aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/identity/gnunet-identity.c44
-rw-r--r--src/include/gnunet_crypto_lib.h352
-rw-r--r--src/util/crypto_ecc.c511
3 files changed, 514 insertions, 393 deletions
diff --git a/src/identity/gnunet-identity.c b/src/identity/gnunet-identity.c
index 4d6b1db3f..41878fc1e 100644
--- a/src/identity/gnunet-identity.c
+++ b/src/identity/gnunet-identity.c
@@ -1,6 +1,6 @@
1/* 1/*
2 This file is part of GNUnet. 2 This file is part of GNUnet.
3 Copyright (C) 2013 GNUnet e.V. 3 Copyright (C) 2013, 2018, 2019 GNUnet e.V.
4 4
5 GNUnet is free software: you can redistribute it and/or modify it 5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published 6 under the terms of the GNU Affero General Public License as published
@@ -51,6 +51,11 @@ static int list;
51static int monitor; 51static int monitor;
52 52
53/** 53/**
54 * Was "private" specified?
55 */
56static int private_keys;
57
58/**
54 * Was "verbose" specified? 59 * Was "verbose" specified?
55 */ 60 */
56static unsigned int verbose; 61static unsigned int verbose;
@@ -195,7 +200,18 @@ create_finished (void *cls,
195 200
196 GNUNET_CRYPTO_ecdsa_key_get_public (pk, &pub); 201 GNUNET_CRYPTO_ecdsa_key_get_public (pk, &pub);
197 pubs = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pub); 202 pubs = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pub);
198 fprintf (stdout, "%s\n", pubs); 203 if (private_keys)
204 {
205 char *privs;
206
207 privs = GNUNET_CRYPTO_ecdsa_private_key_to_string (pk);
208 fprintf (stdout, "%s - %s\n", pubs, privs);
209 GNUNET_free (privs);
210 }
211 else
212 {
213 fprintf (stdout, "%s\n", pubs);
214 }
199 GNUNET_free (pubs); 215 GNUNET_free (pubs);
200 } 216 }
201 test_finished (); 217 test_finished ();
@@ -262,6 +278,7 @@ print_ego (void *cls,
262{ 278{
263 struct GNUNET_CRYPTO_EcdsaPublicKey pk; 279 struct GNUNET_CRYPTO_EcdsaPublicKey pk;
264 char *s; 280 char *s;
281 char *privs;
265 282
266 if ((NULL != set_ego) && (NULL != set_subsystem) && (NULL != ego) && 283 if ((NULL != set_ego) && (NULL != set_subsystem) && (NULL != ego) &&
267 (NULL != identifier) && (0 == strcmp (identifier, set_ego))) 284 (NULL != identifier) && (0 == strcmp (identifier, set_ego)))
@@ -291,19 +308,32 @@ print_ego (void *cls,
291 } 308 }
292 if (! (list | monitor)) 309 if (! (list | monitor))
293 return; 310 return;
294 if ( (NULL == ego) || (NULL == identifier) ) 311 if ((NULL == ego) || (NULL == identifier))
295 return; 312 return;
296 if ((NULL != set_ego) && (0 != strcmp (identifier, set_ego))) 313 if ((NULL != set_ego) && (0 != strcmp (identifier, set_ego)))
297 return; 314 return;
298 GNUNET_IDENTITY_ego_get_public_key (ego, &pk); 315 GNUNET_IDENTITY_ego_get_public_key (ego, &pk);
299 s = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk); 316 s = GNUNET_CRYPTO_ecdsa_public_key_to_string (&pk);
317 privs = GNUNET_CRYPTO_ecdsa_private_key_to_string (
318 GNUNET_IDENTITY_ego_get_private_key (ego));
300 if ((monitor) || (NULL != identifier)) 319 if ((monitor) || (NULL != identifier))
301 { 320 {
302 if (quiet) 321 if (quiet)
303 fprintf (stdout, "%s\n", s); 322 {
323 if (private_keys)
324 fprintf (stdout, "%s - %s\n", s, privs);
325 else
326 fprintf (stdout, "%s\n", s);
327 }
304 else 328 else
305 fprintf (stdout, "%s - %s\n", identifier, s); 329 {
330 if (private_keys)
331 fprintf (stdout, "%s - %s - %s\n", identifier, s, privs);
332 else
333 fprintf (stdout, "%s - %s\n", identifier, s);
334 }
306 } 335 }
336 GNUNET_free (privs);
307 GNUNET_free (s); 337 GNUNET_free (s);
308} 338}
309 339
@@ -384,6 +414,10 @@ main (int argc, char *const *argv)
384 "monitor", 414 "monitor",
385 gettext_noop ("run in monitor mode egos"), 415 gettext_noop ("run in monitor mode egos"),
386 &monitor), 416 &monitor),
417 GNUNET_GETOPT_option_flag ('p',
418 "private-keys",
419 gettext_noop ("display private keys as well"),
420 &private_keys),
387 GNUNET_GETOPT_option_string ( 421 GNUNET_GETOPT_option_string (
388 's', 422 's',
389 "set", 423 "set",
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 45da5f6ba..2037159e5 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -44,9 +44,8 @@
44#define GNUNET_CRYPTO_LIB_H 44#define GNUNET_CRYPTO_LIB_H
45 45
46#ifdef __cplusplus 46#ifdef __cplusplus
47extern "C" 47extern "C" {
48{ 48#if 0 /* keep Emacsens' auto-indent happy */
49#if 0 /* keep Emacsens' auto-indent happy */
50} 49}
51#endif 50#endif
52#endif 51#endif
@@ -98,12 +97,12 @@ enum GNUNET_CRYPTO_Quality
98/** 97/**
99 * @brief length of the sessionkey in bytes (256 BIT sessionkey) 98 * @brief length of the sessionkey in bytes (256 BIT sessionkey)
100 */ 99 */
101#define GNUNET_CRYPTO_AES_KEY_LENGTH (256/8) 100#define GNUNET_CRYPTO_AES_KEY_LENGTH (256 / 8)
102 101
103/** 102/**
104 * Length of a hash value 103 * Length of a hash value
105 */ 104 */
106#define GNUNET_CRYPTO_HASH_LENGTH (512/8) 105#define GNUNET_CRYPTO_HASH_LENGTH (512 / 8)
107 106
108/** 107/**
109 * How many characters (without 0-terminator) are our ASCII-encoded 108 * How many characters (without 0-terminator) are our ASCII-encoded
@@ -144,7 +143,6 @@ struct GNUNET_CRYPTO_EccSignaturePurpose
144 * network byte order! 143 * network byte order!
145 */ 144 */
146 uint32_t purpose GNUNET_PACKED; 145 uint32_t purpose GNUNET_PACKED;
147
148}; 146};
149 147
150 148
@@ -164,11 +162,9 @@ struct GNUNET_CRYPTO_EddsaSignature
164 * S value. 162 * S value.
165 */ 163 */
166 unsigned char s[256 / 8]; 164 unsigned char s[256 / 8];
167
168}; 165};
169 166
170 167
171
172/** 168/**
173 * @brief an ECC signature using ECDSA 169 * @brief an ECC signature using ECDSA
174 */ 170 */
@@ -184,7 +180,6 @@ struct GNUNET_CRYPTO_EcdsaSignature
184 * S value. 180 * S value.
185 */ 181 */
186 unsigned char s[256 / 8]; 182 unsigned char s[256 / 8];
187
188}; 183};
189 184
190 185
@@ -200,7 +195,6 @@ struct GNUNET_CRYPTO_EddsaPublicKey
200 * compact format. 195 * compact format.
201 */ 196 */
202 unsigned char q_y[256 / 8]; 197 unsigned char q_y[256 / 8];
203
204}; 198};
205 199
206 200
@@ -215,7 +209,6 @@ struct GNUNET_CRYPTO_EcdsaPublicKey
215 * here in affine coordinates and Ed25519 standard compact format. 209 * here in affine coordinates and Ed25519 standard compact format.
216 */ 210 */
217 unsigned char q_y[256 / 8]; 211 unsigned char q_y[256 / 8];
218
219}; 212};
220 213
221 214
@@ -253,7 +246,6 @@ struct GNUNET_CRYPTO_EcdhePrivateKey
253 * d is a value mod n, where n has at most 256 bits. 246 * d is a value mod n, where n has at most 256 bits.
254 */ 247 */
255 unsigned char d[256 / 8]; 248 unsigned char d[256 / 8];
256
257}; 249};
258 250
259/** 251/**
@@ -266,7 +258,6 @@ struct GNUNET_CRYPTO_EcdsaPrivateKey
266 * d is a value mod n, where n has at most 256 bits. 258 * d is a value mod n, where n has at most 256 bits.
267 */ 259 */
268 unsigned char d[256 / 8]; 260 unsigned char d[256 / 8];
269
270}; 261};
271 262
272/** 263/**
@@ -279,7 +270,6 @@ struct GNUNET_CRYPTO_EddsaPrivateKey
279 * d is a value mod n, where n has at most 256 bits. 270 * d is a value mod n, where n has at most 256 bits.
280 */ 271 */
281 unsigned char d[256 / 8]; 272 unsigned char d[256 / 8];
282
283}; 273};
284 274
285 275
@@ -297,7 +287,6 @@ struct GNUNET_CRYPTO_SymmetricSessionKey
297 * Actual key for TwoFish. 287 * Actual key for TwoFish.
298 */ 288 */
299 unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH]; 289 unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH];
300
301}; 290};
302 291
303GNUNET_NETWORK_STRUCT_END 292GNUNET_NETWORK_STRUCT_END
@@ -400,8 +389,7 @@ GNUNET_CRYPTO_seed_weak_random (int32_t seed);
400 * @return crc8 value 389 * @return crc8 value
401 */ 390 */
402uint8_t 391uint8_t
403GNUNET_CRYPTO_crc8_n (const void *buf, 392GNUNET_CRYPTO_crc8_n (const void *buf, size_t len);
404 size_t len);
405 393
406 394
407/** 395/**
@@ -413,9 +401,7 @@ GNUNET_CRYPTO_crc8_n (const void *buf,
413 * @return updated crc sum (must be subjected to #GNUNET_CRYPTO_crc16_finish to get actual crc16) 401 * @return updated crc sum (must be subjected to #GNUNET_CRYPTO_crc16_finish to get actual crc16)
414 */ 402 */
415uint32_t 403uint32_t
416GNUNET_CRYPTO_crc16_step (uint32_t sum, 404GNUNET_CRYPTO_crc16_step (uint32_t sum, const void *buf, size_t len);
417 const void *buf,
418 size_t len);
419 405
420 406
421/** 407/**
@@ -437,10 +423,7 @@ GNUNET_CRYPTO_crc16_finish (uint32_t sum);
437 * @return crc16 value 423 * @return crc16 value
438 */ 424 */
439uint16_t 425uint16_t
440GNUNET_CRYPTO_crc16_n (const void *buf, 426GNUNET_CRYPTO_crc16_n (const void *buf, size_t len);
441 size_t len);
442
443
444 427
445 428
446/** 429/**
@@ -453,8 +436,7 @@ GNUNET_CRYPTO_crc16_n (const void *buf,
453 * @return the resulting CRC32 checksum 436 * @return the resulting CRC32 checksum
454 */ 437 */
455int32_t 438int32_t
456GNUNET_CRYPTO_crc32_n (const void *buf, 439GNUNET_CRYPTO_crc32_n (const void *buf, size_t len);
457 size_t len);
458 440
459/** 441/**
460 * @ingroup crypto 442 * @ingroup crypto
@@ -465,8 +447,7 @@ GNUNET_CRYPTO_crc32_n (const void *buf,
465 * @param length buffer length 447 * @param length buffer length
466 */ 448 */
467void 449void
468GNUNET_CRYPTO_zero_keys (void *buffer, 450GNUNET_CRYPTO_zero_keys (void *buffer, size_t length);
469 size_t length);
470 451
471 452
472/** 453/**
@@ -491,8 +472,7 @@ GNUNET_CRYPTO_random_block (enum GNUNET_CRYPTO_Quality mode,
491 * @return a random value in the interval [0,@a i) (exclusive). 472 * @return a random value in the interval [0,@a i) (exclusive).
