![]() |
GNUnet
0.11.x
|
Identity management. More...
Data Structures | |
struct | GNUNET_IDENTITY_PrivateKey |
A private key for an identity as per LSD0001. More... | |
struct | GNUNET_IDENTITY_PublicKey |
An identity key as per LSD0001. More... | |
struct | GNUNET_IDENTITY_Signature |
An identity signature as per LSD0001. More... | |
Macros | |
#define | GNUNET_IDENTITY_VERSION 0x00000100 |
Version number of GNUnet Identity API. More... | |
#define | GNUNET_IDENTITY_sign(priv, ps, sig) |
Sign a given block with GNUNET_IDENTITY_PrivateKey. More... | |
#define | GNUNET_IDENTITY_signature_verify(purp, ps, sig, pub) |
Verify a given signature with GNUNET_IDENTITY_PublicKey. More... | |
Typedefs | |
typedef void(* | GNUNET_IDENTITY_Callback) (void *cls, struct GNUNET_IDENTITY_Ego *ego, void **ctx, const char *name) |
Method called to inform about the egos of this peer. More... | |
typedef void(* | GNUNET_IDENTITY_Continuation) (void *cls, const char *emsg) |
Function called once the requested operation has been completed. More... | |
typedef void(* | GNUNET_IDENTITY_CreateContinuation) (void *cls, const struct GNUNET_IDENTITY_PrivateKey *pk, const char *emsg) |
Function called once the requested operation has been completed. More... | |
typedef void(* | GNUNET_IDENTITY_EgoCallback) (void *cls, struct GNUNET_IDENTITY_Ego *ego) |
Function called with the result. More... | |
typedef void(* | GNUNET_IDENTITY_EgoSuffixCallback) (void *cls, const struct GNUNET_IDENTITY_PrivateKey *priv, const char *ego_name) |
Function called with the result. More... | |
Enumerations | |
enum | GNUNET_IDENTITY_KeyType { GNUNET_IDENTITY_TYPE_ECDSA = 65536, GNUNET_IDENTITY_TYPE_EDDSA = 65556 } |
Identity management.
Egos in GNUnet are ECDSA keys. You assume an ego by using (signing with) a particular private key. As GNUnet users are expected to have many egos, we need an identity service to allow users to manage their egos. The identity service manages the egos (private keys) of the local user; it does NOT manage egos of other users (public keys). For giving names to other users and manage their public keys securely, we use GNS.
#define GNUNET_IDENTITY_VERSION 0x00000100 |
Version number of GNUnet Identity API.
Definition at line 58 of file gnunet_identity_service.h.
#define GNUNET_IDENTITY_sign | ( | priv, | |
ps, | |||
sig | |||
) |
Sign a given block with GNUNET_IDENTITY_PrivateKey.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
priv | private key to use for the signing | |
ps | packed struct with what to sign, MUST begin with a purpose | |
[out] | sig | where to write the signature |
Definition at line 530 of file gnunet_identity_service.h.
Referenced by handle_client_call_message(), and sign_message().
#define GNUNET_IDENTITY_signature_verify | ( | purp, | |
ps, | |||
sig, | |||
pub | |||
) |
Verify a given signature with GNUNET_IDENTITY_PublicKey.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
purp | purpose of the signature, must match 'ps->purpose.purpose' (except in host byte order) |
ps | packed struct with what to sign, MUST begin with a purpose |
sig | where to read the signature from |
pub | public key to use for the verifying |
Definition at line 582 of file gnunet_identity_service.h.
Referenced by handle_cadet_ring_message(), and verify_message().
typedef void(* GNUNET_IDENTITY_Callback) (void *cls, struct GNUNET_IDENTITY_Ego *ego, void **ctx, const char *name) |
Method called to inform about the egos of this peer.
When used with GNUNET_IDENTITY_connect, this function is initially called for all egos and then again whenever a ego's name changes or if it is deleted. At the end of the initial pass over all egos, the function is once called with 'NULL' for ego. That does NOT mean that the callback won't be invoked in the future or that there was an error.
When used with GNUNET_IDENTITY_create or GNUNET_IDENTITY_get, this function is only called ONCE, and 'NULL' being passed in ego does indicate an error (i.e. name is taken or no default value is known). If ego is non-NULL and if '*ctx' is set in those callbacks, the value WILL be passed to a subsequent call to the identity callback of GNUNET_IDENTITY_connect (if that one was not NULL).
When an identity is renamed, this function is called with the (known) ego but the NEW name.
