* Ephemeral public ECC key (always for NIST P-521) encoded in a format suitable
* for network transmission as created using 'gcry_sexp_sprint'.
*/
- struct GNUNET_CRYPTO_EccPublicSignKey ephemeral_key;
+ struct GNUNET_CRYPTO_EccPublicEncryptKey ephemeral_key;
/**
* Public key of the signing peer (persistent version, not the ephemeral public key).
{
current_ekm.expiration_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_UNIT_FOREVER_ABS);
}
- GNUNET_CRYPTO_ecc_key_get_public_for_signature (my_ephemeral_key,
- ¤t_ekm.ephemeral_key);
+ GNUNET_CRYPTO_ecc_key_get_public_for_encryption (my_ephemeral_key,
+ ¤t_ekm.ephemeral_key);
current_ekm.origin_public_key = my_public_key;
GNUNET_assert (GNUNET_OK ==
GNUNET_CRYPTO_ecc_sign (my_private_key,
* @param ctx context to use for ECC operations
*/
static void
-point_to_public_key (gcry_mpi_point_t q,
- gcry_ctx_t ctx,
- struct GNUNET_CRYPTO_EccPublicSignKey *pub)
+point_to_public_sign_key (gcry_mpi_point_t q,
+ gcry_ctx_t ctx,
+ struct GNUNET_CRYPTO_EccPublicSignKey *pub)
+{
+ gcry_mpi_t q_x;
+ gcry_mpi_t q_y;
+
+ q_x = gcry_mpi_new (256);
+ q_y = gcry_mpi_new (256);
+ if (gcry_mpi_ec_get_affine (q_x, q_y, q, ctx))
+ {
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "get_affine failed", 0);
+ return;
+ }
+
+ mpi_print (pub->q_x, sizeof (pub->q_x), q_x);
+ mpi_print (pub->q_y, sizeof (pub->q_y), q_y);
+ gcry_mpi_release (q_x);
+ gcry_mpi_release (q_y);
+}
+
+
+/**
+ * Initialize public key struct from the respective point
+ * on the curve.
+ *
+ * @param q point on curve
+ * @param pub public key struct to initialize
+ * @param ctx context to use for ECC operations
+ */
+static void
+point_to_public_encrypt_key (gcry_mpi_point_t q,
+ gcry_ctx_t ctx,
+ struct GNUNET_CRYPTO_EccPublicEncryptKey *pub)
{
gcry_mpi_t q_x;
gcry_mpi_t q_y;
GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL));
gcry_sexp_release (sexp);
q = gcry_mpi_ec_get_point ("q", ctx, 0);
- point_to_public_key (q, ctx, pub);
+ point_to_public_sign_key (q, ctx, pub);
+ gcry_ctx_release (ctx);
+ gcry_mpi_point_release (q);
+}
+
+
+/**
+ * Extract the public key for the given private key.
+ *
+ * @param priv the private key
+ * @param pub where to write the public key
+ */
+void
+GNUNET_CRYPTO_ecc_key_get_public_for_encryption (const struct GNUNET_CRYPTO_EccPrivateKey *priv,
+ struct GNUNET_CRYPTO_EccPublicEncryptKey *pub)
+{
+ gcry_sexp_t sexp;
+ gcry_ctx_t ctx;
+ gcry_mpi_point_t q;
+
+ sexp = decode_private_key (priv);
+ GNUNET_assert (NULL != sexp);
+ GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, sexp, NULL));
+ gcry_sexp_release (sexp);
+ q = gcry_mpi_ec_get_point ("q", ctx, 0);
+ point_to_public_encrypt_key (q, ctx, pub);
gcry_ctx_release (ctx);
gcry_mpi_point_release (q);
}
gcry_mpi_release (n);
gcry_mpi_point_release (q);
/* convert point 'v' to public key that we return */
- point_to_public_key (v, ctx, result);
+ point_to_public_sign_key (v, ctx, result);
gcry_mpi_point_release (v);
gcry_ctx_release (ctx);
}
{
struct GNUNET_CRYPTO_EccPrivateKey *priv1;
struct GNUNET_CRYPTO_EccPrivateKey *priv2;
- struct GNUNET_CRYPTO_EccPublicSignKey pub1;
- struct GNUNET_CRYPTO_EccPublicSignKey pub2;
+ struct GNUNET_CRYPTO_EccPublicEncryptKey pub1;
+ struct GNUNET_CRYPTO_EccPublicEncryptKey pub2;
struct GNUNET_HashCode ecdh1;
struct GNUNET_HashCode ecdh2;
priv1 = GNUNET_CRYPTO_ecc_key_create ();
priv2 = GNUNET_CRYPTO_ecc_key_create ();
- GNUNET_CRYPTO_ecc_key_get_public_for_signature (priv1, &pub1);
- GNUNET_CRYPTO_ecc_key_get_public_for_signature (priv2, &pub2);
+ GNUNET_CRYPTO_ecc_key_get_public_for_encryption (priv1, &pub1);
+ GNUNET_CRYPTO_ecc_key_get_public_for_encryption (priv2, &pub2);
GNUNET_CRYPTO_ecc_ecdh (priv1, &pub2, &ecdh1);
GNUNET_CRYPTO_ecc_ecdh (priv2, &pub1, &ecdh2);
GNUNET_assert (0 == memcmp (&ecdh1, &ecdh2,