#define GNUNET_CRYPTO_LIB_H
#ifdef __cplusplus
-extern "C"
-{
-#if 0 /* keep Emacsens' auto-indent happy */
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
}
#endif
#endif
/**
* @brief length of the sessionkey in bytes (256 BIT sessionkey)
*/
-#define GNUNET_CRYPTO_AES_KEY_LENGTH (256/8)
+#define GNUNET_CRYPTO_AES_KEY_LENGTH (256 / 8)
/**
* Length of a hash value
*/
-#define GNUNET_CRYPTO_HASH_LENGTH (512/8)
+#define GNUNET_CRYPTO_HASH_LENGTH (512 / 8)
/**
* How many characters (without 0-terminator) are our ASCII-encoded
* network byte order!
*/
uint32_t purpose GNUNET_PACKED;
-
};
* S value.
*/
unsigned char s[256 / 8];
-
};
-
/**
* @brief an ECC signature using ECDSA
*/
* S value.
*/
unsigned char s[256 / 8];
-
};
* compact format.
*/
unsigned char q_y[256 / 8];
-
};
* here in affine coordinates and Ed25519 standard compact format.
*/
unsigned char q_y[256 / 8];
-
};
* d is a value mod n, where n has at most 256 bits.
*/
unsigned char d[256 / 8];
-
};
/**
* d is a value mod n, where n has at most 256 bits.
*/
unsigned char d[256 / 8];
-
};
/**
* d is a value mod n, where n has at most 256 bits.
*/
unsigned char d[256 / 8];
-
};
* Actual key for TwoFish.
*/
unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH];
-
};
GNUNET_NETWORK_STRUCT_END
* @return crc8 value
*/
uint8_t
-GNUNET_CRYPTO_crc8_n (const void *buf,
- size_t len);
+GNUNET_CRYPTO_crc8_n (const void *buf, size_t len);
/**
* @return updated crc sum (must be subjected to #GNUNET_CRYPTO_crc16_finish to get actual crc16)
*/
uint32_t
-GNUNET_CRYPTO_crc16_step (uint32_t sum,
- const void *buf,
- size_t len);
+GNUNET_CRYPTO_crc16_step (uint32_t sum, const void *buf, size_t len);
/**
* @return crc16 value
*/
uint16_t
-GNUNET_CRYPTO_crc16_n (const void *buf,
- size_t len);
-
-
+GNUNET_CRYPTO_crc16_n (const void *buf, size_t len);
/**
* @return the resulting CRC32 checksum
*/
int32_t
-GNUNET_CRYPTO_crc32_n (const void *buf,
- size_t len);
+GNUNET_CRYPTO_crc32_n (const void *buf, size_t len);
/**
* @ingroup crypto
* @param length buffer length
*/
void
-GNUNET_CRYPTO_zero_keys (void *buffer,
- size_t length);
+GNUNET_CRYPTO_zero_keys (void *buffer, size_t length);
/**
* @return a random value in the interval [0,@a i) (exclusive).
*/
uint32_t
-GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode,
- uint32_t i);
+GNUNET_CRYPTO_random_u32 (enum GNUNET_CRYPTO_Quality mode, uint32_t i);
/**
* @return random 64-bit number
*/
uint64_t
-GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode,
- uint64_t max);
+GNUNET_CRYPTO_random_u64 (enum GNUNET_CRYPTO_Quality mode, uint64_t max);
/**
* @return the permutation array (allocated from heap)
*/
unsigned int *
-GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode,
- unsigned int n);
+GNUNET_CRYPTO_random_permute (enum GNUNET_CRYPTO_Quality mode, unsigned int n);
/**
* @param key key to initialize
*/
void
-GNUNET_CRYPTO_symmetric_create_session_key (struct GNUNET_CRYPTO_SymmetricSessionKey *key);
+GNUNET_CRYPTO_symmetric_create_session_key (
+ struct GNUNET_CRYPTO_SymmetricSessionKey *key);
/**
* @return the size of the encrypted block, -1 for errors
*/
ssize_t
-GNUNET_CRYPTO_symmetric_encrypt (const void *block,
- size_t size,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
- const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- void *result);
+GNUNET_CRYPTO_symmetric_encrypt (
+ const void *block,
+ size_t size,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
+ const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ void *result);
/**
* @return -1 on failure, size of decrypted block on success
*/
ssize_t
-GNUNET_CRYPTO_symmetric_decrypt (const void *block,
- size_t size,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
- const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- void *result);
+GNUNET_CRYPTO_symmetric_decrypt (
+ const void *block,
+ size_t size,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey,
+ const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ void *result);
/**
* @param ... pairs of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_symmetric_derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- const void *salt,
- size_t salt_len, ...);
+GNUNET_CRYPTO_symmetric_derive_iv (
+ struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ const void *salt,
+ size_t salt_len,
+ ...);
/**
* @param argp pairs of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_symmetric_derive_iv_v (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- const void *salt,
- size_t salt_len,
- va_list argp);
+GNUNET_CRYPTO_symmetric_derive_iv_v (
+ struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ const void *salt,
+ size_t salt_len,
+ va_list argp);
/**
* @return #GNUNET_OK on success, #GNUNET_SYSERR if result has the wrong encoding
*/
#define GNUNET_CRYPTO_hash_from_string(enc, result) \
- GNUNET_CRYPTO_hash_from_string2 (enc, strlen(enc), result)
+ GNUNET_CRYPTO_hash_from_string2 (enc, strlen (enc), result)
/**
* @param hmac where to store the hmac
*/
void
-GNUNET_CRYPTO_hmac_raw (const void *key, size_t key_len,
- const void *plaintext, size_t plaintext_len,
+GNUNET_CRYPTO_hmac_raw (const void *key,
+ size_t key_len,
+ const void *plaintext,
+ size_t plaintext_len,
struct GNUNET_HashCode *hmac);
* @param cls closure
* @param res resulting hash, NULL on error
*/
-typedef void
-(*GNUNET_CRYPTO_HashCompletedCallback) (void *cls,
- const struct GNUNET_HashCode *res);
+typedef void (*GNUNET_CRYPTO_HashCompletedCallback) (
+ void *cls,
+ const struct GNUNET_HashCode *res);
/**
* @param iv set to a valid initialization vector
*/
void
-GNUNET_CRYPTO_hash_to_aes_key (const struct GNUNET_HashCode * hc,
- struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
- struct GNUNET_CRYPTO_SymmetricInitializationVector *iv);
+GNUNET_CRYPTO_hash_to_aes_key (
+ const struct GNUNET_HashCode *hc,
+ struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