492 */ 473 */
493uint32_t 474uint32_t
494GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, 475GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, uint32_t i);
495 uint32_t i);
496 476
497 477
498/** 478/**
@@ -504,8 +484,7 @@ GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode,
504 * @return random 64-bit number 484 * @return random 64-bit number
505 */ 485 */
506uint64_t 486uint64_t
507GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, 487GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max);
508 uint64_t max);
509 488
510 489
511/** 490/**
@@ -518,8 +497,7 @@ GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode,
518 * @return the permutation array (allocated from heap) 497 * @return the permutation array (allocated from heap)
519 */ 498 */
520unsigned int * 499unsigned int *
521GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, 500GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, unsigned int n);
522 unsigned int n);
523 501
524 502
525/** 503/**
@@ -529,7 +507,8 @@ GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode,
529 * @param key key to initialize 507 * @param key key to initialize
530 */ 508 */
531void 509void
532GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key); 510GNUNET_CRYPTO_symmetric_create_session_key (
511 struct GNUNET_CRYPTO_SymmetricSessionKey *key);
533 512
534 513
535/** 514/**
@@ -544,11 +523,12 @@ GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessio
544 * @return the size of the encrypted block, -1 for errors 523 * @return the size of the encrypted block, -1 for errors
545 */ 524 */
546ssize_t 525ssize_t
547GNUNET_CRYPTO_symmetric_encrypt (const void *block, 526GNUNET_CRYPTO_symmetric_encrypt (
548 size_t size, 527 const void *block,
549 const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, 528 size_t size,
550 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 529 const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
551 void *result); 530 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
531 void *result);
552 532
553 533
554/** 534/**
@@ -563,11 +543,12 @@ GNUNET_CRYPTO_symmetric_encrypt (const void *block,
563 * @return -1 on failure, size of decrypted block on success 543 * @return -1 on failure, size of decrypted block on success
564 */ 544 */
565ssize_t 545ssize_t
566GNUNET_CRYPTO_symmetric_decrypt (const void *block, 546GNUNET_CRYPTO_symmetric_decrypt (
567 size_t size, 547 const void *block,
568 const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, 548 size_t size,
569 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 549 const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
570 void *result); 550 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
551 void *result);
571 552
572 553
573/** 554/**
@@ -580,10 +561,12 @@ GNUNET_CRYPTO_symmetric_decrypt (const void *block,
580 * @param ... pairs of void * & size_t for context chunks, terminated by NULL 561 * @param ... pairs of void * & size_t for context chunks, terminated by NULL
581 */ 562 */
582void 563void
583GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 564GNUNET_CRYPTO_symmetric_derive_iv (
584 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, 565 struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
585 const void *salt, 566 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
586 size_t salt_len, ...); 567 const void *salt,
568 size_t salt_len,
569 ...);
587 570
588 571
589/** 572/**
@@ -595,11 +578,12 @@ GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationV
595 * @param argp pairs of void * & size_t for context chunks, terminated by NULL 578 * @param argp pairs of void * & size_t for context chunks, terminated by NULL
596 */ 579 */
597void 580void
598GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 581GNUNET_CRYPTO_symmetric_derive_iv_v (
599 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, 582 struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
600 const void *salt, 583 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
601 size_t salt_len, 584 const void *salt,
602 va_list argp); 585 size_t salt_len,
586 va_list argp);
603 587
604 588
605/** 589/**
@@ -638,7 +622,7 @@ GNUNET_CRYPTO_hash_from_string2 (const char *enc,
638 * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding 622 * @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding
639 */ 623 */
640#define GNUNET_CRYPTO_hash_from_string(enc, result) \ 624#define GNUNET_CRYPTO_hash_from_string(enc, result) \
641 GNUNET_CRYPTO_hash_from_string2 (enc, strlen(enc), result) 625 GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result)
642 626
643 627
644/** 628/**
@@ -732,8 +716,10 @@ GNUNET_CRYPTO_hash_context_abort (struct GNUNET_HashContext *hc);
732 * @param hmac where to store the hmac 716 * @param hmac where to store the hmac
733 */ 717 */
734void 718void
735GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len, 719GNUNET_CRYPTO_hmac_raw (const void *key,
736 const void *plaintext, size_t plaintext_len, 720 size_t key_len,
721 const void *plaintext,
722 size_t plaintext_len,
737 struct GNUNET_HashCode *hmac); 723 struct GNUNET_HashCode *hmac);
738 724
739 725
@@ -760,9 +746,9 @@ GNUNET_CRYPTO_hmac (const struct GNUNET_CRYPTO_AuthKey *key,
760 * @param cls closure 746 * @param cls closure
761 * @param res resulting hash, NULL on error 747 * @param res resulting hash, NULL on error
762 */ 748 */
763typedef void 749typedef void (*GNUNET_CRYPTO_HashCompletedCallback) (
764(*GNUNET_CRYPTO_HashCompletedCallback) (void *cls, 750 void *cls,
765 const struct GNUNET_HashCode *res); 751 const struct GNUNET_HashCode *res);
766 752
767 753
768/** 754/**
@@ -862,9 +848,10 @@ GNUNET_CRYPTO_hash_xor (const struct GNUNET_HashCode *a,
862 * @param iv set to a valid initialization vector 848 * @param iv set to a valid initialization vector
863 */ 849 */
864void 850void
865GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc, 851GNUNET_CRYPTO_hash_to_aes_key (
866 struct GNUNET_CRYPTO_SymmetricSessionKey *skey, 852 const struct GNUNET_HashCode *hc,
867 struct GNUNET_CRYPTO_SymmetricInitializationVector *iv); 853 struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
854 struct GNUNET_CRYPTO_SymmetricInitializationVector *iv);
868 855
869 856
870/** 857/**
@@ -877,7 +864,7 @@ GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc,
877 */ 864 */
878int 865int
879GNUNET_CRYPTO_hash_get_bit (const struct GNUNET_HashCode *code, 866GNUNET_CRYPTO_hash_get_bit (const struct GNUNET_HashCode *code,
880 unsigned int bit); 867 unsigned int bit);
881 868
882 869
883/** 870/**
@@ -937,10 +924,12 @@ GNUNET_CRYPTO_hash_xorcmp (const struct GNUNET_HashCode *h1,
937 * @param argp pair of void * & size_t for context chunks, terminated by NULL 924 * @param argp pair of void * & size_t for context chunks, terminated by NULL
938 */ 925 */
939void 926void
940GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key, 927GNUNET_CRYPTO_hmac_derive_key_v (
941 const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, 928 struct GNUNET_CRYPTO_AuthKey *key,
942 const void *salt, size_t salt_len, 929 const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
943 va_list argp); 930 const void *salt,
931 size_t salt_len,
932 va_list argp);
944 933
945 934
946/** 935/**
@@ -953,10 +942,12 @@ GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key,
953 * @param ... pair of void * & size_t for context chunks, terminated by NULL 942 * @param ... pair of void * & size_t for context chunks, terminated by NULL
954 */ 943 */
955void 944void
956GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key, 945GNUNET_CRYPTO_hmac_derive_key (
957 const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, 946 struct GNUNET_CRYPTO_AuthKey *key,
958 const void *salt, size_t salt_len, 947 const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
959 ...); 948 const void *salt,
949 size_t salt_len,
950 ...);
960 951
961 952
962/** 953/**
@@ -1047,8 +1038,10 @@ GNUNET_CRYPTO_kdf_v (void *result,
1047void 1038void
1048GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r, 1039GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
1049 gcry_mpi_t n, 1040 gcry_mpi_t n,
1050 const void *xts, size_t xts_len, 1041 const void *xts,
1051 const void *skm, size_t skm_len, 1042 size_t xts_len,
1043 const void *skm,
1044 size_t skm_len,
1052 const char *ctx); 1045 const char *ctx);
1053 1046
1054 1047
@@ -1082,8 +1075,9 @@ GNUNET_CRYPTO_kdf (void *result,
1082 * @param pub where to write the public key 1075 * @param pub where to write the public key
1083 */ 1076 */
1084void 1077void
1085GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 1078GNUNET_CRYPTO_ecdsa_key_get_public (
1086 struct GNUNET_CRYPTO_EcdsaPublicKey *pub); 1079 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1080 struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
1087 1081
1088/** 1082/**
1089 * @ingroup crypto 1083 * @ingroup crypto
@@ -1093,9 +1087,9 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
1093 * @param pub where to write the public key 1087 * @param pub where to write the public key
1094 */ 1088 */
1095void 1089void
1096GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, 1090GNUNET_CRYPTO_eddsa_key_get_public (
1097 struct GNUNET_CRYPTO_EddsaPublicKey *pub); 1091 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1098 1092 struct GNUNET_CRYPTO_EddsaPublicKey *pub);
1099 1093
1100 1094
1101/** 1095/**
@@ -1106,8 +1100,9 @@ GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *
1106 * @param pub where to write the public key 1100 * @param pub where to write the public key
1107 */ 1101 */
1108void 1102void
1109GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, 1103GNUNET_CRYPTO_ecdhe_key_get_public (
1110 struct GNUNET_CRYPTO_EcdhePublicKey *pub); 1104 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1105 struct GNUNET_CRYPTO_EcdhePublicKey *pub);
1111 1106
1112 1107
1113/** 1108/**
@@ -1117,7 +1112,18 @@ GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *
1117 * @return string representing @a pub 1112 * @return string representing @a pub
1118 */ 1113 */
1119char * 1114char *
1120GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub); 1115GNUNET_CRYPTO_ecdsa_public_key_to_string (
1116 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
1117
1118/**
1119 * Convert a private key to a string.
