diff options
Diffstat (limited to 'src/include/gnunet_crypto_lib.h')
-rw-r--r-- | src/include/gnunet_crypto_lib.h | 177 |
1 files changed, 147 insertions, 30 deletions
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index a9e1a3212..44dfb4e44 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -44,7 +44,7 @@ | |||
44 | * @see [Documentation](https://gnunet.org/crypto-api) | 44 | * @see [Documentation](https://gnunet.org/crypto-api) |
45 | */ | 45 | */ |
46 | 46 | ||
47 | #if !defined (__GNUNET_UTIL_LIB_H_INSIDE__) | 47 | #if ! defined (__GNUNET_UTIL_LIB_H_INSIDE__) |
48 | #error "Only <gnunet_util_lib.h> can be included directly." | 48 | #error "Only <gnunet_util_lib.h> can be included directly." |
49 | #endif | 49 | #endif |
50 | 50 | ||
@@ -846,7 +846,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc, | |||
846 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding | 846 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding |
847 | */ | 847 | */ |
848 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ | 848 | #define GNUNET_CRYPTO_hash_from_string(enc, result) \ |
849 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) | 849 | GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result) |
850 | 850 | ||
851 | 851 | ||
852 | /** | 852 | /** |
@@ -1837,6 +1837,122 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, | |||
1837 | const struct GNUNET_CRYPTO_EcdhePublicKey *pub, | 1837 | const struct GNUNET_CRYPTO_EcdhePublicKey *pub, |
1838 | struct GNUNET_HashCode *key_material); | 1838 | struct GNUNET_HashCode *key_material); |
1839 | 1839 | ||
1840 | /** | ||
1841 | * @ingroup crypto | ||
1842 | * Decapsulate a key for a private EdDSA key. | ||
1843 | * Dual to #GNUNET_CRRYPTO_eddsa_kem_encaps. | ||
1844 | * | ||
1845 | * @param priv private key from EdDSA to use for the ECDH (x) | ||
1846 | * @param c the encapsulated key | ||
1847 | * @param key_material where to write the key material H(h(x)yG) | ||
1848 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1849 | */ | ||
1850 | enum GNUNET_GenericReturnValue | ||
1851 | GNUNET_CRYPTO_eddsa_kem_decaps (const struct | ||
1852 | GNUNET_CRYPTO_EddsaPrivateKey *priv, | ||
1853 | const struct GNUNET_CRYPTO_EcdhePublicKey *c, | ||
1854 | struct GNUNET_HashCode *key_material); | ||
1855 | |||
1856 | /** | ||
1857 | * @ingroup crypto | ||
1858 | * Encapsulate key material for a EdDSA public key. | ||
1859 | * Dual to #GNUNET_CRRYPTO_eddsa_kem_decaps. | ||
1860 | * | ||
1861 | * @param priv private key to use for the ECDH (y) | ||
1862 | * @param c public key from EdDSA to use for the ECDH (X=h(x)G) | ||
1863 | * @param key_material where to write the key material H(yX)=H(h(x)yG) | ||
1864 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1865 | */ | ||
1866 | enum GNUNET_GenericReturnValue | ||
1867 | GNUNET_CRYPTO_eddsa_kem_encaps (const struct GNUNET_CRYPTO_EddsaPublicKey *pub, | ||
1868 | struct GNUNET_CRYPTO_EcdhePublicKey *c, | ||
1869 | struct GNUNET_HashCode *key_material); | ||
1870 | |||
1871 | /** | ||
1872 | * This is the encapsulated key of our FO-KEM. | ||
1873 | */ | ||
1874 | struct GNUNET_CRYPTO_FoKemC | ||
1875 | { | ||
1876 | /* The output of the FO-OWTF F(x) */ | ||
1877 | struct GNUNET_HashCode y; | ||
1878 | |||
1879 | /* The ephemeral public key from the DH in the KEM */ | ||
1880 | struct GNUNET_CRYPTO_EcdhePublicKey pub; | ||
1881 | }; | ||
1882 | |||
1883 | /** | ||
1884 | * @ingroup crypto | ||
1885 | * Encapsulate key material using a CCA-secure KEM. | ||
1886 | * The KEM is using a OWTF with image oracle constructed from | ||
1887 | * a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). | ||
1888 | * Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_decaps. | ||
1889 | * | ||
1890 | * @param pub public key to encapsulated for | ||
1891 | * @param[out] c the encapsulation | ||
1892 | * @param[out] key_material the encapsulated key | ||