+ struct GNUNET_CRYPTO_SymmetricInitializationVector *iv);
/**
*/
int
GNUNET_CRYPTO_hash_get_bit (const struct GNUNET_HashCode *code,
- unsigned int bit);
+ unsigned int bit);
/**
* @param argp pair of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_hmac_derive_key_v (struct GNUNET_CRYPTO_AuthKey *key,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
- const void *salt, size_t salt_len,
- va_list argp);
+GNUNET_CRYPTO_hmac_derive_key_v (
+ struct GNUNET_CRYPTO_AuthKey *key,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
+ const void *salt,
+ size_t salt_len,
+ va_list argp);
/**
* @param ... pair of void * & size_t for context chunks, terminated by NULL
*/
void
-GNUNET_CRYPTO_hmac_derive_key (struct GNUNET_CRYPTO_AuthKey *key,
- const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
- const void *salt, size_t salt_len,
- ...);
+GNUNET_CRYPTO_hmac_derive_key (
+ struct GNUNET_CRYPTO_AuthKey *key,
+ const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey,
+ const void *salt,
+ size_t salt_len,
+ ...);
/**
void
GNUNET_CRYPTO_kdf_mod_mpi (gcry_mpi_t *r,
gcry_mpi_t n,
- const void *xts, size_t xts_len,
- const void *skm, size_t skm_len,
+ const void *xts,
+ size_t xts_len,
+ const void *skm,
+ size_t skm_len,
const char *ctx);
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_key_get_public (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
/**
* @ingroup crypto
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub);
-
+GNUNET_CRYPTO_eddsa_key_get_public (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
- struct GNUNET_CRYPTO_EcdhePublicKey *pub);
+GNUNET_CRYPTO_ecdhe_key_get_public (
+ const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdhePublicKey *pub);
/**
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+
+/**
+ * Convert a private key to a string.
+ *
+ * @param priv key to convert
+ * @return string representing @a priv
+ */
+char *
+GNUNET_CRYPTO_ecdsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv);
/**
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv);
+GNUNET_CRYPTO_eddsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv);
/**
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
+GNUNET_CRYPTO_eddsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
/**
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPrivateKey *pub);
+GNUNET_CRYPTO_eddsa_private_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPrivateKey *pub);
/**
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub);
+GNUNET_CRYPTO_eddsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
* permission denied); free using #GNUNET_free
*/
struct GNUNET_CRYPTO_EddsaPrivateKey *
-GNUNET_CRYPTO_eddsa_key_create_from_configuration (const struct GNUNET_CONFIGURATION_Handle *cfg);
+GNUNET_CRYPTO_eddsa_key_create_from_configuration (
+ const struct GNUNET_CONFIGURATION_Handle *cfg);
/**
* @return NULL on error
*/
struct GNUNET_CRYPTO_EccDlogContext *
-GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max,
- unsigned int mem);
+GNUNET_CRYPTO_ecc_dlog_prepare (unsigned int max, unsigned int mem);
/**
*/
int
GNUNET_CRYPTO_ecc_dlog (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_point_t input);
+ gcry_mpi_point_t input);
/**
* must be freed using #GNUNET_CRYPTO_ecc_free()
*/
gcry_mpi_point_t
-GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc,
- int val);
+GNUNET_CRYPTO_ecc_dexp (struct GNUNET_CRYPTO_EccDlogContext *edc, int val);
/**
*/
gcry_mpi_point_t
GNUNET_CRYPTO_ecc_dexp_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_t val);
+ gcry_mpi_t val);
/**
gcry_mpi_point_t
GNUNET_CRYPTO_ecc_pmul_mpi (struct GNUNET_CRYPTO_EccDlogContext *edc,
gcry_mpi_point_t p,
- gcry_mpi_t val);
+ gcry_mpi_t val);
/**
*/
gcry_mpi_point_t
GNUNET_CRYPTO_ecc_add (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_point_t a,
- gcry_mpi_point_t b);
+ gcry_mpi_point_t a,
+ gcry_mpi_point_t b);
/**
*/
void
GNUNET_CRYPTO_ecc_rnd (struct GNUNET_CRYPTO_EccDlogContext *edc,
- gcry_mpi_point_t *r,
- gcry_mpi_point_t *r_inv);
+ gcry_mpi_point_t *r,
+ gcry_mpi_point_t *r_inv);
/**
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EddsaSignature *sig);
+GNUNET_CRYPTO_eddsa_sign (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EddsaSignature *sig);
/**
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EcdsaSignature *sig);
+GNUNET_CRYPTO_ecdsa_sign (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig);
/**
* @ingroup crypto
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EddsaSignature *sig,
- const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
-
+GNUNET_CRYPTO_eddsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EddsaSignature *sig,
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub);
/**
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EcdsaSignature *sig,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
+GNUNET_CRYPTO_ecdsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub);
/**
* @return derived private key
*/
struct GNUNET_CRYPTO_EcdsaPrivateKey *
-GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const char *label,
- const char *context);
+GNUNET_CRYPTO_ecdsa_private_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const char *label,
+ const char *context);
/**
* @param result where to write the derived public key
*/
void
-GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
- const char *label,
- const char *context,
- struct GNUNET_CRYPTO_EcdsaPublicKey *result);
+GNUNET_CRYPTO_ecdsa_public_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
+ const char *label,
+ const char *context,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *result);
/**
* @param val value to write to @a buf
*/
void
-GNUNET_CRYPTO_mpi_print_unsigned (void *buf,
- size_t size,
- gcry_mpi_t val);
+GNUNET_CRYPTO_mpi_print_unsigned (void *buf, size_t size, gcry_mpi_t val);
/**
* @param[out] private_key Where to store the private key?