1120 *
1121 * @param priv key to convert
1122 * @return string representing @a priv
1123 */
1124char *
1125GNUNET_CRYPTO_ecdsa_private_key_to_string (
1126 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv);
1121 1127
1122 1128
1123/** 1129/**
@@ -1127,7 +1133,8 @@ GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublic
1127 * @return string representing @a pub 1133 * @return string representing @a pub
1128 */ 1134 */
1129char * 1135char *
1130GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv); 1136GNUNET_CRYPTO_eddsa_private_key_to_string (
1137 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv);
1131 1138
1132 1139
1133/** 1140/**
@@ -1137,7 +1144,8 @@ GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPriva
1137 * @return string representing @a pub 1144 * @return string representing @a pub
1138 */ 1145 */
1139char * 1146char *
1140GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub); 1147GNUNET_CRYPTO_eddsa_public_key_to_string (
1148 const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
1141 1149
1142 1150
1143/** 1151/**
@@ -1149,9 +1157,10 @@ GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublic
1149 * @return #GNUNET_OK on success 1157 * @return #GNUNET_OK on success
1150 */ 1158 */
1151int 1159int
1152GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc, 1160GNUNET_CRYPTO_ecdsa_public_key_from_string (
1153 size_t enclen, 1161 const char *enc,
1154 struct GNUNET_CRYPTO_EcdsaPublicKey *pub); 1162 size_t enclen,
1163 struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
1155 1164
1156 1165
1157/** 1166/**
@@ -1163,9 +1172,10 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
1163 * @return #GNUNET_OK on success 1172 * @return #GNUNET_OK on success
1164 */ 1173 */
1165int 1174int
1166GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc, 1175GNUNET_CRYPTO_eddsa_private_key_from_string (
1167 size_t enclen, 1176 const char *enc,
1168 struct GNUNET_CRYPTO_EddsaPrivateKey *pub); 1177 size_t enclen,
1178 struct GNUNET_CRYPTO_EddsaPrivateKey *pub);
1169 1179
1170 1180
1171/** 1181/**
@@ -1177,9 +1187,10 @@ GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
1177 * @return #GNUNET_OK on success 1187 * @return #GNUNET_OK on success
1178 */ 1188 */
1179int 1189int
1180GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc, 1190GNUNET_CRYPTO_eddsa_public_key_from_string (
1181 size_t enclen, 1191 const char *enc,
1182 struct GNUNET_CRYPTO_EddsaPublicKey *pub); 1192 size_t enclen,
1193 struct GNUNET_CRYPTO_EddsaPublicKey *pub);
1183 1194
1184 1195
1185/** 1196/**
@@ -1236,7 +1247,8 @@ struct GNUNET_CONFIGURATION_Handle;
1236 * permission denied); free using #GNUNET_free 1247 * permission denied); free using #GNUNET_free
1237 */ 1248 */
1238struct GNUNET_CRYPTO_EddsaPrivateKey * 1249struct GNUNET_CRYPTO_EddsaPrivateKey *
1239GNUNET_CRYPTO_eddsa_key_create_from_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg); 1250GNUNET_CRYPTO_eddsa_key_create_from_configuration (
1251 const struct GNUNET_CONFIGURATION_Handle *cfg);
1240 1252
1241 1253
1242/** 1254/**
@@ -1375,8 +1387,7 @@ struct GNUNET_CRYPTO_EccPoint
1375 * @return NULL on error 1387 * @return NULL on error
1376 */ 1388 */
1377struct GNUNET_CRYPTO_EccDlogContext * 1389struct GNUNET_CRYPTO_EccDlogContext *
1378GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max, 1390GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max, unsigned int mem);
1379 unsigned int mem);
1380 1391
1381 1392
1382/** 1393/**
@@ -1389,7 +1400,7 @@ GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max,
1389 */ 1400 */
1390int 1401int
1391GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc, 1402GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc,
1392 gcry_mpi_point_t input); 1403 gcry_mpi_point_t input);
1393 1404
1394 1405
1395/** 1406/**
@@ -1406,8 +1417,7 @@ GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc,
1406 * must be freed using #GNUNET_CRYPTO_ecc_free() 1417 * must be freed using #GNUNET_CRYPTO_ecc_free()
1407 */ 1418 */
1408gcry_mpi_point_t 1419gcry_mpi_point_t
1409GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc, 1420GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc, int val);
1410 int val);
1411 1421
1412 1422
1413/** 1423/**
@@ -1421,7 +1431,7 @@ GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc,
1421 */ 1431 */
1422gcry_mpi_point_t 1432gcry_mpi_point_t
1423GNUNET_CRYPTO_ecc_dexp_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc, 1433GNUNET_CRYPTO_ecc_dexp_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
1424 gcry_mpi_t val); 1434 gcry_mpi_t val);
1425 1435
1426 1436
1427/** 1437/**
@@ -1436,7 +1446,7 @@ GNUNET_CRYPTO_ecc_dexp_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
1436gcry_mpi_point_t 1446gcry_mpi_point_t
1437GNUNET_CRYPTO_ecc_pmul_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc, 1447GNUNET_CRYPTO_ecc_pmul_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
1438 gcry_mpi_point_t p, 1448 gcry_mpi_point_t p,
1439 gcry_mpi_t val); 1449 gcry_mpi_t val);
1440 1450
1441 1451
1442/** 1452/**
@@ -1474,8 +1484,8 @@ GNUNET_CRYPTO_ecc_bin_to_point (struct GNUNET_CRYPTO_EccDlogContext *edc,
1474 */ 1484 */
1475gcry_mpi_point_t 1485gcry_mpi_point_t
1476GNUNET_CRYPTO_ecc_add (struct GNUNET_CRYPTO_EccDlogContext *edc, 1486GNUNET_CRYPTO_ecc_add (struct GNUNET_CRYPTO_EccDlogContext *edc,
1477 gcry_mpi_point_t a, 1487 gcry_mpi_point_t a,
1478 gcry_mpi_point_t b); 1488 gcry_mpi_point_t b);
1479 1489
1480 1490
1481/** 1491/**
@@ -1489,8 +1499,8 @@ GNUNET_CRYPTO_ecc_add (struct GNUNET_CRYPTO_EccDlogContext *edc,
1489 */ 1499 */
1490void 1500void
1491GNUNET_CRYPTO_ecc_rnd (struct GNUNET_CRYPTO_EccDlogContext *edc, 1501GNUNET_CRYPTO_ecc_rnd (struct GNUNET_CRYPTO_EccDlogContext *edc,
1492 gcry_mpi_point_t *r, 1502 gcry_mpi_point_t *r,
1493 gcry_mpi_point_t *r_inv); 1503 gcry_mpi_point_t *r_inv);
1494 1504
1495 1505
1496/** 1506/**
@@ -1622,9 +1632,10 @@ GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1622 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 1632 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1623 */ 1633 */
1624int 1634int
1625GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, 1635GNUNET_CRYPTO_eddsa_sign (
1626 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 1636 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1627 struct GNUNET_CRYPTO_EddsaSignature *sig); 1637 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1638 struct GNUNET_CRYPTO_EddsaSignature *sig);
1628 1639
1629 1640
1630/** 1641/**
@@ -1637,9 +1648,10 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1637 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 1648 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
1638 */ 1649 */
1639int 1650int
1640GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 1651GNUNET_CRYPTO_ecdsa_sign (
1641 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 1652 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1642 struct GNUNET_CRYPTO_EcdsaSignature *sig); 1653 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
1654 struct GNUNET_CRYPTO_EcdsaSignature *sig);
1643 1655
1644/** 1656/**
1645 * @ingroup crypto 1657 * @ingroup crypto
@@ -1652,11 +1664,11 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1652 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid 1664 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
1653 */ 1665 */
1654int 1666int
1655GNUNET_CRYPTO_eddsa_verify (uint32_t purpose, 1667GNUNET_CRYPTO_eddsa_verify (
1656 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 1668 uint32_t purpose,
1657 const struct GNUNET_CRYPTO_EddsaSignature *sig, 1669 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
1658 const struct GNUNET_CRYPTO_EddsaPublicKey *pub); 1670 const struct GNUNET_CRYPTO_EddsaSignature *sig,
1659 1671 const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
1660 1672
1661 1673
1662/** 1674/**
@@ -1670,10 +1682,11 @@ GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
1670 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid 1682 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
1671 */ 1683 */
1672int 1684int
1673GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose, 1685GNUNET_CRYPTO_ecdsa_verify (
1674 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 1686 uint32_t purpose,
1675 const struct GNUNET_CRYPTO_EcdsaSignature *sig, 1687 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
1676 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub); 1688 const struct GNUNET_CRYPTO_EcdsaSignature *sig,
1689 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
1677 1690
1678 1691
1679/** 1692/**
@@ -1690,9 +1703,10 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
1690 * @return derived private key 1703 * @return derived private key
1691 */ 1704 */
1692struct GNUNET_CRYPTO_EcdsaPrivateKey * 1705struct GNUNET_CRYPTO_EcdsaPrivateKey *
1693GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 1706GNUNET_CRYPTO_ecdsa_private_key_derive (
1694 const char *label, 1707 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1695 const char *context); 1708 const char *label,
1709 const char *context);
1696 1710
1697 1711
1698/** 1712/**
@@ -1707,10 +1721,11 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK
1707 * @param result where to write the derived public key 1721 * @param result where to write the derived public key
1708 */ 1722 */
1709void 1723void
1710GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, 1724GNUNET_CRYPTO_ecdsa_public_key_derive (
1711 const char *label, 1725 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1712 const char *context, 1726 const char *label,
1713 struct GNUNET_CRYPTO_EcdsaPublicKey *result); 1727 const char *context,
1728 struct GNUNET_CRYPTO_EcdsaPublicKey *result);
1714 1729
1715 1730
1716/** 1731/**
@@ -1722,9 +1737,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
1722 * @param val value to write to @a buf 1737 * @param val value to write to @a buf
1723 */ 1738 */
1724void 1739void
1725GNUNET_CRYPTO_mpi_print_unsigned (void *buf, 1740GNUNET_CRYPTO_mpi_print_unsigned (void *buf, size_t size, gcry_mpi_t val);
1726 size_t size,
1727 gcry_mpi_t val);
1728 1741
1729 1742
1730/** 1743/**
@@ -1749,8 +1762,9 @@ GNUNET_CRYPTO_mpi_scan_unsigned (gcry_mpi_t *result,
1749 * @param[out] private_key Where to store the private key? 1762 * @param[out] private_key Where to store the private key?
1750 */ 1763 */
1751void 1764void
1752GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_key, 1765GNUNET_CRYPTO_paillier_create (
1753 struct GNUNET_CRYPTO_PaillierPrivateKey *private_key); 1766 struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
1767 struct GNUNET_CRYPTO_PaillierPrivateKey *private_key);
1754 1768
1755 1769
1756/** 1770/**
@@ -1765,10 +1779,11 @@ GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_ke
1765 * or -1 if less than one homomorphic operation is possible 1779 * or -1 if less than one homomorphic operation is possible
1766 */ 1780 */
1767int 1781int
1768GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, 1782GNUNET_CRYPTO_paillier_encrypt (
1769 const gcry_mpi_t m, 1783 const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
1770 int desired_ops, 1784 const gcry_mpi_t m,
1771 struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext); 1785 int desired_ops,
1786 struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext);
1772 1787
1773 1788
1774/** 1789/**
@@ -1780,10 +1795,11 @@ GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *pu
1780 * @param[out] m Decryption of @a ciphertext with @private_key. 1795 * @param[out] m Decryption of @a ciphertext with @private_key.
1781 */ 1796 */
1782void 1797void
1783GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key, 1798GNUNET_CRYPTO_paillier_decrypt (
1784 const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, 1799 const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key,
1785 const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext, 1800 const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
1786 gcry_mpi_t m); 1801 const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext,
1802 gcry_mpi_t m);
1787 1803
1788 1804
1789/** 1805/**
@@ -1800,10 +1816,11 @@ GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *p
1800 * #GNUNET_SYSERR if no more homomorphic operations are remaining. 1816 * #GNUNET_SYSERR if no more homomorphic operations are remaining.