1893 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1894 | */ | ||
1895 | enum GNUNET_GenericReturnValue | ||
1896 | GNUNET_CRYPTO_eddsa_fo_kem_encaps ( | ||
1897 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, | ||
1898 | struct GNUNET_CRYPTO_FoKemC *c, | ||
1899 | struct GNUNET_HashCode *key_material); | ||
1900 | |||
1901 | |||
1902 | /** | ||
1903 | * @ingroup crypto | ||
1904 | * Decapsulate key material using a CCA-secure KEM. | ||
1905 | * The KEM is using a OWTF with image oracle constructed from | ||
1906 | * a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). | ||
1907 | * Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_encaps. | ||
1908 | * | ||
1909 | * @param priv private key this encapsulation is for | ||
1910 | * @param c the encapsulation | ||
1911 | * @param[out] key_material the encapsulated key | ||
1912 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1913 | */ | ||
1914 | enum GNUNET_GenericReturnValue | ||
1915 | GNUNET_CRYPTO_eddsa_fo_kem_decaps (const struct | ||
1916 | GNUNET_CRYPTO_EddsaPrivateKey *priv, | ||
1917 | const struct GNUNET_CRYPTO_FoKemC *c, | ||
1918 | struct GNUNET_HashCode *key_material); | ||
1919 | |||
1920 | /** | ||
1921 | * @ingroup crypto | ||
1922 | * Encapsulate key material using a CCA-secure KEM. | ||
1923 | * The KEM is using a OWTF with image oracle constructed from | ||
1924 | * a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). | ||
1925 | * Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_decaps. | ||
1926 | * | ||
1927 | * @param pub public key to encapsulated for | ||
1928 | * @param[out] c the encapsulation | ||
1929 | * @param[out] key_material the encapsulated key | ||
1930 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1931 | */ | ||
1932 | enum GNUNET_GenericReturnValue | ||
1933 | GNUNET_CRYPTO_ecdsa_fo_kem_encaps (const struct | ||
1934 | GNUNET_CRYPTO_EcdsaPublicKey *pub, | ||
1935 | struct GNUNET_CRYPTO_FoKemC *c, | ||
1936 | struct GNUNET_HashCode *key_material); | ||
1937 | |||
1938 | |||
1939 | /** | ||
1940 | * @ingroup crypto | ||
1941 | * Decapsulate key material using a CCA-secure KEM. | ||
1942 | * The KEM is using a OWTF with image oracle constructed from | ||
1943 | * a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). | ||
1944 | * Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_encaps. | ||
1945 | * | ||
1946 | * @param priv private key this encapsulation is for | ||
1947 | * @param c the encapsulation | ||
1948 | * @param[out] key_material the encapsulated key | ||
1949 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
1950 | */ | ||
1951 | enum GNUNET_GenericReturnValue | ||
1952 | GNUNET_CRYPTO_ecdsa_fo_kem_decaps (const struct | ||
1953 | GNUNET_CRYPTO_EcdsaPrivateKey *priv, | ||
1954 | struct GNUNET_CRYPTO_FoKemC *c, | ||
1955 | struct GNUNET_HashCode *key_material); | ||
1840 | 1956 | ||
1841 | /** | 1957 | /** |
1842 | * @ingroup crypto | 1958 | * @ingroup crypto |
@@ -1869,6 +1985,7 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, | |||
1869 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, | 1985 | const struct GNUNET_CRYPTO_EddsaPublicKey *pub, |
1870 | struct GNUNET_HashCode *key_material); | 1986 | struct GNUNET_HashCode *key_material); |
1871 | 1987 | ||
1988 | |||
1872 | /** | 1989 | /** |
1873 | * @ingroup crypto | 1990 | * @ingroup crypto |
1874 | * Derive key material from a EcDSA public key and a private ECDH key. | 1991 | * Derive key material from a EcDSA public key and a private ECDH key. |
@@ -1920,15 +2037,15 @@ GNUNET_CRYPTO_eddsa_sign_ ( | |||
1920 | * @param[out] sig where to write the signature | 2037 | * @param[out] sig where to write the signature |
1921 | */ | 2038 | */ |
1922 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ | 2039 | #define GNUNET_CRYPTO_eddsa_sign(priv,ps,sig) do { \ |
1923 | /* check size is set correctly */ \ | 2040 | /* check size is set correctly */ \ |