*/
void
-GNUNET_CRYPTO_paillier_create (struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- struct GNUNET_CRYPTO_PaillierPrivateKey *private_key);
+GNUNET_CRYPTO_paillier_create (
+ struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ struct GNUNET_CRYPTO_PaillierPrivateKey *private_key);
/**
* or -1 if less than one homomorphic operation is possible
*/
int
-GNUNET_CRYPTO_paillier_encrypt (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- const gcry_mpi_t m,
- int desired_ops,
- struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext);
+GNUNET_CRYPTO_paillier_encrypt (
+ const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ const gcry_mpi_t m,
+ int desired_ops,
+ struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext);
/**
* @param[out] m Decryption of @a ciphertext with @private_key.
*/
void
-GNUNET_CRYPTO_paillier_decrypt (const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key,
- const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext,
- gcry_mpi_t m);
+GNUNET_CRYPTO_paillier_decrypt (
+ const struct GNUNET_CRYPTO_PaillierPrivateKey *private_key,
+ const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ const struct GNUNET_CRYPTO_PaillierCiphertext *ciphertext,
+ gcry_mpi_t m);
/**
* #GNUNET_SYSERR if no more homomorphic operations are remaining.
*/
int
-GNUNET_CRYPTO_paillier_hom_add (const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
- const struct GNUNET_CRYPTO_PaillierCiphertext *c1,
- const struct GNUNET_CRYPTO_PaillierCiphertext *c2,
- struct GNUNET_CRYPTO_PaillierCiphertext *result);
+GNUNET_CRYPTO_paillier_hom_add (
+ const struct GNUNET_CRYPTO_PaillierPublicKey *public_key,
+ const struct GNUNET_CRYPTO_PaillierCiphertext *c1,
+ const struct GNUNET_CRYPTO_PaillierCiphertext *c2,
+ struct GNUNET_CRYPTO_PaillierCiphertext *result);
/**
* @return the number of remaining homomorphic operations
*/
int
-GNUNET_CRYPTO_paillier_hom_get_remaining (const struct GNUNET_CRYPTO_PaillierCiphertext *c);
+GNUNET_CRYPTO_paillier_hom_get_remaining (
+ const struct GNUNET_CRYPTO_PaillierCiphertext *c);
/* ********* Chaum-style RSA-based blind signatures ******************* */
-
-
/**
* The private information of an RSA key pair.
