diff options
Diffstat (limited to 'src/include/gnunet_identity_service.h')
-rw-r--r-- | src/include/gnunet_identity_service.h | 519 |
1 files changed, 33 insertions, 486 deletions
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index 227c7f486..270f4d26f 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h | |||
@@ -1,6 +1,6 @@ | |||
1 | /* | 1 | /* |
2 | This file is part of GNUnet. | 2 | This file is part of GNUnet. |
3 | Copyright (C) 2013 GNUnet e.V. | 3 | Copyright (C) 2013--2023 GNUnet e.V. |
4 | 4 | ||
5 | GNUnet is free software: you can redistribute it and/or modify it | 5 | GNUnet is free software: you can redistribute it and/or modify it |
6 | under the terms of the GNU Affero General Public License as published | 6 | under the terms of the GNU Affero General Public License as published |
@@ -19,6 +19,9 @@ | |||
19 | */ | 19 | */ |
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @addtogroup egos Ego management | ||
23 | * @{ | ||
24 | * | ||
22 | * @author Christian Grothoff | 25 | * @author Christian Grothoff |
23 | * | 26 | * |
24 | * @file | 27 | * @file |
@@ -42,6 +45,7 @@ | |||
42 | #ifndef GNUNET_IDENTITY_SERVICE_H | 45 | #ifndef GNUNET_IDENTITY_SERVICE_H |
43 | #define GNUNET_IDENTITY_SERVICE_H | 46 | #define GNUNET_IDENTITY_SERVICE_H |
44 | 47 | ||
48 | #include "gnunet_common.h" | ||
45 | #ifdef __cplusplus | 49 | #ifdef __cplusplus |
46 | extern "C" { | 50 | extern "C" { |
47 | #if 0 /* keep Emacsens' auto-indent happy */ | 51 | #if 0 /* keep Emacsens' auto-indent happy */ |
@@ -49,6 +53,7 @@ extern "C" { | |||
49 | #endif | 53 | #endif |
50 | #endif | 54 | #endif |
51 | 55 | ||
56 | |||
52 | #include "gnunet_util_lib.h" | 57 | #include "gnunet_util_lib.h" |
53 | 58 | ||
54 | 59 | ||
@@ -57,20 +62,6 @@ extern "C" { | |||
57 | */ | 62 | */ |
58 | #define GNUNET_IDENTITY_VERSION 0x00000100 | 63 | #define GNUNET_IDENTITY_VERSION 0x00000100 |
59 | 64 | ||
60 | enum GNUNET_IDENTITY_KeyType | ||
61 | { | ||
62 | /** | ||
63 | * The identity type. The value is the same as the | ||
64 | * PKEY record type. | ||
65 | */ | ||
66 | GNUNET_IDENTITY_TYPE_ECDSA = 65536, | ||
67 | |||
68 | /** | ||
69 | * EDDSA identity. The value is the same as the EDKEY | ||
70 | * record type. | ||
71 | */ | ||
72 | GNUNET_IDENTITY_TYPE_EDDSA = 65556 | ||
73 | }; | ||
74 | 65 | ||
75 | /** | 66 | /** |
76 | * Handle to access the identity service. | 67 | * Handle to access the identity service. |
@@ -82,90 +73,6 @@ struct GNUNET_IDENTITY_Handle; | |||
82 | */ | 73 | */ |
83 | struct GNUNET_IDENTITY_Ego; | 74 | struct GNUNET_IDENTITY_Ego; |
84 | 75 | ||
85 | // FIXME: these types are NOT packed, | ||
86 | // NOT 64-bit aligned, but used in messages!!?? | ||
87 | |||
88 | /** | ||
89 | * A private key for an identity as per LSD0001. | ||
90 | */ | ||
91 | struct GNUNET_IDENTITY_PrivateKey | ||
92 | { | ||
93 | /** | ||
94 | * Type of public key. | ||
95 | * Defined by the GNS zone type value. | ||
96 | * In NBO. | ||
97 | */ | ||
98 | uint32_t type; | ||
99 | |||
100 | union | ||
101 | { | ||
102 | /** | ||
103 | * An ECDSA identity key. | ||
104 | */ | ||
105 | struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_key; | ||
106 | |||
107 | /** | ||
108 | * AN EdDSA identtiy key | ||
109 | */ | ||
110 | struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_key; | ||
111 | }; | ||
112 | }; | ||
113 | |||
114 | |||
115 | /** | ||
116 | * An identity key as per LSD0001. | ||
117 | */ | ||
118 | struct GNUNET_IDENTITY_PublicKey | ||
119 | { | ||
120 | /** | ||
121 | * Type of public key. | ||
122 | * Defined by the GNS zone type value. | ||
123 | * In NBO. | ||
124 | */ | ||
125 | uint32_t type; | ||
126 | |||
127 | union | ||
128 | { | ||
129 | /** | ||