When an identity is deleted, this function is called with the (known) ego and "NULL" for the name. In this case, the ego is henceforth invalid (and the ctx should also be cleaned up).
cls | closure |
ego | ego handle |
ctx | context for application to store data for this ego (during the lifetime of this process, initially NULL) |
name | name assigned by the user for this ego, NULL if the user just deleted the ego and it must thus no longer be used |
Definition at line 238 of file gnunet_identity_service.h.
typedef void(* GNUNET_IDENTITY_Continuation) (void *cls, const char *emsg) |
Function called once the requested operation has been completed.
cls | closure |
emsg | NULL on success, otherwise an error message |
Definition at line 282 of file gnunet_identity_service.h.
typedef void(* GNUNET_IDENTITY_CreateContinuation) (void *cls, const struct GNUNET_IDENTITY_PrivateKey *pk, const char *emsg) |
Function called once the requested operation has been completed.
cls | closure |
pk | private key, NULL on error |
emsg | error message, NULL on success |
Definition at line 322 of file gnunet_identity_service.h.
typedef void(* GNUNET_IDENTITY_EgoCallback) (void *cls, struct GNUNET_IDENTITY_Ego *ego) |
Function called with the result.
cls | closure |
ego | NULL on error / ego not found |
Definition at line 716 of file gnunet_identity_service.h.
typedef void(* GNUNET_IDENTITY_EgoSuffixCallback) (void *cls, const struct GNUNET_IDENTITY_PrivateKey *priv, const char *ego_name) |
Function called with the result.
cls | closure |
ego | NULL on error / ego not found |
ego_name | NULL on error, name of the ego otherwise |
Definition at line 757 of file gnunet_identity_service.h.
Enumerator | |
---|---|
GNUNET_IDENTITY_TYPE_ECDSA | The identity type. The value is the same as the PKEY record type. |
GNUNET_IDENTITY_TYPE_EDDSA | EDDSA identity. The value is the same as the EDKEY record type. |
Definition at line 60 of file gnunet_identity_service.h.
const struct GNUNET_IDENTITY_PrivateKey* GNUNET_IDENTITY_ego_get_private_key | ( | const struct GNUNET_IDENTITY_Ego * | ego | ) |
Obtain the ECC key associated with a ego.
ego | the ego |
Definition at line 639 of file identity_api.c.
References GNUNET_IDENTITY_Ego::pk.
Referenced by add_attribute_cont(), add_credential_cont(), authorize_endpoint(), callback_update_ego(), code_redirect(), consume_ticket_cont(), delete_attribute_cont(), delete_credential_cont(), directory_trim_complete(), ego_callback(), ego_cb(), ego_get_all(), ego_get_response(), get_ego(), get_handle_ego(), GNUNET_CONVERSATION_phone_create(), handle_gns_response(), identity_cb(), list_attribute_cont(), list_credential_cont(), list_tickets_cont(), namestore_add_or_update(), namestore_delete(), namestore_get(), print_ego(), revoke_ticket_cont(), sign_cb(), store_cb(), uri_ksk_continuation(), and userinfo_endpoint().
struct GNUNET_IDENTITY_Ego* GNUNET_IDENTITY_ego_get_anonymous | ( | void | ) |
Obtain the ego representing 'anonymous' users.
Definition at line 156 of file identity_api.c.
References GNUNET_IDENTITY_PrivateKey::ecdsa_key, GNUNET_CRYPTO_ecdsa_key_get_anonymous(), GNUNET_CRYPTO_hash(), GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_Ego::id, GNUNET_IDENTITY_Ego::pk, GNUNET_IDENTITY_Ego::pub, GNUNET_IDENTITY_PrivateKey::type, and GNUNET_IDENTITY_PublicKey::type.
Referenced by get_handle_ego(), and get_handle_key().
void GNUNET_IDENTITY_ego_get_public_key | ( | struct GNUNET_IDENTITY_Ego * | ego, |
struct GNUNET_IDENTITY_PublicKey * | pk | ||
) |
Get the identifier (public key) of an ego.
ego | identity handle with the private key |
pk | set to ego's public key |
Definition at line 652 of file identity_api.c.
References GNUNET_IDENTITY_key_get_public(), GNUNET_NO, GNUNET_YES, GNUNET_IDENTITY_Ego::pk, GNUNET_IDENTITY_Ego::pub, and GNUNET_IDENTITY_Ego::pub_initialized.
Referenced by code_redirect(), consume_ticket_cont(), ego_callback(), ego_get_for_subsystem(), find_ego(), get_ego(), get_handle_ego(), get_handle_key(), list_ego(), print_ego(), revoke_ticket_cont(), and store_cb().
struct GNUNET_IDENTITY_Handle* GNUNET_IDENTITY_connect | ( | const struct GNUNET_CONFIGURATION_Handle * | cfg, |
GNUNET_IDENTITY_Callback | cb, | ||
void * | cb_cls | ||
) |
Connect to the identity service.
cfg | Configuration to contact the identity service. |
cb | function to call on all identity events, can be NULL |
cb_cls | closure for cb |
cfg | the configuration to use |
cb | function to call on all identity events, can be NULL |
cb_cls | closure for cb |
Definition at line 610 of file identity_api.c.
