diff options
Diffstat (limited to 'src/include/gnunet_identity_service.h')
-rw-r--r-- | src/include/gnunet_identity_service.h | 575 |
1 files changed, 6 insertions, 569 deletions
diff --git a/src/include/gnunet_identity_service.h b/src/include/gnunet_identity_service.h index fd0458f62..4743dbf7e 100644 --- a/src/include/gnunet_identity_service.h +++ b/src/include/gnunet_identity_service.h | |||
@@ -62,20 +62,6 @@ extern "C" { | |||
62 | */ | 62 | */ |
63 | #define GNUNET_IDENTITY_VERSION 0x00000100 | 63 | #define GNUNET_IDENTITY_VERSION 0x00000100 |
64 | 64 | ||
65 | enum GNUNET_IDENTITY_KeyType | ||
66 | { | ||
67 | /** | ||
68 | * The identity type. The value is the same as the | ||
69 | * PKEY record type. | ||
70 | */ | ||
71 | GNUNET_IDENTITY_TYPE_ECDSA = 65536, | ||
72 | |||
73 | /** | ||
74 | * EDDSA identity. The value is the same as the EDKEY | ||
75 | * record type. | ||
76 | */ | ||
77 | GNUNET_IDENTITY_TYPE_EDDSA = 65556 | ||
78 | }; | ||
79 | 65 | ||
80 | /** | 66 | /** |
81 | * Handle to access the identity service. | 67 | * Handle to access the identity service. |
@@ -88,89 +74,6 @@ struct GNUNET_IDENTITY_Handle; | |||
88 | struct GNUNET_IDENTITY_Ego; | 74 | struct GNUNET_IDENTITY_Ego; |
89 | 75 | ||
90 | /** | 76 | /** |
91 | * A private key for an identity as per LSD0001. | ||
92 | * Note that these types are NOT packed and MUST NOT be used in RPC | ||
93 | * messages. Use the respective serialization functions. | ||
94 | */ | ||
95 | struct GNUNET_IDENTITY_PrivateKey | ||
96 | { | ||
97 | /** | ||
98 | * Type of public key. | ||
99 | * Defined by the GNS zone type value. | ||
100 | * In NBO. | ||
101 | */ | ||
102 | uint32_t type; | ||
103 | |||
104 | union | ||
105 | { | ||
106 | /** | ||
107 | * An ECDSA identity key. | ||
108 | */ | ||
109 | struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_key; | ||
110 | |||
111 | /** | ||
112 | * AN EdDSA identtiy key | ||
113 | */ | ||
114 | struct GNUNET_CRYPTO_EddsaPrivateKey eddsa_key; | ||
115 | }; | ||
116 | }; | ||
117 | |||
118 | |||
119 | /** | ||
120 | * An identity key as per LSD0001. | ||
121 | */ | ||
122 | struct GNUNET_IDENTITY_PublicKey | ||
123 | { | ||
124 | /** | ||
125 | * Type of public key. | ||
126 | * Defined by the GNS zone type value. | ||
127 | * In NBO. | ||
128 | */ | ||
129 | uint32_t type; | ||
130 | |||
131 | union | ||
132 | { | ||
133 | /** | ||
134 | * An ECDSA identity key. | ||
135 | */ | ||
136 | struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key; | ||
137 | |||
138 | /** | ||
139 | * AN EdDSA identtiy key | ||
140 | */ | ||
141 | struct GNUNET_CRYPTO_EddsaPublicKey eddsa_key; | ||
142 | }; | ||
143 | }; | ||
144 | |||
145 | |||
146 | /** | ||
147 | * An identity signature as per LSD0001. | ||
148 | */ | ||
149 | struct GNUNET_IDENTITY_Signature | ||
150 | { | ||
151 | /** | ||
152 | * Type of signature. | ||
153 | * Defined by the GNS zone type value. | ||
154 | * In NBO. | ||
155 | */ | ||
156 | uint32_t type; | ||
157 | |||
158 | union | ||
159 | { | ||
160 | /** | ||
161 | * An ECDSA signature | ||
162 | */ | ||
163 | struct GNUNET_CRYPTO_EcdsaSignature ecdsa_signature; | ||
164 | |||
165 | /** | ||
166 | * AN EdDSA signature | ||
167 | */ | ||
168 | struct GNUNET_CRYPTO_EddsaSignature eddsa_signature; | ||
169 | }; | ||
170 | }; | ||
171 | |||
172 | |||
