GNUnet 0.22.2
Data Structures | Functions | Variables
gnunet-crypto-tvg.c File Reference
#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_signatures.h"
#include <jansson.h>
#include <gcrypt.h>
Include dependency graph for gnunet-crypto-tvg.c:

Go to the source code of this file.

Data Structures

struct  TestSignatureDataPS
 Sample signature struct. More...
 

Functions

static json_t * vec_for (json_t *vecs, const char *vecname)
 Create a fresh test vector for a given operation label. More...
 
static void d2j (json_t *vec, const char *label, const void *data, size_t size)
 Add a base32crockford encoded value to a test vector. More...
 
static void uint2j (json_t *vec, const char *label, unsigned int num)
 Add a number to a test vector. More...
 
static int expect_data_fixed (json_t *vec, const char *name, void *data, size_t expect_len)
 
static int expect_data_dynamic (json_t *vec, const char *name, void **data, size_t *ret_len)
 
static int checkvec (const char *operation, json_t *vec)
 Check a single vector. More...
 
static int check_vectors ()
 Check test vectors from stdin. More...
 
static int output_vectors ()
 Output test vectors. More...
 
static void run (void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *cfg)
 Main function that will be run. More...
 
int main (int argc, char *const *argv)
 The main function of the test vector generation tool. More...
 

Variables

static GNUNET_NETWORK_STRUCT_END int verify_flag = GNUNET_NO
 Should we verify or output test vectors? More...
 
static int global_ret = 0
 Global exit code. More...
 

Function Documentation

◆ vec_for()

static json_t * vec_for ( json_t *  vecs,
const char *  vecname 
)
static

Create a fresh test vector for a given operation label.

Parameters
vecsarray of vectors to append the new vector to
vecnamelabel for the operation of the vector
Returns
the fresh test vector

Definition at line 93 of file gnunet-crypto-tvg.c.

94{
95 json_t *t = json_object ();
96
97 json_object_set_new (t,
98 "operation",
99 json_string (vecname));
100 json_array_append_new (vecs, t);
101 return t;
102}
t
static struct GNUNET_SCHEDULER_Task * t
Main task.
Definition: gnunet-zoneimport.c:293

References t.

Referenced by output_vectors().

Here is the caller graph for this function:

◆ d2j()

static void d2j ( json_t *  vec,
const char *  label,
const void *  data,
size_t  size 
)
static

Add a base32crockford encoded value to a test vector.

Parameters
vectest vector to add to
labellabel for the value
datadata to add
sizesize of data

Definition at line 115 of file gnunet-crypto-tvg.c.

119{
120 char *buf;
121 json_t *json;
122
123 buf = GNUNET_STRINGS_data_to_string_alloc (data, size);
124 json = json_string (buf);
125 GNUNET_free (buf);
126 GNUNET_break (NULL != json);
127
128 json_object_set_new (vec, label, json);
129}
data
static char * data
The data to insert into the dht.
Definition: gnunet-dht-put.c:88
GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
Definition: gnunet_common.h:1041
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1411
GNUNET_STRINGS_data_to_string_alloc
char * GNUNET_STRINGS_data_to_string_alloc(const void *buf, size_t size)
Return the base32crockford encoding of the given buffer.
Definition: strings.c:787
size
static unsigned int size
Size of the "table".
Definition: peer.c:68

References data, GNUNET_break, GNUNET_free, GNUNET_STRINGS_data_to_string_alloc(), and size.

Referenced by output_vectors().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ uint2j()

static void uint2j ( json_t *  vec,
const char *  label,
unsigned int  num 
)
static

Add a number to a test vector.

Parameters
vectest vector to add to
labellabel for the value
datadata to add
sizesize of data

Definition at line 141 of file gnunet-crypto-tvg.c.

144{
145 json_t *json = json_integer (num);
146
147 json_object_set_new (vec, label, json);
148}

Referenced by output_vectors().

Here is the caller graph for this function:

◆ expect_data_fixed()

static int expect_data_fixed ( json_t *  vec,
const char *  name,
void *  data,
size_t  expect_len 
)
static

Definition at line 152 of file gnunet-crypto-tvg.c.

156{
157 const char *s = json_string_value (json_object_get (vec, name));
158
159 if (NULL == s)
160 return GNUNET_NO;
161
162 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (s,
163 strlen (s),
164 data,
165 expect_len))
166 return GNUNET_NO;
167 return GNUNET_OK;
168}
name
static char * name
Name (label) of the records to list.
Definition: gnunet-namecache.c:48
GNUNET_OK
@ GNUNET_OK
Definition: gnunet_common.h:111
GNUNET_NO
@ GNUNET_NO
Definition: gnunet_common.h:110
GNUNET_STRINGS_string_to_data
enum GNUNET_GenericReturnValue GNUNET_STRINGS_string_to_data(const char *enc, size_t enclen, void *out, size_t out_size)
Convert CrockfordBase32 encoding back to data.
Definition: strings.c:812

References data, GNUNET_NO, GNUNET_OK, GNUNET_STRINGS_string_to_data(), and name.