130 | * An ECDSA identity key. | ||
131 | */ | ||
132 | struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key; | ||
133 | |||
134 | /** | ||
135 | * AN EdDSA identtiy key | ||
136 | */ | ||
137 | struct GNUNET_CRYPTO_EddsaPublicKey eddsa_key; | ||
138 | }; | ||
139 | }; | ||
140 | |||
141 | |||
142 | /** | ||
143 | * An identity signature as per LSD0001. | ||
144 | */ | ||
145 | struct GNUNET_IDENTITY_Signature | ||
146 | { | ||
147 | /** | ||
148 | * Type of signature. | ||
149 | * Defined by the GNS zone type value. | ||
150 | * In NBO. | ||
151 | */ | ||
152 | uint32_t type; | ||
153 | |||
154 | union | ||
155 | { | ||
156 | /** | ||
157 | * An ECDSA signature | ||
158 | */ | ||
159 | struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; | ||
160 | |||
161 | /** | ||
162 | * AN EdDSA signature | ||
163 | */ | ||
164 | struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; | ||
165 | }; | ||
166 | }; | ||
167 | |||
168 | |||
169 | /** | 76 | /** |
170 | * Handle for an operation with the identity service. | 77 | * Handle for an operation with the identity service. |
171 | */ | 78 | */ |
@@ -178,7 +85,7 @@ struct GNUNET_IDENTITY_Operation; | |||
178 | * @param ego the ego | 85 | * @param ego the ego |
179 | * @return associated ECC key, valid as long as the ego is valid | 86 | * @return associated ECC key, valid as long as the ego is valid |
180 | */ | 87 | */ |
181 | const struct GNUNET_IDENTITY_PrivateKey * | 88 | const struct GNUNET_CRYPTO_PrivateKey * |
182 | GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego); | 89 | GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego); |
183 | 90 | ||
184 | 91 | ||
@@ -199,7 +106,17 @@ GNUNET_IDENTITY_ego_get_anonymous (void); | |||
199 | */ | 106 | */ |
200 | void | 107 | void |
201 | GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego, | 108 | GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego, |
202 | struct GNUNET_IDENTITY_PublicKey *pk); | 109 | struct GNUNET_CRYPTO_PublicKey *pk); |
110 | |||
111 | |||
112 | /** | ||
113 | * Obtain the name associated with an ego. | ||
114 | * | ||
115 | * @param ego the ego | ||
116 | * @return associated name, valid as long as the ego is valid | ||
117 | */ | ||
118 | const char* | ||
119 | GNUNET_IDENTITY_ego_get_name (const struct GNUNET_IDENTITY_Ego *ego); | ||
203 | 120 | ||
204 | 121 | ||
205 | /** | 122 | /** |
@@ -277,11 +194,11 @@ GNUNET_IDENTITY_get (struct GNUNET_IDENTITY_Handle *id, | |||
277 | * been completed. | 194 | * been completed. |
278 | * | 195 | * |
279 | * @param cls closure | 196 | * @param cls closure |
280 | * @param emsg NULL on success, otherwise an error message | 197 | * @param ec the #GNUNET_ErrorCode |
281 | */ | 198 | */ |
282 | typedef void | 199 | typedef void |
283 | (*GNUNET_IDENTITY_Continuation) (void *cls, | 200 | (*GNUNET_IDENTITY_Continuation) (void *cls, |
284 | const char *emsg); | 201 | enum GNUNET_ErrorCode ec); |
285 | 202 | ||
286 | 203 | ||
287 | /** | 204 | /** |
@@ -317,13 +234,13 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h); | |||
317 | * | 234 | * |
318 | * @param cls closure | 235 | * @param cls closure |
319 | * @param pk private key, NULL on error | 236 | * @param pk private key, NULL on error |
320 | * @param emsg error message, NULL on success | 237 | * @param ec the #GNUNET_ErrorCode |
321 | */ | 238 | */ |
322 | typedef void | 239 | typedef void |
323 | (*GNUNET_IDENTITY_CreateContinuation) ( | 240 | (*GNUNET_IDENTITY_CreateContinuation) ( |
324 | void *cls, | 241 | void *cls, |
325 | const struct GNUNET_IDENTITY_PrivateKey *pk, | 242 | const struct GNUNET_CRYPTO_PrivateKey *pk, |
326 | const char *emsg); | 243 | enum GNUNET_ErrorCode ec); |
327 | 244 | ||
328 | 245 | ||
