summaryrefslogtreecommitdiff
path: root/src/util/crypto_ecc.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/util/crypto_ecc.c')
-rw-r--r--src/util/crypto_ecc.c1416
1 files changed, 708 insertions, 708 deletions
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 9e6f533f3..d954dfd98 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -16,7 +16,7 @@
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19*/ 19 */
20 20
21/** 21/**
22 * @file util/crypto_ecc.c 22 * @file util/crypto_ecc.c
@@ -39,13 +39,13 @@
39 */ 39 */
40#define CURVE "Ed25519" 40#define CURVE "Ed25519"
41 41
42#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__) 42#define LOG(kind, ...) GNUNET_log_from(kind, "util-crypto-ecc", __VA_ARGS__)
43 43
44#define LOG_STRERROR(kind, syscall) \ 44#define LOG_STRERROR(kind, syscall) \
45 GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall) 45 GNUNET_log_from_strerror(kind, "util-crypto-ecc", syscall)
46 46
47#define LOG_STRERROR_FILE(kind, syscall, filename) \ 47#define LOG_STRERROR_FILE(kind, syscall, filename) \
48 GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename) 48 GNUNET_log_from_strerror_file(kind, "util-crypto-ecc", syscall, filename)
49 49
50/** 50/**
51 * Log an error message at log-level 'level' that indicates 51 * Log an error message at log-level 'level' that indicates
@@ -54,14 +54,14 @@
54 */ 54 */
55#define LOG_GCRY(level, cmd, rc) \ 55#define LOG_GCRY(level, cmd, rc) \
56 do \ 56 do \
57 { \ 57 { \
58 LOG (level, \ 58 LOG(level, \
59 _ ("`%s' failed at %s:%d with error: %s\n"), \ 59 _("`%s' failed at %s:%d with error: %s\n"), \
60 cmd, \ 60 cmd, \
61 __FILE__, \ 61 __FILE__, \
62 __LINE__, \ 62 __LINE__, \
63 gcry_strerror (rc)); \ 63 gcry_strerror(rc)); \
64 } while (0) 64 } while (0)
65 65
66 66
67/** 67/**
@@ -74,10 +74,10 @@
74 * @return 0 on success 74 * @return 0 on success
75 */ 75 */
76static int 76static int
77key_from_sexp (gcry_mpi_t *array, 77key_from_sexp(gcry_mpi_t *array,
78 gcry_sexp_t sexp, 78 gcry_sexp_t sexp,
79 const char *topname, 79 const char *topname,
80 const char *elems) 80 const char *elems)
81{ 81{
82 gcry_sexp_t list; 82 gcry_sexp_t list;
83 gcry_sexp_t l2; 83 gcry_sexp_t l2;
@@ -85,43 +85,43 @@ key_from_sexp (gcry_mpi_t *array,
85 unsigned int i; 85 unsigned int i;
86 unsigned int idx; 86 unsigned int idx;
87 87
88 list = gcry_sexp_find_token (sexp, topname, 0); 88 list = gcry_sexp_find_token(sexp, topname, 0);
89 if (! list) 89 if (!list)
90 return 1; 90 return 1;
91 l2 = gcry_sexp_cadr (list); 91 l2 = gcry_sexp_cadr(list);
92 gcry_sexp_release (list); 92 gcry_sexp_release(list);
93 list = l2; 93 list = l2;
94 if (! list) 94 if (!list)
95 return 2; 95 return 2;
96 96
97 idx = 0; 97 idx = 0;
98 for (s = elems; *s; s++, idx++) 98 for (s = elems; *s; s++, idx++)
99 {
100 l2 = gcry_sexp_find_token (list, s, 1);
101 if (! l2)
102 {
103 for (i = 0; i < idx; i++)
104 {
105 gcry_free (array[i]);
106 array[i] = NULL;
107 }
108 gcry_sexp_release (list);
109 return 3; /* required parameter not found */
110 }
111 array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
112 gcry_sexp_release (l2);
113 if (! array[idx])
114 { 99 {
115 for (i = 0; i < idx; i++) 100 l2 = gcry_sexp_find_token(list, s, 1);
116 { 101 if (!l2)
117 gcry_free (array[i]); 102 {
118 array[i] = NULL; 103 for (i = 0; i < idx; i++)
119 } 104 {
120 gcry_sexp_release (list); 105 gcry_free(array[i]);
121 return 4; /* required parameter is invalid */ 106 array[i] = NULL;
107 }
108 gcry_sexp_release(list);
109 return 3; /* required parameter not found */
110 }
111 array[idx] = gcry_sexp_nth_mpi(l2, 1, GCRYMPI_FMT_USG);
112 gcry_sexp_release(l2);
113 if (!array[idx])
114 {
115 for (i = 0; i < idx; i++)
116 {
117 gcry_free(array[i]);
118 array[i] = NULL;
119 }
120 gcry_sexp_release(list);
121 return 4; /* required parameter is invalid */
122 }
122 } 123 }
123 } 124 gcry_sexp_release(list);
124 gcry_sexp_release (list);
125 return 0; 125 return 0;
126} 126}
127 127
@@ -134,28 +134,28 @@ key_from_sexp (gcry_mpi_t *array,
134 * @return NULL on error 134 * @return NULL on error
135 */ 135 */
136static gcry_sexp_t 136static gcry_sexp_t
137decode_private_ecdsa_key (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv) 137decode_private_ecdsa_key(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
138{ 138{
139 gcry_sexp_t result; 139 gcry_sexp_t result;
140 int rc; 140 int rc;
141 141
142 rc = gcry_sexp_build (&result, 142 rc = gcry_sexp_build(&result,
143 NULL, 143 NULL,
144 "(private-key(ecc(curve \"" CURVE "\")" 144 "(private-key(ecc(curve \"" CURVE "\")"
145 "(d %b)))", 145 "(d %b)))",
146 (int) sizeof (priv->d), 146 (int)sizeof(priv->d),
147 priv->d); 147 priv->d);
148 if (0 != rc) 148 if (0 != rc)
149 { 149 {
150 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 150 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
151 GNUNET_assert (0); 151 GNUNET_assert(0);
152 } 152 }
153#if EXTRA_CHECKS 153#if EXTRA_CHECKS
154 if (0 != (rc = gcry_pk_testkey (result))) 154 if (0 != (rc = gcry_pk_testkey(result)))
155 { 155 {
156 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); 156 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
157 GNUNET_assert (0); 157 GNUNET_assert(0);
158 } 158 }
159#endif 159#endif
160 return result; 160 return result;
161} 161}
@@ -169,28 +169,28 @@ decode_private_ecdsa_key (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
169 * @return NULL on error 169 * @return NULL on error
170 */ 170 */
171static gcry_sexp_t 171static gcry_sexp_t
172decode_private_eddsa_key (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv) 172decode_private_eddsa_key(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
173{ 173{
174 gcry_sexp_t result; 174 gcry_sexp_t result;
175 int rc; 175 int rc;
176 176
177 rc = gcry_sexp_build (&result, 177 rc = gcry_sexp_build(&result,
178 NULL, 178 NULL,
179 "(private-key(ecc(curve \"" CURVE "\")" 179 "(private-key(ecc(curve \"" CURVE "\")"
180 "(flags eddsa)(d %b)))", 180 "(flags eddsa)(d %b)))",
181 (int) sizeof (priv->d), 181 (int)sizeof(priv->d),
182 priv->d); 182 priv->d);
183 if (0 != rc) 183 if (0 != rc)
184 { 184 {
185 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 185 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
186 GNUNET_assert (0); 186 GNUNET_assert(0);
187 } 187 }
188#if EXTRA_CHECKS 188#if EXTRA_CHECKS
189 if (0 != (rc = gcry_pk_testkey (result))) 189 if (0 != (rc = gcry_pk_testkey(result)))
190 { 190 {
191 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); 191 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
192 GNUNET_assert (0); 192 GNUNET_assert(0);
193 } 193 }
194#endif 194#endif
195 return result; 195 return result;
196} 196}
@@ -204,28 +204,28 @@ decode_private_eddsa_key (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
204 * @return NULL on error 204 * @return NULL on error
205 */ 205 */
206static gcry_sexp_t 206static gcry_sexp_t
207decode_private_ecdhe_key (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv) 207decode_private_ecdhe_key(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv)
208{ 208{
209 gcry_sexp_t result; 209 gcry_sexp_t result;
210 int rc; 210 int rc;
211 211
212 rc = gcry_sexp_build (&result, 212 rc = gcry_sexp_build(&result,
213 NULL, 213 NULL,
214 "(private-key(ecc(curve \"" CURVE "\")" 214 "(private-key(ecc(curve \"" CURVE "\")"
215 "(d %b)))", 215 "(d %b)))",
216 (int) sizeof (priv->d), 216 (int)sizeof(priv->d),
217 priv->d); 217 priv->d);
218 if (0 != rc) 218 if (0 != rc)
219 { 219 {
220 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 220 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
221 GNUNET_assert (0); 221 GNUNET_assert(0);
222 } 222 }
223#if EXTRA_CHECKS 223#if EXTRA_CHECKS
224 if (0 != (rc = gcry_pk_testkey (result))) 224 if (0 != (rc = gcry_pk_testkey(result)))
225 { 225 {
226 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); 226 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
227 GNUNET_assert (0); 227 GNUNET_assert(0);
228 } 228 }
229#endif 229#endif
230 return result; 230 return result;
231} 231}
@@ -238,7 +238,7 @@ decode_private_ecdhe_key (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv)
238 * @param pub where to write the public key 238 * @param pub where to write the public key
239 */ 239 */
240void 240void
241GNUNET_CRYPTO_ecdsa_key_get_public ( 241GNUNET_CRYPTO_ecdsa_key_get_public(
242 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 242 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
243 struct GNUNET_CRYPTO_EcdsaPublicKey *pub) 243 struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
244{ 244{
@@ -246,19 +246,19 @@ GNUNET_CRYPTO_ecdsa_key_get_public (
246 gcry_ctx_t ctx; 246 gcry_ctx_t ctx;
247 gcry_mpi_t q; 247 gcry_mpi_t q;
248 248
249 BENCHMARK_START (ecdsa_key_get_public); 249 BENCHMARK_START(ecdsa_key_get_public);
250 250
251 sexp = decode_private_ecdsa_key (priv); 251 sexp = decode_private_ecdsa_key(priv);
252 GNUNET_assert (NULL != sexp); 252 GNUNET_assert(NULL != sexp);
253 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL)); 253 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, sexp, NULL));
254 gcry_sexp_release (sexp); 254 gcry_sexp_release(sexp);
255 q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); 255 q = gcry_mpi_ec_get_mpi("q@eddsa", ctx, 0);
256 GNUNET_assert (NULL != q); 256 GNUNET_assert(NULL != q);
257 GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); 257 GNUNET_CRYPTO_mpi_print_unsigned(pub->q_y, sizeof(pub->q_y), q);
258 gcry_mpi_release (q); 258 gcry_mpi_release(q);
259 gcry_ctx_release (ctx); 259 gcry_ctx_release(ctx);