1801 */ 1817 */
1802int 1818int
1803GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key, 1819GNUNET_CRYPTO_paillier_hom_add (
1804 const struct GNUNET_CRYPTO_PaillierCiphertext *c1, 1820 const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
1805 const struct GNUNET_CRYPTO_PaillierCiphertext *c2, 1821 const struct GNUNET_CRYPTO_PaillierCiphertext *c1,
1806 struct GNUNET_CRYPTO_PaillierCiphertext *result); 1822 const struct GNUNET_CRYPTO_PaillierCiphertext *c2,
1823 struct GNUNET_CRYPTO_PaillierCiphertext *result);
1807 1824
1808 1825
1809/** 1826/**
@@ -1813,14 +1830,13 @@ GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *pu
1813 * @return the number of remaining homomorphic operations 1830 * @return the number of remaining homomorphic operations
1814 */ 1831 */
1815int 1832int
1816GNUNET_CRYPTO_paillier_hom_get_remaining (const struct GNUNET_CRYPTO_PaillierCiphertext *c); 1833GNUNET_CRYPTO_paillier_hom_get_remaining (
1834 const struct GNUNET_CRYPTO_PaillierCiphertext *c);
1817 1835
1818 1836
1819/* ********* Chaum-style RSA-based blind signatures ******************* */ 1837/* ********* Chaum-style RSA-based blind signatures ******************* */
1820 1838
1821 1839
1822
1823
1824/** 1840/**
1825 * The private information of an RSA key pair. 1841 * The private information of an RSA key pair.
1826 */ 1842 */
@@ -1877,8 +1893,9 @@ GNUNET_CRYPTO_rsa_private_key_free (struct GNUNET_CRYPTO_RsaPrivateKey *key);
1877 * @return size of memory allocatedin @a buffer 1893 * @return size of memory allocatedin @a buffer
1878 */ 1894 */
1879size_t 1895size_t
1880GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *key, 1896GNUNET_CRYPTO_rsa_private_key_encode (
1881 char **buffer); 1897 const struct GNUNET_CRYPTO_RsaPrivateKey *key,
1898 char **buffer);
1882 1899
1883 1900
1884/** 1901/**
@@ -1890,8 +1907,7 @@ GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *
1890 * @return NULL on error 1907 * @return NULL on error
1891 */ 1908 */
1892struct GNUNET_CRYPTO_RsaPrivateKey * 1909struct GNUNET_CRYPTO_RsaPrivateKey *
1893GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, 1910GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, size_t len);
1894 size_t len);
1895 1911
1896 1912
1897/** 1913/**
@@ -1901,7 +1917,8 @@ GNUNET_CRYPTO_rsa_private_key_decode (const char *buf,
1901 * @return the duplicate key; NULL upon error 1917 * @return the duplicate key; NULL upon error
1902 */ 1918 */
1903struct GNUNET_CRYPTO_RsaPrivateKey * 1919struct GNUNET_CRYPTO_RsaPrivateKey *
1904GNUNET_CRYPTO_rsa_private_key_dup (const struct GNUNET_CRYPTO_RsaPrivateKey *key); 1920GNUNET_CRYPTO_rsa_private_key_dup (
1921 const struct GNUNET_CRYPTO_RsaPrivateKey *key);
1905 1922
1906 1923
1907/** 1924/**
@@ -1911,7 +1928,8 @@ GNUNET_CRYPTO_rsa_private_key_dup (const struct GNUNET_CRYPTO_RsaPrivateKey *key
1911 * @retur NULL on error, otherwise the public key 1928 * @retur NULL on error, otherwise the public key
1912 */ 1929 */
1913struct GNUNET_CRYPTO_RsaPublicKey * 1930struct GNUNET_CRYPTO_RsaPublicKey *
1914GNUNET_CRYPTO_rsa_private_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey *priv); 1931GNUNET_CRYPTO_rsa_private_key_get_public (
1932 const struct GNUNET_CRYPTO_RsaPrivateKey *priv);
1915 1933
1916 1934
1917/** 1935/**
@@ -1953,8 +1971,9 @@ GNUNET_CRYPTO_rsa_public_key_free (struct GNUNET_CRYPTO_RsaPublicKey *key);
1953 * @return size of memory allocated in @a buffer 1971 * @return size of memory allocated in @a buffer
1954 */ 1972 */
1955size_t 1973size_t
1956GNUNET_CRYPTO_rsa_public_key_encode (const struct GNUNET_CRYPTO_RsaPublicKey *key, 1974GNUNET_CRYPTO_rsa_public_key_encode (
1957 char **buffer); 1975 const struct GNUNET_CRYPTO_RsaPublicKey *key,
1976 char **buffer);
1958 1977
1959 1978
1960/** 1979/**
@@ -1966,8 +1985,7 @@ GNUNET_CRYPTO_rsa_public_key_encode (const struct GNUNET_CRYPTO_RsaPublicKey *ke
1966 * @return NULL on error 1985 * @return NULL on error
1967 */ 1986 */
1968struct GNUNET_CRYPTO_RsaPublicKey * 1987struct GNUNET_CRYPTO_RsaPublicKey *
1969GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, 1988GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, size_t len);
1970 size_t len);
1971 1989
1972 1990
1973/** 1991/**
@@ -2056,7 +2074,7 @@ GNUNET_CRYPTO_rsa_sign_blinded (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
2056 */ 2074 */
2057struct GNUNET_CRYPTO_RsaSignature * 2075struct GNUNET_CRYPTO_RsaSignature *
2058GNUNET_CRYPTO_rsa_sign_fdh (const struct GNUNET_CRYPTO_RsaPrivateKey *key, 2076GNUNET_CRYPTO_rsa_sign_fdh (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
2059 const struct GNUNET_HashCode *hash); 2077 const struct GNUNET_HashCode *hash);
2060 2078
2061 2079
2062/** 2080/**
@@ -2076,8 +2094,9 @@ GNUNET_CRYPTO_rsa_signature_free (struct GNUNET_CRYPTO_RsaSignature *sig);
2076 * @return size of memory allocated in @a buffer 2094 * @return size of memory allocated in @a buffer
2077 */ 2095 */
2078size_t 2096size_t
2079GNUNET_CRYPTO_rsa_signature_encode (const struct GNUNET_CRYPTO_RsaSignature *sig, 2097GNUNET_CRYPTO_rsa_signature_encode (
2080 char **buffer); 2098 const struct GNUNET_CRYPTO_RsaSignature *sig,
2099 char **buffer);
2081 2100
2082 2101
2083/** 2102/**
@@ -2089,8 +2108,7 @@ GNUNET_CRYPTO_rsa_signature_encode (const struct GNUNET_CRYPTO_RsaSignature *sig
2089 * @return NULL on error 2108 * @return NULL on error
2090 */ 2109 */
2091struct GNUNET_CRYPTO_RsaSignature * 2110struct GNUNET_CRYPTO_RsaSignature *
2092GNUNET_CRYPTO_rsa_signature_decode (const char *buf, 2111GNUNET_CRYPTO_rsa_signature_decode (const char *buf, size_t len);
2093 size_t len);
2094 2112
2095 2113
2096/** 2114/**
@@ -2115,8 +2133,8 @@ GNUNET_CRYPTO_rsa_signature_dup (const struct GNUNET_CRYPTO_RsaSignature *sig);
2115 */ 2133 */
2116struct GNUNET_CRYPTO_RsaSignature * 2134struct GNUNET_CRYPTO_RsaSignature *
2117GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig, 2135GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
2118 const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, 2136 const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
2119 struct GNUNET_CRYPTO_RsaPublicKey *pkey); 2137 struct GNUNET_CRYPTO_RsaPublicKey *pkey);
2120 2138
2121 2139
2122/** 2140/**
@@ -2130,11 +2148,11 @@ GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
2130 */ 2148 */
2131int 2149int
2132GNUNET_CRYPTO_rsa_verify (const struct GNUNET_HashCode *hash, 2150GNUNET_CRYPTO_rsa_verify (const struct GNUNET_HashCode *hash,
2133 const struct GNUNET_CRYPTO_RsaSignature *sig, 2151 const struct GNUNET_CRYPTO_RsaSignature *sig,
2134 const struct GNUNET_CRYPTO_RsaPublicKey *public_key); 2152 const struct GNUNET_CRYPTO_RsaPublicKey *public_key);
2135 2153
2136 2154
2137#if 0 /* keep Emacsens' auto-indent happy */ 2155#if 0 /* keep Emacsens' auto-indent happy */
2138{ 2156{
2139#endif 2157#endif
2140#ifdef __cplusplus 2158#ifdef __cplusplus
diff --git a/src/util/crypto_ecc.c b/src/util/crypto_ecc.c
index 339180dff..ff9080345 100644
--- a/src/util/crypto_ecc.c
+++ b/src/util/crypto_ecc.c
@@ -39,18 +39,29 @@
39 */ 39 */
40#define CURVE "Ed25519" 40#define CURVE "Ed25519"
41 41
42#define LOG(kind,...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__) 42#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
43 43
44#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall) 44#define LOG_STRERROR(kind, syscall) \
45 GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
45 46
46#define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename) 47#define LOG_STRERROR_FILE(kind, syscall, filename) \
48 GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename)
47 49
48/** 50/**
49 * Log an error message at log-level 'level' that indicates 51 * Log an error message at log-level 'level' that indicates
50 * a failure of the command 'cmd' with the message given 52 * a failure of the command 'cmd' with the message given
51 * by gcry_strerror(rc). 53 * by gcry_strerror(rc).