173 | /** | ||
174 | * Handle for an operation with the identity service. | 77 | * Handle for an operation with the identity service. |
175 | */ | 78 | */ |
176 | struct GNUNET_IDENTITY_Operation; | 79 | struct GNUNET_IDENTITY_Operation; |
@@ -182,7 +85,7 @@ struct GNUNET_IDENTITY_Operation; | |||
182 | * @param ego the ego | 85 | * @param ego the ego |
183 | * @return associated ECC key, valid as long as the ego is valid | 86 | * @return associated ECC key, valid as long as the ego is valid |
184 | */ | 87 | */ |
185 | const struct GNUNET_IDENTITY_PrivateKey * | 88 | const struct GNUNET_CRYPTO_PrivateKey * |
186 | GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego); | 89 | GNUNET_IDENTITY_ego_get_private_key (const struct GNUNET_IDENTITY_Ego *ego); |
187 | 90 | ||
188 | 91 | ||
@@ -203,7 +106,7 @@ GNUNET_IDENTITY_ego_get_anonymous (void); | |||
203 | */ | 106 | */ |
204 | void | 107 | void |
205 | GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego, | 108 | GNUNET_IDENTITY_ego_get_public_key (struct GNUNET_IDENTITY_Ego *ego, |
206 | struct GNUNET_IDENTITY_PublicKey *pk); | 109 | struct GNUNET_CRYPTO_PublicKey *pk); |
207 | 110 | ||
208 | 111 | ||
209 | /** | 112 | /** |
@@ -326,7 +229,7 @@ GNUNET_IDENTITY_disconnect (struct GNUNET_IDENTITY_Handle *h); | |||
326 | typedef void | 229 | typedef void |
327 | (*GNUNET_IDENTITY_CreateContinuation) ( | 230 | (*GNUNET_IDENTITY_CreateContinuation) ( |
328 | void *cls, | 231 | void *cls, |
329 | const struct GNUNET_IDENTITY_PrivateKey *pk, | 232 | const struct GNUNET_CRYPTO_PrivateKey *pk, |
330 | enum GNUNET_ErrorCode ec); | 233 | enum GNUNET_ErrorCode ec); |
331 | 234 | ||
332 | 235 | ||
@@ -344,8 +247,8 @@ typedef void | |||
344 | struct GNUNET_IDENTITY_Operation * | 247 | struct GNUNET_IDENTITY_Operation * |
345 | GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *id, | 248 | GNUNET_IDENTITY_create (struct GNUNET_IDENTITY_Handle *id, |
346 | const char *name, | 249 | const char *name, |
347 | const struct GNUNET_IDENTITY_PrivateKey *privkey, | 250 | const struct GNUNET_CRYPTO_PrivateKey *privkey, |
348 | enum GNUNET_IDENTITY_KeyType ktype, | 251 | enum GNUNET_CRYPTO_KeyType ktype, |
349 | GNUNET_IDENTITY_CreateContinuation cont, | 252 | GNUNET_IDENTITY_CreateContinuation cont, |
350 | void *cont_cls); | 253 | void *cont_cls); |
351 | 254 | ||
@@ -396,472 +299,6 @@ void | |||
396 | GNUNET_IDENTITY_cancel (struct GNUNET_IDENTITY_Operation *op); | 299 | GNUNET_IDENTITY_cancel (struct GNUNET_IDENTITY_Operation *op); |
397 | 300 | ||
398 | 301 | ||
399 | /** | ||
400 | * Get the compacted length of a #GNUNET_IDENTITY_PublicKey. | ||
401 | * Compacted means that it returns the minimum number of bytes this | ||
402 | * key is long, as opposed to the union structure inside | ||
403 | * #GNUNET_IDENTITY_PublicKey. | ||
404 | * Useful for compact serializations. | ||
405 | * | ||
406 | * @param key the key. | ||
407 | * @return -1 on error, else the compacted length of the key. | ||
408 | */ | ||
409 | ssize_t | ||
410 | GNUNET_IDENTITY_public_key_get_length (const struct | ||
411 | GNUNET_IDENTITY_PublicKey *key); | ||
412 | |||
413 | /** | ||
414 | * Reads a #GNUNET_IDENTITY_PublicKey from a compact buffer. | ||
415 | * The buffer has to contain at least the compacted length of | ||
416 | * a #GNUNET_IDENTITY_PublicKey in bytes. | ||