260 260
261 BENCHMARK_END (ecdsa_key_get_public); 261 BENCHMARK_END(ecdsa_key_get_public);
262} 262}
263 263
264 264
@@ -269,7 +269,7 @@ GNUNET_CRYPTO_ecdsa_key_get_public (
269 * @param pub where to write the public key 269 * @param pub where to write the public key
270 */ 270 */
271void 271void
272GNUNET_CRYPTO_eddsa_key_get_public ( 272GNUNET_CRYPTO_eddsa_key_get_public(
273 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, 273 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
274 struct GNUNET_CRYPTO_EddsaPublicKey *pub) 274 struct GNUNET_CRYPTO_EddsaPublicKey *pub)
275{ 275{
@@ -277,19 +277,19 @@ GNUNET_CRYPTO_eddsa_key_get_public (
277 gcry_ctx_t ctx; 277 gcry_ctx_t ctx;
278 gcry_mpi_t q; 278 gcry_mpi_t q;
279 279
280 BENCHMARK_START (eddsa_key_get_public); 280 BENCHMARK_START(eddsa_key_get_public);
281 281
282 sexp = decode_private_eddsa_key (priv); 282 sexp = decode_private_eddsa_key(priv);
283 GNUNET_assert (NULL != sexp); 283 GNUNET_assert(NULL != sexp);
284 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL)); 284 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, sexp, NULL));
285 gcry_sexp_release (sexp); 285 gcry_sexp_release(sexp);
286 q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); 286 q = gcry_mpi_ec_get_mpi("q@eddsa", ctx, 0);
287 GNUNET_assert (q); 287 GNUNET_assert(q);
288 GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); 288 GNUNET_CRYPTO_mpi_print_unsigned(pub->q_y, sizeof(pub->q_y), q);
289 gcry_mpi_release (q); 289 gcry_mpi_release(q);
290 gcry_ctx_release (ctx); 290 gcry_ctx_release(ctx);
291 291
292 BENCHMARK_END (eddsa_key_get_public); 292 BENCHMARK_END(eddsa_key_get_public);
293} 293}
294 294
295 295
@@ -300,7 +300,7 @@ GNUNET_CRYPTO_eddsa_key_get_public (
300 * @param pub where to write the public key 300 * @param pub where to write the public key
301 */ 301 */
302void 302void
303GNUNET_CRYPTO_ecdhe_key_get_public ( 303GNUNET_CRYPTO_ecdhe_key_get_public(
304 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, 304 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
305 struct GNUNET_CRYPTO_EcdhePublicKey *pub) 305 struct GNUNET_CRYPTO_EcdhePublicKey *pub)
306{ 306{
@@ -308,19 +308,19 @@ GNUNET_CRYPTO_ecdhe_key_get_public (
308 gcry_ctx_t ctx; 308 gcry_ctx_t ctx;
309 gcry_mpi_t q; 309 gcry_mpi_t q;
310 310
311 BENCHMARK_START (ecdhe_key_get_public); 311 BENCHMARK_START(ecdhe_key_get_public);
312 312
313 sexp = decode_private_ecdhe_key (priv); 313 sexp = decode_private_ecdhe_key(priv);
314 GNUNET_assert (NULL != sexp); 314 GNUNET_assert(NULL != sexp);
315 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL)); 315 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, sexp, NULL));
316 gcry_sexp_release (sexp); 316 gcry_sexp_release(sexp);
317 q = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); 317 q = gcry_mpi_ec_get_mpi("q@eddsa", ctx, 0);
318 GNUNET_assert (q); 318 GNUNET_assert(q);
319 GNUNET_CRYPTO_mpi_print_unsigned (pub->q_y, sizeof (pub->q_y), q); 319 GNUNET_CRYPTO_mpi_print_unsigned(pub->q_y, sizeof(pub->q_y), q);
320 gcry_mpi_release (q); 320 gcry_mpi_release(q);
321 gcry_ctx_release (ctx); 321 gcry_ctx_release(ctx);
322 322
323 BENCHMARK_END (ecdhe_key_get_public); 323 BENCHMARK_END(ecdhe_key_get_public);
324} 324}
325 325
326 326
@@ -331,27 +331,27 @@ GNUNET_CRYPTO_ecdhe_key_get_public (
331 * @return string representing @a pub 331 * @return string representing @a pub
332 */ 332 */
333char * 333char *
334GNUNET_CRYPTO_ecdsa_public_key_to_string ( 334GNUNET_CRYPTO_ecdsa_public_key_to_string(
335 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) 335 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
336{ 336{
337 char *pubkeybuf; 337 char *pubkeybuf;
338 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8; 338 size_t keylen = (sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
339 char *end; 339 char *end;
340 340
341 if (keylen % 5 > 0) 341 if (keylen % 5 > 0)
342 keylen += 5 - keylen % 5; 342 keylen += 5 - keylen % 5;
343 keylen /= 5; 343 keylen /= 5;
344 pubkeybuf = GNUNET_malloc (keylen + 1); 344 pubkeybuf = GNUNET_malloc(keylen + 1);
345 end = 345 end =
346 GNUNET_STRINGS_data_to_string ((unsigned char *) pub, 346 GNUNET_STRINGS_data_to_string((unsigned char *)pub,
347 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), 347 sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
348 pubkeybuf, 348 pubkeybuf,
349 keylen); 349 keylen);
350 if (NULL == end) 350 if (NULL == end)
351 { 351 {
352 GNUNET_free (pubkeybuf); 352 GNUNET_free(pubkeybuf);
353 return NULL; 353 return NULL;
354 } 354 }
355 *end = '\0'; 355 *end = '\0';
356 return pubkeybuf; 356 return pubkeybuf;
357} 357}
@@ -364,27 +364,27 @@ GNUNET_CRYPTO_ecdsa_public_key_to_string (
364 * @return string representing @a pub 364 * @return string representing @a pub
365 */ 365 */
366char * 366char *
367GNUNET_CRYPTO_eddsa_public_key_to_string ( 367GNUNET_CRYPTO_eddsa_public_key_to_string(
368 const struct GNUNET_CRYPTO_EddsaPublicKey *pub) 368 const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
369{ 369{
370 char *pubkeybuf; 370 char *pubkeybuf;
371 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8; 371 size_t keylen = (sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
372 char *end; 372 char *end;
373 373
374 if (keylen % 5 > 0) 374 if (keylen % 5 > 0)
375 keylen += 5 - keylen % 5; 375 keylen += 5 - keylen % 5;
376 keylen /= 5; 376 keylen /= 5;
377 pubkeybuf = GNUNET_malloc (keylen + 1); 377 pubkeybuf = GNUNET_malloc(keylen + 1);
378 end = 378 end =
379 GNUNET_STRINGS_data_to_string ((unsigned char *) pub, 379 GNUNET_STRINGS_data_to_string((unsigned char *)pub,
380 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey), 380 sizeof(struct GNUNET_CRYPTO_EddsaPublicKey),
381 pubkeybuf, 381 pubkeybuf,
382 keylen); 382 keylen);
383 if (NULL == end) 383 if (NULL == end)
384 { 384 {
385 GNUNET_free (pubkeybuf); 385 GNUNET_free(pubkeybuf);
386 return NULL; 386 return NULL;
387 } 387 }
388 *end = '\0'; 388 *end = '\0';
389 return pubkeybuf; 389 return pubkeybuf;
390} 390}
@@ -397,27 +397,27 @@ GNUNET_CRYPTO_eddsa_public_key_to_string (
397 * @return string representing @a pub 397 * @return string representing @a pub
398 */ 398 */
399char * 399char *
400GNUNET_CRYPTO_eddsa_private_key_to_string ( 400GNUNET_CRYPTO_eddsa_private_key_to_string(
401 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv) 401 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
402{ 402{
403 char *privkeybuf; 403 char *privkeybuf;
404 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8; 404 size_t keylen = (sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
405 char *end; 405 char *end;
406 406
407 if (keylen % 5 > 0) 407 if (keylen % 5 > 0)
408 keylen += 5 - keylen % 5; 408 keylen += 5 - keylen % 5;
409 keylen /= 5; 409 keylen /= 5;
410 privkeybuf = GNUNET_malloc (keylen + 1); 410 privkeybuf = GNUNET_malloc(keylen + 1);
411 end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv, 411 end = GNUNET_STRINGS_data_to_string((unsigned char *)priv,
412 sizeof ( 412 sizeof(
413 struct GNUNET_CRYPTO_EddsaPrivateKey), 413 struct GNUNET_CRYPTO_EddsaPrivateKey),
414 privkeybuf, 414 privkeybuf,
415 keylen); 415 keylen);
416 if (NULL == end) 416 if (NULL == end)
417 { 417 {
418 GNUNET_free (privkeybuf); 418 GNUNET_free(privkeybuf);
419 return NULL; 419 return NULL;
420 } 420 }
421 *end = '\0'; 421 *end = '\0';
422 return privkeybuf; 422 return privkeybuf;
423} 423}
@@ -430,27 +430,27 @@ GNUNET_CRYPTO_eddsa_private_key_to_string (
430 * @return string representing @a priv 430 * @return string representing @a priv
431 */ 431 */
432char * 432char *
433GNUNET_CRYPTO_ecdsa_private_key_to_string ( 433GNUNET_CRYPTO_ecdsa_private_key_to_string(
434 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv) 434 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
435{ 435{
436 char *privkeybuf; 436 char *privkeybuf;
437 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) * 8; 437 size_t keylen = (sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey)) * 8;
438 char *end; 438 char *end;
439 439
440 if (keylen % 5 > 0) 440 if (keylen % 5 > 0)
441 keylen += 5 - keylen % 5; 441 keylen += 5 - keylen % 5;
442 keylen /= 5; 442 keylen /= 5;
443 privkeybuf = GNUNET_malloc (keylen + 1); 443 privkeybuf = GNUNET_malloc(keylen + 1);
444 end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv, 444 end = GNUNET_STRINGS_data_to_string((unsigned char *)priv,
445 sizeof ( 445 sizeof(
446 struct GNUNET_CRYPTO_EcdsaPrivateKey), 446 struct GNUNET_CRYPTO_EcdsaPrivateKey),
447 privkeybuf, 447 privkeybuf,
448 keylen); 448 keylen);
449 if (NULL == end) 449 if (NULL == end)
450 { 450 {
451 GNUNET_free (privkeybuf); 451 GNUNET_free(privkeybuf);
452 return NULL; 452 return NULL;
453 } 453 }
454 *end = '\0'; 454 *end = '\0';
455 return privkeybuf; 455 return privkeybuf;
456} 456}
@@ -465,12 +465,12 @@ GNUNET_CRYPTO_ecdsa_private_key_to_string (
465 * @return #GNUNET_OK on success 465 * @return #GNUNET_OK on success
466 */ 466 */
467int 467int
468GNUNET_CRYPTO_ecdsa_public_key_from_string ( 468GNUNET_CRYPTO_ecdsa_public_key_from_string(
469 const char *enc, 469 const char *enc,
470 size_t enclen, 470 size_t enclen,
471 struct GNUNET_CRYPTO_EcdsaPublicKey *pub) 471 struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
472{ 472{
473 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8; 473 size_t keylen = (sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
474 474
475 if (keylen % 5 > 0) 475 if (keylen % 5 > 0)
476 keylen += 5 - keylen % 5; 476 keylen += 5 - keylen % 5;