52 */ 54 */
53#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0) 55#define LOG_GCRY(level, cmd, rc) \
56 do \
57 { \
58 LOG (level, \
59 _ ("`%s' failed at %s:%d with error: %s\n"), \
60 cmd, \
61 __FILE__, \
62 __LINE__, \
63 gcry_strerror (rc)); \
64 } while (0)
54 65
55 66
56/** 67/**
@@ -63,7 +74,7 @@
63 * @return 0 on success 74 * @return 0 on success
64 */ 75 */
65static int 76static int
66key_from_sexp (gcry_mpi_t * array, 77key_from_sexp (gcry_mpi_t *array,
67 gcry_sexp_t sexp, 78 gcry_sexp_t sexp,
68 const char *topname, 79 const char *topname,
69 const char *elems) 80 const char *elems)
@@ -95,7 +106,7 @@ key_from_sexp (gcry_mpi_t * array,
95 array[i] = NULL; 106 array[i] = NULL;
96 } 107 }
97 gcry_sexp_release (list); 108 gcry_sexp_release (list);
98 return 3; /* required parameter not found */ 109 return 3; /* required parameter not found */
99 } 110 }
100 array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG); 111 array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
101 gcry_sexp_release (l2); 112 gcry_sexp_release (l2);
@@ -107,7 +118,7 @@ key_from_sexp (gcry_mpi_t * array,
107 array[i] = NULL; 118 array[i] = NULL;
108 } 119 }
109 gcry_sexp_release (list); 120 gcry_sexp_release (list);
110 return 4; /* required parameter is invalid */ 121 return 4; /* required parameter is invalid */
111 } 122 }
112 } 123 }
113 gcry_sexp_release (list); 124 gcry_sexp_release (list);
@@ -128,10 +139,12 @@ decode_private_ecdsa_key (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
128 gcry_sexp_t result; 139 gcry_sexp_t result;
129 int rc; 140 int rc;
130 141
131 rc = gcry_sexp_build (&result, NULL, 142 rc = gcry_sexp_build (&result,
132 "(private-key(ecc(curve \"" CURVE "\")" 143 NULL,
144 "(private-key(ecc(curve \"" CURVE "\")"
133 "(d %b)))", 145 "(d %b)))",
134 (int) sizeof (priv->d), priv->d); 146 (int) sizeof (priv->d),
147 priv->d);
135 if (0 != rc) 148 if (0 != rc)
136 { 149 {
137 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 150 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
@@ -161,10 +174,12 @@ decode_private_eddsa_key (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
161 gcry_sexp_t result; 174 gcry_sexp_t result;
162 int rc; 175 int rc;
163 176
164 rc = gcry_sexp_build (&result, NULL, 177 rc = gcry_sexp_build (&result,
165 "(private-key(ecc(curve \"" CURVE "\")" 178 NULL,
179 "(private-key(ecc(curve \"" CURVE "\")"
166 "(flags eddsa)(d %b)))", 180 "(flags eddsa)(d %b)))",
167 (int)sizeof (priv->d), priv->d); 181 (int) sizeof (priv->d),
182 priv->d);
168 if (0 != rc) 183 if (0 != rc)
169 { 184 {
170 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 185 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
@@ -194,10 +209,12 @@ decode_private_ecdhe_key (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv)
194 gcry_sexp_t result; 209 gcry_sexp_t result;
195 int rc; 210 int rc;
196 211
197 rc = gcry_sexp_build (&result, NULL, 212 rc = gcry_sexp_build (&result,
198 "(private-key(ecc(curve \"" CURVE "\")" 213 NULL,
214 "(private-key(ecc(curve \"" CURVE "\")"
199 "(d %b)))", 215 "(d %b)))",
200 (int)sizeof (priv->d), priv->d); 216 (int) sizeof (priv->d),
217 priv->d);
201 if (0 != rc) 218 if (0 != rc)
202 { 219 {
203 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 220 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
@@ -221,8 +238,9 @@ decode_private_ecdhe_key (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv)
221 * @param pub where to write the public key 238 * @param pub where to write the public key
222 */ 239 */
223void 240void
224GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 241GNUNET_CRYPTO_ecdsa_key_get_public (
225 struct GNUNET_CRYPTO_EcdsaPublicKey *pub) 242 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
243 struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
226{ 244{
227 gcry_sexp_t sexp; 245 gcry_sexp_t sexp;
228 gcry_ctx_t ctx; 246 gcry_ctx_t ctx;
@@ -251,8 +269,9 @@ GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *
251 * @param pub where to write the public key 269 * @param pub where to write the public key
252 */ 270 */
253void 271void
254GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, 272GNUNET_CRYPTO_eddsa_key_get_public (
255 struct GNUNET_CRYPTO_EddsaPublicKey *pub) 273 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
274 struct GNUNET_CRYPTO_EddsaPublicKey *pub)
256{ 275{
257 gcry_sexp_t sexp; 276 gcry_sexp_t sexp;
258 gcry_ctx_t ctx; 277 gcry_ctx_t ctx;
@@ -281,8 +300,9 @@ GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *
281 * @param pub where to write the public key 300 * @param pub where to write the public key
282 */ 301 */
283void 302void
284GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, 303GNUNET_CRYPTO_ecdhe_key_get_public (
285 struct GNUNET_CRYPTO_EcdhePublicKey *pub) 304 const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
305 struct GNUNET_CRYPTO_EcdhePublicKey *pub)
286{ 306{
287 gcry_sexp_t sexp; 307 gcry_sexp_t sexp;
288 gcry_ctx_t ctx; 308 gcry_ctx_t ctx;
@@ -311,7 +331,8 @@ GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *
311 * @return string representing @a pub 331 * @return string representing @a pub
312 */ 332 */
313char * 333char *
314GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) 334GNUNET_CRYPTO_ecdsa_public_key_to_string (
335 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
315{ 336{
316 char *pubkeybuf; 337 char *pubkeybuf;
317 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8; 338 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
@@ -321,10 +342,11 @@ GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublic
321 keylen += 5 - keylen % 5; 342 keylen += 5 - keylen % 5;
322 keylen /= 5; 343 keylen /= 5;
323 pubkeybuf = GNUNET_malloc (keylen + 1); 344 pubkeybuf = GNUNET_malloc (keylen + 1);
324 end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub, 345 end =
325 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey), 346 GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
326 pubkeybuf, 347 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
327 keylen); 348 pubkeybuf,
349 keylen);
328 if (NULL == end) 350 if (NULL == end)
329 { 351 {
330 GNUNET_free (pubkeybuf); 352 GNUNET_free (pubkeybuf);
@@ -342,7 +364,8 @@ GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublic
342 * @return string representing @a pub 364 * @return string representing @a pub
343 */ 365 */
344char * 366char *
345GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub) 367GNUNET_CRYPTO_eddsa_public_key_to_string (
368 const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
346{ 369{
347 char *pubkeybuf; 370 char *pubkeybuf;
348 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8; 371 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
@@ -352,10 +375,11 @@ GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublic
352 keylen += 5 - keylen % 5; 375 keylen += 5 - keylen % 5;
353 keylen /= 5; 376 keylen /= 5;
354 pubkeybuf = GNUNET_malloc (keylen + 1); 377 pubkeybuf = GNUNET_malloc (keylen + 1);
355 end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub, 378 end =
356 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey), 379 GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
357 pubkeybuf, 380 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),
358 keylen); 381 pubkeybuf,
382 keylen);
359 if (NULL == end) 383 if (NULL == end)
360 { 384 {
361 GNUNET_free (pubkeybuf); 385 GNUNET_free (pubkeybuf);
@@ -373,7 +397,8 @@ GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublic
373 * @return string representing @a pub 397 * @return string representing @a pub
374 */ 398 */
375char * 399char *
376GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv) 400GNUNET_CRYPTO_eddsa_private_key_to_string (
401 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
377{ 402{
378 char *privkeybuf; 403 char *privkeybuf;
379 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8; 404 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
@@ -384,9 +409,43 @@ GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPriva
384 keylen /= 5; 409 keylen /= 5;
385 privkeybuf = GNUNET_malloc (keylen + 1); 410 privkeybuf = GNUNET_malloc (keylen + 1);
386 end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv, 411 end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
387 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey), 412 sizeof (
388 privkeybuf, 413 struct GNUNET_CRYPTO_EddsaPrivateKey),
389 keylen); 414 privkeybuf,
415 keylen);
416 if (NULL == end)
417 {
418 GNUNET_free (privkeybuf);
419 return NULL;
420 }
421 *end = '\0';
422 return privkeybuf;
423}
424
425
426/**
427 * Convert a private key to a string.
428 *
429 * @param priv key to convert
430 * @return string representing @a priv
431 */
432char *
433GNUNET_CRYPTO_ecdsa_private_key_to_string (
434 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
435{
436 char *privkeybuf;
437 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) * 8;
438 char *end;
439
440 if (keylen % 5 > 0)
441 keylen += 5 - keylen % 5;
442 keylen /= 5;
443 privkeybuf = GNUNET_malloc (keylen + 1);
444 end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
445 sizeof (
446 struct GNUNET_CRYPTO_EcdsaPrivateKey),
447 privkeybuf,
448 keylen);
390 if (NULL == end) 449 if (NULL == end)
391 { 450 {
392 GNUNET_free (privkeybuf); 451 GNUNET_free (privkeybuf);
@@ -406,9 +465,10 @@ GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPriva
406 * @return #GNUNET_OK on success 465 * @return #GNUNET_OK on success
407 */ 466 */
408int 467int
409GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc, 468GNUNET_CRYPTO_ecdsa_public_key_from_string (
410 size_t enclen, 469 const char *enc,
411 struct GNUNET_CRYPTO_EcdsaPublicKey *pub) 470 size_t enclen,
471 struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
412{ 472{
413 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8; 473 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
414 474
@@ -419,9 +479,11 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
419 return GNUNET_SYSERR; 479 return GNUNET_SYSERR;
420 480
421 if (GNUNET_OK != 481 if (GNUNET_OK !=
422 GNUNET_STRINGS_string_to_data (enc, enclen, 482 GNUNET_STRINGS_string_to_data (enc,
423 pub, 483 enclen,
424 sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) 484 pub,
485 sizeof (
486 struct GNUNET_CRYPTO_EcdsaPublicKey)))
425 return GNUNET_SYSERR; 487 return GNUNET_SYSERR;
426 return GNUNET_OK; 488 return GNUNET_OK;
427} 489}
@@ -436,9 +498,10 @@ GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
436 * @return #GNUNET_OK on success 498 * @return #GNUNET_OK on success
437 */ 499 */
438int 500int
439GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc, 501GNUNET_CRYPTO_eddsa_public_key_from_string (
440 size_t enclen, 502 const char *enc,
441 struct GNUNET_CRYPTO_EddsaPublicKey *pub) 503 size_t enclen,
504 struct GNUNET_CRYPTO_EddsaPublicKey *pub)
442{ 505{
443 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8; 506 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
444 507
@@ -449,9 +512,11 @@ GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
449 return GNUNET_SYSERR; 512 return GNUNET_SYSERR;
450 513
451 if (GNUNET_OK != 514 if (GNUNET_OK !=
452 GNUNET_STRINGS_string_to_data (enc, enclen, 515 GNUNET_STRINGS_string_to_data (enc,
453 pub, 516 enclen,
454 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey))) 517 pub,
518 sizeof (
519 struct GNUNET_CRYPTO_EddsaPublicKey)))
455 return GNUNET_SYSERR; 520 return GNUNET_SYSERR;
456 return GNUNET_OK; 521 return GNUNET_OK;
457} 522}
@@ -466,9 +531,10 @@ GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
466 * @return #GNUNET_OK on success 531 * @return #GNUNET_OK on success
467 */ 532 */
468int 533int
469GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc, 534GNUNET_CRYPTO_eddsa_private_key_from_string (
470 size_t enclen, 535 const char *enc,
471 struct GNUNET_CRYPTO_EddsaPrivateKey *priv) 536 size_t enclen,
537 struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
472{ 538{
473 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8; 539 size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
474 540
@@ -479,13 +545,14 @@ GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
479 return GNUNET_SYSERR; 545 return GNUNET_SYSERR;
480 546
481 if (GNUNET_OK != 547 if (GNUNET_OK !=
482 GNUNET_STRINGS_string_to_data (enc, enclen, 548 GNUNET_STRINGS_string_to_data (enc,
549 enclen,
483 priv, 550 priv,