329 | /** | 246 | /** |
@@ -340,8 +257,8 @@ typedef void | |||
340 | struct GNUNET_IDENTITY_Operation * | 257 | struct GNUNET_IDENTITY_Operation * |
341 | GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *id, | 258 | GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *id, |
342 | const char *name, | 259 | const char *name, |
343 | const struct GNUNET_IDENTITY_PrivateKey *privkey, | 260 | const struct GNUNET_CRYPTO_PrivateKey *privkey, |
344 | enum GNUNET_IDENTITY_KeyType ktype, | 261 | enum GNUNET_CRYPTO_KeyType ktype, |
345 | GNUNET_IDENTITY_CreateContinuation cont, | 262 | GNUNET_IDENTITY_CreateContinuation cont, |
346 | void *cont_cls); | 263 | void *cont_cls); |
347 | 264 | ||
@@ -392,378 +309,6 @@ void | |||
392 | GNUNET_IDENTITY_cancel (struct GNUNET_IDENTITY_Operation *op); | 309 | GNUNET_IDENTITY_cancel (struct GNUNET_IDENTITY_Operation *op); |
393 | 310 | ||
394 | 311 | ||
395 | /** | ||
396 | * Get the compacted length of a #GNUNET_IDENTITY_PublicKey. | ||
397 | * Compacted means that it returns the minimum number of bytes this | ||
398 | * key is long, as opposed to the union structure inside | ||
399 | * #GNUNET_IDENTITY_PublicKey. | ||
400 | * Useful for compact serializations. | ||
401 | * | ||
402 | * @param key the key. | ||
403 | * @return -1 on error, else the compacted length of the key. | ||
404 | */ | ||
405 | ssize_t | ||
406 | GNUNET_IDENTITY_key_get_length (const struct GNUNET_IDENTITY_PublicKey *key); | ||
407 | |||
408 | |||
409 | /** | ||
410 | * Reads a #GNUNET_IDENTITY_PublicKey from a compact buffer. | ||
411 | * The buffer has to contain at least the compacted length of | ||
412 | * a #GNUNET_IDENTITY_PublicKey in bytes. | ||
413 | * If the buffer is too small, the function returns -1 as error. | ||
414 | * If the buffer does not contain a valid key, it returns -2 as error. | ||
415 | * | ||
416 | * @param key the key | ||
417 | * @param buffer the buffer | ||
418 | * @param len the length of buffer | ||
419 | * @return -1 or -2 on error, else the amount of bytes read from the buffer | ||
420 | */ | ||
421 | ssize_t | ||
422 | GNUNET_IDENTITY_read_key_from_buffer (struct GNUNET_IDENTITY_PublicKey *key, | ||
423 | const void*buffer, | ||
424 | size_t len); | ||
425 | |||
426 | |||
427 | /** | ||
428 | * Writes a #GNUNET_IDENTITY_PublicKey to a compact buffer. | ||
429 | * The buffer requires space for at least the compacted length of | ||
430 | * a #GNUNET_IDENTITY_PublicKey in bytes. | ||
431 | * If the buffer is too small, the function returns -1 as error. | ||
432 | * If the key is not valid, it returns -2 as error. | ||
433 | * | ||
434 | * @param key the key | ||
435 | * @param buffer the buffer | ||
436 | * @param len the length of buffer | ||
437 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | ||
438 | */ | ||
439 | ssize_t | ||
440 | GNUNET_IDENTITY_write_key_to_buffer (const struct | ||
441 | GNUNET_IDENTITY_PublicKey *key, | ||
442 | void*buffer, | ||
443 | size_t len); | ||
444 | |||
445 | |||
446 | /** | ||
447 | * Get the compacted length of a #GNUNET_IDENTITY_Signature. | ||
448 | * Compacted means that it returns the minimum number of bytes this | ||
449 | * signature is long, as opposed to the union structure inside | ||
450 | * #GNUNET_IDENTITY_Signature. | ||
451 | * Useful for compact serializations. | ||
452 | * | ||
453 | * @param sig the signature. | ||
454 | * @return -1 on error, else the compacted length of the signature. | ||
455 | */ | ||
456 | ssize_t | ||
457 | GNUNET_IDENTITY_signature_get_length (const struct | ||
458 | GNUNET_IDENTITY_Signature *sig); | ||
459 | |||
460 | |||
461 | /** | ||
462 | * Get the compacted length of a signature by type. | ||