@@ -479,11 +479,11 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (
479 return GNUNET_SYSERR; 479 return GNUNET_SYSERR;
480 480
481 if (GNUNET_OK != 481 if (GNUNET_OK !=
482 GNUNET_STRINGS_string_to_data (enc, 482 GNUNET_STRINGS_string_to_data(enc,
483 enclen, 483 enclen,
484 pub, 484 pub,
485 sizeof ( 485 sizeof(
486 struct GNUNET_CRYPTO_EcdsaPublicKey))) 486 struct GNUNET_CRYPTO_EcdsaPublicKey)))
487 return GNUNET_SYSERR; 487 return GNUNET_SYSERR;
488 return GNUNET_OK; 488 return GNUNET_OK;
489} 489}
@@ -498,12 +498,12 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (
498 * @return #GNUNET_OK on success 498 * @return #GNUNET_OK on success
499 */ 499 */
500int 500int
501GNUNET_CRYPTO_eddsa_public_key_from_string ( 501GNUNET_CRYPTO_eddsa_public_key_from_string(
502 const char *enc, 502 const char *enc,
503 size_t enclen, 503 size_t enclen,
504 struct GNUNET_CRYPTO_EddsaPublicKey *pub) 504 struct GNUNET_CRYPTO_EddsaPublicKey *pub)
505{ 505{
506 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8; 506 size_t keylen = (sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
507 507
508 if (keylen % 5 > 0) 508 if (keylen % 5 > 0)
509 keylen += 5 - keylen % 5; 509 keylen += 5 - keylen % 5;
@@ -512,11 +512,11 @@ GNUNET_CRYPTO_eddsa_public_key_from_string (
512 return GNUNET_SYSERR; 512 return GNUNET_SYSERR;
513 513
514 if (GNUNET_OK != 514 if (GNUNET_OK !=
515 GNUNET_STRINGS_string_to_data (enc, 515 GNUNET_STRINGS_string_to_data(enc,
516 enclen, 516 enclen,
517 pub, 517 pub,
518 sizeof ( 518 sizeof(
519 struct GNUNET_CRYPTO_EddsaPublicKey))) 519 struct GNUNET_CRYPTO_EddsaPublicKey)))
520 return GNUNET_SYSERR; 520 return GNUNET_SYSERR;
521 return GNUNET_OK; 521 return GNUNET_OK;
522} 522}
@@ -531,12 +531,12 @@ GNUNET_CRYPTO_eddsa_public_key_from_string (
531 * @return #GNUNET_OK on success 531 * @return #GNUNET_OK on success
532 */ 532 */
533int 533int
534GNUNET_CRYPTO_eddsa_private_key_from_string ( 534GNUNET_CRYPTO_eddsa_private_key_from_string(
535 const char *enc, 535 const char *enc,
536 size_t enclen, 536 size_t enclen,
537 struct GNUNET_CRYPTO_EddsaPrivateKey *priv) 537 struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
538{ 538{
539 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8; 539 size_t keylen = (sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
540 540
541 if (keylen % 5 > 0) 541 if (keylen % 5 > 0)
542 keylen += 5 - keylen % 5; 542 keylen += 5 - keylen % 5;
@@ -545,18 +545,18 @@ GNUNET_CRYPTO_eddsa_private_key_from_string (
545 return GNUNET_SYSERR; 545 return GNUNET_SYSERR;
546 546
547 if (GNUNET_OK != 547 if (GNUNET_OK !=
548 GNUNET_STRINGS_string_to_data (enc, 548 GNUNET_STRINGS_string_to_data(enc,
549 enclen, 549 enclen,
550 priv, 550 priv,
551 sizeof ( 551 sizeof(
552 struct GNUNET_CRYPTO_EddsaPrivateKey))) 552 struct GNUNET_CRYPTO_EddsaPrivateKey)))
553 return GNUNET_SYSERR; 553 return GNUNET_SYSERR;
554#if CRYPTO_BUG 554#if CRYPTO_BUG
555 if (GNUNET_OK != check_eddsa_key (priv)) 555 if (GNUNET_OK != check_eddsa_key(priv))
556 { 556 {
557 GNUNET_break (0); 557 GNUNET_break(0);
558 return GNUNET_OK; 558 return GNUNET_OK;
559 } 559 }
560#endif 560#endif
561 return GNUNET_OK; 561 return GNUNET_OK;
562} 562}
@@ -569,9 +569,9 @@ GNUNET_CRYPTO_eddsa_private_key_from_string (
569 * @param pk location of the key 569 * @param pk location of the key
570 */ 570 */
571void 571void
572GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk) 572GNUNET_CRYPTO_ecdhe_key_clear(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
573{ 573{
574 memset (pk, 0, sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey)); 574 memset(pk, 0, sizeof(struct GNUNET_CRYPTO_EcdhePrivateKey));
575} 575}
576 576
577 577
@@ -582,9 +582,9 @@ GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
582 * @param pk location of the key 582 * @param pk location of the key
583 */ 583 */
584void 584void
585GNUNET_CRYPTO_ecdsa_key_clear (struct GNUNET_CRYPTO_EcdsaPrivateKey *pk) 585GNUNET_CRYPTO_ecdsa_key_clear(struct GNUNET_CRYPTO_EcdsaPrivateKey *pk)
586{ 586{
587 memset (pk, 0, sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)); 587 memset(pk, 0, sizeof(struct GNUNET_CRYPTO_EcdsaPrivateKey));
588} 588}
589 589
590 590
@@ -595,9 +595,9 @@ GNUNET_CRYPTO_ecdsa_key_clear (struct GNUNET_CRYPTO_EcdsaPrivateKey *pk)
595 * @param pk location of the key 595 * @param pk location of the key
596 */ 596 */
597void 597void
598GNUNET_CRYPTO_eddsa_key_clear (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) 598GNUNET_CRYPTO_eddsa_key_clear(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
599{ 599{
600 memset (pk, 0, sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)); 600 memset(pk, 0, sizeof(struct GNUNET_CRYPTO_EddsaPrivateKey));
601} 601}
602 602
603 603
@@ -607,16 +607,16 @@ GNUNET_CRYPTO_eddsa_key_clear (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
607 * @return fresh private key 607 * @return fresh private key
608 */ 608 */
609struct GNUNET_CRYPTO_EcdhePrivateKey * 609struct GNUNET_CRYPTO_EcdhePrivateKey *
610GNUNET_CRYPTO_ecdhe_key_create () 610GNUNET_CRYPTO_ecdhe_key_create()
611{ 611{
612 struct GNUNET_CRYPTO_EcdhePrivateKey *priv; 612 struct GNUNET_CRYPTO_EcdhePrivateKey *priv;
613 613
614 priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); 614 priv = GNUNET_new(struct GNUNET_CRYPTO_EcdhePrivateKey);
615 if (GNUNET_OK != GNUNET_CRYPTO_ecdhe_key_create2 (priv)) 615 if (GNUNET_OK != GNUNET_CRYPTO_ecdhe_key_create2(priv))
616 { 616 {
617 GNUNET_free (priv); 617 GNUNET_free(priv);
618 return NULL; 618 return NULL;
619 } 619 }
620 return priv; 620 return priv;
621} 621}
622 622
@@ -629,54 +629,54 @@ GNUNET_CRYPTO_ecdhe_key_create ()
629 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure 629 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
630 */ 630 */
631int 631int
632GNUNET_CRYPTO_ecdhe_key_create2 (struct GNUNET_CRYPTO_EcdhePrivateKey *pk) 632GNUNET_CRYPTO_ecdhe_key_create2(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
633{ 633{
634 gcry_sexp_t priv_sexp; 634 gcry_sexp_t priv_sexp;
635 gcry_sexp_t s_keyparam; 635 gcry_sexp_t s_keyparam;
636 gcry_mpi_t d; 636 gcry_mpi_t d;
637 int rc; 637 int rc;
638 638
639 BENCHMARK_START (ecdhe_key_create); 639 BENCHMARK_START(ecdhe_key_create);
640 640
641 /* NOTE: For libgcrypt >= 1.7, we do not need the 'eddsa' flag here, 641 /* NOTE: For libgcrypt >= 1.7, we do not need the 'eddsa' flag here,
642 but should also be harmless. For libgcrypt < 1.7, using 'eddsa' 642 but should also be harmless. For libgcrypt < 1.7, using 'eddsa'
643 disables an expensive key testing routine. We do not want to run 643 disables an expensive key testing routine. We do not want to run
644 the expensive check for ECDHE, as we generate TONS of keys to 644 the expensive check for ECDHE, as we generate TONS of keys to
645 use for a very short time. */ 645 use for a very short time. */
646 if (0 != (rc = gcry_sexp_build (&s_keyparam, 646 if (0 != (rc = gcry_sexp_build(&s_keyparam,
647 NULL, 647 NULL,
648 "(genkey(ecc(curve \"" CURVE "\")" 648 "(genkey(ecc(curve \"" CURVE "\")"
649 "(flags eddsa no-keytest)))"))) 649 "(flags eddsa no-keytest)))")))
650 { 650 {
651 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 651 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
652 return GNUNET_SYSERR; 652 return GNUNET_SYSERR;
653 } 653 }
654 if (0 != (rc = gcry_pk_genkey (&priv_sexp, s_keyparam))) 654 if (0 != (rc = gcry_pk_genkey(&priv_sexp, s_keyparam)))
655 { 655 {
656 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc); 656 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc);
657 gcry_sexp_release (s_keyparam); 657 gcry_sexp_release(s_keyparam);
658 return GNUNET_SYSERR; 658 return GNUNET_SYSERR;
659 } 659 }
660 gcry_sexp_release (s_keyparam); 660 gcry_sexp_release(s_keyparam);
661#if EXTRA_CHECKS 661#if EXTRA_CHECKS
662 if (0 != (rc = gcry_pk_testkey (priv_sexp))) 662 if (0 != (rc = gcry_pk_testkey(priv_sexp)))
663 { 663 {
664 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); 664 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
665 gcry_sexp_release (priv_sexp); 665 gcry_sexp_release(priv_sexp);
666 return GNUNET_SYSERR; 666 return GNUNET_SYSERR;
667 } 667 }
668#endif 668#endif
669 if (0 != (rc = key_from_sexp (&d, priv_sexp, "private-key", "d"))) 669 if (0 != (rc = key_from_sexp(&d, priv_sexp, "private-key", "d")))
670 { 670 {
671 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc); 671 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc);
672 gcry_sexp_release (priv_sexp); 672 gcry_sexp_release(priv_sexp);
673 return GNUNET_SYSERR; 673 return GNUNET_SYSERR;
674 } 674 }
675 gcry_sexp_release (priv_sexp); 675 gcry_sexp_release(priv_sexp);
676 GNUNET_CRYPTO_mpi_print_unsigned (pk->d, sizeof (pk->d), d); 676 GNUNET_CRYPTO_mpi_print_unsigned(pk->d, sizeof(pk->d), d);
677 gcry_mpi_release (d); 677 gcry_mpi_release(d);
678 678
679 BENCHMARK_END (ecdhe_key_create); 679 BENCHMARK_END(ecdhe_key_create);
680 680
681 return GNUNET_OK; 681 return GNUNET_OK;
682} 682}
@@ -688,7 +688,7 @@ GNUNET_CRYPTO_ecdhe_key_create2 (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
688 * @return fresh private key 688 * @return fresh private key
689 */ 689 */
690struct GNUNET_CRYPTO_EcdsaPrivateKey * 690struct GNUNET_CRYPTO_EcdsaPrivateKey *
691GNUNET_CRYPTO_ecdsa_key_create () 691GNUNET_CRYPTO_ecdsa_key_create()
692{ 692{
693 struct GNUNET_CRYPTO_EcdsaPrivateKey *priv; 693 struct GNUNET_CRYPTO_EcdsaPrivateKey *priv;
694 gcry_sexp_t priv_sexp; 694 gcry_sexp_t priv_sexp;
@@ -696,43 +696,43 @@ GNUNET_CRYPTO_ecdsa_key_create ()
696 gcry_mpi_t d; 696 gcry_mpi_t d;