References GNUNET_IDENTITY_Operation::cb, GNUNET_IDENTITY_Handle::cb, GNUNET_IDENTITY_Handle::cb_cls, cfg, GNUNET_IDENTITY_Handle::cfg, GNUNET_IDENTITY_Handle::egos, GNUNET_CONTAINER_multihashmap_create(), GNUNET_free, GNUNET_new, GNUNET_YES, GNUNET_IDENTITY_Operation::h, GNUNET_IDENTITY_Handle::mq, and reconnect().
Referenced by create_service(), libgnunet_plugin_rest_identity_init(), libgnunet_plugin_rest_namestore_init(), libgnunet_plugin_rest_openid_connect_init(), libgnunet_plugin_rest_reclaim_init(), and run().
struct GNUNET_IDENTITY_Operation* GNUNET_IDENTITY_get | ( | struct GNUNET_IDENTITY_Handle * | h, |
const char * | service_name, | ||
GNUNET_IDENTITY_Callback | cb, | ||
void * | cb_cls | ||
) |
Obtain the ego that is currently preferred/default for a service.
id | identity service to query |
service_name | for which service is an identity wanted |
cb | function to call with the result (will only be called once) |
cb_cls | closure for cb |
Obtain the ego that is currently preferred/default for a service.
h | identity service to query |
service_name | for which service is an identity wanted |
cb | function to call with the result (will only be called once) |
cb_cls | closure for cb |
Definition at line 675 of file identity_api.c.
References GNUNET_IDENTITY_Operation::cb, GNUNET_IDENTITY_Handle::cb, GNUNET_IDENTITY_Operation::cls, env, GNUNET_assert, GNUNET_break, GNUNET_CONTAINER_DLL_insert_tail, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_IDENTITY_GET_DEFAULT, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_new, GNUNET_IDENTITY_Operation::h, GNUNET_IDENTITY_Handle::mq, GetDefaultMessage::name_len, op, GNUNET_IDENTITY_Handle::op_head, GNUNET_IDENTITY_Handle::op_tail, and GetDefaultMessage::reserved.
Referenced by ego_get_subsystem(), and id_connect_cb().
struct GNUNET_IDENTITY_Operation* GNUNET_IDENTITY_set | ( | struct GNUNET_IDENTITY_Handle * | h, |
const char * | service_name, | ||
struct GNUNET_IDENTITY_Ego * | ego, | ||
GNUNET_IDENTITY_Continuation | cont, | ||
void * | cont_cls | ||
) |
Set the preferred/default ego for a service.
id | identity service to inform |
service_name | for which service is an identity set |
ego | new default identity to be set for this service |
cont | function to call once the operation finished |
cont_cls | closure for cont |
Set the preferred/default ego for a service.
h | identity service to inform |
service_name | for which service is an identity set |
ego | new default identity to be set for this service |
cont | function to call once the operation finished |
cont_cls | closure for cont |
Definition at line 720 of file identity_api.c.
References GNUNET_IDENTITY_Handle::cb, GNUNET_IDENTITY_Operation::cls, GNUNET_IDENTITY_Operation::cont, env, GNUNET_assert, GNUNET_break, GNUNET_CONTAINER_DLL_insert_tail, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_IDENTITY_SET_DEFAULT, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_new, GNUNET_IDENTITY_Operation::h, GNUNET_IDENTITY_Handle::mq, SetDefaultMessage::name_len, op, GNUNET_IDENTITY_Handle::op_head, GNUNET_IDENTITY_Handle::op_tail, GNUNET_IDENTITY_Ego::pk, SetDefaultMessage::private_key, and SetDefaultMessage::reserved.
Referenced by ego_edit_subsystem(), and print_ego().
void GNUNET_IDENTITY_disconnect | ( | struct GNUNET_IDENTITY_Handle * | h | ) |
Disconnect from identity service.
h | identity service to disconnect |
h | handle to destroy |
Definition at line 921 of file identity_api.c.
References GNUNET_IDENTITY_Operation::cont, GNUNET_IDENTITY_Handle::egos, free_ego(), GNUNET_assert, GNUNET_break, GNUNET_CONTAINER_DLL_remove, GNUNET_CONTAINER_multihashmap_destroy(), GNUNET_CONTAINER_multihashmap_iterate(), GNUNET_free, GNUNET_MQ_destroy(), GNUNET_SCHEDULER_cancel(), GNUNET_IDENTITY_Handle::mq, op, GNUNET_IDENTITY_Handle::op_head, GNUNET_IDENTITY_Handle::op_tail, GNUNET_IDENTITY_Operation::pk, and GNUNET_IDENTITY_Handle::reconnect_task.