463 | * Compacted means that it returns the minimum number of bytes this | ||
464 | * signature is long, as opposed to the union structure inside | ||
465 | * #GNUNET_IDENTITY_Signature. | ||
466 | * Useful for compact serializations. | ||
467 | * | ||
468 | * @param sig the signature. | ||
469 | * @return -1 on error, else the compacted length of the signature. | ||
470 | */ | ||
471 | ssize_t | ||
472 | GNUNET_IDENTITY_signature_get_raw_length_by_type (const uint32_t type); | ||
473 | |||
474 | |||
475 | |||
476 | /** | ||
477 | * Reads a #GNUNET_IDENTITY_Signature from a compact buffer. | ||
478 | * The buffer has to contain at least the compacted length of | ||
479 | * a #GNUNET_IDENTITY_Signature in bytes. | ||
480 | * If the buffer is too small, the function returns -1 as error. | ||
481 | * If the buffer does not contain a valid key, it returns -2 as error. | ||
482 | * | ||
483 | * @param sig the signature | ||
484 | * @param buffer the buffer | ||
485 | * @param len the length of buffer | ||
486 | * @return -1 or -2 on error, else the amount of bytes read from the buffer | ||
487 | */ | ||
488 | ssize_t | ||
489 | GNUNET_IDENTITY_read_signature_from_buffer (struct | ||
490 | GNUNET_IDENTITY_Signature *sig, | ||
491 | const void*buffer, | ||
492 | size_t len); | ||
493 | |||
494 | |||
495 | /** | ||
496 | * Writes a #GNUNET_IDENTITY_Signature to a compact buffer. | ||
497 | * The buffer requires space for at least the compacted length of | ||
498 | * a #GNUNET_IDENTITY_Signature in bytes. | ||
499 | * If the buffer is too small, the function returns -1 as error. | ||
500 | * If the key is not valid, it returns -2 as error. | ||
501 | * | ||
502 | * @param sig the signature | ||
503 | * @param buffer the buffer | ||
504 | * @param len the length of buffer | ||
505 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | ||
506 | */ | ||
507 | ssize_t | ||
508 | GNUNET_IDENTITY_write_signature_to_buffer (const struct | ||
509 | GNUNET_IDENTITY_Signature *sig, | ||
510 | void*buffer, | ||
511 | size_t len); | ||
512 | |||
513 | |||
514 | /** | ||
515 | * @brief Sign a given block. | ||
516 | * | ||
517 | * The @a purpose data is the beginning of the data of which the signature is | ||
518 | * to be created. The `size` field in @a purpose must correctly indicate the | ||
519 | * number of bytes of the data structure, including its header. If possible, | ||
520 | * use #GNUNET_IDENTITY_sign() instead of this function. | ||
521 | * | ||
522 | * @param priv private key to use for the signing | ||
523 | * @param purpose what to sign (size, purpose) | ||
524 | * @param[out] sig where to write the signature | ||
525 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
526 | */ | ||
527 | enum GNUNET_GenericReturnValue | ||
528 | GNUNET_IDENTITY_sign_ (const struct | ||
529 | GNUNET_IDENTITY_PrivateKey *priv, | ||
530 | const struct | ||
531 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
532 | struct GNUNET_IDENTITY_Signature *sig); | ||
533 | |||
534 | /** | ||
535 | * @brief Sign a given block. | ||
536 | * | ||
537 | * The @a purpose data is the beginning of the data of which the signature is | ||
538 | * to be created. The `size` field in @a purpose must correctly indicate the | ||
539 | * number of bytes of the data structure, including its header. | ||
540 | * The signature payload and length depends on the key type. | ||
541 | * | ||
542 | * @param priv private key to use for the signing | ||
543 | * @param purpose what to sign (size, purpose) | ||
544 | * @param[out] sig where to write the signature | ||
545 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
546 | */ | ||
547 | enum GNUNET_GenericReturnValue | ||
548 | GNUNET_IDENTITY_sign_raw_ (const struct | ||