417 | * If the buffer is too small, the function returns -1 as error. | ||
418 | * If the buffer does not contain a valid key, it returns -2 as error. | ||
419 | * | ||
420 | * @param buffer the buffer | ||
421 | * @param len the length of buffer | ||
422 | * @param key the key | ||
423 | * @param the amount of bytes read from the buffer | ||
424 | * @return #GNUNET_SYSERR on error | ||
425 | */ | ||
426 | enum GNUNET_GenericReturnValue | ||
427 | GNUNET_IDENTITY_read_public_key_from_buffer ( | ||
428 | const void *buffer, | ||
429 | size_t len, | ||
430 | struct GNUNET_IDENTITY_PublicKey *key, | ||
431 | size_t *read); | ||
432 | |||
433 | /** | ||
434 | * Get the compacted length of a #GNUNET_IDENTITY_PrivateKey. | ||
435 | * Compacted means that it returns the minimum number of bytes this | ||
436 | * key is long, as opposed to the union structure inside | ||
437 | * #GNUNET_IDENTITY_PrivateKey. | ||
438 | * Useful for compact serializations. | ||
439 | * | ||
440 | * @param key the key. | ||
441 | * @return -1 on error, else the compacted length of the key. | ||
442 | */ | ||
443 | ssize_t | ||
444 | GNUNET_IDENTITY_private_key_get_length ( | ||
445 | const struct GNUNET_IDENTITY_PrivateKey *key); | ||
446 | |||
447 | |||
448 | /** | ||
449 | * Writes a #GNUNET_IDENTITY_PublicKey to a compact buffer. | ||
450 | * The buffer requires space for at least the compacted length of | ||
451 | * a #GNUNET_IDENTITY_PublicKey in bytes. | ||
452 | * If the buffer is too small, the function returns -1 as error. | ||
453 | * If the key is not valid, it returns -2 as error. | ||
454 | * | ||
455 | * @param key the key | ||
456 | * @param buffer the buffer | ||
457 | * @param len the length of buffer | ||
458 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | ||
459 | */ | ||
460 | ssize_t | ||
461 | GNUNET_IDENTITY_write_public_key_to_buffer (const struct | ||
462 | GNUNET_IDENTITY_PublicKey *key, | ||
463 | void*buffer, | ||
464 | size_t len); | ||
465 | |||
466 | |||
467 | /** | ||
468 | * Reads a #GNUNET_IDENTITY_PrivateKey from a compact buffer. | ||
469 | * The buffer has to contain at least the compacted length of | ||
470 | * a #GNUNET_IDENTITY_PrivateKey in bytes. | ||
471 | * If the buffer is too small, the function returns GNUNET_SYSERR as error. | ||
472 | * | ||
473 | * @param buffer the buffer | ||
474 | * @param len the length of buffer | ||
475 | * @param key the key | ||
476 | * @param the amount of bytes read from the buffer | ||
477 | * @return #GNUNET_SYSERR on error | ||
478 | */ | ||
479 | enum GNUNET_GenericReturnValue | ||
480 | GNUNET_IDENTITY_read_private_key_from_buffer ( | ||
481 | const void*buffer, | ||
482 | size_t len, | ||
483 | struct GNUNET_IDENTITY_PrivateKey *key, | ||
484 | size_t *read); | ||
485 | |||
486 | |||
487 | /** | ||
488 | * Writes a #GNUNET_IDENTITY_PrivateKey to a compact buffer. | ||
489 | * The buffer requires space for at least the compacted length of | ||
490 | * a #GNUNET_IDENTITY_PrivateKey in bytes. | ||
491 | * If the buffer is too small, the function returns -1 as error. | ||
492 | * If the key is not valid, it returns -2 as error. | ||
493 | * | ||
494 | * @param key the key | ||
495 | * @param buffer the buffer | ||
496 | * @param len the length of buffer | ||
497 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | ||