Referenced by destroy_service(), do_cleanup(), do_shutdown(), do_stop_task(), libgnunet_plugin_rest_identity_done(), libgnunet_plugin_rest_namestore_done(), libgnunet_plugin_rest_openid_connect_done(), libgnunet_plugin_rest_reclaim_done(), process_stdin(), and shutdown_task().
struct GNUNET_IDENTITY_Operation* GNUNET_IDENTITY_create | ( | struct GNUNET_IDENTITY_Handle * | id, |
const char * | name, | ||
const struct GNUNET_IDENTITY_PrivateKey * | privkey, | ||
enum GNUNET_IDENTITY_KeyType | ktype, | ||
GNUNET_IDENTITY_CreateContinuation | cont, | ||
void * | cont_cls | ||
) |
Create a new ego with the given name.
id | identity service to use |
name | desired name |
privkey | desired private key or NULL to create one |
ktype | the type of key to create. Ignored if privkey != NULL. |
cont | function to call with the result (will only be called once) |
cont_cls | closure for cont |
Definition at line 757 of file identity_api.c.
References GNUNET_IDENTITY_Operation::cls, GNUNET_IDENTITY_Operation::cont, GNUNET_IDENTITY_Operation::create_cont, env, GNUNET_assert, GNUNET_break, GNUNET_CONTAINER_DLL_insert_tail, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_IDENTITY_CREATE, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_new, GNUNET_OK, GNUNET_IDENTITY_Operation::h, GNUNET_IDENTITY_Handle::mq, CreateRequestMessage::name_len, op, GNUNET_IDENTITY_Handle::op_head, GNUNET_IDENTITY_Handle::op_tail, GNUNET_IDENTITY_Operation::pk, CreateRequestMessage::private_key, private_key_create(), and CreateRequestMessage::reserved.
Referenced by ego_create(), run(), and update_handle().
struct GNUNET_IDENTITY_Operation* GNUNET_IDENTITY_rename | ( | struct GNUNET_IDENTITY_Handle * | h, |
const char * | old_name, | ||
const char * | new_name, | ||
GNUNET_IDENTITY_Continuation | cb, | ||
void * | cb_cls | ||
) |
Renames an existing ego.
id | identity service to use |
old_name | old name |
new_name | desired new name |
cb | function to call with the result (will only be called once) |
cb_cls | closure for cb |
Renames an existing ego.
h | identity service to use |
old_name | old name |
new_name | desired new name |
cb | function to call with the result (will only be called once) |
cb_cls | closure for cb |
Definition at line 810 of file identity_api.c.
References GNUNET_IDENTITY_Operation::cb, GNUNET_IDENTITY_Operation::cls, GNUNET_IDENTITY_Operation::cont, env, GNUNET_break, GNUNET_CONTAINER_DLL_insert_tail, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_IDENTITY_RENAME, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_new, GNUNET_IDENTITY_Operation::h, GNUNET_IDENTITY_Handle::mq, RenameMessage::new_name_len, RenameMessage::old_name_len, op, GNUNET_IDENTITY_Handle::op_head, and GNUNET_IDENTITY_Handle::op_tail.
Referenced by ego_edit(), and set_handle_name().
struct GNUNET_IDENTITY_Operation* GNUNET_IDENTITY_delete | ( | struct GNUNET_IDENTITY_Handle * | h, |
const char * | name, | ||
GNUNET_IDENTITY_Continuation | cb, | ||
void * | cb_cls | ||
) |
Delete an existing ego.
id | identity service to use |
name | name of the identity to delete |
cb | function to call with the result (will only be called once) |
cb_cls | closure for cb |
Delete an existing ego.
h | identity service to use |
name | name of the identity to delete |
cb | function to call with the result (will only be called once) |
cb_cls | closure for cb |
Definition at line 863 of file identity_api.c.
References GNUNET_IDENTITY_Operation::cb, GNUNET_IDENTITY_Operation::cls, GNUNET_IDENTITY_Operation::cont, env, GNUNET_break, GNUNET_CONTAINER_DLL_insert_tail, GNUNET_MAX_MESSAGE_SIZE, GNUNET_memcpy, GNUNET_MESSAGE_TYPE_IDENTITY_DELETE, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_new, GNUNET_IDENTITY_Operation::h, GNUNET_IDENTITY_Handle::mq, DeleteMessage::name_len, op, GNUNET_IDENTITY_Handle::op_head, GNUNET_IDENTITY_Handle::op_tail, and DeleteMessage::reserved.
Referenced by ego_delete_name(), ego_delete_pubkey(), and run().
void GNUNET_IDENTITY_cancel | ( | struct GNUNET_IDENTITY_Operation * | op | ) |
Cancel an identity operation.
Note that the operation MAY still be executed; this merely cancels the continuation; if the request was already transmitted, the service may still choose to complete the operation.
op | operation to cancel |
Definition at line 904 of file identity_api.c.
References GNUNET_IDENTITY_Operation::cb, GNUNET_IDENTITY_Operation::cont, GNUNET_IDENTITY_Operation::create_cont, and GNUNET_IDENTITY_Operation::pk.