484 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey))) 551 sizeof (
552 struct GNUNET_CRYPTO_EddsaPrivateKey)))
485 return GNUNET_SYSERR; 553 return GNUNET_SYSERR;
486#if CRYPTO_BUG 554#if CRYPTO_BUG
487 if (GNUNET_OK != 555 if (GNUNET_OK != check_eddsa_key (priv))
488 check_eddsa_key (priv))
489 { 556 {
490 GNUNET_break (0); 557 GNUNET_break (0);
491 return GNUNET_OK; 558 return GNUNET_OK;
@@ -545,8 +612,7 @@ GNUNET_CRYPTO_ecdhe_key_create ()
545 struct GNUNET_CRYPTO_EcdhePrivateKey *priv; 612 struct GNUNET_CRYPTO_EcdhePrivateKey *priv;
546 613
547 priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey); 614 priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey);
548 if (GNUNET_OK != 615 if (GNUNET_OK != GNUNET_CRYPTO_ecdhe_key_create2 (priv))
549 GNUNET_CRYPTO_ecdhe_key_create2 (priv))
550 { 616 {
551 GNUNET_free (priv); 617 GNUNET_free (priv);
552 return NULL; 618 return NULL;
@@ -577,7 +643,8 @@ GNUNET_CRYPTO_ecdhe_key_create2 (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
577 disables an expensive key testing routine. We do not want to run 643 disables an expensive key testing routine. We do not want to run
578 the expensive check for ECDHE, as we generate TONS of keys to 644 the expensive check for ECDHE, as we generate TONS of keys to
579 use for a very short time. */ 645 use for a very short time. */
580 if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL, 646 if (0 != (rc = gcry_sexp_build (&s_keyparam,
647 NULL,
581 "(genkey(ecc(curve \"" CURVE "\")" 648 "(genkey(ecc(curve \"" CURVE "\")"
582 "(flags eddsa no-keytest)))"))) 649 "(flags eddsa no-keytest)))")))
583 { 650 {
@@ -631,7 +698,8 @@ GNUNET_CRYPTO_ecdsa_key_create ()
631 698
632 BENCHMARK_START (ecdsa_key_create); 699 BENCHMARK_START (ecdsa_key_create);
633 700
634 if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL, 701 if (0 != (rc = gcry_sexp_build (&s_keyparam,
702 NULL,
635 "(genkey(ecc(curve \"" CURVE "\")" 703 "(genkey(ecc(curve \"" CURVE "\")"
636 "(flags)))"))) 704 "(flags)))")))
637 { 705 {
@@ -686,9 +754,10 @@ GNUNET_CRYPTO_eddsa_key_create ()
686 BENCHMARK_START (eddsa_key_create); 754 BENCHMARK_START (eddsa_key_create);
687 755
688#if CRYPTO_BUG 756#if CRYPTO_BUG
689 again: 757again:
690#endif 758#endif
691 if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL, 759 if (0 != (rc = gcry_sexp_build (&s_keyparam,
760 NULL,
692 "(genkey(ecc(curve \"" CURVE "\")" 761 "(genkey(ecc(curve \"" CURVE "\")"
693 "(flags eddsa)))"))) 762 "(flags eddsa)))")))
694 { 763 {
@@ -722,8 +791,7 @@ GNUNET_CRYPTO_eddsa_key_create ()
722 gcry_mpi_release (d); 791 gcry_mpi_release (d);
723 792
724#if CRYPTO_BUG 793#if CRYPTO_BUG
725 if (GNUNET_OK != 794 if (GNUNET_OK != check_eddsa_key (priv))
726 check_eddsa_key (priv))
727 { 795 {
728 GNUNET_break (0); 796 GNUNET_break (0);
729 GNUNET_free (priv); 797 GNUNET_free (priv);
@@ -755,8 +823,8 @@ GNUNET_CRYPTO_ecdsa_key_get_anonymous ()
755 if (once) 823 if (once)
756 return &anonymous; 824 return &anonymous;
757 GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d, 825 GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d,
758 sizeof (anonymous.d), 826 sizeof (anonymous.d),
759 GCRYMPI_CONST_ONE); 827 GCRYMPI_CONST_ONE);
760 once = 1; 828 once = 1;
761 return &anonymous; 829 return &anonymous;
762} 830}
@@ -779,31 +847,27 @@ data_to_eddsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
779#if 1 847#if 1
780 struct GNUNET_HashCode hc; 848 struct GNUNET_HashCode hc;
781 849
782 GNUNET_CRYPTO_hash (purpose, 850 GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
783 ntohl (purpose->size), 851 if (0 != (rc = gcry_sexp_build (&data,
784 &hc); 852 NULL,
785 if (0 != (rc = gcry_sexp_build (&data, NULL, 853 "(data(flags eddsa)(hash-algo %s)(value %b))",
786 "(data(flags eddsa)(hash-algo %s)(value %b))", 854 "sha512",
787 "sha512", 855 (int) sizeof (hc),
788 (int)sizeof (hc), 856 &hc)))
789 &hc)))
790 { 857 {
791 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, 858 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
792 "gcry_sexp_build",
793 rc);
794 return NULL; 859 return NULL;
795 } 860 }
796#else 861#else
797 GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc); 862 GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
798 if (0 != (rc = gcry_sexp_build (&data, NULL, 863 if (0 != (rc = gcry_sexp_build (&data,
799 "(data(flags eddsa)(hash-algo %s)(value %b))", 864 NULL,
800 "sha512", 865 "(data(flags eddsa)(hash-algo %s)(value %b))",
801 ntohl (purpose->size), 866 "sha512",
802 purpose))) 867 ntohl (purpose->size),
868 purpose)))
803 { 869 {
804 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, 870 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
805 "gcry_sexp_build",
806 rc);
807 return NULL; 871 return NULL;
808 } 872 }
809#endif 873#endif
@@ -828,29 +892,26 @@ data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
828#if 1 892#if 1
829 struct GNUNET_HashCode hc; 893 struct GNUNET_HashCode hc;
830 894
831 GNUNET_CRYPTO_hash (purpose, 895 GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
832 ntohl (purpose->size), 896 if (0 != (rc = gcry_sexp_build (&data,
833 &hc); 897 NULL,
834 if (0 != (rc = gcry_sexp_build (&data, NULL, 898 "(data(flags rfc6979)(hash %s %b))",
835 "(data(flags rfc6979)(hash %s %b))", 899 "sha512",
836 "sha512", 900 (int) sizeof (hc),
837 (int)sizeof (hc), &hc))) 901 &hc)))
838 { 902 {
839 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, 903 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
840 "gcry_sexp_build",
841 rc);
842 return NULL; 904 return NULL;
843 } 905 }
844#else 906#else
845 if (0 != (rc = gcry_sexp_build (&data, NULL, 907 if (0 != (rc = gcry_sexp_build (&data,
846 "(data(flags rfc6979)(hash %s %b))", 908 NULL,
847 "sha512", 909 "(data(flags rfc6979)(hash %s %b))",
848 ntohl (purpose->size), 910 "sha512",
849 purpose))) 911 ntohl (purpose->size),
912 purpose)))
850 { 913 {
851 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, 914 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
852 "gcry_sexp_build",
853 rc);
854 return NULL; 915 return NULL;
855 } 916 }
856#endif 917#endif
@@ -867,9 +928,10 @@ data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
867 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 928 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
868 */ 929 */
869int 930int
870GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 931GNUNET_CRYPTO_ecdsa_sign (
871 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 932 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
872 struct GNUNET_CRYPTO_EcdsaSignature *sig) 933 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
934 struct GNUNET_CRYPTO_EcdsaSignature *sig)
873{ 935{
874 gcry_sexp_t priv_sexp; 936 gcry_sexp_t priv_sexp;
875 gcry_sexp_t sig_sexp; 937 gcry_sexp_t sig_sexp;
@@ -884,8 +946,10 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
884 if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp))) 946 if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
885 { 947 {
886 LOG (GNUNET_ERROR_TYPE_WARNING, 948 LOG (GNUNET_ERROR_TYPE_WARNING,
887 _("ECC signing failed at %s:%d: %s\n"), __FILE__, 949 _ ("ECC signing failed at %s:%d: %s\n"),
888 __LINE__, gcry_strerror (rc)); 950 __FILE__,
951 __LINE__,
952 gcry_strerror (rc));
889 gcry_sexp_release (data); 953 gcry_sexp_release (data);
890 gcry_sexp_release (priv_sexp); 954 gcry_sexp_release (priv_sexp);
891 return GNUNET_SYSERR; 955 return GNUNET_SYSERR;
@@ -902,12 +966,8 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
902 return GNUNET_SYSERR; 966 return GNUNET_SYSERR;
903 } 967 }
904 gcry_sexp_release (sig_sexp); 968 gcry_sexp_release (sig_sexp);
905 GNUNET_CRYPTO_mpi_print_unsigned (sig->r, 969 GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]);
906 sizeof (sig->r), 970 GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]);
907 rs[0]);
908 GNUNET_CRYPTO_mpi_print_unsigned (sig->s,
909 sizeof (sig->s),
910 rs[1]);
911 gcry_mpi_release (rs[0]); 971 gcry_mpi_release (rs[0]);
912 gcry_mpi_release (rs[1]); 972 gcry_mpi_release (rs[1]);
913 973
@@ -926,9 +986,10 @@ GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
926 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success 986 * @return #GNUNET_SYSERR on error, #GNUNET_OK on success
927 */ 987 */
928int 988int
929GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, 989GNUNET_CRYPTO_eddsa_sign (
930 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, 990 const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
931 struct GNUNET_CRYPTO_EddsaSignature *sig) 991 const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
992 struct GNUNET_CRYPTO_EddsaSignature *sig)
932{ 993{
933 gcry_sexp_t priv_sexp; 994 gcry_sexp_t priv_sexp;
934 gcry_sexp_t sig_sexp; 995 gcry_sexp_t sig_sexp;
@@ -943,8 +1004,10 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
943 if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp))) 1004 if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
944 { 1005 {
945 LOG (GNUNET_ERROR_TYPE_WARNING, 1006 LOG (GNUNET_ERROR_TYPE_WARNING,
946 _("EdDSA signing failed at %s:%d: %s\n"), __FILE__, 1007 _ ("EdDSA signing failed at %s:%d: %s\n"),
947 __LINE__, gcry_strerror (rc)); 1008 __FILE__,
1009 __LINE__,
1010 gcry_strerror (rc));
948 gcry_sexp_release (data); 1011 gcry_sexp_release (data);
949 gcry_sexp_release (priv_sexp); 1012 gcry_sexp_release (priv_sexp);
950 return GNUNET_SYSERR; 1013 return GNUNET_SYSERR;
@@ -982,10 +1045,11 @@ GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
982 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid 1045 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
983 */ 1046 */
984int 1047int
985GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose, 1048GNUNET_CRYPTO_ecdsa_verify (
986 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 1049 uint32_t purpose,
987 const struct GNUNET_CRYPTO_EcdsaSignature *sig, 1050 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
988 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub) 1051 const struct GNUNET_CRYPTO_EcdsaSignature *sig,
1052 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
989{ 1053{
990 gcry_sexp_t data; 1054 gcry_sexp_t data;
991 gcry_sexp_t sig_sexpr; 1055 gcry_sexp_t sig_sexpr;
@@ -995,21 +1059,26 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
995 BENCHMARK_START (ecdsa_verify); 1059 BENCHMARK_START (ecdsa_verify);
996 1060
997 if (purpose != ntohl (validate->purpose)) 1061 if (purpose != ntohl (validate->purpose))
998 return GNUNET_SYSERR; /* purpose mismatch */ 1062 return GNUNET_SYSERR; /* purpose mismatch */
999 1063
1000 /* build s-expression for signature */ 1064 /* build s-expression for signature */
1001 if (0 != (rc = gcry_sexp_build (&sig_sexpr, NULL, 1065 if (0 != (rc = gcry_sexp_build (&sig_sexpr,
1002 "(sig-val(ecdsa(r %b)(s %b)))", 1066 NULL,
1003 (int) sizeof (sig->r), sig->r, 1067 "(sig-val(ecdsa(r %b)(s %b)))",
1004 (int) sizeof (sig->s), sig->s))) 1068 (int) sizeof (sig->r),
1069 sig->r,
1070 (int) sizeof (sig->s),
1071 sig->s)))
1005 { 1072 {
1006 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 1073 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
1007 return GNUNET_SYSERR; 1074 return GNUNET_SYSERR;
1008 } 1075 }
1009 data = data_to_ecdsa_value (validate); 1076 data = data_to_ecdsa_value (validate);
1010 if (0 != (rc = gcry_sexp_build (&pub_sexpr, NULL, 1077 if (0 != (rc = gcry_sexp_build (&pub_sexpr,
1078 NULL,
1011 "(public-key(ecc(curve " CURVE ")(q %b)))", 1079 "(public-key(ecc(curve " CURVE ")(q %b)))",
1012 (int) sizeof (pub->q_y), pub->q_y))) 1080 (int) sizeof (pub->q_y),
1081 pub->q_y)))
1013 { 1082 {
1014 gcry_sexp_release (data); 1083 gcry_sexp_release (data);
1015 gcry_sexp_release (sig_sexpr); 1084 gcry_sexp_release (sig_sexpr);
@@ -1022,8 +1091,10 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
1022 if (0 != rc) 1091 if (0 != rc)
1023 { 1092 {
1024 LOG (GNUNET_ERROR_TYPE_INFO, 1093 LOG (GNUNET_ERROR_TYPE_INFO,
1025 _("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__, 1094 _ ("ECDSA signature verification failed at %s:%d: %s\n"),
1026 __LINE__, gcry_strerror (rc)); 1095 __FILE__,
1096 __LINE__,
1097 gcry_strerror (rc));
1027 BENCHMARK_END (ecdsa_verify); 1098 BENCHMARK_END (ecdsa_verify);
1028 return GNUNET_SYSERR; 1099 return GNUNET_SYSERR;
1029 } 1100 }
@@ -1032,7 +1103,6 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
1032} 1103}
1033 1104
1034 1105
1035
1036/** 1106/**
1037 * Verify signature. 1107 * Verify signature.