498 | */ | ||
499 | ssize_t | ||
500 | GNUNET_IDENTITY_write_private_key_to_buffer ( | ||
501 | const struct GNUNET_IDENTITY_PrivateKey *key, | ||
502 | void*buffer, | ||
503 | size_t len); | ||
504 | |||
505 | |||
506 | /** | ||
507 | * Get the compacted length of a #GNUNET_IDENTITY_Signature. | ||
508 | * Compacted means that it returns the minimum number of bytes this | ||
509 | * signature is long, as opposed to the union structure inside | ||
510 | * #GNUNET_IDENTITY_Signature. | ||
511 | * Useful for compact serializations. | ||
512 | * | ||
513 | * @param sig the signature. | ||
514 | * @return -1 on error, else the compacted length of the signature. | ||
515 | */ | ||
516 | ssize_t | ||
517 | GNUNET_IDENTITY_signature_get_length ( | ||
518 | const struct GNUNET_IDENTITY_Signature *sig); | ||
519 | |||
520 | |||
521 | /** | ||
522 | * Get the compacted length of a signature by type. | ||
523 | * Compacted means that it returns the minimum number of bytes this | ||
524 | * signature is long, as opposed to the union structure inside | ||
525 | * #GNUNET_IDENTITY_Signature. | ||
526 | * Useful for compact serializations. | ||
527 | * | ||
528 | * @param sig the signature. | ||
529 | * @return -1 on error, else the compacted length of the signature. | ||
530 | */ | ||
531 | ssize_t | ||
532 | GNUNET_IDENTITY_signature_get_raw_length_by_type (uint32_t type); | ||
533 | |||
534 | |||
535 | /** | ||
536 | * Reads a #GNUNET_IDENTITY_Signature from a compact buffer. | ||
537 | * The buffer has to contain at least the compacted length of | ||
538 | * a #GNUNET_IDENTITY_Signature in bytes. | ||
539 | * If the buffer is too small, the function returns -1 as error. | ||
540 | * If the buffer does not contain a valid key, it returns -2 as error. | ||
541 | * | ||
542 | * @param sig the signature | ||
543 | * @param buffer the buffer | ||
544 | * @param len the length of buffer | ||
545 | * @return -1 or -2 on error, else the amount of bytes read from the buffer | ||
546 | */ | ||
547 | ssize_t | ||
548 | GNUNET_IDENTITY_read_signature_from_buffer ( | ||
549 | struct GNUNET_IDENTITY_Signature *sig, | ||
550 | const void*buffer, | ||
551 | size_t len); | ||
552 | |||
553 | |||
554 | /** | ||
555 | * Writes a #GNUNET_IDENTITY_Signature to a compact buffer. | ||
556 | * The buffer requires space for at least the compacted length of | ||
557 | * a #GNUNET_IDENTITY_Signature in bytes. | ||
558 | * If the buffer is too small, the function returns -1 as error. | ||
559 | * If the key is not valid, it returns -2 as error. | ||
560 | * | ||
561 | * @param sig the signature | ||
562 | * @param buffer the buffer | ||
563 | * @param len the length of buffer | ||
564 | * @return -1 or -2 on error, else the amount of bytes written to the buffer | ||
565 | */ | ||
566 | ssize_t | ||
567 | GNUNET_IDENTITY_write_signature_to_buffer ( | ||
568 | const struct GNUNET_IDENTITY_Signature *sig, | ||
569 | void*buffer, | ||
570 | size_t len); | ||
571 | |||
572 | |||
573 | /** | ||
574 | * @brief Sign a given block. | ||
575 | * | ||
576 | * The @a purpose data is the beginning of the data of which the signature is | ||
577 | * to be created. The `size` field in @a purpose must correctly indicate the | ||
578 | * number of bytes of the data structure, including its header. If possible, | ||
