/**
* High-quality operations are desired.
*/
- GNUNET_CRYPTO_QUALITY_STRONG
+ GNUNET_CRYPTO_QUALITY_STRONG,
+
+ /**
+ * Randomness for IVs etc. is required.
+ */
+ GNUNET_CRYPTO_QUALITY_NONCE
};
#define GNUNET_CRYPTO_RSA_KEY_LENGTH 258
+/**
+ * Length of a hash value
+ */
+#define GNUNET_CRYPTO_HASH_LENGTH 512/8
+
/**
* The private information of an RSA key pair.
*/
};
+/**
+ * @brief type for (message) authentication keys
+ */
+struct GNUNET_CRYPTO_AuthKey
+{
+ unsigned char key[GNUNET_CRYPTO_HASH_LENGTH];
+};
+
+
/* **************** Functions and Macros ************* */
void GNUNET_CRYPTO_aes_create_session_key (struct GNUNET_CRYPTO_AesSessionKey
*key);
-
/**
* Check that a new session key is well-formed.
*
void *result);
+/**
+ * @brief Derive an IV
+ * @param iv initialization vector
+ * @param skey session key
+ * @param salt salt for the derivation
+ * @param salt_len size of the salt
+ * @param ... pairs of void * & size_t for context chunks, terminated by NULL
+ */
+void
+GNUNET_CRYPTO_aes_derive_iv (struct GNUNET_CRYPTO_AesInitializationVector *iv,
+ const struct GNUNET_CRYPTO_AesSessionKey *skey,
+ const void *salt, size_t salt_len,
+ ...);
+
+
+/**
+ * @brief Derive an IV
+ * @param iv initialization vector
+ * @param skey session key
+ * @param salt salt for the derivation
+ * @param salt_len size of the salt
+ * @param argp pairs of void * & size_t for context chunks, terminated by NULL
+ */
+void
+GNUNET_CRYPTO_aes_derive_iv_v (struct GNUNET_CRYPTO_AesInitializationVector *iv,
+ const struct GNUNET_CRYPTO_AesSessionKey *skey,
+ const void *salt, size_t salt_len,
+ va_list argp);
+
+
/**
* Convert hash to ASCII encoding.
* @param block the hash code
*
* @param a some hash code
* @param b some hash code
- * @return number between 0 and 65536
+ * @return number between 0 and UINT32_MAX
*/
uint32_t GNUNET_CRYPTO_hash_distance_u32 (const GNUNET_HashCode * a,
const GNUNET_HashCode * b);
GNUNET_HashCode * ret);
+/**
+ * Calculate HMAC of a message (RFC 2104)
+ *
+ * @param key secret key
+ * @param plaintext input plaintext
+ * @param plaintext_len length of plaintext
+ * @param hmac where to store the hmac
+ */
+void
+GNUNET_CRYPTO_hmac (const struct GNUNET_CRYPTO_AuthKey *key,
+ const void *plaintext,
+ size_t plaintext_len,
+ GNUNET_HashCode *hmac);
+
+
/**
* Function called once the hash computation over the
* specified file has completed.
res);
+/**
+ * Handle to file hashing operation.
+ */
+struct GNUNET_CRYPTO_FileHashContext;
+
/**
* Compute the hash of an entire file.
*
- * @param sched scheduler to use
* @param priority scheduling priority to use
- * @param run_on_shutdown should we complete even on shutdown?
* @param filename name of file to hash
* @param blocksize number of bytes to process in one task
* @param callback function to call upon completion
* @param callback_cls closure for callback
+ * @return NULL on (immediate) errror
+ */
+struct GNUNET_CRYPTO_FileHashContext *
+GNUNET_CRYPTO_hash_file (enum GNUNET_SCHEDULER_Priority priority,
+ const char *filename,
+ size_t blocksize,
+ GNUNET_CRYPTO_HashCompletedCallback callback,
+ void *callback_cls);
+
+
+/**
+ * Cancel a file hashing operation.
+ *
+ * @param fhc operation to cancel (callback must not yet have been invoked)
*/
-void GNUNET_CRYPTO_hash_file (struct GNUNET_SCHEDULER_Handle *sched,
- enum GNUNET_SCHEDULER_Priority priority,
- int run_on_shutdown,
- const char *filename,
- size_t blocksize,
- GNUNET_CRYPTO_HashCompletedCallback callback,
- void *callback_cls);
+void
+GNUNET_CRYPTO_hash_file_cancel (struct GNUNET_CRYPTO_FileHashContext *fhc);
/**
int GNUNET_CRYPTO_hash_get_bit (const GNUNET_HashCode * code,
unsigned int bit);
+/**
+ * Determine how many low order bits match in two
+ * GNUNET_HashCodes. i.e. - 010011 and 011111 share
+ * the first two lowest order bits, and therefore the
+ * return value is two (NOT XOR distance, nor how many
+ * bits match absolutely!).