697 int rc; 697 int rc;
698 698
699 BENCHMARK_START (ecdsa_key_create); 699 BENCHMARK_START(ecdsa_key_create);
700 700
701 if (0 != (rc = gcry_sexp_build (&s_keyparam, 701 if (0 != (rc = gcry_sexp_build(&s_keyparam,
702 NULL, 702 NULL,
703 "(genkey(ecc(curve \"" CURVE "\")" 703 "(genkey(ecc(curve \"" CURVE "\")"
704 "(flags)))"))) 704 "(flags)))")))
705 { 705 {
706 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 706 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
707 return NULL; 707 return NULL;
708 } 708 }
709 if (0 != (rc = gcry_pk_genkey (&priv_sexp, s_keyparam))) 709 if (0 != (rc = gcry_pk_genkey(&priv_sexp, s_keyparam)))
710 { 710 {
711 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc); 711 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc);
712 gcry_sexp_release (s_keyparam); 712 gcry_sexp_release(s_keyparam);
713 return NULL; 713 return NULL;
714 } 714 }
715 gcry_sexp_release (s_keyparam); 715 gcry_sexp_release(s_keyparam);
716#if EXTRA_CHECKS 716#if EXTRA_CHECKS
717 if (0 != (rc = gcry_pk_testkey (priv_sexp))) 717 if (0 != (rc = gcry_pk_testkey(priv_sexp)))
718 { 718 {
719 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); 719 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
720 gcry_sexp_release (priv_sexp); 720 gcry_sexp_release(priv_sexp);
721 return NULL; 721 return NULL;
722 } 722 }
723#endif 723#endif
724 if (0 != (rc = key_from_sexp (&d, priv_sexp, "private-key", "d"))) 724 if (0 != (rc = key_from_sexp(&d, priv_sexp, "private-key", "d")))
725 { 725 {
726 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc); 726 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc);
727 gcry_sexp_release (priv_sexp); 727 gcry_sexp_release(priv_sexp);
728 return NULL; 728 return NULL;
729 } 729 }
730 gcry_sexp_release (priv_sexp); 730 gcry_sexp_release(priv_sexp);
731 priv = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); 731 priv = GNUNET_new(struct GNUNET_CRYPTO_EcdsaPrivateKey);
732 GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); 732 GNUNET_CRYPTO_mpi_print_unsigned(priv->d, sizeof(priv->d), d);
733 gcry_mpi_release (d); 733 gcry_mpi_release(d);
734 734
735 BENCHMARK_END (ecdsa_key_create); 735 BENCHMARK_END(ecdsa_key_create);
736 736
737 return priv; 737 return priv;
738} 738}
@@ -743,7 +743,7 @@ GNUNET_CRYPTO_ecdsa_key_create ()
743 * @return fresh private key 743 * @return fresh private key
744 */ 744 */
745struct GNUNET_CRYPTO_EddsaPrivateKey * 745struct GNUNET_CRYPTO_EddsaPrivateKey *
746GNUNET_CRYPTO_eddsa_key_create () 746GNUNET_CRYPTO_eddsa_key_create()
747{ 747{
748 struct GNUNET_CRYPTO_EddsaPrivateKey *priv; 748 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
749 gcry_sexp_t priv_sexp; 749 gcry_sexp_t priv_sexp;
@@ -751,55 +751,55 @@ GNUNET_CRYPTO_eddsa_key_create ()
751 gcry_mpi_t d; 751 gcry_mpi_t d;
752 int rc; 752 int rc;
753 753
754 BENCHMARK_START (eddsa_key_create); 754 BENCHMARK_START(eddsa_key_create);
755 755
756#if CRYPTO_BUG 756#if CRYPTO_BUG
757again: 757again:
758#endif 758#endif
759 if (0 != (rc = gcry_sexp_build (&s_keyparam, 759 if (0 != (rc = gcry_sexp_build(&s_keyparam,
760 NULL, 760 NULL,
761 "(genkey(ecc(curve \"" CURVE "\")" 761 "(genkey(ecc(curve \"" CURVE "\")"
762 "(flags eddsa)))"))) 762 "(flags eddsa)))")))
763 { 763 {
764 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 764 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
765 return NULL; 765 return NULL;
766 } 766 }
767 if (0 != (rc = gcry_pk_genkey (&priv_sexp, s_keyparam))) 767 if (0 != (rc = gcry_pk_genkey(&priv_sexp, s_keyparam)))
768 { 768 {
769 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc); 769 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc);
770 gcry_sexp_release (s_keyparam); 770 gcry_sexp_release(s_keyparam);
771 return NULL; 771 return NULL;
772 } 772 }
773 gcry_sexp_release (s_keyparam); 773 gcry_sexp_release(s_keyparam);
774#if EXTRA_CHECKS 774#if EXTRA_CHECKS
775 if (0 != (rc = gcry_pk_testkey (priv_sexp))) 775 if (0 != (rc = gcry_pk_testkey(priv_sexp)))
776 { 776 {
777 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc); 777 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
778 gcry_sexp_release (priv_sexp); 778 gcry_sexp_release(priv_sexp);
779 return NULL; 779 return NULL;
780 } 780 }
781#endif 781#endif
782 if (0 != (rc = key_from_sexp (&d, priv_sexp, "private-key", "d"))) 782 if (0 != (rc = key_from_sexp(&d, priv_sexp, "private-key", "d")))
783 { 783 {
784 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc); 784 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "key_from_sexp", rc);
785 gcry_sexp_release (priv_sexp); 785 gcry_sexp_release(priv_sexp);
786 return NULL; 786 return NULL;
787 } 787 }
788 gcry_sexp_release (priv_sexp); 788 gcry_sexp_release(priv_sexp);
789 priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey); 789 priv = GNUNET_new(struct GNUNET_CRYPTO_EddsaPrivateKey);
790 GNUNET_CRYPTO_mpi_print_unsigned (priv->d, sizeof (priv->d), d); 790 GNUNET_CRYPTO_mpi_print_unsigned(priv->d, sizeof(priv->d), d);
791 gcry_mpi_release (d); 791 gcry_mpi_release(d);
792 792
793#if CRYPTO_BUG 793#if CRYPTO_BUG
794 if (GNUNET_OK != check_eddsa_key (priv)) 794 if (GNUNET_OK != check_eddsa_key(priv))
795 { 795 {
796 GNUNET_break (0); 796 GNUNET_break(0);
797 GNUNET_free (priv); 797 GNUNET_free(priv);
798 goto again; 798 goto again;
799 } 799 }
800#endif 800#endif
801 801
802 BENCHMARK_END (eddsa_key_create); 802 BENCHMARK_END(eddsa_key_create);
803 803
804 return priv; 804 return priv;
805} 805}
@@ -811,7 +811,7 @@ again:
811 * @return "anonymous" private key 811 * @return "anonymous" private key
812 */ 812 */
813const struct GNUNET_CRYPTO_EcdsaPrivateKey * 813const struct GNUNET_CRYPTO_EcdsaPrivateKey *
814GNUNET_CRYPTO_ecdsa_key_get_anonymous () 814GNUNET_CRYPTO_ecdsa_key_get_anonymous()
815{ 815{
816 /** 816 /**
817 * 'anonymous' pseudonym (global static, d=1, public key = G 817 * 'anonymous' pseudonym (global static, d=1, public key = G
@@ -822,9 +822,9 @@ GNUNET_CRYPTO_ecdsa_key_get_anonymous ()
822 822
823 if (once) 823 if (once)
824 return &anonymous; 824 return &anonymous;
825 GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d, 825 GNUNET_CRYPTO_mpi_print_unsigned(anonymous.d,
826 sizeof (anonymous.d), 826 sizeof(anonymous.d),
827 GCRYMPI_CONST_ONE); 827 GCRYMPI_CONST_ONE);
828 once = 1; 828 once = 1;
829 return &anonymous; 829 return &anonymous;
830} 830}
@@ -838,7 +838,7 @@ GNUNET_CRYPTO_ecdsa_key_get_anonymous ()
838 * @return converted s-expression 838 * @return converted s-expression
839 */ 839 */
840static gcry_sexp_t 840static gcry_sexp_t
841data_to_eddsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose) 841data_to_eddsa_value(const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
842{ 842{
843 gcry_sexp_t data; 843 gcry_sexp_t data;
844 int rc; 844 int rc;
@@ -847,29 +847,29 @@ data_to_eddsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
847#if 1 847#if 1
848 struct GNUNET_HashCode hc; 848 struct GNUNET_HashCode hc;
849 849
850 GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc); 850 GNUNET_CRYPTO_hash(purpose, ntohl(purpose->size), &hc);
851 if (0 != (rc = gcry_sexp_build (&data, 851 if (0 != (rc = gcry_sexp_build(&data,
852 NULL, 852 NULL,
853 "(data(flags eddsa)(hash-algo %s)(value %b))", 853 "(data(flags eddsa)(hash-algo %s)(value %b))",
854 "sha512", 854 "sha512",
855 (int) sizeof (hc), 855 (int)sizeof(hc),
856 &hc))) 856 &hc)))
857 { 857 {
858 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 858 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
859 return NULL; 859 return NULL;
860 } 860 }
861#else 861#else
862 GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc); 862 GNUNET_CRYPTO_hash(purpose, ntohl(purpose->size), &hc);
863 if (0 != (rc = gcry_sexp_build (&data, 863 if (0 != (rc = gcry_sexp_build(&data,
864 NULL, 864 NULL,
865 "(data(flags eddsa)(hash-algo %s)(value %b))", 865 "(data(flags eddsa)(hash-algo %s)(value %b))",
866 "sha512", 866 "sha512",
867 ntohl (purpose->size), 867 ntohl(purpose->size),
868 purpose))) 868 purpose)))
869 { 869 {
870 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 870 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
871 return NULL; 871 return NULL;
872 } 872 }
873#endif 873#endif
874 return data; 874 return data;
875} 875}
@@ -883,7 +883,7 @@ data_to_eddsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
883 * @return converted s-expression 883 * @return converted s-expression
884 */ 884 */
885static gcry_sexp_t 885static gcry_sexp_t
886data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose) 886data_to_ecdsa_value(const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
887{ 887{
888 gcry_sexp_t data; 888 gcry_sexp_t data;
889 int rc; 889 int rc;
@@ -892,28 +892,28 @@ data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
892#if 1 892#if 1
893 struct GNUNET_HashCode hc; 893 struct GNUNET_HashCode hc;
894 894
895 GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc); 895 GNUNET_CRYPTO_hash(purpose, ntohl(purpose->size), &hc);
896 if (0 != (rc = gcry_sexp_build (&data, 896 if (0 != (rc = gcry_sexp_build(&data,
897 NULL, 897 NULL,
898 "(data(flags rfc6979)(hash %s %b))", 898 "(data(flags rfc6979)(hash %s %b))",
899 "sha512", 899 "sha512",
900 (int) sizeof (hc), 900 (int)sizeof(hc),
901 &hc))) 901 &hc)))
902 { 902 {
903 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 903 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
904 return NULL; 904 return NULL;
905 } 905 }
906#else 906#else
907 if (0 != (rc = gcry_sexp_build (&data, 907 if (0 != (rc = gcry_sexp_build(&data,