579 | * use #GNUNET_IDENTITY_sign() instead of this function. | ||
580 | * | ||
581 | * @param priv private key to use for the signing | ||
582 | * @param purpose what to sign (size, purpose) | ||
583 | * @param[out] sig where to write the signature | ||
584 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
585 | */ | ||
586 | enum GNUNET_GenericReturnValue | ||
587 | GNUNET_IDENTITY_sign_ ( | ||
588 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
589 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
590 | struct GNUNET_IDENTITY_Signature *sig); | ||
591 | |||
592 | /** | ||
593 | * @brief Sign a given block. | ||
594 | * | ||
595 | * The @a purpose data is the beginning of the data of which the signature is | ||
596 | * to be created. The `size` field in @a purpose must correctly indicate the | ||
597 | * number of bytes of the data structure, including its header. | ||
598 | * The signature payload and length depends on the key type. | ||
599 | * | ||
600 | * @param priv private key to use for the signing | ||
601 | * @param purpose what to sign (size, purpose) | ||
602 | * @param[out] sig where to write the signature | ||
603 | * @return #GNUNET_SYSERR on error, #GNUNET_OK on success | ||
604 | */ | ||
605 | enum GNUNET_GenericReturnValue | ||
606 | GNUNET_IDENTITY_sign_raw_ ( | ||
607 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
608 | const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, | ||
609 | unsigned char *sig); | ||
610 | |||
611 | |||
612 | /** | ||
613 | * @brief Sign a given block with #GNUNET_IDENTITY_PrivateKey. | ||
614 | * | ||
615 | * The @a ps data must be a fixed-size struct for which the signature is to be | ||
616 | * created. The `size` field in @a ps->purpose must correctly indicate the | ||
617 | * number of bytes of the data structure, including its header. | ||
618 | * | ||
619 | * @param priv private key to use for the signing | ||
620 | * @param ps packed struct with what to sign, MUST begin with a purpose | ||
621 | * @param[out] sig where to write the signature | ||
622 | */ | ||
623 | #define GNUNET_IDENTITY_sign(priv,ps,sig) do { \ | ||
624 | /* check size is set correctly */ \ | ||
625 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | ||
626 | /* check 'ps' begins with the purpose */ \ | ||
627 | GNUNET_static_assert (((void*) (ps)) == \ | ||
628 | ((void*) &(ps)->purpose)); \ | ||
629 | GNUNET_assert (GNUNET_OK == \ | ||
630 | GNUNET_IDENTITY_sign_ (priv, \ | ||
631 | &(ps)->purpose, \ | ||
632 | sig)); \ | ||
633 | } while (0) | ||
634 | |||
635 | |||
636 | /** | ||
637 | * @brief Verify a given signature. | ||
638 | * | ||
639 | * The @a validate data is the beginning of the data of which the signature | ||
640 | * is to be verified. The `size` field in @a validate must correctly indicate | ||
641 | * the number of bytes of the data structure, including its header. If @a | ||
642 | * purpose does not match the purpose given in @a validate (the latter must be | ||
643 | * in big endian), signature verification fails. If possible, | ||
644 | * use #GNUNET_IDENTITY_signature_verify() instead of this function (only if @a validate | ||
645 | * is not fixed-size, you must use this function directly). | ||
646 | * | ||
647 | * @param purpose what is the purpose that the signature should have? | ||