549 | GNUNET_IDENTITY_PrivateKey *priv, | ||
550 | const struct | ||
551 | GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
552 | unsigned char *sig); | ||
553 | |||
554 | |||
555 | /** | ||
556 | * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey. | ||
557 | * | ||
558 | * The @a ps data must be a fixed-size struct for which the signature is to be | ||
559 | * created. The `size` field in @a ps->purpose must correctly indicate the | ||
560 | * number of bytes of the data structure, including its header. | ||
561 | * | ||
562 | * @param priv private key to use for the signing | ||
563 | * @param ps packed struct with what to sign, MUST begin with a purpose | ||
564 | * @param[out] sig where to write the signature | ||
565 | */ | ||
566 | #define GNUNET_IDENTITY_sign(priv,ps,sig) do { \ | ||
567 | /* check size is set correctly */ \ | ||
568 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | ||
569 | /* check 'ps' begins with the purpose */ \ | ||
570 | GNUNET_static_assert (((void*) (ps)) == \ | ||
571 | ((void*) &(ps)->purpose)); \ | ||
572 | GNUNET_assert (GNUNET_OK == \ | ||
573 | GNUNET_IDENTITY_sign_ (priv, \ | ||
574 | &(ps)->purpose, \ | ||
575 | sig)); \ | ||
576 | } while (0) | ||
577 | |||
578 | |||
579 | /** | ||
580 | * @brief Verify a given signature. | ||
581 | * | ||
582 | * The @a validate data is the beginning of the data of which the signature | ||
583 | * is to be verified. The `size` field in @a validate must correctly indicate | ||
584 | * the number of bytes of the data structure, including its header. If @a | ||
585 | * purpose does not match the purpose given in @a validate (the latter must be | ||
586 | * in big endian), signature verification fails. If possible, | ||
587 | * use #GNUNET_IDENTITY_signature_verify() instead of this function (only if @a validate | ||
588 | * is not fixed-size, you must use this function directly). | ||
589 | * | ||
590 | * @param purpose what is the purpose that the signature should have? | ||
591 | * @param validate block to validate (size, purpose, data) | ||
592 | * @param sig signature that is being validated | ||
593 | * @param pub public key of the signer | ||
594 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid | ||
595 | */ | ||
596 | enum GNUNET_GenericReturnValue | ||
597 | GNUNET_IDENTITY_signature_verify_ (uint32_t purpose, | ||
598 | const struct | ||
599 | GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
600 | const struct GNUNET_IDENTITY_Signature *sig, | ||
601 | const struct | ||
602 | GNUNET_IDENTITY_PublicKey *pub); | ||
603 | |||
604 | /** | ||
605 | * @brief Verify a given signature. | ||
606 | * | ||
607 | * The @a validate data is the beginning of the data of which the signature | ||
608 | * is to be verified. The `size` field in @a validate must correctly indicate | ||
609 | * the number of bytes of the data structure, including its header. If @a | ||
610 | * purpose does not match the purpose given in @a validate (the latter must be | ||
611 | * in big endian), signature verification fails. | ||
612 | * | ||
613 | * @param purpose what is the purpose that the signature should have? | ||
614 | * @param validate block to validate (size, purpose, data) | ||
615 | * @param sig signature that is being validated | ||
616 | * @param pub public key of the signer | ||
617 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid | ||
618 | */ | ||
619 | enum GNUNET_GenericReturnValue | ||
620 | GNUNET_IDENTITY_signature_verify_raw_ (uint32_t purpose, | ||
621 | const struct | ||
622 | GNUNET_CRYPTO_EccSignaturePurpose * | ||
623 | validate, | ||
624 | const unsigned char *sig, | ||
625 | const struct | ||
626 | GNUNET_IDENTITY_PublicKey *pub); | ||
627 | |||
628 | |||