908 NULL, 908 NULL,
909 "(data(flags rfc6979)(hash %s %b))", 909 "(data(flags rfc6979)(hash %s %b))",
910 "sha512", 910 "sha512",
911 ntohl (purpose->size), 911 ntohl(purpose->size),
912 purpose))) 912 purpose)))
913 { 913 {
914 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 914 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
915 return NULL; 915 return NULL;
916 } 916 }
917#endif 917#endif
918 return data; 918 return data;
919} 919}
@@ -928,7 +928,7 @@ data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
928 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 928 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
929 */ 929 */
930int 930int
931GNUNET_CRYPTO_ecdsa_sign ( 931GNUNET_CRYPTO_ecdsa_sign(
932 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 932 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
933 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 933 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
934 struct GNUNET_CRYPTO_EcdsaSignature *sig) 934 struct GNUNET_CRYPTO_EcdsaSignature *sig)
@@ -939,39 +939,39 @@ GNUNET_CRYPTO_ecdsa_sign (
939 int rc; 939 int rc;
940 gcry_mpi_t rs[2]; 940 gcry_mpi_t rs[2];
941 941
942 BENCHMARK_START (ecdsa_sign); 942 BENCHMARK_START(ecdsa_sign);
943 943
944 priv_sexp = decode_private_ecdsa_key (priv); 944 priv_sexp = decode_private_ecdsa_key(priv);
945 data = data_to_ecdsa_value (purpose); 945 data = data_to_ecdsa_value(purpose);
946 if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp))) 946 if (0 != (rc = gcry_pk_sign(&sig_sexp, data, priv_sexp)))
947 { 947 {
948 LOG (GNUNET_ERROR_TYPE_WARNING, 948 LOG(GNUNET_ERROR_TYPE_WARNING,
949 _ ("ECC signing failed at %s:%d: %s\n"), 949 _("ECC signing failed at %s:%d: %s\n"),
950 __FILE__, 950 __FILE__,
951 __LINE__, 951 __LINE__,
952 gcry_strerror (rc)); 952 gcry_strerror(rc));
953 gcry_sexp_release (data); 953 gcry_sexp_release(data);
954 gcry_sexp_release (priv_sexp); 954 gcry_sexp_release(priv_sexp);
955 return GNUNET_SYSERR; 955 return GNUNET_SYSERR;
956 } 956 }
957 gcry_sexp_release (priv_sexp); 957 gcry_sexp_release(priv_sexp);
958 gcry_sexp_release (data); 958 gcry_sexp_release(data);
959 959
960 /* extract 'r' and 's' values from sexpression 'sig_sexp' and store in 960 /* extract 'r' and 's' values from sexpression 'sig_sexp' and store in
961 'signature' */ 961 'signature' */
962 if (0 != (rc = key_from_sexp (rs, sig_sexp, "sig-val", "rs"))) 962 if (0 != (rc = key_from_sexp(rs, sig_sexp, "sig-val", "rs")))
963 { 963 {
964 GNUNET_break (0); 964 GNUNET_break(0);
965 gcry_sexp_release (sig_sexp); 965 gcry_sexp_release(sig_sexp);
966 return GNUNET_SYSERR; 966 return GNUNET_SYSERR;
967 } 967 }
968 gcry_sexp_release (sig_sexp); 968 gcry_sexp_release(sig_sexp);
969 GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); 969 GNUNET_CRYPTO_mpi_print_unsigned(sig->r, sizeof(sig->r), rs[0]);
970 GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); 970 GNUNET_CRYPTO_mpi_print_unsigned(sig->s, sizeof(sig->s), rs[1]);
971 gcry_mpi_release (rs[0]); 971 gcry_mpi_release(rs[0]);
972 gcry_mpi_release (rs[1]); 972 gcry_mpi_release(rs[1]);
973 973
974 BENCHMARK_END (ecdsa_sign); 974 BENCHMARK_END(ecdsa_sign);
975 975
976 return GNUNET_OK; 976 return GNUNET_OK;
977} 977}
@@ -986,7 +986,7 @@ GNUNET_CRYPTO_ecdsa_sign (
986 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 986 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
987 */ 987 */
988int 988int
989GNUNET_CRYPTO_eddsa_sign ( 989GNUNET_CRYPTO_eddsa_sign(
990 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, 990 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
991 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 991 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
992 struct GNUNET_CRYPTO_EddsaSignature *sig) 992 struct GNUNET_CRYPTO_EddsaSignature *sig)
@@ -997,39 +997,39 @@ GNUNET_CRYPTO_eddsa_sign (
997 int rc; 997 int rc;
998 gcry_mpi_t rs[2]; 998 gcry_mpi_t rs[2];
999 999
1000 BENCHMARK_START (eddsa_sign); 1000 BENCHMARK_START(eddsa_sign);
1001 1001
1002 priv_sexp = decode_private_eddsa_key (priv); 1002 priv_sexp = decode_private_eddsa_key(priv);
1003 data = data_to_eddsa_value (purpose); 1003 data = data_to_eddsa_value(purpose);
1004 if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp))) 1004 if (0 != (rc = gcry_pk_sign(&sig_sexp, data, priv_sexp)))
1005 { 1005 {
1006 LOG (GNUNET_ERROR_TYPE_WARNING, 1006 LOG(GNUNET_ERROR_TYPE_WARNING,
1007 _ ("EdDSA signing failed at %s:%d: %s\n"), 1007 _("EdDSA signing failed at %s:%d: %s\n"),
1008 __FILE__, 1008 __FILE__,
1009 __LINE__, 1009 __LINE__,
1010 gcry_strerror (rc)); 1010 gcry_strerror(rc));
1011 gcry_sexp_release (data); 1011 gcry_sexp_release(data);
1012 gcry_sexp_release (priv_sexp); 1012 gcry_sexp_release(priv_sexp);
1013 return GNUNET_SYSERR; 1013 return GNUNET_SYSERR;
1014 } 1014 }
1015 gcry_sexp_release (priv_sexp); 1015 gcry_sexp_release(priv_sexp);
1016 gcry_sexp_release (data); 1016 gcry_sexp_release(data);
1017 1017
1018 /* extract 'r' and 's' values from sexpression 'sig_sexp' and store in 1018 /* extract 'r' and 's' values from sexpression 'sig_sexp' and store in
1019 'signature' */ 1019 'signature' */
1020 if (0 != (rc = key_from_sexp (rs, sig_sexp, "sig-val", "rs"))) 1020 if (0 != (rc = key_from_sexp(rs, sig_sexp, "sig-val", "rs")))
1021 { 1021 {
1022 GNUNET_break (0); 1022 GNUNET_break(0);
1023 gcry_sexp_release (sig_sexp); 1023 gcry_sexp_release(sig_sexp);
1024 return GNUNET_SYSERR; 1024 return GNUNET_SYSERR;
1025 } 1025 }
1026 gcry_sexp_release (sig_sexp); 1026 gcry_sexp_release(sig_sexp);
1027 GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]); 1027 GNUNET_CRYPTO_mpi_print_unsigned(sig->r, sizeof(sig->r), rs[0]);
1028 GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]); 1028 GNUNET_CRYPTO_mpi_print_unsigned(sig->s, sizeof(sig->s), rs[1]);
1029 gcry_mpi_release (rs[0]); 1029 gcry_mpi_release(rs[0]);
1030 gcry_mpi_release (rs[1]); 1030 gcry_mpi_release(rs[1]);
1031 1031
1032 BENCHMARK_END (eddsa_sign); 1032 BENCHMARK_END(eddsa_sign);
1033 1033
1034 return GNUNET_OK; 1034 return GNUNET_OK;
1035} 1035}
@@ -1045,7 +1045,7 @@ GNUNET_CRYPTO_eddsa_sign (
1045 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid 1045 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
1046 */ 1046 */
1047int 1047int
1048GNUNET_CRYPTO_ecdsa_verify ( 1048GNUNET_CRYPTO_ecdsa_verify(
1049 uint32_t purpose, 1049 uint32_t purpose,
1050 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 1050 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
1051 const struct GNUNET_CRYPTO_EcdsaSignature *sig, 1051 const struct GNUNET_CRYPTO_EcdsaSignature *sig,
@@ -1056,49 +1056,49 @@ GNUNET_CRYPTO_ecdsa_verify (
1056 gcry_sexp_t pub_sexpr; 1056 gcry_sexp_t pub_sexpr;
1057 int rc; 1057 int rc;
1058 1058
1059 BENCHMARK_START (ecdsa_verify); 1059 BENCHMARK_START(ecdsa_verify);
1060 1060
1061 if (purpose != ntohl (validate->purpose)) 1061 if (purpose != ntohl(validate->purpose))
1062 return GNUNET_SYSERR; /* purpose mismatch */ 1062 return GNUNET_SYSERR; /* purpose mismatch */
1063 1063
1064 /* build s-expression for signature */ 1064 /* build s-expression for signature */
1065 if (0 != (rc = gcry_sexp_build (&sig_sexpr, 1065 if (0 != (rc = gcry_sexp_build(&sig_sexpr,
1066 NULL, 1066 NULL,
1067 "(sig-val(ecdsa(r %b)(s %b)))", 1067 "(sig-val(ecdsa(r %b)(s %b)))",
1068 (int) sizeof (sig->r), 1068 (int)sizeof(sig->r),
1069 sig->r, 1069 sig->r,
1070 (int) sizeof (sig->s), 1070 (int)sizeof(sig->s),
1071 sig->s))) 1071 sig->s)))
1072 { 1072 {
1073 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 1073 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
1074 return GNUNET_SYSERR; 1074 return GNUNET_SYSERR;
1075 } 1075 }
1076 data = data_to_ecdsa_value (validate); 1076 data = data_to_ecdsa_value(validate);
1077 if (0 != (rc = gcry_sexp_build (&pub_sexpr, 1077 if (0 != (rc = gcry_sexp_build(&pub_sexpr,
1078 NULL, 1078 NULL,
1079 "(public-key(ecc(curve " CURVE ")(q %b)))", 1079 "(public-key(ecc(curve " CURVE ")(q %b)))",
1080 (int) sizeof (pub->q_y), 1080 (int)sizeof(pub->q_y),
1081 pub->q_y))) 1081 pub->q_y)))
1082 { 1082 {
1083 gcry_sexp_release (data); 1083 gcry_sexp_release(data);
1084 gcry_sexp_release (sig_sexpr); 1084 gcry_sexp_release(sig_sexpr);
1085 return GNUNET_SYSERR; 1085 return GNUNET_SYSERR;
1086 } 1086 }
1087 rc = gcry_pk_verify (sig_sexpr, data, pub_sexpr); 1087 rc = gcry_pk_verify(sig_sexpr, data, pub_sexpr);
1088 gcry_sexp_release (pub_sexpr); 1088 gcry_sexp_release(pub_sexpr);
1089 gcry_sexp_release (data); 1089 gcry_sexp_release(data);
1090 gcry_sexp_release (sig_sexpr); 1090 gcry_sexp_release(sig_sexpr);
1091 if (0 != rc) 1091 if (0 != rc)
1092 { 1092 {
1093 LOG (GNUNET_ERROR_TYPE_INFO, 1093 LOG(GNUNET_ERROR_TYPE_INFO,
1094 _ ("ECDSA signature verification failed at %s:%d: %s\n"), 1094 _("ECDSA signature verification failed at %s:%d: %s\n"),
1095 __FILE__, 1095 __FILE__,
1096 __LINE__, 1096 __LINE__,
1097 gcry_strerror (rc)); 1097 gcry_strerror(rc));
1098 BENCHMARK_END (ecdsa_verify); 1098 BENCHMARK_END(ecdsa_verify);
1099 return GNUNET_SYSERR; 1099 return GNUNET_SYSERR;
1100 } 1100 }
1101 BENCHMARK_END (ecdsa_verify); 1101 BENCHMARK_END(ecdsa_verify);
1102 return GNUNET_OK; 1102 return GNUNET_OK;
1103} 1103}
1104 1104
@@ -1113,7 +1113,7 @@ GNUNET_CRYPTO_ecdsa_verify (
1113 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid 1113 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
1114 */ 1114 */
1115int 1115int
1116GNUNET_CRYPTO_eddsa_verify ( 1116GNUNET_CRYPTO_eddsa_verify(
1117 uint32_t purpose, 1117 uint32_t purpose,