648 | * @param validate block to validate (size, purpose, data) | ||
649 | * @param sig signature that is being validated | ||
650 | * @param pub public key of the signer | ||
651 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid | ||
652 | */ | ||
653 | enum GNUNET_GenericReturnValue | ||
654 | GNUNET_IDENTITY_signature_verify_ ( | ||
655 | uint32_t purpose, | ||
656 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
657 | const struct GNUNET_IDENTITY_Signature *sig, | ||
658 | const struct GNUNET_IDENTITY_PublicKey *pub); | ||
659 | |||
660 | /** | ||
661 | * @brief Verify a given signature. | ||
662 | * | ||
663 | * The @a validate data is the beginning of the data of which the signature | ||
664 | * is to be verified. The `size` field in @a validate must correctly indicate | ||
665 | * the number of bytes of the data structure, including its header. If @a | ||
666 | * purpose does not match the purpose given in @a validate (the latter must be | ||
667 | * in big endian), signature verification fails. | ||
668 | * | ||
669 | * @param purpose what is the purpose that the signature should have? | ||
670 | * @param validate block to validate (size, purpose, data) | ||
671 | * @param sig signature that is being validated | ||
672 | * @param pub public key of the signer | ||
673 | * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid | ||
674 | */ | ||
675 | enum GNUNET_GenericReturnValue | ||
676 | GNUNET_IDENTITY_signature_verify_raw_ ( | ||
677 | uint32_t purpose, | ||
678 | const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, | ||
679 | const unsigned char *sig, | ||
680 | const struct GNUNET_IDENTITY_PublicKey *pub); | ||
681 | |||
682 | |||
683 | /** | ||
684 | * @brief Verify a given signature with #GNUNET_IDENTITY_PublicKey. | ||
685 | * | ||
686 | * The @a ps data must be a fixed-size struct for which the signature is to be | ||
687 | * created. The `size` field in @a ps->purpose must correctly indicate the | ||
688 | * number of bytes of the data structure, including its header. | ||
689 | * | ||
690 | * @param purp purpose of the signature, must match 'ps->purpose.purpose' | ||
691 | * (except in host byte order) | ||
692 | * @param ps packed struct with what to sign, MUST begin with a purpose | ||
693 | * @param sig where to read the signature from | ||
694 | * @param pub public key to use for the verifying | ||
695 | */ | ||
696 | #define GNUNET_IDENTITY_signature_verify(purp,ps,sig,pub) ({ \ | ||
697 | /* check size is set correctly */ \ | ||
698 | GNUNET_assert (ntohl ((ps)->purpose.size) == sizeof (*(ps))); \ | ||
699 | /* check 'ps' begins with the purpose */ \ | ||
700 | GNUNET_static_assert (((void*) (ps)) == \ | ||
701 | ((void*) &(ps)->purpose)); \ | ||
702 | GNUNET_IDENTITY_signature_verify_ (purp, \ | ||
703 | &(ps)->purpose, \ | ||
704 | sig, \ | ||
705 | pub); \ | ||
706 | }) | ||
707 | |||
708 | |||
709 | /** | ||
710 | * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a | ||
711 | * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption | ||
712 | * using ecdh to derive a symmetric key. | ||
713 | * | ||
714 | * @param block the block to encrypt | ||
715 | * @param size the size of the @a block | ||
716 | * @param pub public key to use for ecdh | ||
717 | * @param ecc where to write the ecc public key | ||
718 | * @param result the output parameter in which to store the encrypted result | ||