Referenced by destroy_handle(), do_shutdown(), set_handle_name(), and shutdown_task().
ssize_t GNUNET_IDENTITY_key_get_length | ( | const struct GNUNET_IDENTITY_PublicKey * | key | ) |
Get the compacted length of a GNUNET_IDENTITY_PublicKey.
Compacted means that it returns the minimum number of bytes this key is long, as opposed to the union structure inside GNUNET_IDENTITY_PublicKey. Useful for compact serializations.
key | the key. |
Definition at line 976 of file identity_api.c.
References GNUNET_IDENTITY_PublicKey::ecdsa_key, GNUNET_IDENTITY_PublicKey::eddsa_key, GNUNET_break, GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_TYPE_EDDSA, and GNUNET_IDENTITY_PublicKey::type.
Referenced by block_plugin_revocation_evaluate(), block_plugin_revocation_get_key(), check_signature_identity(), ego_callback(), gns_string_to_value(), GNUNET_GNSRECORD_data_from_identity(), GNUNET_IDENTITY_public_key_to_string(), GNUNET_IDENTITY_read_key_from_buffer(), GNUNET_IDENTITY_write_key_to_buffer(), GNUNET_REVOCATION_check_pow(), GNUNET_REVOCATION_pow_round(), GNUNET_REVOCATION_proof_get_size(), publicize_rm(), run(), run_with_zone_pkey(), and sign_pow_identity().
ssize_t GNUNET_IDENTITY_read_key_from_buffer | ( | struct GNUNET_IDENTITY_PublicKey * | key, |
const void * | buffer, | ||
size_t | len | ||
) |
Reads a GNUNET_IDENTITY_PublicKey from a compact buffer.
The buffer has to contain at least the compacted length of a GNUNET_IDENTITY_PublicKey in bytes. If the buffer is too small, the function returns -1 as error. If the buffer does not contain a valid key, it returns -2 as error.
key | the key |
buffer | the buffer |
len | the length of buffer |
Definition at line 994 of file identity_api.c.
References GNUNET_IDENTITY_PublicKey::ecdsa_key, GNUNET_IDENTITY_key_get_length(), GNUNET_memcpy, and GNUNET_IDENTITY_PublicKey::type.
Referenced by GNUNET_GNSRECORD_identity_from_data().
ssize_t GNUNET_IDENTITY_write_key_to_buffer | ( | const struct GNUNET_IDENTITY_PublicKey * | key, |
void * | buffer, | ||
size_t | len | ||
) |
Writes a GNUNET_IDENTITY_PublicKey to a compact buffer.
The buffer requires space for at least the compacted length of a GNUNET_IDENTITY_PublicKey in bytes. If the buffer is too small, the function returns -1 as error. If the key is not valid, it returns -2 as error.
key | the key |
buffer | the buffer |
len | the length of buffer |
Definition at line 1013 of file identity_api.c.
References GNUNET_IDENTITY_key_get_length(), and GNUNET_memcpy.
Referenced by check_signature_identity(), GNUNET_GNSRECORD_data_from_identity(), and sign_pow_identity().
ssize_t GNUNET_IDENTITY_signature_get_length | ( | const struct GNUNET_IDENTITY_Signature * | sig | ) |
Get the compacted length of a GNUNET_IDENTITY_Signature.
Compacted means that it returns the minimum number of bytes this signature is long, as opposed to the union structure inside GNUNET_IDENTITY_Signature. Useful for compact serializations.
sig | the signature. |
Definition at line 1029 of file identity_api.c.
References GNUNET_IDENTITY_Signature::ecdsa_signature, GNUNET_IDENTITY_Signature::eddsa_signature, GNUNET_break, GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_TYPE_EDDSA, and GNUNET_IDENTITY_Signature::type.
Referenced by GNUNET_IDENTITY_read_signature_from_buffer(), GNUNET_IDENTITY_write_signature_to_buffer(), and GNUNET_REVOCATION_proof_get_size().
ssize_t GNUNET_IDENTITY_read_signature_from_buffer | ( | struct GNUNET_IDENTITY_Signature * | sig, |
const void * | buffer, | ||
size_t | len | ||
) |
Reads a GNUNET_IDENTITY_Signature from a compact buffer.
The buffer has to contain at least the compacted length of a GNUNET_IDENTITY_Signature in bytes. If the buffer is too small, the function returns -1 as error. If the buffer does not contain a valid key, it returns -2 as error.
sig | the signature |
buffer | the buffer |
len | the length of buffer |
Definition at line 1048 of file identity_api.c.
References GNUNET_IDENTITY_Signature::ecdsa_signature, GNUNET_IDENTITY_signature_get_length(), GNUNET_memcpy, and GNUNET_IDENTITY_Signature::type.
ssize_t GNUNET_IDENTITY_write_signature_to_buffer | ( | const struct GNUNET_IDENTITY_Signature * | sig, |
void * | buffer, | ||
size_t | len | ||
) |
Writes a GNUNET_IDENTITY_Signature to a compact buffer.