1118 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 1118 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
1119 const struct GNUNET_CRYPTO_EddsaSignature *sig, 1119 const struct GNUNET_CRYPTO_EddsaSignature *sig,
@@ -1124,51 +1124,51 @@ GNUNET_CRYPTO_eddsa_verify (
1124 gcry_sexp_t pub_sexpr; 1124 gcry_sexp_t pub_sexpr;
1125 int rc; 1125 int rc;
1126 1126
1127 BENCHMARK_START (eddsa_verify); 1127 BENCHMARK_START(eddsa_verify);
1128 1128
1129 if (purpose != ntohl (validate->purpose)) 1129 if (purpose != ntohl(validate->purpose))
1130 return GNUNET_SYSERR; /* purpose mismatch */ 1130 return GNUNET_SYSERR; /* purpose mismatch */
1131 1131
1132 /* build s-expression for signature */ 1132 /* build s-expression for signature */
1133 if (0 != (rc = gcry_sexp_build (&sig_sexpr, 1133 if (0 != (rc = gcry_sexp_build(&sig_sexpr,
1134 NULL, 1134 NULL,
1135 "(sig-val(eddsa(r %b)(s %b)))", 1135 "(sig-val(eddsa(r %b)(s %b)))",
1136 (int) sizeof (sig->r), 1136 (int)sizeof(sig->r),
1137 sig->r, 1137 sig->r,
1138 (int) sizeof (sig->s), 1138 (int)sizeof(sig->s),
1139 sig->s))) 1139 sig->s)))
1140 { 1140 {
1141 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 1141 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
1142 return GNUNET_SYSERR; 1142 return GNUNET_SYSERR;
1143 } 1143 }
1144 data = data_to_eddsa_value (validate); 1144 data = data_to_eddsa_value(validate);
1145 if (0 != (rc = gcry_sexp_build (&pub_sexpr, 1145 if (0 != (rc = gcry_sexp_build(&pub_sexpr,
1146 NULL, 1146 NULL,
1147 "(public-key(ecc(curve " CURVE 1147 "(public-key(ecc(curve " CURVE
1148 ")(flags eddsa)(q %b)))", 1148 ")(flags eddsa)(q %b)))",
1149 (int) sizeof (pub->q_y), 1149 (int)sizeof(pub->q_y),
1150 pub->q_y))) 1150 pub->q_y)))
1151 { 1151 {
1152 gcry_sexp_release (data); 1152 gcry_sexp_release(data);
1153 gcry_sexp_release (sig_sexpr); 1153 gcry_sexp_release(sig_sexpr);
1154 return GNUNET_SYSERR; 1154 return GNUNET_SYSERR;
1155 } 1155 }
1156 rc = gcry_pk_verify (sig_sexpr, data, pub_sexpr); 1156 rc = gcry_pk_verify(sig_sexpr, data, pub_sexpr);
1157 gcry_sexp_release (pub_sexpr); 1157 gcry_sexp_release(pub_sexpr);
1158 gcry_sexp_release (data); 1158 gcry_sexp_release(data);
1159 gcry_sexp_release (sig_sexpr); 1159 gcry_sexp_release(sig_sexpr);
1160 if (0 != rc) 1160 if (0 != rc)
1161 { 1161 {
1162 LOG (GNUNET_ERROR_TYPE_INFO, 1162 LOG(GNUNET_ERROR_TYPE_INFO,
1163 _ ("EdDSA signature verification of type %u failed at %s:%d: %s\n"), 1163 _("EdDSA signature verification of type %u failed at %s:%d: %s\n"),
1164 (unsigned int) purpose, 1164 (unsigned int)purpose,
1165 __FILE__, 1165 __FILE__,
1166 __LINE__, 1166 __LINE__,
1167 gcry_strerror (rc)); 1167 gcry_strerror(rc));
1168 BENCHMARK_END (eddsa_verify); 1168 BENCHMARK_END(eddsa_verify);
1169 return GNUNET_SYSERR; 1169 return GNUNET_SYSERR;
1170 } 1170 }
1171 BENCHMARK_END (eddsa_verify); 1171 BENCHMARK_END(eddsa_verify);
1172 return GNUNET_OK; 1172 return GNUNET_OK;
1173} 1173}
1174 1174
@@ -1182,9 +1182,9 @@ GNUNET_CRYPTO_eddsa_verify (
1182 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 1182 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1183 */ 1183 */
1184int 1184int
1185GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, 1185GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1186 const struct GNUNET_CRYPTO_EcdhePublicKey *pub, 1186 const struct GNUNET_CRYPTO_EcdhePublicKey *pub,
1187 struct GNUNET_HashCode *key_material) 1187 struct GNUNET_HashCode *key_material)
1188{ 1188{
1189 gcry_mpi_point_t result; 1189 gcry_mpi_point_t result;
1190 gcry_mpi_point_t q; 1190 gcry_mpi_point_t q;
@@ -1195,51 +1195,51 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1195 unsigned char xbuf[256 / 8]; 1195 unsigned char xbuf[256 / 8];
1196 size_t rsize; 1196 size_t rsize;
1197 1197
1198 BENCHMARK_START (ecc_ecdh); 1198 BENCHMARK_START(ecc_ecdh);
1199 1199
1200 /* first, extract the q = dP value from the public key */ 1200 /* first, extract the q = dP value from the public key */
1201 if (0 != gcry_sexp_build (&pub_sexpr, 1201 if (0 != gcry_sexp_build(&pub_sexpr,
1202 NULL, 1202 NULL,
1203 "(public-key(ecc(curve " CURVE ")(q %b)))", 1203 "(public-key(ecc(curve " CURVE ")(q %b)))",
1204 (int) sizeof (pub->q_y), 1204 (int)sizeof(pub->q_y),
1205 pub->q_y)) 1205 pub->q_y))
1206 return GNUNET_SYSERR; 1206 return GNUNET_SYSERR;
1207 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1207 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, pub_sexpr, NULL));
1208 gcry_sexp_release (pub_sexpr); 1208 gcry_sexp_release(pub_sexpr);
1209 q = gcry_mpi_ec_get_point ("q", ctx, 0); 1209 q = gcry_mpi_ec_get_point("q", ctx, 0);
1210 1210
1211 /* second, extract the d value from our private key */ 1211 /* second, extract the d value from our private key */
1212 GNUNET_CRYPTO_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d)); 1212 GNUNET_CRYPTO_mpi_scan_unsigned(&d, priv->d, sizeof(priv->d));
1213 1213
1214 /* then call the 'multiply' function, to compute the product */ 1214 /* then call the 'multiply' function, to compute the product */
1215 result = gcry_mpi_point_new (0); 1215 result = gcry_mpi_point_new(0);
1216 gcry_mpi_ec_mul (result, d, q, ctx); 1216 gcry_mpi_ec_mul(result, d, q, ctx);
1217 gcry_mpi_point_release (q); 1217 gcry_mpi_point_release(q);
1218 gcry_mpi_release (d); 1218 gcry_mpi_release(d);
1219 1219
1220 /* finally, convert point to string for hashing */ 1220 /* finally, convert point to string for hashing */
1221 result_x = gcry_mpi_new (256); 1221 result_x = gcry_mpi_new(256);
1222 if (gcry_mpi_ec_get_affine (result_x, NULL, result, ctx)) 1222 if (gcry_mpi_ec_get_affine(result_x, NULL, result, ctx))
1223 { 1223 {
1224 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "get_affine failed", 0); 1224 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "get_affine failed", 0);
1225 gcry_mpi_point_release (result); 1225 gcry_mpi_point_release(result);
1226 gcry_ctx_release (ctx); 1226 gcry_ctx_release(ctx);
1227 return GNUNET_SYSERR; 1227 return GNUNET_SYSERR;
1228 } 1228 }
1229 gcry_mpi_point_release (result); 1229 gcry_mpi_point_release(result);
1230 gcry_ctx_release (ctx); 1230 gcry_ctx_release(ctx);
1231 1231
1232 rsize = sizeof (xbuf); 1232 rsize = sizeof(xbuf);
1233 GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); 1233 GNUNET_assert(!gcry_mpi_get_flag(result_x, GCRYMPI_FLAG_OPAQUE));
1234 /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned' 1234 /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned'
1235 as that does not include the sign bit; x should be a 255-bit 1235 as that does not include the sign bit; x should be a 255-bit
1236 value, so with the sign it should fit snugly into the 256-bit 1236 value, so with the sign it should fit snugly into the 256-bit
1237 xbuf */ 1237 xbuf */
1238 GNUNET_assert ( 1238 GNUNET_assert(
1239 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x)); 1239 0 == gcry_mpi_print(GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
1240 GNUNET_CRYPTO_hash (xbuf, rsize, key_material); 1240 GNUNET_CRYPTO_hash(xbuf, rsize, key_material);
1241 gcry_mpi_release (result_x); 1241 gcry_mpi_release(result_x);
1242 BENCHMARK_END (ecc_ecdh); 1242 BENCHMARK_END(ecc_ecdh);
1243 return GNUNET_OK; 1243 return GNUNET_OK;
1244} 1244}
1245 1245
@@ -1255,27 +1255,27 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1255 * @return h value 1255 * @return h value
1256 */ 1256 */
1257static gcry_mpi_t 1257static gcry_mpi_t
1258derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, 1258derive_h(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1259 const char *label, 1259 const char *label,
1260 const char *context) 1260 const char *context)
1261{ 1261{
1262 gcry_mpi_t h; 1262 gcry_mpi_t h;
1263 struct GNUNET_HashCode hc; 1263 struct GNUNET_HashCode hc;
1264 static const char *const salt = "key-derivation"; 1264 static const char *const salt = "key-derivation";
1265 1265
1266 GNUNET_CRYPTO_kdf (&hc, 1266 GNUNET_CRYPTO_kdf(&hc,
1267 sizeof (hc), 1267 sizeof(hc),
1268 salt, 1268 salt,
1269 strlen (salt), 1269 strlen(salt),
1270 pub, 1270 pub,
1271 sizeof (*pub), 1271 sizeof(*pub),
1272 label, 1272 label,
1273 strlen (label), 1273 strlen(label),
1274 context, 1274 context,
1275 strlen (context), 1275 strlen(context),
1276 NULL, 1276 NULL,
1277 0); 1277 0);
1278 GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc)); 1278 GNUNET_CRYPTO_mpi_scan_unsigned(&h, (unsigned char *)&hc, sizeof(hc));
1279 return h; 1279 return h;
1280} 1280}
1281 1281
@@ -1293,7 +1293,7 @@ derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1293 * @return derived private key 1293 * @return derived private key
1294 */ 1294 */
1295struct GNUNET_CRYPTO_EcdsaPrivateKey * 1295struct GNUNET_CRYPTO_EcdsaPrivateKey *
1296GNUNET_CRYPTO_ecdsa_private_key_derive ( 1296GNUNET_CRYPTO_ecdsa_private_key_derive(
1297 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 1297 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1298 const char *label, 1298 const char *label,
1299 const char *context) 1299 const char *context)
@@ -1306,22 +1306,22 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (
1306 gcry_mpi_t n; 1306 gcry_mpi_t n;
1307 gcry_ctx_t ctx; 1307 gcry_ctx_t ctx;
1308 1308
1309 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE)); 1309 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, NULL, CURVE));
1310 1310
1311 n = gcry_mpi_ec_get_mpi ("n", ctx, 1); 1311 n = gcry_mpi_ec_get_mpi("n", ctx, 1);
1312 GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); 1312 GNUNET_CRYPTO_ecdsa_key_get_public(priv, &pub);
1313 1313