1038 * 1108 *
@@ -1043,10 +1113,11 @@ GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
1043 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid 1113 * @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
1044 */ 1114 */
1045int 1115int
1046GNUNET_CRYPTO_eddsa_verify (uint32_t purpose, 1116GNUNET_CRYPTO_eddsa_verify (
1047 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, 1117 uint32_t purpose,
1048 const struct GNUNET_CRYPTO_EddsaSignature *sig, 1118 const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
1049 const struct GNUNET_CRYPTO_EddsaPublicKey *pub) 1119 const struct GNUNET_CRYPTO_EddsaSignature *sig,
1120 const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
1050{ 1121{
1051 gcry_sexp_t data; 1122 gcry_sexp_t data;
1052 gcry_sexp_t sig_sexpr; 1123 gcry_sexp_t sig_sexpr;
@@ -1056,21 +1127,27 @@ GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
1056 BENCHMARK_START (eddsa_verify); 1127 BENCHMARK_START (eddsa_verify);
1057 1128
1058 if (purpose != ntohl (validate->purpose)) 1129 if (purpose != ntohl (validate->purpose))
1059 return GNUNET_SYSERR; /* purpose mismatch */ 1130 return GNUNET_SYSERR; /* purpose mismatch */
1060 1131
1061 /* build s-expression for signature */ 1132 /* build s-expression for signature */
1062 if (0 != (rc = gcry_sexp_build (&sig_sexpr, NULL, 1133 if (0 != (rc = gcry_sexp_build (&sig_sexpr,
1063 "(sig-val(eddsa(r %b)(s %b)))", 1134 NULL,
1064 (int)sizeof (sig->r), sig->r, 1135 "(sig-val(eddsa(r %b)(s %b)))",
1065 (int)sizeof (sig->s), sig->s))) 1136 (int) sizeof (sig->r),
1137 sig->r,
1138 (int) sizeof (sig->s),
1139 sig->s)))
1066 { 1140 {
1067 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 1141 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
1068 return GNUNET_SYSERR; 1142 return GNUNET_SYSERR;
1069 } 1143 }
1070 data = data_to_eddsa_value (validate); 1144 data = data_to_eddsa_value (validate);
1071 if (0 != (rc = gcry_sexp_build (&pub_sexpr, NULL, 1145 if (0 != (rc = gcry_sexp_build (&pub_sexpr,
1072 "(public-key(ecc(curve " CURVE ")(flags eddsa)(q %b)))", 1146 NULL,
1073 (int)sizeof (pub->q_y), pub->q_y))) 1147 "(public-key(ecc(curve " CURVE
1148 ")(flags eddsa)(q %b)))",
1149 (int) sizeof (pub->q_y),
1150 pub->q_y)))
1074 { 1151 {
1075 gcry_sexp_release (data); 1152 gcry_sexp_release (data);
1076 gcry_sexp_release (sig_sexpr); 1153 gcry_sexp_release (sig_sexpr);
@@ -1083,8 +1160,10 @@ GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
1083 if (0 != rc) 1160 if (0 != rc)
1084 { 1161 {
1085 LOG (GNUNET_ERROR_TYPE_INFO, 1162 LOG (GNUNET_ERROR_TYPE_INFO,
1086 _("EdDSA signature verification failed at %s:%d: %s\n"), __FILE__, 1163 _ ("EdDSA signature verification failed at %s:%d: %s\n"),
1087 __LINE__, gcry_strerror (rc)); 1164 __FILE__,
1165 __LINE__,
1166 gcry_strerror (rc));
1088 BENCHMARK_END (eddsa_verify); 1167 BENCHMARK_END (eddsa_verify);
1089 return GNUNET_SYSERR; 1168 return GNUNET_SYSERR;
1090 } 1169 }
@@ -1118,9 +1197,11 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1118 BENCHMARK_START (ecc_ecdh); 1197 BENCHMARK_START (ecc_ecdh);
1119 1198
1120 /* first, extract the q = dP value from the public key */ 1199 /* first, extract the q = dP value from the public key */
1121 if (0 != gcry_sexp_build (&pub_sexpr, NULL, 1200 if (0 != gcry_sexp_build (&pub_sexpr,
1201 NULL,
1122 "(public-key(ecc(curve " CURVE ")(q %b)))", 1202 "(public-key(ecc(curve " CURVE ")(q %b)))",
1123 (int)sizeof (pub->q_y), pub->q_y)) 1203 (int) sizeof (pub->q_y),
1204 pub->q_y))
1124 return GNUNET_SYSERR; 1205 return GNUNET_SYSERR;
1125 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1206 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
1126 gcry_sexp_release (pub_sexpr); 1207 gcry_sexp_release (pub_sexpr);
@@ -1153,12 +1234,9 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1153 as that does not include the sign bit; x should be a 255-bit 1234 as that does not include the sign bit; x should be a 255-bit
1154 value, so with the sign it should fit snugly into the 256-bit 1235 value, so with the sign it should fit snugly into the 256-bit
1155 xbuf */ 1236 xbuf */
1156 GNUNET_assert (0 == 1237 GNUNET_assert (
1157 gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, 1238 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
1158 result_x)); 1239 GNUNET_CRYPTO_hash (xbuf, rsize, key_material);
1159 GNUNET_CRYPTO_hash (xbuf,
1160 rsize,
1161 key_material);
1162 gcry_mpi_release (result_x); 1240 gcry_mpi_release (result_x);
1163 BENCHMARK_END (ecc_ecdh); 1241 BENCHMARK_END (ecc_ecdh);
1164 return GNUNET_OK; 1242 return GNUNET_OK;
@@ -1177,22 +1255,26 @@ GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1177 */ 1255 */
1178static gcry_mpi_t 1256static gcry_mpi_t
1179derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, 1257derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1180 const char *label, 1258 const char *label,
1181 const char *context) 1259 const char *context)
1182{ 1260{
1183 gcry_mpi_t h; 1261 gcry_mpi_t h;
1184 struct GNUNET_HashCode hc; 1262 struct GNUNET_HashCode hc;
1185 static const char *const salt = "key-derivation"; 1263 static const char *const salt = "key-derivation";
1186 1264
1187 GNUNET_CRYPTO_kdf (&hc, sizeof (hc), 1265 GNUNET_CRYPTO_kdf (&hc,
1188 salt, strlen (salt), 1266 sizeof (hc),
1189 pub, sizeof (*pub), 1267 salt,
1190 label, strlen (label), 1268 strlen (salt),
1191 context, strlen (context), 1269 pub,
1192 NULL, 0); 1270 sizeof (*pub),
1193 GNUNET_CRYPTO_mpi_scan_unsigned (&h, 1271 label,
1194 (unsigned char *) &hc, 1272 strlen (label),
1195 sizeof (hc)); 1273 context,
1274 strlen (context),
1275 NULL,
1276 0);
1277 GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc));
1196 return h; 1278 return h;
1197} 1279}
1198 1280
@@ -1210,9 +1292,10 @@ derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1210 * @return derived private key 1292 * @return derived private key
1211 */ 1293 */
1212struct GNUNET_CRYPTO_EcdsaPrivateKey * 1294struct GNUNET_CRYPTO_EcdsaPrivateKey *
1213GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, 1295GNUNET_CRYPTO_ecdsa_private_key_derive (
1214 const char *label, 1296 const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1215 const char *context) 1297 const char *label,
1298 const char *context)
1216{ 1299{
1217 struct GNUNET_CRYPTO_EcdsaPublicKey pub; 1300 struct GNUNET_CRYPTO_EcdsaPublicKey pub;
1218 struct GNUNET_CRYPTO_EcdsaPrivateKey *ret; 1301 struct GNUNET_CRYPTO_EcdsaPrivateKey *ret;
@@ -1228,9 +1311,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK
1228 GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); 1311 GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub);
1229 1312
1230 h = derive_h (&pub, label, context); 1313 h = derive_h (&pub, label, context);
1231 GNUNET_CRYPTO_mpi_scan_unsigned (&x, 1314 GNUNET_CRYPTO_mpi_scan_unsigned (&x, priv->d, sizeof (priv->d));
1232 priv->d,
1233 sizeof (priv->d));
1234 d = gcry_mpi_new (256); 1315 d = gcry_mpi_new (256);
1235 gcry_mpi_mulm (d, h, x, n); 1316 gcry_mpi_mulm (d, h, x, n);
1236 gcry_mpi_release (h); 1317 gcry_mpi_release (h);
@@ -1255,10 +1336,11 @@ GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateK
1255 * @param result where to write the derived public key 1336 * @param result where to write the derived public key
1256 */ 1337 */
1257void 1338void
1258GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, 1339GNUNET_CRYPTO_ecdsa_public_key_derive (
1259 const char *label, 1340 const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
1260 const char *context, 1341 const char *label,
1261 struct GNUNET_CRYPTO_EcdsaPublicKey *result) 1342 const char *context,
1343 struct GNUNET_CRYPTO_EcdsaPublicKey *result)
1262{ 1344{
1263 gcry_ctx_t ctx; 1345 gcry_ctx_t ctx;
1264 gcry_mpi_t q_y; 1346 gcry_mpi_t q_y;
@@ -1273,7 +1355,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
1273 /* obtain point 'q' from original public key. The provided 'q' is 1355 /* obtain point 'q' from original public key. The provided 'q' is
1274 compressed thus we first store it in the context and then get it 1356 compressed thus we first store it in the context and then get it
1275 back as a (decompresssed) point. */ 1357 back as a (decompresssed) point. */
1276 q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8*sizeof (pub->q_y)); 1358 q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8 * sizeof (pub->q_y));
1277 GNUNET_assert (NULL != q_y); 1359 GNUNET_assert (NULL != q_y);
1278 GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx)); 1360 GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx));
1279 gcry_mpi_release (q_y); 1361 gcry_mpi_release (q_y);