The buffer requires space for at least the compacted length of a GNUNET_IDENTITY_Signature in bytes. If the buffer is too small, the function returns -1 as error. If the key is not valid, it returns -2 as error.
sig | the signature |
buffer | the buffer |
len | the length of buffer |
Definition at line 1068 of file identity_api.c.
References GNUNET_IDENTITY_Signature::ecdsa_signature, GNUNET_IDENTITY_signature_get_length(), GNUNET_memcpy, and GNUNET_IDENTITY_Signature::type.
int GNUNET_IDENTITY_sign_ | ( | const struct GNUNET_IDENTITY_PrivateKey * | priv, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | purpose, | ||
struct GNUNET_IDENTITY_Signature * | sig | ||
) |
Sign a given block.
The purpose data is the beginning of the data of which the signature is to be created. The size
field in purpose must correctly indicate the number of bytes of the data structure, including its header. If possible, use GNUNET_IDENTITY_sign() instead of this function.
priv | private key to use for the signing | |
purpose | what to sign (size, purpose) | |
[out] | sig | where to write the signature |
Definition at line 1086 of file identity_api.c.
References GNUNET_IDENTITY_PrivateKey::ecdsa_key, GNUNET_IDENTITY_Signature::ecdsa_signature, GNUNET_IDENTITY_PrivateKey::eddsa_key, GNUNET_IDENTITY_Signature::eddsa_signature, GNUNET_break, GNUNET_CRYPTO_ecdsa_sign_(), GNUNET_CRYPTO_eddsa_sign_(), GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_TYPE_EDDSA, GNUNET_SYSERR, GNUNET_IDENTITY_PrivateKey::type, and GNUNET_IDENTITY_Signature::type.
Referenced by OIDC_build_authz_code(), and sign_pow_identity().
int GNUNET_IDENTITY_signature_verify_ | ( | uint32_t | purpose, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | validate, | ||
const struct GNUNET_IDENTITY_Signature * | sig, | ||
const struct GNUNET_IDENTITY_PublicKey * | pub | ||
) |
Verify a given signature.
The validate data is the beginning of the data of which the signature is to be verified. The size
field in validate must correctly indicate the number of bytes of the data structure, including its header. If purpose does not match the purpose given in validate (the latter must be in big endian), signature verification fails. If possible, use GNUNET_IDENTITY_signature_verify() instead of this function (only if validate is not fixed-size, you must use this function directly).
purpose | what is the purpose that the signature should have? |
validate | block to validate (size, purpose, data) |
sig | signature that is being validated |
pub | public key of the signer |
Definition at line 1112 of file identity_api.c.
References GNUNET_IDENTITY_PublicKey::ecdsa_key, GNUNET_IDENTITY_Signature::ecdsa_signature, GNUNET_IDENTITY_PublicKey::eddsa_key, GNUNET_IDENTITY_Signature::eddsa_signature, GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_ecdsa_verify_(), GNUNET_CRYPTO_eddsa_verify_(), GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_TYPE_EDDSA, GNUNET_SYSERR, GNUNET_IDENTITY_PublicKey::type, and GNUNET_IDENTITY_Signature::type.
Referenced by check_signature_identity(), and OIDC_parse_authz_code().
ssize_t GNUNET_IDENTITY_encrypt | ( | const void * | block, |
size_t | size, | ||
const struct GNUNET_IDENTITY_PublicKey * | pub, | ||
struct GNUNET_CRYPTO_EcdhePublicKey * | ecc, | ||
void * | result | ||
) |
Encrypt a block with GNUNET_IDENTITY_PublicKey and derives a GNUNET_CRYPTO_EcdhePublicKey which is required for decryption using ecdh to derive a symmetric key.
block | the block to encrypt |
size | the size of the block |
pub | public key to use for ecdh |
ecc | where to write the ecc public key |
result | the output parameter in which to store the encrypted result can be the same or overlap with block |
len
. Definition at line 1141 of file identity_api.c.
References GNUNET_IDENTITY_PublicKey::ecdsa_key, GNUNET_IDENTITY_PublicKey::eddsa_key, GNUNET_CRYPTO_ecdh_ecdsa(), GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_ecdhe_key_clear(), GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_hash_to_aes_key(), GNUNET_CRYPTO_symmetric_encrypt(), GNUNET_CRYPTO_zero_keys(), GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_TYPE_EDDSA, GNUNET_SYSERR, and GNUNET_IDENTITY_PublicKey::type.