*/
* @return size of memory allocatedin @a buffer
*/
size_t
-GNUNET_CRYPTO_rsa_private_key_encode (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- char **buffer);
+GNUNET_CRYPTO_rsa_private_key_encode (
+ const struct GNUNET_CRYPTO_RsaPrivateKey *key,
+ char **buffer);
/**
* @return NULL on error
*/
struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_private_key_decode (const char *buf,
- size_t len);
+GNUNET_CRYPTO_rsa_private_key_decode (const char *buf, size_t len);
/**
* @return the duplicate key; NULL upon error
*/
struct GNUNET_CRYPTO_RsaPrivateKey *
-GNUNET_CRYPTO_rsa_private_key_dup (const struct GNUNET_CRYPTO_RsaPrivateKey *key);
+GNUNET_CRYPTO_rsa_private_key_dup (
+ const struct GNUNET_CRYPTO_RsaPrivateKey *key);
/**
* @retur NULL on error, otherwise the public key
*/
struct GNUNET_CRYPTO_RsaPublicKey *
-GNUNET_CRYPTO_rsa_private_key_get_public (const struct GNUNET_CRYPTO_RsaPrivateKey *priv);
+GNUNET_CRYPTO_rsa_private_key_get_public (
+ const struct GNUNET_CRYPTO_RsaPrivateKey *priv);
/**
* @return size of memory allocated in @a buffer
*/
size_t
-GNUNET_CRYPTO_rsa_public_key_encode (const struct GNUNET_CRYPTO_RsaPublicKey *key,
- char **buffer);
+GNUNET_CRYPTO_rsa_public_key_encode (
+ const struct GNUNET_CRYPTO_RsaPublicKey *key,
+ char **buffer);
/**
* @return NULL on error
*/
struct GNUNET_CRYPTO_RsaPublicKey *
-GNUNET_CRYPTO_rsa_public_key_decode (const char *buf,
- size_t len);
+GNUNET_CRYPTO_rsa_public_key_decode (const char *buf, size_t len);
/**
*/
struct GNUNET_CRYPTO_RsaSignature *
GNUNET_CRYPTO_rsa_sign_fdh (const struct GNUNET_CRYPTO_RsaPrivateKey *key,
- const struct GNUNET_HashCode *hash);
+ const struct GNUNET_HashCode *hash);
/**
* @return size of memory allocated in @a buffer
*/
size_t
-GNUNET_CRYPTO_rsa_signature_encode (const struct GNUNET_CRYPTO_RsaSignature *sig,
- char **buffer);
+GNUNET_CRYPTO_rsa_signature_encode (
+ const struct GNUNET_CRYPTO_RsaSignature *sig,
+ char **buffer);
/**
* @return NULL on error
*/
struct GNUNET_CRYPTO_RsaSignature *
-GNUNET_CRYPTO_rsa_signature_decode (const char *buf,
- size_t len);
+GNUNET_CRYPTO_rsa_signature_decode (const char *buf, size_t len);
/**
*/
struct GNUNET_CRYPTO_RsaSignature *
GNUNET_CRYPTO_rsa_unblind (const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
- struct GNUNET_CRYPTO_RsaPublicKey *pkey);
+ const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks,
+ struct GNUNET_CRYPTO_RsaPublicKey *pkey);
/**
*/
int
GNUNET_CRYPTO_rsa_verify (const struct GNUNET_HashCode *hash,
- const struct GNUNET_CRYPTO_RsaSignature *sig,
- const struct GNUNET_CRYPTO_RsaPublicKey *public_key);
+ const struct GNUNET_CRYPTO_RsaSignature *sig,
+ const struct GNUNET_CRYPTO_RsaPublicKey *public_key);
-#if 0 /* keep Emacsens' auto-indent happy */
+#if 0 /* keep Emacsens' auto-indent happy */
{
#endif
#ifdef __cplusplus
*/
#define CURVE "Ed25519"
-#define LOG(kind,...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
+#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
-#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
+#define LOG_STRERROR(kind, syscall) \
+ GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
-#define LOG_STRERROR_FILE(kind,syscall,filename) GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename)
+#define LOG_STRERROR_FILE(kind, syscall, filename) \
+ GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename)
/**
* Log an error message at log-level 'level' that indicates
* a failure of the command 'cmd' with the message given
* by gcry_strerror(rc).
*/
-#define LOG_GCRY(level, cmd, rc) do { LOG(level, _("`%s' failed at %s:%d with error: %s\n"), cmd, __FILE__, __LINE__, gcry_strerror(rc)); } while(0)
+#define LOG_GCRY(level, cmd, rc) \
+ do \
+ { \
+ LOG (level, \
+ _ ("`%s' failed at %s:%d with error: %s\n"), \
+ cmd, \
+ __FILE__, \
+ __LINE__, \
+ gcry_strerror (rc)); \
+ } while (0)
/**
* @return 0 on success
*/
static int
-key_from_sexp (gcry_mpi_t * array,
+key_from_sexp (gcry_mpi_t *array,
gcry_sexp_t sexp,
const char *topname,
const char *elems)
array[i] = NULL;
}
gcry_sexp_release (list);
- return 3; /* required parameter not found */
+ return 3; /* required parameter not found */
}
array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
gcry_sexp_release (l2);
array[i] = NULL;
}
gcry_sexp_release (list);
- return 4; /* required parameter is invalid */
+ return 4; /* required parameter is invalid */
}
}
gcry_sexp_release (list);
gcry_sexp_t result;
int rc;
- rc = gcry_sexp_build (&result, NULL,
- "(private-key(ecc(curve \"" CURVE "\")"
+ rc = gcry_sexp_build (&result,
+ NULL,
+ "(private-key(ecc(curve \"" CURVE "\")"
"(d %b)))",
- (int) sizeof (priv->d), priv->d);
+ (int) sizeof (priv->d),
+ priv->d);
if (0 != rc)
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
gcry_sexp_t result;
int rc;
- rc = gcry_sexp_build (&result, NULL,
- "(private-key(ecc(curve \"" CURVE "\")"
+ rc = gcry_sexp_build (&result,
+ NULL,
+ "(private-key(ecc(curve \"" CURVE "\")"
"(flags eddsa)(d %b)))",
- (int)sizeof (priv->d), priv->d);
+ (int) sizeof (priv->d),
+ priv->d);
if (0 != rc)
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
gcry_sexp_t result;
int rc;
- rc = gcry_sexp_build (&result, NULL,
- "(private-key(ecc(curve \"" CURVE "\")"
+ rc = gcry_sexp_build (&result,
+ NULL,
+ "(private-key(ecc(curve \"" CURVE "\")"
"(d %b)))",
- (int)sizeof (priv->d), priv->d);
