#include <gcrypt.h>
+/**
+ * Number of bits for secretsharing keys.
+ * Must be smaller than the Pallier key size used internally
+ * by the secretsharing service.
+ * When changing this value, other internal parameters must also
+ * be adjusted.
+ */
+#define GNUNET_SECRETSHARING_KEY_BITS 1024
+
+
/**
* Session that will eventually establish a shared secred between
* the involved peers and allow encryption and cooperative decryption.
/**
* Share of a secret shared with a group of peers.
+ * Contains the secret share itself, the public key, the list of peers, and the
+ * exponential commitments to the secret shares of the other peers.
*/
struct GNUNET_SECRETSHARING_Share;
*/
struct GNUNET_SECRETSHARING_PublicKey
{
- /**
- * Value of the private key.
- */
- gcry_mpi_t value;
+ uint32_t bits[GNUNET_SECRETSHARING_KEY_BITS / 8 / sizeof (uint32_t)];
};
*/
struct GNUNET_SECRETSHARING_Ciphertext
{
- /**
- * First component.
- */
- gcry_mpi_t c1;
- /**
- * Second component.
- */
- gcry_mpi_t c2;
+ uint32_t c1_bits[GNUNET_SECRETSHARING_KEY_BITS / 8 / sizeof (uint32_t)];
+ uint32_t c2_bits[GNUNET_SECRETSHARING_KEY_BITS / 8 / sizeof (uint32_t)];
};
/**
* Value of the message.
*/
- gcry_mpi_t value;
+ uint32_t bits[GNUNET_SECRETSHARING_KEY_BITS / 8 / sizeof (uint32_t)];
};
/**
* Called once the secret has been established with all peers, or the deadline is due.
*
- * Note that the number of peers can be smaller that 'k' (this threshold parameter), which
+ * Note that the number of peers can be smaller than 'k' (this threshold parameter), which
* makes the threshold crypto system useless. However, in this case one can still determine which peers
* were able to participate in the secret sharing successfully.
*
+ * If the secret sharing failed, num_ready_peers is 0 and my_share and public_key is NULL.
+ *
* @param cls closure
* @param my_share the share of this peer
* @param public_key public key of the session
*/
typedef void (*GNUNET_SECRETSHARING_SecretReadyCallback) (void *cls,
const struct GNUNET_SECRETSHARING_Share *my_share,
- const struct GNUNET_SECRETSHARING_PublicKey public_key,
+ const struct GNUNET_SECRETSHARING_PublicKey *public_key,
unsigned int num_ready_peers,
const struct GNUNET_PeerIdentity *ready_peers);
const struct GNUNET_HashCode *session_id,
struct GNUNET_TIME_Absolute deadline,
unsigned int threshold,
- GNUNET_SECRETSHARING_SecretReadyCallback *cb,
+ GNUNET_SECRETSHARING_SecretReadyCallback cb,
void *cls);
-/**
- * Load a session from an existing share.
- *
- * @param cfg configuration to use for connecting to the secretsharing service
- * @param share share to load the session from
- */
-struct GNUNET_SECRETSHARING_Session *
-GNUNET_SECRETSHARING_load_session_DEPRECATED (const struct GNUNET_CONFIGURATION_Handle *cfg,
- const struct GNUNET_SECRETSHARING_Share *share);
-
-/**
- * Convert a secret share to a string.
- *
- * @param share share to serialize
- * @return the serialized secret share, to be freed by the caller
- */
-char *
-GNUNET_SECRETSHARING_share_to_BIN (const struct GNUNET_SECRETSHARING_Share *share);
-
-
-/**
- * Convert a secret share to a string.
- *
- * @param str string to deserialize
- * @return the serialized secret share, to be freed by the caller
- */
-const struct GNUNET_SECRETSHARING_Share *
-GNUNET_SECRETSHARING_share_from_BIN (const char *str);
-
-
/**
* Destroy a secret share.
*
* This is a helper function, encryption can be done soley with a session's public key
* and the crypto system parameters.
*
- * @param session session to take the key for encryption from,
- * the session's ready callback must have been already called
+ * @param public_key public key to use for decryption
* @param message message to encrypt
* @param message_size number of bytes in @a message
* @param result_ciphertext pointer to store the resulting ciphertext
* @return #GNUNET_YES on succes, #GNUNET_SYSERR if the message is invalid (invalid range)
*/
int
-GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_PublicKey *session,
+GNUNET_SECRETSHARING_encrypt (struct GNUNET_SECRETSHARING_PublicKey *public_key,
const void *message,
size_t message_size,
struct GNUNET_SECRETSHARING_Ciphertext *result_ciphertext);
* When the operation is canceled, the decrypt_cb is not called anymore, but the calling
* peer may already have irrevocably contributed his share for the decryption of the value.
*
- * @param session session to use for the decryption
+ * @param cfg configuration to use
+ * @param share our secret share to use for decryption
* @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree)
* @param decrypt_cb callback called once the decryption succeeded
+ * @param deadline By when should the decryption be finished?
* @param decrypt_cb_cls closure for @a decrypt_cb
* @return handle to cancel the operation
*/
struct GNUNET_SECRETSHARING_DecryptionHandle *
-GNUNET_SECRETSHARING_decrypt (struct GNUNET_SECRETSHARING_Session *session,
+GNUNET_SECRETSHARING_decrypt (struct GNUNET_CONFIGURATION_Handle *cfg,
+ struct GNUNET_SECRETSHARING_Share *share,
struct GNUNET_SECRETSHARING_Ciphertext *ciphertext,
+ struct GNUNET_TIME_Absolute deadline,
GNUNET_SECRETSHARING_DecryptCallback decrypt_cb,
void *decrypt_cb_cls);
GNUNET_SECRETSHARING_decrypt_cancel (struct GNUNET_SECRETSHARING_DecryptionHandle *decryption_handle);
+/**
+ * Read a share from its binary representation.
+ *
+ * @param data Binary representation of the share.
+ * @param len Length of @a data.
+ * @param[out] readlen Number of bytes read,
+ * ignored if NULL.
+ * @return The share, or NULL on error.
+ */
+struct GNUNET_SECRETSHARING_Share *
+GNUNET_SECRETSHARING_share_read (const void *data, size_t len, size_t *readlen);
+
+
+/**
+ * Convert a share to its binary representation.
+ * Can be called with a NULL @a buf to get the size of the share.
+ *
+ * @param share Share to write.
+ * @param buf Buffer to write to.
+ * @param buflen Number of writable bytes in @a buf.
+ * @param[out] writelen Pointer to store number of bytes written,
+ * ignored if NULL.
+ * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure.
+ */
+int
+GNUNET_SECRETSHARING_share_write (const struct GNUNET_SECRETSHARING_Share *share,
+ void *buf, size_t buflen, size_t *writelen);
+
#if 0 /* keep Emacsens' auto-indent happy */