629 | /** | ||
630 | * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey. | ||
631 | * | ||
632 | * The @a ps data must be a fixed-size struct for which the signature is to be | ||
633 | * created. The `size` field in @a ps->purpose must correctly indicate the | ||
634 | * number of bytes of the data structure, including its header. | ||
635 | * | ||
636 | * @param purp purpose of the signature, must match 'ps->purpose.purpose' | ||
637 | * (except in host byte order) | ||
638 | * @param ps packed struct with what to sign, MUST begin with a purpose | ||
639 | * @param sig where to read the signature from | ||
640 | * @param pub public key to use for the verifying | ||
641 | */ | ||
642 | #define GNUNET_IDENTITY_signature_verify(purp,ps,sig,pub) ({ \ | ||
643 | /* check size is set correctly */ \ | ||
644 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | ||
645 | /* check 'ps' begins with the purpose */ \ | ||
646 | GNUNET_static_assert (((void*) (ps)) == \ | ||
647 | ((void*) &(ps)->purpose)); \ | ||
648 | GNUNET_IDENTITY_signature_verify_ (purp, \ | ||
649 | &(ps)->purpose, \ | ||
650 | sig, \ | ||
651 | pub); \ | ||
652 | }) | ||
653 | |||
654 | |||
655 | /** | ||
656 | * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a | ||
657 | * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption | ||
658 | * using ecdh to derive a symmetric key. | ||
659 | * | ||
660 | * @param block the block to encrypt | ||
661 | * @param size the size of the @a block | ||
662 | * @param pub public key to use for ecdh | ||
663 | * @param ecc where to write the ecc public key | ||
664 | * @param result the output parameter in which to store the encrypted result | ||
665 | * can be the same or overlap with @c block | ||
666 | * @returns the size of the encrypted block, -1 for errors. | ||
667 | * Due to the use of CFB and therefore an effective stream cipher, | ||
668 | * this size should be the same as @c len. | ||
669 | */ | ||
670 | ssize_t | ||
671 | GNUNET_IDENTITY_encrypt (const void *block, | ||
672 | size_t size, | ||
673 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
674 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
675 | void *result); | ||
676 | |||
677 | |||
678 | /** | ||
679 | * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given | ||
680 | * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key. | ||
681 | * | ||
682 | * @param block the data to decrypt, encoded as returned by encrypt | ||
683 | * @param size the size of the @a block to decrypt | ||
684 | * @param priv private key to use for ecdh | ||
685 | * @param ecc the ecc public key | ||
686 | * @param result address to store the result at | ||
687 | * can be the same or overlap with @c block | ||
688 | * @return -1 on failure, size of decrypted block on success. | ||
689 | * Due to the use of CFB and therefore an effective stream cipher, | ||
690 | * this size should be the same as @c size. | ||
691 | */ | ||
692 | ssize_t | ||
693 | GNUNET_IDENTITY_decrypt (const void *block, | ||
694 | size_t size, | ||
695 | const struct | ||
696 | GNUNET_IDENTITY_PrivateKey *priv, | ||
697 | const struct | ||
698 | GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
699 | void *result); | ||
700 | |||
701 | |||
702 | /** | ||
703 | * Creates a (Base32) string representation of the public key. | ||
704 | * The resulting string encodes a compacted representation of the key. | ||
705 | * See also #GNUNET_IDENTITY_key_get_length. | ||
706 | * | ||
707 | * @param key the key. | ||
708 | * @return the string representation of the key, or NULL on error. | ||
709 | */ | ||
710 | char * | ||
711 | GNUNET_IDENTITY_public_key_to_string (const struct | ||
712 | GNUNET_IDENTITY_PublicKey *key); | ||