+ (int) sizeof (priv->d),
+ priv->d);
if (0 != rc)
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_key_get_public (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
gcry_sexp_t sexp;
gcry_ctx_t ctx;
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_key_get_public (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
gcry_sexp_t sexp;
gcry_ctx_t ctx;
* @param pub where to write the public key
*/
void
-GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
- struct GNUNET_CRYPTO_EcdhePublicKey *pub)
+GNUNET_CRYPTO_ecdhe_key_get_public (
+ const struct GNUNET_CRYPTO_EcdhePrivateKey *priv,
+ struct GNUNET_CRYPTO_EcdhePublicKey *pub)
{
gcry_sexp_t sexp;
gcry_ctx_t ctx;
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
char *pubkeybuf;
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
keylen += 5 - keylen % 5;
keylen /= 5;
pubkeybuf = GNUNET_malloc (keylen + 1);
- end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
- pubkeybuf,
- keylen);
+ end =
+ GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
+ sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
+ pubkeybuf,
+ keylen);
if (NULL == end)
{
GNUNET_free (pubkeybuf);
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_public_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
char *pubkeybuf;
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
keylen += 5 - keylen % 5;
keylen /= 5;
pubkeybuf = GNUNET_malloc (keylen + 1);
- end = GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
- sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),
- pubkeybuf,
- keylen);
+ end =
+ GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
+ sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),
+ pubkeybuf,
+ keylen);
if (NULL == end)
{
GNUNET_free (pubkeybuf);
* @return string representing @a pub
*/
char *
-GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
+GNUNET_CRYPTO_eddsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
{
char *privkeybuf;
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
keylen /= 5;
privkeybuf = GNUNET_malloc (keylen + 1);
end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
- sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey),
- privkeybuf,
- keylen);
+ sizeof (
+ struct GNUNET_CRYPTO_EddsaPrivateKey),
+ privkeybuf,
+ keylen);
+ if (NULL == end)
+ {
+ GNUNET_free (privkeybuf);
+ return NULL;
+ }
+ *end = '\0';
+ return privkeybuf;
+}
+
+
+/**
+ * Convert a private key to a string.
+ *
+ * @param priv key to convert
+ * @return string representing @a priv
+ */
+char *
+GNUNET_CRYPTO_ecdsa_private_key_to_string (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
+{
+ char *privkeybuf;
+ size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) * 8;
+ char *end;
+
+ if (keylen % 5 > 0)
+ keylen += 5 - keylen % 5;
+ keylen /= 5;
+ privkeybuf = GNUNET_malloc (keylen + 1);
+ end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
+ sizeof (
+ struct GNUNET_CRYPTO_EcdsaPrivateKey),
+ privkeybuf,
+ keylen);
if (NULL == end)
{
GNUNET_free (privkeybuf);
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
return GNUNET_SYSERR;
if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (enc, enclen,
- pub,
- sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)))
+ GNUNET_STRINGS_string_to_data (enc,
+ enclen,
+ pub,
+ sizeof (
+ struct GNUNET_CRYPTO_EcdsaPublicKey)))
return GNUNET_SYSERR;
return GNUNET_OK;
}
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_public_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
return GNUNET_SYSERR;
if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (enc, enclen,
- pub,
- sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)))
+ GNUNET_STRINGS_string_to_data (enc,
+ enclen,
+ pub,
+ sizeof (
+ struct GNUNET_CRYPTO_EddsaPublicKey)))
return GNUNET_SYSERR;
return GNUNET_OK;
}
* @return #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc,
- size_t enclen,
- struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
+GNUNET_CRYPTO_eddsa_private_key_from_string (
+ const char *enc,
+ size_t enclen,
+ struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
{
size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
return GNUNET_SYSERR;
if (GNUNET_OK !=
- GNUNET_STRINGS_string_to_data (enc, enclen,
+ GNUNET_STRINGS_string_to_data (enc,
+ enclen,
priv,
- sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)))
+ sizeof (
+ struct GNUNET_CRYPTO_EddsaPrivateKey)))
return GNUNET_SYSERR;
#if CRYPTO_BUG
- if (GNUNET_OK !=
- check_eddsa_key (priv))
+ if (GNUNET_OK != check_eddsa_key (priv))
{
GNUNET_break (0);
return GNUNET_OK;
struct GNUNET_CRYPTO_EcdhePrivateKey *priv;
priv = GNUNET_new (struct GNUNET_CRYPTO_EcdhePrivateKey);
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdhe_key_create2 (priv))
+ if (GNUNET_OK != GNUNET_CRYPTO_ecdhe_key_create2 (priv))
{
GNUNET_free (priv);
return NULL;
disables an expensive key testing routine. We do not want to run
the expensive check for ECDHE, as we generate TONS of keys to
use for a very short time. */
- if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
+ if (0 != (rc = gcry_sexp_build (&s_keyparam,
+ NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags eddsa no-keytest)))")))
{
BENCHMARK_START (ecdsa_key_create);
- if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
+ if (0 != (rc = gcry_sexp_build (&s_keyparam,
+ NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags)))")))