1314 h = derive_h (&pub, label, context); 1314 h = derive_h(&pub, label, context);
1315 GNUNET_CRYPTO_mpi_scan_unsigned (&x, priv->d, sizeof (priv->d)); 1315 GNUNET_CRYPTO_mpi_scan_unsigned(&x, priv->d, sizeof(priv->d));
1316 d = gcry_mpi_new (256); 1316 d = gcry_mpi_new(256);
1317 gcry_mpi_mulm (d, h, x, n); 1317 gcry_mpi_mulm(d, h, x, n);
1318 gcry_mpi_release (h); 1318 gcry_mpi_release(h);
1319 gcry_mpi_release (x); 1319 gcry_mpi_release(x);
1320 gcry_mpi_release (n); 1320 gcry_mpi_release(n);
1321 gcry_ctx_release (ctx); 1321 gcry_ctx_release(ctx);
1322 ret = GNUNET_new (struct GNUNET_CRYPTO_EcdsaPrivateKey); 1322 ret = GNUNET_new(struct GNUNET_CRYPTO_EcdsaPrivateKey);
1323 GNUNET_CRYPTO_mpi_print_unsigned (ret->d, sizeof (ret->d), d); 1323 GNUNET_CRYPTO_mpi_print_unsigned(ret->d, sizeof(ret->d), d);
1324 gcry_mpi_release (d); 1324 gcry_mpi_release(d);
1325 return ret; 1325 return ret;
1326} 1326}
1327 1327
@@ -1337,7 +1337,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (
1337 * @param result where to write the derived public key 1337 * @param result where to write the derived public key
1338 */ 1338 */
1339void 1339void
1340GNUNET_CRYPTO_ecdsa_public_key_derive ( 1340GNUNET_CRYPTO_ecdsa_public_key_derive(
1341 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, 1341 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1342 const char *label, 1342 const char *label,
1343 const char *context, 1343 const char *context,
@@ -1351,39 +1351,39 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (
1351 gcry_mpi_point_t q; 1351 gcry_mpi_point_t q;
1352 gcry_mpi_point_t v; 1352 gcry_mpi_point_t v;
1353 1353
1354 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, CURVE)); 1354 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, NULL, CURVE));
1355 1355
1356 /* obtain point 'q' from original public key. The provided 'q' is 1356 /* obtain point 'q' from original public key. The provided 'q' is
1357 compressed thus we first store it in the context and then get it 1357 compressed thus we first store it in the context and then get it
1358 back as a (decompresssed) point. */ 1358 back as a (decompresssed) point. */
1359 q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8 * sizeof (pub->q_y)); 1359 q_y = gcry_mpi_set_opaque_copy(NULL, pub->q_y, 8 * sizeof(pub->q_y));
1360 GNUNET_assert (NULL != q_y); 1360 GNUNET_assert(NULL != q_y);
1361 GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx)); 1361 GNUNET_assert(0 == gcry_mpi_ec_set_mpi("q", q_y, ctx));
1362 gcry_mpi_release (q_y); 1362 gcry_mpi_release(q_y);
1363 q = gcry_mpi_ec_get_point ("q", ctx, 0); 1363 q = gcry_mpi_ec_get_point("q", ctx, 0);
1364 GNUNET_assert (q); 1364 GNUNET_assert(q);
1365 1365
1366 /* calculate h_mod_n = h % n */ 1366 /* calculate h_mod_n = h % n */
1367 h = derive_h (pub, label, context); 1367 h = derive_h(pub, label, context);
1368 n = gcry_mpi_ec_get_mpi ("n", ctx, 1); 1368 n = gcry_mpi_ec_get_mpi("n", ctx, 1);
1369 h_mod_n = gcry_mpi_new (256); 1369 h_mod_n = gcry_mpi_new(256);
1370 gcry_mpi_mod (h_mod_n, h, n); 1370 gcry_mpi_mod(h_mod_n, h, n);
1371 /* calculate v = h_mod_n * q */ 1371 /* calculate v = h_mod_n * q */
1372 v = gcry_mpi_point_new (0); 1372 v = gcry_mpi_point_new(0);
1373 gcry_mpi_ec_mul (v, h_mod_n, q, ctx); 1373 gcry_mpi_ec_mul(v, h_mod_n, q, ctx);
1374 gcry_mpi_release (h_mod_n); 1374 gcry_mpi_release(h_mod_n);
1375 gcry_mpi_release (h); 1375 gcry_mpi_release(h);
1376 gcry_mpi_release (n); 1376 gcry_mpi_release(n);
1377 gcry_mpi_point_release (q); 1377 gcry_mpi_point_release(q);
1378 1378
1379 /* convert point 'v' to public key that we return */ 1379 /* convert point 'v' to public key that we return */
1380 GNUNET_assert (0 == gcry_mpi_ec_set_point ("q", v, ctx)); 1380 GNUNET_assert(0 == gcry_mpi_ec_set_point("q", v, ctx));
1381 gcry_mpi_point_release (v); 1381 gcry_mpi_point_release(v);
1382 q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); 1382 q_y = gcry_mpi_ec_get_mpi("q@eddsa", ctx, 0);
1383 GNUNET_assert (q_y); 1383 GNUNET_assert(q_y);
1384 GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof (result->q_y), q_y); 1384 GNUNET_CRYPTO_mpi_print_unsigned(result->q_y, sizeof(result->q_y), q_y);
1385 gcry_mpi_release (q_y); 1385 gcry_mpi_release(q_y);
1386 gcry_ctx_release (ctx); 1386 gcry_ctx_release(ctx);
1387} 1387}
1388 1388
1389 1389
@@ -1394,17 +1394,17 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (
1394 * @param length number of bytes in @a buffer 1394 * @param length number of bytes in @a buffer
1395 */ 1395 */
1396static void 1396static void
1397reverse_buffer (unsigned char *buffer, size_t length) 1397reverse_buffer(unsigned char *buffer, size_t length)
1398{ 1398{
1399 unsigned char tmp; 1399 unsigned char tmp;
1400 size_t i; 1400 size_t i;
1401 1401
1402 for (i = 0; i < length / 2; i++) 1402 for (i = 0; i < length / 2; i++)
1403 { 1403 {
1404 tmp = buffer[i]; 1404 tmp = buffer[i];
1405 buffer[i] = buffer[length - 1 - i]; 1405 buffer[i] = buffer[length - 1 - i];
1406 buffer[length - 1 - i] = tmp; 1406 buffer[length - 1 - i] = tmp;
1407 } 1407 }
1408} 1408}
1409 1409
1410 1410
@@ -1416,7 +1416,7 @@ reverse_buffer (unsigned char *buffer, size_t length)
1416 * @return value used for the calculation in EdDSA 1416 * @return value used for the calculation in EdDSA
1417 */ 1417 */
1418static gcry_mpi_t 1418static gcry_mpi_t
1419eddsa_d_to_a (gcry_mpi_t d) 1419eddsa_d_to_a(gcry_mpi_t d)
1420{ 1420{
1421 unsigned char rawmpi[32]; /* 256-bit value */ 1421 unsigned char rawmpi[32]; /* 256-bit value */
1422 size_t rawmpilen; 1422 size_t rawmpilen;
@@ -1429,25 +1429,25 @@ eddsa_d_to_a (gcry_mpi_t d)
1429 1429
1430 /* Note that we clear DIGEST so we can use it as input to left pad 1430 /* Note that we clear DIGEST so we can use it as input to left pad
1431 the key with zeroes for hashing. */ 1431 the key with zeroes for hashing. */
1432 memset (digest, 0, sizeof digest); 1432 memset(digest, 0, sizeof digest);
1433 memset (hvec, 0, sizeof hvec); 1433 memset(hvec, 0, sizeof hvec);
1434 rawmpilen = sizeof (rawmpi); 1434 rawmpilen = sizeof(rawmpi);
1435 GNUNET_assert ( 1435 GNUNET_assert(
1436 0 == gcry_mpi_print (GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d)); 1436 0 == gcry_mpi_print(GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d));
1437 hvec[0].data = digest; 1437 hvec[0].data = digest;
1438 hvec[0].off = 0; 1438 hvec[0].off = 0;
1439 hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0; 1439 hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
1440 hvec[1].data = rawmpi; 1440 hvec[1].data = rawmpi;
1441 hvec[1].off = 0; 1441 hvec[1].off = 0;
1442 hvec[1].len = rawmpilen; 1442 hvec[1].len = rawmpilen;
1443 GNUNET_assert ( 1443 GNUNET_assert(
1444 0 == gcry_md_hash_buffers (GCRY_MD_SHA512, 0 /* flags */, digest, hvec, 2)); 1444 0 == gcry_md_hash_buffers(GCRY_MD_SHA512, 0 /* flags */, digest, hvec, 2));
1445 /* Compute the A value. */ 1445 /* Compute the A value. */
1446 reverse_buffer (digest, 32); /* Only the first half of the hash. */ 1446 reverse_buffer(digest, 32); /* Only the first half of the hash. */
1447 digest[0] = (digest[0] & 0x7f) | 0x40; 1447 digest[0] = (digest[0] & 0x7f) | 0x40;
1448 digest[31] &= 0xf8; 1448 digest[31] &= 0xf8;
1449 1449
1450 GNUNET_CRYPTO_mpi_scan_unsigned (&a, digest, 32); 1450 GNUNET_CRYPTO_mpi_scan_unsigned(&a, digest, 32);
1451 return a; 1451 return a;
1452} 1452}
1453 1453
@@ -1461,32 +1461,32 @@ eddsa_d_to_a (gcry_mpi_t d)
1461 * @return #GNUNET_OK on success 1461 * @return #GNUNET_OK on success
1462 */ 1462 */
1463static int 1463static int
1464point_to_hash (gcry_mpi_point_t result, 1464point_to_hash(gcry_mpi_point_t result,
1465 gcry_ctx_t ctx, 1465 gcry_ctx_t ctx,
1466 struct GNUNET_HashCode *key_material) 1466 struct GNUNET_HashCode *key_material)
1467{ 1467{
1468 gcry_mpi_t result_x; 1468 gcry_mpi_t result_x;
1469 unsigned char xbuf[256 / 8]; 1469 unsigned char xbuf[256 / 8];
1470 size_t rsize; 1470 size_t rsize;
1471 1471
1472 /* finally, convert point to string for hashing */ 1472 /* finally, convert point to string for hashing */
1473 result_x = gcry_mpi_new (256); 1473 result_x = gcry_mpi_new(256);
1474 if (gcry_mpi_ec_get_affine (result_x, NULL, result, ctx)) 1474 if (gcry_mpi_ec_get_affine(result_x, NULL, result, ctx))
1475 { 1475 {
1476 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "get_affine failed", 0); 1476 LOG_GCRY(GNUNET_ERROR_TYPE_ERROR, "get_affine failed", 0);
1477 return GNUNET_SYSERR; 1477 return GNUNET_SYSERR;
1478 } 1478 }
1479 1479
1480 rsize = sizeof (xbuf); 1480 rsize = sizeof(xbuf);
1481 GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE)); 1481 GNUNET_assert(!gcry_mpi_get_flag(result_x, GCRYMPI_FLAG_OPAQUE));
1482 /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned' 1482 /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned'
1483 as that does not include the sign bit; x should be a 255-bit 1483 as that does not include the sign bit; x should be a 255-bit
1484 value, so with the sign it should fit snugly into the 256-bit 1484 value, so with the sign it should fit snugly into the 256-bit
1485 xbuf */ 1485 xbuf */
1486 GNUNET_assert ( 1486 GNUNET_assert(
1487 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x)); 1487 0 == gcry_mpi_print(GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
1488 GNUNET_CRYPTO_hash (xbuf, rsize, key_material); 1488 GNUNET_CRYPTO_hash(xbuf, rsize, key_material);
1489 gcry_mpi_release (result_x); 1489 gcry_mpi_release(result_x);
1490 return GNUNET_OK; 1490 return GNUNET_OK;
1491} 1491}
1492 1492
@@ -1502,9 +1502,9 @@ point_to_hash (gcry_mpi_point_t result,