Referenced by encrypt_message().
ssize_t GNUNET_IDENTITY_decrypt | ( | const void * | block, |
size_t | size, | ||
const struct GNUNET_IDENTITY_PrivateKey * | priv, | ||
const struct GNUNET_CRYPTO_EcdhePublicKey * | ecc, | ||
void * | result | ||
) |
Decrypt a given block with GNUNET_IDENTITY_PrivateKey and a given GNUNET_CRYPTO_EcdhePublicKey using ecdh to derive a symmetric key.
block | the data to decrypt, encoded as returned by encrypt |
size | the size of the block to decrypt |
priv | private key to use for ecdh |
ecc | the ecc public key |
result | address to store the result at can be the same or overlap with block |
size
. Definition at line 1180 of file identity_api.c.
References GNUNET_IDENTITY_PrivateKey::ecdsa_key, GNUNET_IDENTITY_PrivateKey::eddsa_key, GNUNET_CRYPTO_ecdsa_ecdh(), GNUNET_CRYPTO_eddsa_ecdh(), GNUNET_CRYPTO_hash_to_aes_key(), GNUNET_CRYPTO_symmetric_decrypt(), GNUNET_CRYPTO_zero_keys(), GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_TYPE_EDDSA, GNUNET_SYSERR, and GNUNET_IDENTITY_PrivateKey::type.
Referenced by decrypt_message().
char* GNUNET_IDENTITY_public_key_to_string | ( | const struct GNUNET_IDENTITY_PublicKey * | key | ) |
Creates a (Base32) string representation of the public key.
The resulting string encodes a compacted representation of the key. See also GNUNET_IDENTITY_key_get_length.
key | the key. |
Definition at line 1215 of file identity_api.c.
References GNUNET_IDENTITY_key_get_length(), GNUNET_STRINGS_data_to_string_alloc(), and size.
Referenced by create_finished(), ego_get_for_subsystem(), gns_value_to_string(), GNUNET_GNSRECORD_pkey_to_zkey(), handle_get_key(), list_ego(), and print_ego().
char* GNUNET_IDENTITY_private_key_to_string | ( | const struct GNUNET_IDENTITY_PrivateKey * | key | ) |
Creates a (Base32) string representation of the private key.
The resulting string encodes a compacted representation of the key. See also GNUNET_IDENTITY_key_get_length.
key | the key. |
Definition at line 1225 of file identity_api.c.
References GNUNET_STRINGS_data_to_string_alloc(), private_key_get_length(), and size.
Referenced by create_finished(), ego_get_all(), ego_get_response(), and print_ego().
enum GNUNET_GenericReturnValue GNUNET_IDENTITY_public_key_from_string | ( | const char * | str, |
struct GNUNET_IDENTITY_PublicKey * | key | ||
) |
Parses a (Base32) string representation of the public key.
See also GNUNET_IDENTITY_public_key_to_string.
str | the encoded key. |
key | where to write the key. |
Definition at line 1235 of file identity_api.c.
References GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_OK, GNUNET_STRINGS_string_to_data(), GNUNET_SYSERR, ret, and GNUNET_IDENTITY_PublicKey::type.
Referenced by authorize_endpoint(), code_redirect(), create_response(), gns_string_to_value(), GNUNET_GNS_lookup_with_tld(), GNUNET_GNSRECORD_zkey_to_pkey(), lookup_it_finished(), run(), run_with_zone_pkey(), start_process(), and tld_iter().
enum GNUNET_GenericReturnValue GNUNET_IDENTITY_private_key_from_string | ( | const char * | str, |
struct GNUNET_IDENTITY_PrivateKey * | key | ||
) |
Parses a (Base32) string representation of the private key.
See also GNUNET_IDENTITY_private_key_to_string.
str | the encoded key. |
key | where to write the key. |
Definition at line 1253 of file identity_api.c.
References GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_OK, GNUNET_STRINGS_string_to_data(), GNUNET_SYSERR, ret, and GNUNET_IDENTITY_PrivateKey::type.
enum GNUNET_GenericReturnValue GNUNET_IDENTITY_key_get_public | ( | const struct GNUNET_IDENTITY_PrivateKey * | privkey, |
struct GNUNET_IDENTITY_PublicKey * | key | ||
) |
Retrieves the public key representation of a private key.
privkey | the private key. |
key | the public key result. |
Definition at line 175 of file identity_api.c.
References GNUNET_IDENTITY_PrivateKey::ecdsa_key, GNUNET_IDENTITY_PublicKey::ecdsa_key, GNUNET_IDENTITY_PrivateKey::eddsa_key, GNUNET_IDENTITY_PublicKey::eddsa_key, GNUNET_break, GNUNET_CRYPTO_ecdsa_key_get_public(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_IDENTITY_TYPE_ECDSA, GNUNET_IDENTITY_TYPE_EDDSA, GNUNET_OK, GNUNET_SYSERR, GNUNET_IDENTITY_PrivateKey::type, and GNUNET_IDENTITY_PublicKey::type.
