |
| 2286 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ | 2341 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ |
| 2287 | &(ps)->purpose, \ | 2342 | &(ps)->purpose, \ |
| 2288 | sig)); \ | 2343 | sig)); \ |
| 2289 | } while (0) | 2344 | } while (0) |
| 2290 | 2345 | ||
| 2291 | /** | 2346 | /** |
| @@ -2324,15 +2379,15 @@ GNUNET_CRYPTO_edx25519_sign_ ( | |||
| 2324 | * @param[out] sig where to write the signature | 2379 | * @param[out] sig where to write the signature |
| 2325 | */ | 2380 | */ |
| 2326 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ | 2381 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ |
| 2327 | /* check size is set correctly */ \ | 2382 | /* check size is set correctly */ \ |
| 2328 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2383 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
| 2329 | /* check 'ps' begins with the purpose */ \ | 2384 | /* check 'ps' begins with the purpose */ \ |
| 2330 | GNUNET_static_assert (((void*) (ps)) == \ | 2385 | GNUNET_static_assert (((void*) (ps)) == \ |
| 2331 | ((void*) &(ps)->purpose)); \ | 2386 | ((void*) &(ps)->purpose)); \ |
| 2332 | GNUNET_assert (GNUNET_OK == \ | 2387 | GNUNET_assert (GNUNET_OK == \ |
| 2333 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ | 2388 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ |
| 2334 | &(ps)->purpose, \ | 2389 | &(ps)->purpose, \ |
| 2335 | sig)); \ | 2390 | sig)); \ |
| 2336 | } while (0) | 2391 | } while (0) |
| 2337 | 2392 | ||
| 2338 | 2393 | ||
| @@ -4239,15 +4294,15 @@ GNUNET_CRYPTO_sign_raw_ ( | |||
| 4239 | * @param[out] sig where to write the signature | 4294 | * @param[out] sig where to write the signature |
| 4240 | */ | 4295 | */ |
| 4241 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ | 4296 | #define GNUNET_CRYPTO_sign(priv,ps,sig) do { \ |
| 4242 | /* check size is set correctly */ \ | 4297 | /* check size is set correctly */ \ |
| 4243 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 4298 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
| 4244 | /* check 'ps' begins with the purpose */ \ | 4299 | /* check 'ps' begins with the purpose */ \ |
| 4245 | GNUNET_static_assert (((void*) (ps)) == \ | 4300 | GNUNET_static_assert (((void*) (ps)) == \ |
| 4246 | ((void*) &(ps)->purpose)); \ | 4301 | ((void*) &(ps)->purpose)); \ |
| 4247 | GNUNET_assert (GNUNET_OK == \ | 4302 | GNUNET_assert (GNUNET_OK == \ |
| 4248 | GNUNET_CRYPTO_sign_ (priv, \ | 4303 | GNUNET_CRYPTO_sign_ (priv, \ |
| 4249 | &(ps)->purpose, \ | 4304 | &(ps)->purpose, \ |
| 4250 | sig)); \ | 4305 | sig)); \ |
| 4251 | } while (0) | 4306 | } while (0) |
| 4252 | 4307 | ||
| 4253 | 4308 | ||