+ *
+ * @param first the first hashcode
+ * @param second the hashcode to compare first to
+ *
+ * @return the number of bits that match
+ */
+unsigned int GNUNET_CRYPTO_hash_matching_bits(const GNUNET_HashCode *first, const GNUNET_HashCode *second);
+
/**
* Compare function for HashCodes, producing a total ordering
const GNUNET_HashCode * target);
+/**
+ * @brief Derive an authentication key
+ * @param key authentication key
+ * @param rkey root key
+ * @param salt salt
+ * @param salt_len size of the salt
+ * @param argp pair of void * & size_t for context chunks, terminated by NULL
+ */
+void
+GNUNET_CRYPTO_hmac_derive_key_v(struct GNUNET_CRYPTO_AuthKey *key,
+ const struct GNUNET_CRYPTO_AesSessionKey *rkey,
+ const void *salt,
+ size_t salt_len,
+ va_list argp);
+
+
+/**
+ * @brief Derive an authentication key
+ * @param key authentication key
+ * @param rkey root key
+ * @param salt salt
+ * @param salt_len size of the salt
+ * @param ... pair of void * & size_t for context chunks, terminated by NULL
+ */
+void
+GNUNET_CRYPTO_hmac_derive_key(struct GNUNET_CRYPTO_AuthKey *key,
+ const struct GNUNET_CRYPTO_AesSessionKey *rkey,
+ const void *salt,
+ size_t salt_len,
+ ...);
+
+/**
+ * @brief Derive key
+ * @param result buffer for the derived key, allocated by caller
+ * @param out_len desired length of the derived key
+ * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_...
+ * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_...
+ * @param xts salt
+ * @param xts_len length of xts
+ * @param skm source key material
+ * @param skm_len length of skm
+ * @return GNUNET_YES on success
+ */
+int
+GNUNET_CRYPTO_hkdf (void *result,
+ size_t out_len,
+ int xtr_algo, int prf_algo,
+ const void *xts, size_t xts_len,
+ const void *skm, size_t skm_len,
+ ...);
+
+
+/**
+ * @brief Derive key
+ * @param result buffer for the derived key, allocated by caller
+ * @param out_len desired length of the derived key
+ * @param xtr_algo hash algorithm for the extraction phase, GCRY_MD_...
+ * @param prf_algo hash algorithm for the expansion phase, GCRY_MD_...
+ * @param xts salt
+ * @param xts_len length of xts
+ * @param skm source key material
+ * @param skm_len length of skm
+ * @param argp va_list of void * & size_t pairs for context chunks
+ * @return GNUNET_YES on success
+ */
+int
+GNUNET_CRYPTO_hkdf_v (void *result,
+ size_t out_len,
+ int xtr_algo,
+ int prf_algo,
+ const void *xts, size_t xts_len,
+ const void *skm, size_t skm_len,
+ va_list argp);
+
+
+/**
+ * @brief Derive key
+ * @param result buffer for the derived key, allocated by caller
+ * @param out_len desired length of the derived key
+ * @param xts salt
+ * @param xts_len length of xts
+ * @param skm source key material
+ * @param skm_len length of skm
+ * @param argp va_list of void * & size_t pairs for context chunks
+ * @return GNUNET_YES on success
+ */
+int
+GNUNET_CRYPTO_kdf_v (void *result,
+ size_t out_len,
+ const void *xts, size_t xts_len,
+ const void *skm, size_t skm_len,
+ va_list argp);
+
+
+/**
+ * @brief Derive key
+ * @param result buffer for the derived key, allocated by caller
+ * @param out_len desired length of the derived key
+ * @param xts salt
+ * @param xts_len length of xts
+ * @param skm source key material
+ * @param skm_len length of skm
+ * @param ... void * & size_t pairs for context chunks
+ * @return GNUNET_YES on success
+ */
+int
+GNUNET_CRYPTO_kdf (void *result, size_t out_len,
+ const void *xts, size_t xts_len, const void *skm,
+ size_t skm_len, ...);
+
+
/**
* Create a new private key. Caller must free return value.
*
*/
struct GNUNET_CRYPTO_RsaPrivateKey *GNUNET_CRYPTO_rsa_key_create (void);
+/**
+ * Decode the private key from the data-format back
+ * to the "normal", internal format.
+ *
+ * @param buf the buffer where the private key data is stored
+ * @param len the length of the data in 'buffer'
+ */
+struct GNUNET_CRYPTO_RsaPrivateKey *
+GNUNET_CRYPTO_rsa_decode_key (const char *buf, uint16_t len);
/**
* Create a new private key by reading it from a file. If the
* files does not exist, create a new key and write it to the
* file. Caller must free return value. Note that this function
* can not guarantee that another process might not be trying
- * the same operation on the same file at the same time. The
- * caller must somehow know that the file either already exists
- * with a valid key OR be sure that no other process is calling
- * this function at the same time. If the contents of the file
+ * the same operation on the same file at the same time.
+ * If the contents of the file
* are invalid the old file is deleted and a fresh key is
* created.
*