713 | |||
714 | |||
715 | /** | ||
716 | * Creates a (Base32) string representation of the private key. | ||
717 | * The resulting string encodes a compacted representation of the key. | ||
718 | * See also #GNUNET_IDENTITY_key_get_length. | ||
719 | * | ||
720 | * @param key the key. | ||
721 | * @return the string representation of the key, or NULL on error. | ||
722 | */ | ||
723 | char * | ||
724 | GNUNET_IDENTITY_private_key_to_string (const struct | ||
725 | GNUNET_IDENTITY_PrivateKey *key); | ||
726 | |||
727 | |||
728 | /** | ||
729 | * Parses a (Base32) string representation of the public key. | ||
730 | * See also #GNUNET_IDENTITY_public_key_to_string. | ||
731 | * | ||
732 | * @param str the encoded key. | ||
733 | * @param key where to write the key. | ||
734 | * @return GNUNET_SYSERR on error. | ||
735 | */ | ||
736 | enum GNUNET_GenericReturnValue | ||
737 | GNUNET_IDENTITY_public_key_from_string (const char*str, | ||
738 | struct GNUNET_IDENTITY_PublicKey *key); | ||
739 | |||
740 | |||
741 | /** | ||
742 | * Parses a (Base32) string representation of the private key. | ||
743 | * See also #GNUNET_IDENTITY_private_key_to_string. | ||
744 | * | ||
745 | * @param str the encoded key. | ||
746 | * @param key where to write the key. | ||
747 | * @return GNUNET_SYSERR on error. | ||
748 | */ | ||
749 | enum GNUNET_GenericReturnValue | ||
750 | GNUNET_IDENTITY_private_key_from_string (const char*str, | ||
751 | struct GNUNET_IDENTITY_PrivateKey *key); | ||
752 | |||
753 | |||
754 | /** | ||
755 | * Retrieves the public key representation of a private key. | ||
756 | * | ||
757 | * @param privkey the private key. | ||
758 | * @param key the public key result. | ||
759 | * @return GNUNET_SYSERR on error. | ||
760 | */ | ||
761 | enum GNUNET_GenericReturnValue | ||
762 | GNUNET_IDENTITY_key_get_public (const struct | ||
763 | GNUNET_IDENTITY_PrivateKey *privkey, | ||
764 | struct GNUNET_IDENTITY_PublicKey *key); | ||
765 | |||
766 | |||
767 | /* ************* convenience API to lookup an ego ***************** */ | 312 | /* ************* convenience API to lookup an ego ***************** */ |
768 | 313 | ||
769 | /** | 314 | /** |
@@ -816,7 +361,7 @@ GNUNET_IDENTITY_ego_lookup_cancel (struct GNUNET_IDENTITY_EgoLookup *el); | |||
816 | typedef void | 361 | typedef void |
817 | (*GNUNET_IDENTITY_EgoSuffixCallback) ( | 362 | (*GNUNET_IDENTITY_EgoSuffixCallback) ( |
818 | void *cls, | 363 | void *cls, |
819 | const struct GNUNET_IDENTITY_PrivateKey *priv, | 364 | const struct GNUNET_CRYPTO_PrivateKey *priv, |
820 | const char *ego_name); | 365 | const char *ego_name); |
821 | 366 | ||
822 | 367 | ||
@@ -839,11 +384,11 @@ struct GNUNET_IDENTITY_EgoSuffixLookup; | |||
839 | * @return handle to abort the operation | 384 | * @return handle to abort the operation |
840 | */ | 385 | */ |
841 | struct GNUNET_IDENTITY_EgoSuffixLookup * | 386 | struct GNUNET_IDENTITY_EgoSuffixLookup * |
842 | GNUNET_IDENTITY_ego_lookup_by_suffix (const struct | 387 | GNUNET_IDENTITY_ego_lookup_by_suffix ( |
843 | GNUNET_CONFIGURATION_Handle *cfg, | 388 | const struct GNUNET_CONFIGURATION_Handle *cfg, |
844 | const char *suffix, | 389 | const char *suffix, |
845 | GNUNET_IDENTITY_EgoSuffixCallback cb, | 390 | GNUNET_IDENTITY_EgoSuffixCallback cb, |
846 | void *cb_cls); | 391 | void *cb_cls); |
847 | 392 | ||
848 | 393 | ||
849 | /** | 394 | /** |
@@ -868,4 +413,6 @@ GNUNET_IDENTITY_ego_lookup_by_suffix_cancel ( | |||
868 | 413 | ||
869 | /** @} */ /* end of group identity */ | 414 | /** @} */ /* end of group identity */ |
870 | 415 | ||
416 | /** @} */ /* end of group addition */ | ||
417 | |||
871 | /* end of gnunet_identity_service.h */ | 418 | /* end of gnunet_identity_service.h */ |