Referenced by attr_iter_cb(), authorize_endpoint(), create_finished(), create_message_key(), cred_iter_cb(), filter_tickets_finished_cb(), get_nick_record(), GNUNET_GNSRECORD_query_from_private_key(), GNUNET_IDENTITY_ego_get_public_key(), handle_attribute_store_message(), handle_client_call_message(), handle_credential_store_message(), identity_zone_cb(), RECLAIM_TICKETS_consume(), RECLAIM_TICKETS_revoke(), refresh_block(), run(), sign_pow(), and update_service_ego().
struct GNUNET_IDENTITY_EgoLookup* GNUNET_IDENTITY_ego_lookup | ( | const struct GNUNET_CONFIGURATION_Handle * | cfg, |
const char * | name, | ||
GNUNET_IDENTITY_EgoCallback | cb, | ||
void * | cb_cls | ||
) |
Lookup an ego by name.
cfg | configuration to use |
name | name to look up |
cb | callback to invoke with the result |
cb_cls | closure for cb |
Definition at line 171 of file identity_api_lookup.c.
References GNUNET_IDENTITY_EgoLookup::cb, GNUNET_IDENTITY_EgoLookup::cb_cls, el, env, GNUNET_assert, GNUNET_break, GNUNET_CLIENT_connect(), GNUNET_free, GNUNET_MESSAGE_TYPE_IDENTITY_LOOKUP, GNUNET_MESSAGE_TYPE_IDENTITY_RESULT_CODE, GNUNET_MESSAGE_TYPE_IDENTITY_UPDATE, GNUNET_MQ_handler_end, GNUNET_MQ_hd_var_size, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_new, GNUNET_strdup, GNUNET_IDENTITY_EgoLookup::mq, mq_error_handler(), and GNUNET_IDENTITY_EgoLookup::name.
Referenced by run().
void GNUNET_IDENTITY_ego_lookup_cancel | ( | struct GNUNET_IDENTITY_EgoLookup * | el | ) |
Abort ego lookup attempt.
el | handle for lookup to abort |
Definition at line 221 of file identity_api_lookup.c.
References GNUNET_free, GNUNET_MQ_destroy(), GNUNET_IDENTITY_EgoLookup::mq, and GNUNET_IDENTITY_EgoLookup::name.
Referenced by do_shutdown(), handle_identity_result_code(), and handle_identity_update().
struct GNUNET_IDENTITY_EgoSuffixLookup* GNUNET_IDENTITY_ego_lookup_by_suffix | ( | const struct GNUNET_CONFIGURATION_Handle * | cfg, |
const char * | suffix, | ||
GNUNET_IDENTITY_EgoSuffixCallback | cb, | ||
void * | cb_cls | ||
) |
Obtain the ego with the maximum suffix match between the ego's name and the given domain name suffix.
I.e., given a suffix "a.b.c" and egos with names "d.a.b.c", "b.c" and "c", we return the ego for "b.c".
cfg | configuration to use |
suffix | for which domain name suffix is an identity wanted |
cb | function to call with the result (will only be called once) |
cb_cls | closure for cb |
Obtain the ego with the maximum suffix match between the ego's name and the given domain name suffix.
cfg | configuration to use |
name | name to look up |
cb | callback to invoke with the result |
cb_cls | closure for cb |
Definition at line 168 of file identity_api_suffix_lookup.c.
References GNUNET_IDENTITY_EgoSuffixLookup::cb, GNUNET_IDENTITY_EgoSuffixLookup::cb_cls, el, env, GNUNET_assert, GNUNET_break, GNUNET_CLIENT_connect(), GNUNET_free, GNUNET_MESSAGE_TYPE_IDENTITY_LOOKUP_BY_SUFFIX, GNUNET_MESSAGE_TYPE_IDENTITY_RESULT_CODE, GNUNET_MESSAGE_TYPE_IDENTITY_UPDATE, GNUNET_MQ_handler_end, GNUNET_MQ_hd_var_size, GNUNET_MQ_msg_extra, GNUNET_MQ_send(), GNUNET_new, GNUNET_strdup, GNUNET_IDENTITY_EgoSuffixLookup::mq, mq_error_handler(), and GNUNET_IDENTITY_EgoSuffixLookup::suffix.
Referenced by GNUNET_GNS_lookup_with_tld().
void GNUNET_IDENTITY_ego_lookup_by_suffix_cancel | ( | struct GNUNET_IDENTITY_EgoSuffixLookup * | el | ) |
Abort ego suffix lookup attempt.
el | handle for lookup to abort |
Abort ego suffix lookup attempt.
el | handle for lookup to abort |
Definition at line 220 of file identity_api_suffix_lookup.c.
References GNUNET_free, GNUNET_MQ_destroy(), GNUNET_IDENTITY_EgoSuffixLookup::mq, and GNUNET_IDENTITY_EgoSuffixLookup::suffix.
Referenced by GNUNET_GNS_lookup_with_tld_cancel(), handle_identity_result_code(), handle_identity_update(), and mq_error_handler().