@@ -1298,9 +1380,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
1298 gcry_mpi_point_release (v); 1380 gcry_mpi_point_release (v);
1299 q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0); 1381 q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
1300 GNUNET_assert (q_y); 1382 GNUNET_assert (q_y);
1301 GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, 1383 GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof (result->q_y), q_y);
1302 sizeof (result->q_y),
1303 q_y);
1304 gcry_mpi_release (q_y); 1384 gcry_mpi_release (q_y);
1305 gcry_ctx_release (ctx); 1385 gcry_ctx_release (ctx);
1306} 1386}
@@ -1313,17 +1393,16 @@ GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey
1313 * @param length number of bytes in @a buffer 1393 * @param length number of bytes in @a buffer
1314 */ 1394 */
1315static void 1395static void
1316reverse_buffer (unsigned char *buffer, 1396reverse_buffer (unsigned char *buffer, size_t length)
1317 size_t length)
1318{ 1397{
1319 unsigned char tmp; 1398 unsigned char tmp;
1320 size_t i; 1399 size_t i;
1321 1400
1322 for (i=0; i < length/2; i++) 1401 for (i = 0; i < length / 2; i++)
1323 { 1402 {
1324 tmp = buffer[i]; 1403 tmp = buffer[i];
1325 buffer[i] = buffer[length-1-i]; 1404 buffer[i] = buffer[length - 1 - i];
1326 buffer[length-1-i] = tmp; 1405 buffer[length - 1 - i] = tmp;
1327 } 1406 }
1328} 1407}
1329 1408
@@ -1352,29 +1431,22 @@ eddsa_d_to_a (gcry_mpi_t d)
1352 memset (digest, 0, sizeof digest); 1431 memset (digest, 0, sizeof digest);
1353 memset (hvec, 0, sizeof hvec); 1432 memset (hvec, 0, sizeof hvec);
1354 rawmpilen = sizeof (rawmpi); 1433 rawmpilen = sizeof (rawmpi);
1355 GNUNET_assert (0 == 1434 GNUNET_assert (
1356 gcry_mpi_print (GCRYMPI_FMT_USG, 1435 0 == gcry_mpi_print (GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d));
1357 rawmpi, rawmpilen, &rawmpilen,
1358 d));
1359 hvec[0].data = digest; 1436 hvec[0].data = digest;
1360 hvec[0].off = 0; 1437 hvec[0].off = 0;
1361 hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0; 1438 hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
1362 hvec[1].data = rawmpi; 1439 hvec[1].data = rawmpi;
1363 hvec[1].off = 0; 1440 hvec[1].off = 0;
1364 hvec[1].len = rawmpilen; 1441 hvec[1].len = rawmpilen;
1365 GNUNET_assert (0 == 1442 GNUNET_assert (
1366 gcry_md_hash_buffers (GCRY_MD_SHA512, 1443 0 == gcry_md_hash_buffers (GCRY_MD_SHA512, 0 /* flags */, digest, hvec, 2));
1367 0 /* flags */,
1368 digest,
1369 hvec, 2));
1370 /* Compute the A value. */ 1444 /* Compute the A value. */
1371 reverse_buffer (digest, 32); /* Only the first half of the hash. */ 1445 reverse_buffer (digest, 32); /* Only the first half of the hash. */
1372 digest[0] = (digest[0] & 0x7f) | 0x40; 1446 digest[0] = (digest[0] & 0x7f) | 0x40;
1373 digest[31] &= 0xf8; 1447 digest[31] &= 0xf8;
1374 1448
1375 GNUNET_CRYPTO_mpi_scan_unsigned (&a, 1449 GNUNET_CRYPTO_mpi_scan_unsigned (&a, digest, 32);
1376 digest,
1377 32);
1378 return a; 1450 return a;
1379} 1451}
1380 1452
@@ -1410,12 +1482,9 @@ point_to_hash (gcry_mpi_point_t result,
1410 as that does not include the sign bit; x should be a 255-bit 1482 as that does not include the sign bit; x should be a 255-bit
1411 value, so with the sign it should fit snugly into the 256-bit 1483 value, so with the sign it should fit snugly into the 256-bit
1412 xbuf */ 1484 xbuf */
1413 GNUNET_assert (0 == 1485 GNUNET_assert (
1414 gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, 1486 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
1415 result_x)); 1487 GNUNET_CRYPTO_hash (xbuf, rsize, key_material);
1416 GNUNET_CRYPTO_hash (xbuf,
1417 rsize,
1418 key_material);
1419 gcry_mpi_release (result_x); 1488 gcry_mpi_release (result_x);
1420 return GNUNET_OK; 1489 return GNUNET_OK;
1421} 1490}
@@ -1447,9 +1516,11 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1447 BENCHMARK_START (eddsa_ecdh); 1516 BENCHMARK_START (eddsa_ecdh);
1448 1517
1449 /* first, extract the q = dP value from the public key */ 1518 /* first, extract the q = dP value from the public key */
1450 if (0 != gcry_sexp_build (&pub_sexpr, NULL, 1519 if (0 != gcry_sexp_build (&pub_sexpr,
1520 NULL,
1451 "(public-key(ecc(curve " CURVE ")(q %b)))", 1521 "(public-key(ecc(curve " CURVE ")(q %b)))",
1452 (int)sizeof (pub->q_y), pub->q_y)) 1522 (int) sizeof (pub->q_y),
1523 pub->q_y))
1453 return GNUNET_SYSERR; 1524 return GNUNET_SYSERR;
1454 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1525 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
1455 gcry_sexp_release (pub_sexpr); 1526 gcry_sexp_release (pub_sexpr);
@@ -1468,9 +1539,7 @@ GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
1468 gcry_mpi_point_release (q); 1539 gcry_mpi_point_release (q);
1469 gcry_mpi_release (a); 1540 gcry_mpi_release (a);
1470 1541
1471 ret = point_to_hash (result, 1542 ret = point_to_hash (result, ctx, key_material);
1472 ctx,
1473 key_material);
1474 gcry_mpi_point_release (result); 1543 gcry_mpi_point_release (result);
1475 gcry_ctx_release (ctx); 1544 gcry_ctx_release (ctx);
1476 BENCHMARK_END (eddsa_ecdh); 1545 BENCHMARK_END (eddsa_ecdh);
@@ -1503,9 +1572,11 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1503 BENCHMARK_START (ecdsa_ecdh); 1572 BENCHMARK_START (ecdsa_ecdh);
1504 1573
1505 /* first, extract the q = dP value from the public key */ 1574 /* first, extract the q = dP value from the public key */
1506 if (0 != gcry_sexp_build (&pub_sexpr, NULL, 1575 if (0 != gcry_sexp_build (&pub_sexpr,
1576 NULL,
1507 "(public-key(ecc(curve " CURVE ")(q %b)))", 1577 "(public-key(ecc(curve " CURVE ")(q %b)))",
1508 (int)sizeof (pub->q_y), pub->q_y)) 1578 (int) sizeof (pub->q_y),
1579 pub->q_y))
1509 return GNUNET_SYSERR; 1580 return GNUNET_SYSERR;
1510 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1581 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
1511 gcry_sexp_release (pub_sexpr); 1582 gcry_sexp_release (pub_sexpr);
@@ -1521,9 +1592,7 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1521 gcry_mpi_release (d); 1592 gcry_mpi_release (d);
1522 1593
1523 /* finally, convert point to string for hashing */ 1594 /* finally, convert point to string for hashing */
1524 ret = point_to_hash (result, 1595 ret = point_to_hash (result, ctx, key_material);
1525 ctx,
1526 key_material);
1527 gcry_mpi_point_release (result); 1596 gcry_mpi_point_release (result);
1528 gcry_ctx_release (ctx); 1597 gcry_ctx_release (ctx);
1529 BENCHMARK_END (ecdsa_ecdh); 1598 BENCHMARK_END (ecdsa_ecdh);
@@ -1531,7 +1600,6 @@ GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
1531} 1600}
1532 1601
1533 1602
1534
1535/** 1603/**
1536 * @ingroup crypto 1604 * @ingroup crypto
1537 * Derive key material from a EdDSA public key and a private ECDH key. 1605 * Derive key material from a EdDSA public key and a private ECDH key.
@@ -1557,9 +1625,11 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1557 BENCHMARK_START (ecdh_eddsa); 1625 BENCHMARK_START (ecdh_eddsa);
1558 1626
1559 /* first, extract the q = dP value from the public key */ 1627 /* first, extract the q = dP value from the public key */
1560 if (0 != gcry_sexp_build (&pub_sexpr, NULL, 1628 if (0 != gcry_sexp_build (&pub_sexpr,
1629 NULL,
1561 "(public-key(ecc(curve " CURVE ")(q %b)))", 1630 "(public-key(ecc(curve " CURVE ")(q %b)))",
1562 (int)sizeof (pub->q_y), pub->q_y)) 1631 (int) sizeof (pub->q_y),
1632 pub->q_y))
1563 return GNUNET_SYSERR; 1633 return GNUNET_SYSERR;
1564 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL)); 1634 GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
1565 gcry_sexp_release (pub_sexpr); 1635 gcry_sexp_release (pub_sexpr);
@@ -1575,9 +1645,7 @@ GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1575 gcry_mpi_release (d); 1645 gcry_mpi_release (d);
1576 1646
1577 /* finally, convert point to string for hashing */ 1647 /* finally, convert point to string for hashing */
1578 ret = point_to_hash (result, 1648 ret = point_to_hash (result, ctx, key_material);
1579 ctx,
1580 key_material);
1581 gcry_mpi_point_release (result); 1649 gcry_mpi_point_release (result);
1582 gcry_ctx_release (ctx); 1650 gcry_ctx_release (ctx);
1583 BENCHMARK_END (ecdh_eddsa); 1651 BENCHMARK_END (ecdh_eddsa);
@@ -1600,7 +1668,8 @@ GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
1600 struct GNUNET_HashCode *key_material) 1668 struct GNUNET_HashCode *key_material)
1601{ 1669{
1602 return GNUNET_CRYPTO_ecdh_eddsa (priv, 1670 return GNUNET_CRYPTO_ecdh_eddsa (priv,
1603 (const struct GNUNET_CRYPTO_EddsaPublicKey *)pub, 1671 (const struct GNUNET_CRYPTO_EddsaPublicKey *)
1672 pub,
1604 key_material); 1673 key_material);
1605} 1674}
1606 1675