719 | * can be the same or overlap with @c block | ||
720 | * @returns the size of the encrypted block, -1 for errors. | ||
721 | * Due to the use of CFB and therefore an effective stream cipher, | ||
722 | * this size should be the same as @c len. | ||
723 | */ | ||
724 | ssize_t | ||
725 | GNUNET_IDENTITY_encrypt_old (const void *block, | ||
726 | size_t size, | ||
727 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
728 | struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
729 | void *result); | ||
730 | |||
731 | |||
732 | /** | ||
733 | * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given | ||
734 | * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key. | ||
735 | * | ||
736 | * @param block the data to decrypt, encoded as returned by encrypt | ||
737 | * @param size the size of the @a block to decrypt | ||
738 | * @param priv private key to use for ecdh | ||
739 | * @param ecc the ecc public key | ||
740 | * @param result address to store the result at | ||
741 | * can be the same or overlap with @c block | ||
742 | * @return -1 on failure, size of decrypted block on success. | ||
743 | * Due to the use of CFB and therefore an effective stream cipher, | ||
744 | * this size should be the same as @c size. | ||
745 | */ | ||
746 | ssize_t | ||
747 | GNUNET_IDENTITY_decrypt_old ( | ||
748 | const void *block, | ||
749 | size_t size, | ||
750 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
751 | const struct GNUNET_CRYPTO_EcdhePublicKey *ecc, | ||
752 | void *result); | ||
753 | |||
754 | #define GNUNET_IDENTITY_ENCRYPT_OVERHEAD_BYTES (crypto_secretbox_MACBYTES \ | ||
755 | + sizeof (struct \ | ||
756 | GNUNET_CRYPTO_FoKemC)) | ||
757 | |||
758 | /** | ||
759 | * Encrypt a block with #GNUNET_IDENTITY_PublicKey and derives a | ||
760 | * #GNUNET_CRYPTO_EcdhePublicKey which is required for decryption | ||
761 | * using ecdh to derive a symmetric key. | ||
762 | * | ||
763 | * Note that the result buffer for the ciphertext must be the length of | ||
764 | * the message to encrypt plus #GNUNET_IDENTITY_ENCRYPT_OVERHEAD_BYTES. | ||
765 | * | ||
766 | * @param block the block to encrypt | ||
767 | * @param size the size of the @a block | ||
768 | * @param pub public key to encrypt for | ||
769 | * @param result the output parameter in which to store the encrypted result | ||
770 | * can be the same or overlap with @c block | ||
771 | * @returns GNUNET_OK on success. | ||
772 | */ | ||
773 | enum GNUNET_GenericReturnValue | ||
774 | GNUNET_IDENTITY_encrypt (const void *block, | ||
775 | size_t size, | ||
776 | const struct GNUNET_IDENTITY_PublicKey *pub, | ||
777 | void *result, | ||
778 | size_t result_size); | ||
779 | |||
780 | |||
781 | /** | ||
782 | * Decrypt a given block with #GNUNET_IDENTITY_PrivateKey and a given | ||
783 | * #GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key. | ||
784 | * | ||
785 | * @param block the data to decrypt, encoded as returned by encrypt | ||
786 | * @param size the size of the @a block to decrypt | ||
787 | * @param priv private key to use for ecdh | ||
788 | * @param result address to store the result at | ||
789 | * can be the same or overlap with @c block | ||
790 | * @returns GNUNET_OK on success. | ||
791 | */ | ||
792 | enum GNUNET_GenericReturnValue | ||