{
BENCHMARK_START (eddsa_key_create);
#if CRYPTO_BUG
- again:
+again:
#endif
- if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
+ if (0 != (rc = gcry_sexp_build (&s_keyparam,
+ NULL,
"(genkey(ecc(curve \"" CURVE "\")"
"(flags eddsa)))")))
{
gcry_mpi_release (d);
#if CRYPTO_BUG
- if (GNUNET_OK !=
- check_eddsa_key (priv))
+ if (GNUNET_OK != check_eddsa_key (priv))
{
GNUNET_break (0);
GNUNET_free (priv);
if (once)
return &anonymous;
GNUNET_CRYPTO_mpi_print_unsigned (anonymous.d,
- sizeof (anonymous.d),
- GCRYMPI_CONST_ONE);
+ sizeof (anonymous.d),
+ GCRYMPI_CONST_ONE);
once = 1;
return &anonymous;
}
#if 1
struct GNUNET_HashCode hc;
- GNUNET_CRYPTO_hash (purpose,
- ntohl (purpose->size),
- &hc);
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags eddsa)(hash-algo %s)(value %b))",
- "sha512",
- (int)sizeof (hc),
- &hc)))
+ GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags eddsa)(hash-algo %s)(value %b))",
+ "sha512",
+ (int) sizeof (hc),
+ &hc)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#else
GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags eddsa)(hash-algo %s)(value %b))",
- "sha512",
- ntohl (purpose->size),
- purpose)))
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags eddsa)(hash-algo %s)(value %b))",
+ "sha512",
+ ntohl (purpose->size),
+ purpose)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#endif
#if 1
struct GNUNET_HashCode hc;
- GNUNET_CRYPTO_hash (purpose,
- ntohl (purpose->size),
- &hc);
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags rfc6979)(hash %s %b))",
- "sha512",
- (int)sizeof (hc), &hc)))
+ GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags rfc6979)(hash %s %b))",
+ "sha512",
+ (int) sizeof (hc),
+ &hc)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#else
- if (0 != (rc = gcry_sexp_build (&data, NULL,
- "(data(flags rfc6979)(hash %s %b))",
- "sha512",
- ntohl (purpose->size),
- purpose)))
+ if (0 != (rc = gcry_sexp_build (&data,
+ NULL,
+ "(data(flags rfc6979)(hash %s %b))",
+ "sha512",
+ ntohl (purpose->size),
+ purpose)))
{
- LOG_GCRY (GNUNET_ERROR_TYPE_ERROR,
- "gcry_sexp_build",
- rc);
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return NULL;
}
#endif
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EcdsaSignature *sig)
+GNUNET_CRYPTO_ecdsa_sign (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EcdsaSignature *sig)
{
gcry_sexp_t priv_sexp;
gcry_sexp_t sig_sexp;
if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
{
LOG (GNUNET_ERROR_TYPE_WARNING,
- _("ECC signing failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("ECC signing failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
gcry_sexp_release (data);
gcry_sexp_release (priv_sexp);
return GNUNET_SYSERR;
return GNUNET_SYSERR;
}
gcry_sexp_release (sig_sexp);
- GNUNET_CRYPTO_mpi_print_unsigned (sig->r,
- sizeof (sig->r),
- rs[0]);
- GNUNET_CRYPTO_mpi_print_unsigned (sig->s,
- sizeof (sig->s),
- rs[1]);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->r, sizeof (sig->r), rs[0]);
+ GNUNET_CRYPTO_mpi_print_unsigned (sig->s, sizeof (sig->s), rs[1]);
gcry_mpi_release (rs[0]);
gcry_mpi_release (rs[1]);
* @return #GNUNET_SYSERR on error, #GNUNET_OK on success
*/
int
-GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
- struct GNUNET_CRYPTO_EddsaSignature *sig)
+GNUNET_CRYPTO_eddsa_sign (
+ const struct GNUNET_CRYPTO_EddsaPrivateKey *priv,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose,
+ struct GNUNET_CRYPTO_EddsaSignature *sig)
{
gcry_sexp_t priv_sexp;
gcry_sexp_t sig_sexp;
if (0 != (rc = gcry_pk_sign (&sig_sexp, data, priv_sexp)))
{
LOG (GNUNET_ERROR_TYPE_WARNING,
- _("EdDSA signing failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("EdDSA signing failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
gcry_sexp_release (data);
gcry_sexp_release (priv_sexp);
return GNUNET_SYSERR;
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EcdsaSignature *sig,
- const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
+GNUNET_CRYPTO_ecdsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EcdsaSignature *sig,
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
{
gcry_sexp_t data;
gcry_sexp_t sig_sexpr;
BENCHMARK_START (ecdsa_verify);
if (purpose != ntohl (validate->purpose))
- return GNUNET_SYSERR; /* purpose mismatch */
+ return GNUNET_SYSERR; /* purpose mismatch */
/* build s-expression for signature */
- if (0 != (rc = gcry_sexp_build (&sig_sexpr, NULL,
- "(sig-val(ecdsa(r %b)(s %b)))",
- (int) sizeof (sig->r), sig->r,
- (int) sizeof (sig->s), sig->s)))
+ if (0 != (rc = gcry_sexp_build (&sig_sexpr,
+ NULL,
+ "(sig-val(ecdsa(r %b)(s %b)))",
+ (int) sizeof (sig->r),
+ sig->r,
+ (int) sizeof (sig->s),
+ sig->s)))
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return GNUNET_SYSERR;
}
data = data_to_ecdsa_value (validate);
- if (0 != (rc = gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != (rc = gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int) sizeof (pub->q_y), pub->q_y)))
+ (int) sizeof (pub->q_y),
+ pub->q_y)))
{
gcry_sexp_release (data);
gcry_sexp_release (sig_sexpr);
if (0 != rc)
{
LOG (GNUNET_ERROR_TYPE_INFO,
- _("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("ECDSA signature verification failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
BENCHMARK_END (ecdsa_verify);
return GNUNET_SYSERR;
}
}
-
/**
* Verify signature.