1502 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 1502 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1503 */ 1503 */
1504int 1504int
1505GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, 1505GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1506 const struct GNUNET_CRYPTO_EcdhePublicKey *pub, 1506 const struct GNUNET_CRYPTO_EcdhePublicKey *pub,
1507 struct GNUNET_HashCode *key_material) 1507 struct GNUNET_HashCode *key_material)
1508{ 1508{
1509 gcry_mpi_point_t result; 1509 gcry_mpi_point_t result;
1510 gcry_mpi_point_t q; 1510 gcry_mpi_point_t q;
@@ -1514,36 +1514,36 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1514 gcry_sexp_t pub_sexpr; 1514 gcry_sexp_t pub_sexpr;
1515 int ret; 1515 int ret;
1516 1516
1517 BENCHMARK_START (eddsa_ecdh); 1517 BENCHMARK_START(eddsa_ecdh);
1518 1518
1519 /* first, extract the q = dP value from the public key */ 1519 /* first, extract the q = dP value from the public key */
1520 if (0 != gcry_sexp_build (&pub_sexpr, 1520 if (0 != gcry_sexp_build(&pub_sexpr,
1521 NULL, 1521 NULL,
1522 "(public-key(ecc(curve " CURVE ")(q %b)))", 1522 "(public-key(ecc(curve " CURVE ")(q %b)))",
1523 (int) sizeof (pub->q_y), 1523 (int)sizeof(pub->q_y),
1524 pub->q_y)) 1524 pub->q_y))
1525 return GNUNET_SYSERR; 1525 return GNUNET_SYSERR;
1526 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1526 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, pub_sexpr, NULL));
1527 gcry_sexp_release (pub_sexpr); 1527 gcry_sexp_release(pub_sexpr);
1528 q = gcry_mpi_ec_get_point ("q", ctx, 0); 1528 q = gcry_mpi_ec_get_point("q", ctx, 0);
1529 1529
1530 /* second, extract the d value from our private key */ 1530 /* second, extract the d value from our private key */
1531 GNUNET_CRYPTO_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d)); 1531 GNUNET_CRYPTO_mpi_scan_unsigned(&d, priv->d, sizeof(priv->d));
1532 1532
1533 /* NOW, because this is EdDSA, HASH 'd' first! */ 1533 /* NOW, because this is EdDSA, HASH 'd' first! */
1534 a = eddsa_d_to_a (d); 1534 a = eddsa_d_to_a(d);
1535 gcry_mpi_release (d); 1535 gcry_mpi_release(d);
1536 1536
1537 /* then call the 'multiply' function, to compute the product */ 1537 /* then call the 'multiply' function, to compute the product */
1538 result = gcry_mpi_point_new (0); 1538 result = gcry_mpi_point_new(0);
1539 gcry_mpi_ec_mul (result, a, q, ctx); 1539 gcry_mpi_ec_mul(result, a, q, ctx);
1540 gcry_mpi_point_release (q); 1540 gcry_mpi_point_release(q);
1541 gcry_mpi_release (a); 1541 gcry_mpi_release(a);
1542 1542
1543 ret = point_to_hash (result, ctx, key_material); 1543 ret = point_to_hash(result, ctx, key_material);
1544 gcry_mpi_point_release (result); 1544 gcry_mpi_point_release(result);
1545 gcry_ctx_release (ctx); 1545 gcry_ctx_release(ctx);
1546 BENCHMARK_END (eddsa_ecdh); 1546 BENCHMARK_END(eddsa_ecdh);
1547 return ret; 1547 return ret;
1548} 1548}
1549 1549
@@ -1559,9 +1559,9 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1559 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 1559 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1560 */ 1560 */
1561int 1561int
1562GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 1562GNUNET_CRYPTO_ecdsa_ecdh(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1563 const struct GNUNET_CRYPTO_EcdhePublicKey *pub, 1563 const struct GNUNET_CRYPTO_EcdhePublicKey *pub,
1564 struct GNUNET_HashCode *key_material) 1564 struct GNUNET_HashCode *key_material)
1565{ 1565{
1566 gcry_mpi_point_t result; 1566 gcry_mpi_point_t result;
1567 gcry_mpi_point_t q; 1567 gcry_mpi_point_t q;
@@ -1570,33 +1570,33 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1570 gcry_sexp_t pub_sexpr; 1570 gcry_sexp_t pub_sexpr;
1571 int ret; 1571 int ret;
1572 1572
1573 BENCHMARK_START (ecdsa_ecdh); 1573 BENCHMARK_START(ecdsa_ecdh);
1574 1574
1575 /* first, extract the q = dP value from the public key */ 1575 /* first, extract the q = dP value from the public key */
1576 if (0 != gcry_sexp_build (&pub_sexpr, 1576 if (0 != gcry_sexp_build(&pub_sexpr,
1577 NULL, 1577 NULL,
1578 "(public-key(ecc(curve " CURVE ")(q %b)))", 1578 "(public-key(ecc(curve " CURVE ")(q %b)))",
1579 (int) sizeof (pub->q_y), 1579 (int)sizeof(pub->q_y),
1580 pub->q_y)) 1580 pub->q_y))
1581 return GNUNET_SYSERR; 1581 return GNUNET_SYSERR;
1582 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1582 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, pub_sexpr, NULL));
1583 gcry_sexp_release (pub_sexpr); 1583 gcry_sexp_release(pub_sexpr);
1584 q = gcry_mpi_ec_get_point ("q", ctx, 0); 1584 q = gcry_mpi_ec_get_point("q", ctx, 0);
1585 1585
1586 /* second, extract the d value from our private key */ 1586 /* second, extract the d value from our private key */
1587 GNUNET_CRYPTO_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d)); 1587 GNUNET_CRYPTO_mpi_scan_unsigned(&d, priv->d, sizeof(priv->d));
1588 1588
1589 /* then call the 'multiply' function, to compute the product */ 1589 /* then call the 'multiply' function, to compute the product */
1590 result = gcry_mpi_point_new (0); 1590 result = gcry_mpi_point_new(0);
1591 gcry_mpi_ec_mul (result, d, q, ctx); 1591 gcry_mpi_ec_mul(result, d, q, ctx);
1592 gcry_mpi_point_release (q); 1592 gcry_mpi_point_release(q);
1593 gcry_mpi_release (d); 1593 gcry_mpi_release(d);
1594 1594
1595 /* finally, convert point to string for hashing */ 1595 /* finally, convert point to string for hashing */
1596 ret = point_to_hash (result, ctx, key_material); 1596 ret = point_to_hash(result, ctx, key_material);
1597 gcry_mpi_point_release (result); 1597 gcry_mpi_point_release(result);
1598 gcry_ctx_release (ctx); 1598 gcry_ctx_release(ctx);
1599 BENCHMARK_END (ecdsa_ecdh); 1599 BENCHMARK_END(ecdsa_ecdh);
1600 return ret; 1600 return ret;
1601} 1601}
1602 1602
@@ -1612,9 +1612,9 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1612 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 1612 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1613 */ 1613 */
1614int 1614int
1615GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, 1615GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1616 const struct GNUNET_CRYPTO_EddsaPublicKey *pub, 1616 const struct GNUNET_CRYPTO_EddsaPublicKey *pub,
1617 struct GNUNET_HashCode *key_material) 1617 struct GNUNET_HashCode *key_material)
1618{ 1618{
1619 gcry_mpi_point_t result; 1619 gcry_mpi_point_t result;
1620 gcry_mpi_point_t q; 1620 gcry_mpi_point_t q;
@@ -1623,33 +1623,33 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1623 gcry_sexp_t pub_sexpr; 1623 gcry_sexp_t pub_sexpr;
1624 int ret; 1624 int ret;
1625 1625
1626 BENCHMARK_START (ecdh_eddsa); 1626 BENCHMARK_START(ecdh_eddsa);
1627 1627
1628 /* first, extract the q = dP value from the public key */ 1628 /* first, extract the q = dP value from the public key */
1629 if (0 != gcry_sexp_build (&pub_sexpr, 1629 if (0 != gcry_sexp_build(&pub_sexpr,
1630 NULL, 1630 NULL,
1631 "(public-key(ecc(curve " CURVE ")(q %b)))", 1631 "(public-key(ecc(curve " CURVE ")(q %b)))",
1632 (int) sizeof (pub->q_y), 1632 (int)sizeof(pub->q_y),
1633 pub->q_y)) 1633 pub->q_y))
1634 return GNUNET_SYSERR; 1634 return GNUNET_SYSERR;
1635 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1635 GNUNET_assert(0 == gcry_mpi_ec_new(&ctx, pub_sexpr, NULL));
1636 gcry_sexp_release (pub_sexpr); 1636 gcry_sexp_release(pub_sexpr);
1637 q = gcry_mpi_ec_get_point ("q", ctx, 0); 1637 q = gcry_mpi_ec_get_point("q", ctx, 0);
1638 1638
1639 /* second, extract the d value from our private key */ 1639 /* second, extract the d value from our private key */
1640 GNUNET_CRYPTO_mpi_scan_unsigned (&d, priv->d, sizeof (priv->d)); 1640 GNUNET_CRYPTO_mpi_scan_unsigned(&d, priv->d, sizeof(priv->d));
1641 1641
1642 /* then call the 'multiply' function, to compute the product */ 1642 /* then call the 'multiply' function, to compute the product */
1643 result = gcry_mpi_point_new (0); 1643 result = gcry_mpi_point_new(0);
1644 gcry_mpi_ec_mul (result, d, q, ctx); 1644 gcry_mpi_ec_mul(result, d, q, ctx);
1645 gcry_mpi_point_release (q); 1645 gcry_mpi_point_release(q);
1646 gcry_mpi_release (d); 1646 gcry_mpi_release(d);
1647 1647
1648 /* finally, convert point to string for hashing */ 1648 /* finally, convert point to string for hashing */
1649 ret = point_to_hash (result, ctx, key_material); 1649 ret = point_to_hash(result, ctx, key_material);
1650 gcry_mpi_point_release (result); 1650 gcry_mpi_point_release(result);
1651 gcry_ctx_release (ctx); 1651 gcry_ctx_release(ctx);
1652 BENCHMARK_END (ecdh_eddsa); 1652 BENCHMARK_END(ecdh_eddsa);
1653 return ret; 1653 return ret;
1654} 1654}
1655 1655
@@ -1664,14 +1664,14 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1664 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 1664 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1665 */ 1665 */
1666int 1666int
1667GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, 1667GNUNET_CRYPTO_ecdh_ecdsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1668 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, 1668 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1669 struct GNUNET_HashCode *key_material) 1669 struct GNUNET_HashCode *key_material)
1670{ 1670{
1671 return GNUNET_CRYPTO_ecdh_eddsa (priv, 1671 return GNUNET_CRYPTO_ecdh_eddsa(priv,
1672 (const struct GNUNET_CRYPTO_EddsaPublicKey *) 1672 (const struct GNUNET_CRYPTO_EddsaPublicKey *)
1673 pub, 1673 pub,
1674 key_material); 1674 key_material);
1675} 1675}
1676 1676
1677/* end of crypto_ecc.c */ 1677/* end of crypto_ecc.c */
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-23 14:28:37 +0000