793 | GNUNET_IDENTITY_decrypt (const void *block, | ||
794 | size_t size, | ||
795 | const struct GNUNET_IDENTITY_PrivateKey *priv, | ||
796 | void *result, | ||
797 | size_t result_size); | ||
798 | |||
799 | |||
800 | /** | ||
801 | * Creates a (Base32) string representation of the public key. | ||
802 | * The resulting string encodes a compacted representation of the key. | ||
803 | * See also #GNUNET_IDENTITY_key_get_length. | ||
804 | * | ||
805 | * @param key the key. | ||
806 | * @return the string representation of the key, or NULL on error. | ||
807 | */ | ||
808 | char * | ||
809 | GNUNET_IDENTITY_public_key_to_string ( | ||
810 | const struct GNUNET_IDENTITY_PublicKey *key); | ||
811 | |||
812 | |||
813 | /** | ||
814 | * Creates a (Base32) string representation of the private key. | ||
815 | * The resulting string encodes a compacted representation of the key. | ||
816 | * See also #GNUNET_IDENTITY_key_get_length. | ||
817 | * | ||
818 | * @param key the key. | ||
819 | * @return the string representation of the key, or NULL on error. | ||
820 | */ | ||
821 | char * | ||
822 | GNUNET_IDENTITY_private_key_to_string ( | ||
823 | const struct GNUNET_IDENTITY_PrivateKey *key); | ||
824 | |||
825 | |||
826 | /** | ||
827 | * Parses a (Base32) string representation of the public key. | ||
828 | * See also #GNUNET_IDENTITY_public_key_to_string. | ||
829 | * | ||
830 | * @param str the encoded key. | ||
831 | * @param key where to write the key. | ||
832 | * @return GNUNET_SYSERR on error. | ||
833 | */ | ||
834 | enum GNUNET_GenericReturnValue | ||
835 | GNUNET_IDENTITY_public_key_from_string (const char*str, | ||
836 | struct GNUNET_IDENTITY_PublicKey *key); | ||
837 | |||
838 | |||
839 | /** | ||
840 | * Parses a (Base32) string representation of the private key. | ||
841 | * See also #GNUNET_IDENTITY_private_key_to_string. | ||
842 | * | ||
843 | * @param str the encoded key. | ||
844 | * @param key where to write the key. | ||
845 | * @return GNUNET_SYSERR on error. | ||
846 | */ | ||
847 | enum GNUNET_GenericReturnValue | ||
848 | GNUNET_IDENTITY_private_key_from_string (const char*str, | ||
849 | struct GNUNET_IDENTITY_PrivateKey *key); | ||
850 | |||
851 | |||
852 | /** | ||
853 | * Retrieves the public key representation of a private key. | ||
854 | * | ||
855 | * @param privkey the private key. | ||
856 | * @param key the public key result. | ||
857 | * @return GNUNET_SYSERR on error. | ||
858 | */ | ||
859 | enum GNUNET_GenericReturnValue | ||
860 | GNUNET_IDENTITY_key_get_public (const struct | ||
861 | GNUNET_IDENTITY_PrivateKey *privkey, | ||
862 | struct GNUNET_IDENTITY_PublicKey *key); | ||
863 | |||
864 | |||
865 | /* ************* convenience API to lookup an ego ***************** */ | 302 | /* ************* convenience API to lookup an ego ***************** */ |
866 | 303 | ||
867 | /** | 304 | /** |
@@ -914,7 +351,7 @@ GNUNET_IDENTITY_ego_lookup_cancel (struct GNUNET_IDENTITY_EgoLookup *el); | |||
914 | typedef void | 351 | typedef void |
915 | (*GNUNET_IDENTITY_EgoSuffixCallback) ( | 352 | (*GNUNET_IDENTITY_EgoSuffixCallback) ( |
916 | void *cls, | 353 | void *cls, |
917 | const struct GNUNET_IDENTITY_PrivateKey *priv, | 354 | const struct GNUNET_CRYPTO_PrivateKey *priv, |
918 | const char *ego_name); | 355 | const char *ego_name); |
919 | 356 | ||
920 | 357 | ||