*
* @returns #GNUNET_OK if ok, #GNUNET_SYSERR if invalid
*/
int
-GNUNET_CRYPTO_eddsa_verify (uint32_t purpose,
- const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
- const struct GNUNET_CRYPTO_EddsaSignature *sig,
- const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
+GNUNET_CRYPTO_eddsa_verify (
+ uint32_t purpose,
+ const struct GNUNET_CRYPTO_EccSignaturePurpose *validate,
+ const struct GNUNET_CRYPTO_EddsaSignature *sig,
+ const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
{
gcry_sexp_t data;
gcry_sexp_t sig_sexpr;
BENCHMARK_START (eddsa_verify);
if (purpose != ntohl (validate->purpose))
- return GNUNET_SYSERR; /* purpose mismatch */
+ return GNUNET_SYSERR; /* purpose mismatch */
/* build s-expression for signature */
- if (0 != (rc = gcry_sexp_build (&sig_sexpr, NULL,
- "(sig-val(eddsa(r %b)(s %b)))",
- (int)sizeof (sig->r), sig->r,
- (int)sizeof (sig->s), sig->s)))
+ if (0 != (rc = gcry_sexp_build (&sig_sexpr,
+ NULL,
+ "(sig-val(eddsa(r %b)(s %b)))",
+ (int) sizeof (sig->r),
+ sig->r,
+ (int) sizeof (sig->s),
+ sig->s)))
{
LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
return GNUNET_SYSERR;
}
data = data_to_eddsa_value (validate);
- if (0 != (rc = gcry_sexp_build (&pub_sexpr, NULL,
- "(public-key(ecc(curve " CURVE ")(flags eddsa)(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y)))
+ if (0 != (rc = gcry_sexp_build (&pub_sexpr,
+ NULL,
+ "(public-key(ecc(curve " CURVE
+ ")(flags eddsa)(q %b)))",
+ (int) sizeof (pub->q_y),
+ pub->q_y)))
{
gcry_sexp_release (data);
gcry_sexp_release (sig_sexpr);
if (0 != rc)
{
LOG (GNUNET_ERROR_TYPE_INFO,
- _("EdDSA signature verification failed at %s:%d: %s\n"), __FILE__,
- __LINE__, gcry_strerror (rc));
+ _ ("EdDSA signature verification failed at %s:%d: %s\n"),
+ __FILE__,
+ __LINE__,
+ gcry_strerror (rc));
BENCHMARK_END (eddsa_verify);
return GNUNET_SYSERR;
}
BENCHMARK_START (ecc_ecdh);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
as that does not include the sign bit; x should be a 255-bit
value, so with the sign it should fit snugly into the 256-bit
xbuf */
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize,
- result_x));
- GNUNET_CRYPTO_hash (xbuf,
- rsize,
- key_material);
+ GNUNET_assert (
+ 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
+ GNUNET_CRYPTO_hash (xbuf, rsize, key_material);
gcry_mpi_release (result_x);
BENCHMARK_END (ecc_ecdh);
return GNUNET_OK;
*/
static gcry_mpi_t
derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
- const char *label,
- const char *context)
+ const char *label,
+ const char *context)
{
gcry_mpi_t h;
struct GNUNET_HashCode hc;
static const char *const salt = "key-derivation";
- GNUNET_CRYPTO_kdf (&hc, sizeof (hc),
- salt, strlen (salt),
- pub, sizeof (*pub),
- label, strlen (label),
- context, strlen (context),
- NULL, 0);
- GNUNET_CRYPTO_mpi_scan_unsigned (&h,
- (unsigned char *) &hc,
- sizeof (hc));
+ GNUNET_CRYPTO_kdf (&hc,
+ sizeof (hc),
+ salt,
+ strlen (salt),
+ pub,
+ sizeof (*pub),
+ label,
+ strlen (label),
+ context,
+ strlen (context),
+ NULL,
+ 0);
+ GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc));
return h;
}
* @return derived private key
*/
struct GNUNET_CRYPTO_EcdsaPrivateKey *
-GNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
- const char *label,
- const char *context)
+GNUNET_CRYPTO_ecdsa_private_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv,
+ const char *label,
+ const char *context)
{
struct GNUNET_CRYPTO_EcdsaPublicKey pub;
struct GNUNET_CRYPTO_EcdsaPrivateKey *ret;
GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub);
h = derive_h (&pub, label, context);
- GNUNET_CRYPTO_mpi_scan_unsigned (&x,
- priv->d,
- sizeof (priv->d));
+ GNUNET_CRYPTO_mpi_scan_unsigned (&x, priv->d, sizeof (priv->d));
d = gcry_mpi_new (256);
gcry_mpi_mulm (d, h, x, n);
gcry_mpi_release (h);
* @param result where to write the derived public key
*/
void
-GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
- const char *label,
- const char *context,
- struct GNUNET_CRYPTO_EcdsaPublicKey *result)
+GNUNET_CRYPTO_ecdsa_public_key_derive (
+ const struct GNUNET_CRYPTO_EcdsaPublicKey *pub,
+ const char *label,
+ const char *context,
+ struct GNUNET_CRYPTO_EcdsaPublicKey *result)
{
gcry_ctx_t ctx;
gcry_mpi_t q_y;
/* obtain point 'q' from original public key. The provided 'q' is