1924 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ | 2041 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*ps)); \ |
1925 | /* check 'ps' begins with the purpose */ \ | 2042 | /* check 'ps' begins with the purpose */ \ |
1926 | GNUNET_static_assert (((void*) (ps)) == \ | 2043 | GNUNET_static_assert (((void*) (ps)) == \ |
1927 | ((void*) &(ps)->purpose)); \ | 2044 | ((void*) &(ps)->purpose)); \ |
1928 | GNUNET_assert (GNUNET_OK == \ | 2045 | GNUNET_assert (GNUNET_OK == \ |
1929 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ | 2046 | GNUNET_CRYPTO_eddsa_sign_ (priv, \ |
1930 | &(ps)->purpose, \ | 2047 | &(ps)->purpose, \ |
1931 | sig)); \ | 2048 | sig)); \ |
1932 | } while (0) | 2049 | } while (0) |
1933 | 2050 | ||
1934 | 2051 | ||
@@ -1982,15 +2099,15 @@ GNUNET_CRYPTO_eddsa_sign_raw ( | |||
1982 | * @param[out] sig where to write the signature | 2099 | * @param[out] sig where to write the signature |
1983 | */ | 2100 | */ |
1984 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ | 2101 | #define GNUNET_CRYPTO_ecdsa_sign(priv,ps,sig) do { \ |
1985 | /* check size is set correctly */ \ | 2102 | /* check size is set correctly */ \ |
1986 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2103 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
1987 | /* check 'ps' begins with the purpose */ \ | 2104 | /* check 'ps' begins with the purpose */ \ |
1988 | GNUNET_static_assert (((void*) (ps)) == \ | 2105 | GNUNET_static_assert (((void*) (ps)) == \ |
1989 | ((void*) &(ps)->purpose)); \ | 2106 | ((void*) &(ps)->purpose)); \ |
1990 | GNUNET_assert (GNUNET_OK == \ | 2107 | GNUNET_assert (GNUNET_OK == \ |
1991 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ | 2108 | GNUNET_CRYPTO_ecdsa_sign_ (priv, \ |
1992 | &(ps)->purpose, \ | 2109 | &(ps)->purpose, \ |
1993 | sig)); \ | 2110 | sig)); \ |
1994 | } while (0) | 2111 | } while (0) |
1995 | 2112 | ||
1996 | /** | 2113 | /** |
@@ -2029,15 +2146,15 @@ GNUNET_CRYPTO_edx25519_sign_ ( | |||
2029 | * @param[out] sig where to write the signature | 2146 | * @param[out] sig where to write the signature |
2030 | */ | 2147 | */ |
2031 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ | 2148 | #define GNUNET_CRYPTO_edx25519_sign(priv,ps,sig) do { \ |
2032 | /* check size is set correctly */ \ | 2149 | /* check size is set correctly */ \ |
2033 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | 2150 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ |
2034 | /* check 'ps' begins with the purpose */ \ | 2151 | /* check 'ps' begins with the purpose */ \ |
2035 | GNUNET_static_assert (((void*) (ps)) == \ | 2152 | GNUNET_static_assert (((void*) (ps)) == \ |
2036 | ((void*) &(ps)->purpose)); \ | 2153 | ((void*) &(ps)->purpose)); \ |
2037 | GNUNET_assert (GNUNET_OK == \ | 2154 | GNUNET_assert (GNUNET_OK == \ |
2038 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ | 2155 | GNUNET_CRYPTO_edx25519_sign_ (priv, \ |
2039 | &(ps)->purpose, \ | 2156 | &(ps)->purpose, \ |
2040 | sig)); \ | 2157 | sig)); \ |
2041 | } while (0) | 2158 | } while (0) |
2042 | 2159 | ||
2043 | 2160 | ||
@@ -2700,7 +2817,7 @@ GNUNET_CRYPTO_rsa_public_key_cmp (const struct GNUNET_CRYPTO_RsaPublicKey *p1, | |||
2700 | * @param[out] buf_size number of bytes stored in @a buf | 2817 | * @param[out] buf_size number of bytes stored in @a buf |
2701 | * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious | 2818 | * @return #GNUNET_YES if successful, #GNUNET_NO if RSA key is malicious |
2702 | */ | 2819 | */ |
2703 | int | 2820 | enum GNUNET_GenericReturnValue |
2704 | GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, | 2821 | GNUNET_CRYPTO_rsa_blind (const struct GNUNET_HashCode *hash, |
2705 | const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, | 2822 | const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, |
2706 | struct GNUNET_CRYPTO_RsaPublicKey *pkey, | 2823 | struct GNUNET_CRYPTO_RsaPublicKey *pkey, |