compressed thus we first store it in the context and then get it
back as a (decompresssed) point. */
- q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8*sizeof (pub->q_y));
+ q_y = gcry_mpi_set_opaque_copy (NULL, pub->q_y, 8 * sizeof (pub->q_y));
GNUNET_assert (NULL != q_y);
GNUNET_assert (0 == gcry_mpi_ec_set_mpi ("q", q_y, ctx));
gcry_mpi_release (q_y);
gcry_mpi_point_release (v);
q_y = gcry_mpi_ec_get_mpi ("q@eddsa", ctx, 0);
GNUNET_assert (q_y);
- GNUNET_CRYPTO_mpi_print_unsigned (result->q_y,
- sizeof (result->q_y),
- q_y);
+ GNUNET_CRYPTO_mpi_print_unsigned (result->q_y, sizeof (result->q_y), q_y);
gcry_mpi_release (q_y);
gcry_ctx_release (ctx);
}
* @param length number of bytes in @a buffer
*/
static void
-reverse_buffer (unsigned char *buffer,
- size_t length)
+reverse_buffer (unsigned char *buffer, size_t length)
{
unsigned char tmp;
size_t i;
- for (i=0; i < length/2; i++)
+ for (i = 0; i < length / 2; i++)
{
tmp = buffer[i];
- buffer[i] = buffer[length-1-i];
- buffer[length-1-i] = tmp;
+ buffer[i] = buffer[length - 1 - i];
+ buffer[length - 1 - i] = tmp;
}
}
memset (digest, 0, sizeof digest);
memset (hvec, 0, sizeof hvec);
rawmpilen = sizeof (rawmpi);
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_USG,
- rawmpi, rawmpilen, &rawmpilen,
- d));
+ GNUNET_assert (
+ 0 == gcry_mpi_print (GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d));
hvec[0].data = digest;
hvec[0].off = 0;
hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
hvec[1].data = rawmpi;
hvec[1].off = 0;
hvec[1].len = rawmpilen;
- GNUNET_assert (0 ==
- gcry_md_hash_buffers (GCRY_MD_SHA512,
- 0 /* flags */,
- digest,
- hvec, 2));
+ GNUNET_assert (
+ 0 == gcry_md_hash_buffers (GCRY_MD_SHA512, 0 /* flags */, digest, hvec, 2));
/* Compute the A value. */
- reverse_buffer (digest, 32); /* Only the first half of the hash. */
- digest[0] = (digest[0] & 0x7f) | 0x40;
+ reverse_buffer (digest, 32); /* Only the first half of the hash. */
+ digest[0] = (digest[0] & 0x7f) | 0x40;
digest[31] &= 0xf8;
- GNUNET_CRYPTO_mpi_scan_unsigned (&a,
- digest,
- 32);
+ GNUNET_CRYPTO_mpi_scan_unsigned (&a, digest, 32);
return a;
}
as that does not include the sign bit; x should be a 255-bit
value, so with the sign it should fit snugly into the 256-bit
xbuf */
- GNUNET_assert (0 ==
- gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize,
- result_x));
- GNUNET_CRYPTO_hash (xbuf,
- rsize,
- key_material);
+ GNUNET_assert (
+ 0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
+ GNUNET_CRYPTO_hash (xbuf, rsize, key_material);
gcry_mpi_release (result_x);
return GNUNET_OK;
}
BENCHMARK_START (eddsa_ecdh);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
gcry_mpi_point_release (q);
gcry_mpi_release (a);
- ret = point_to_hash (result,
- ctx,
- key_material);
+ ret = point_to_hash (result, ctx, key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
BENCHMARK_END (eddsa_ecdh);
BENCHMARK_START (ecdsa_ecdh);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
gcry_mpi_release (d);
/* finally, convert point to string for hashing */
- ret = point_to_hash (result,
- ctx,
- key_material);
+ ret = point_to_hash (result, ctx, key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
BENCHMARK_END (ecdsa_ecdh);
}
-
/**
* @ingroup crypto
* Derive key material from a EdDSA public key and a private ECDH key.
BENCHMARK_START (ecdh_eddsa);
/* first, extract the q = dP value from the public key */
- if (0 != gcry_sexp_build (&pub_sexpr, NULL,
+ if (0 != gcry_sexp_build (&pub_sexpr,
+ NULL,
"(public-key(ecc(curve " CURVE ")(q %b)))",
- (int)sizeof (pub->q_y), pub->q_y))
+ (int) sizeof (pub->q_y),
+ pub->q_y))
return GNUNET_SYSERR;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, pub_sexpr, NULL));
gcry_sexp_release (pub_sexpr);
gcry_mpi_release (d);
/* finally, convert point to string for hashing */
- ret = point_to_hash (result,
- ctx,
- key_material);
+ ret = point_to_hash (result, ctx, key_material);
gcry_mpi_point_release (result);
gcry_ctx_release (ctx);
BENCHMARK_END (ecdh_eddsa);
struct GNUNET_HashCode *key_material)
{
return GNUNET_CRYPTO_ecdh_eddsa (priv,
- (const struct GNUNET_CRYPTO_EddsaPublicKey *)pub,
+ (const struct GNUNET_CRYPTO_EddsaPublicKey *)
+ pub,
key_material);
}
projects / oweals / gnunet.git / commitdiff