Referenced by checkvec().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ expect_data_dynamic()

static int expect_data_dynamic ( json_t *  vec,
const char *  name,
void **  data,
size_t *  ret_len 
)
static

Definition at line 172 of file gnunet-crypto-tvg.c.

176{
177 const char *s = json_string_value (json_object_get (vec, name));
178 char *tmp;
179 size_t len;
180
181 if (NULL == s)
182 return GNUNET_NO;
183
184 len = (strlen (s) * 5) / 8;
185 if (NULL != ret_len)
186 *ret_len = len;
187 tmp = GNUNET_malloc (len);
188
189 if (GNUNET_OK != GNUNET_STRINGS_string_to_data (s, strlen (s), tmp, len))
190 {
191 GNUNET_free (tmp);
192 return GNUNET_NO;
193 }
194 *data = tmp;
195 return GNUNET_OK;
196}
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1351

References data, GNUNET_free, GNUNET_malloc, GNUNET_NO, GNUNET_OK, GNUNET_STRINGS_string_to_data(), and name.

Referenced by checkvec().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ checkvec()

static int checkvec ( const char *  operation,
json_t *  vec 
)
static

Check a single vector.

Parameters
operationoperator of the vector
vecthe vector, a JSON object.
Returns
GNUNET_OK if the vector is okay

Definition at line 208 of file gnunet-crypto-tvg.c.

210{
211 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
212 "checking %s\n", operation);
213
214 if (0 == strcmp (operation, "hash"))
215 {
216 void *data;
217 size_t data_len;
218 struct GNUNET_HashCode hash_out;
219 struct GNUNET_HashCode hc;
220
221 if (GNUNET_OK != expect_data_dynamic (vec,
222 "input",
223 &data,
224 &data_len))
225 {
226 GNUNET_break (0);
227 return GNUNET_SYSERR;
228 }
229 if (GNUNET_OK != expect_data_fixed (vec,
230 "output",
231 &hash_out,
232 sizeof (hash_out)))
233 {
234 GNUNET_free (data);
235 GNUNET_break (0);
236 return GNUNET_NO;
237 }
238
239 GNUNET_CRYPTO_hash (data, data_len, &hc);
240
241 if (0 != GNUNET_memcmp (&hc, &hash_out))
242 {
243 GNUNET_free (data);
244 GNUNET_break (0);
245 return GNUNET_NO;
246 }
247 GNUNET_free (data);
248 }
249 else if (0 == strcmp (operation, "ecc_ecdh"))
250 {
251 struct GNUNET_CRYPTO_EcdhePrivateKey priv1;
252 struct GNUNET_CRYPTO_EcdhePublicKey pub1;
253 struct GNUNET_CRYPTO_EcdhePrivateKey priv2;
254 struct GNUNET_HashCode skm;
255 struct GNUNET_HashCode skm_comp;
256
257 if (GNUNET_OK != expect_data_fixed (vec,
258 "priv1",
259 &priv1,
260 sizeof (priv1)))
261 {
262 GNUNET_break (0);
263 return GNUNET_NO;
264 }
265 if (GNUNET_OK != expect_data_fixed (vec,
266 "priv2",
267 &priv2,
268 sizeof (priv2)))
269 {
270 GNUNET_break (0);
271 return GNUNET_NO;
272 }
273 if (GNUNET_OK != expect_data_fixed (vec,
274 "pub1",
275 &pub1,
276 sizeof (pub1)))
277 {
278 GNUNET_break (0);
279 return GNUNET_NO;
280 }
281 if (GNUNET_OK != expect_data_fixed (vec,
282 "skm",
283 &skm,
284 sizeof (skm)))
285 {
286 GNUNET_break (0);
287 return GNUNET_NO;
288 }
289 GNUNET_assert (GNUNET_OK ==
290 GNUNET_CRYPTO_ecc_ecdh (&priv2,
291 &pub1,
292 &skm_comp));
293 if (0 != GNUNET_memcmp (&skm, &skm_comp))
294 {
295 GNUNET_break (0);
296 return GNUNET_NO;
297 }
298 }
299 else if (0 == strcmp (operation, "eddsa_key_derivation"))
300 {
301 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
302 struct GNUNET_CRYPTO_EddsaPublicKey pub;
303 struct GNUNET_CRYPTO_EddsaPublicKey pub_comp;
304
305 if (GNUNET_OK != expect_data_fixed (vec,
306 "priv",
307 &priv,
308 sizeof (priv)))
309 {
310 GNUNET_break (0);
311 return GNUNET_NO;
312 }
313
314 if (GNUNET_OK != expect_data_fixed (vec,
315 "pub",
316 &pub,
317 sizeof (pub)))
318 {
319 GNUNET_break (0);
320 return GNUNET_NO;
321 }
322
323 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
324 &pub_comp);
325 if (0 != GNUNET_memcmp (&pub, &pub_comp))
326 {
327 GNUNET_break (0);
328 return GNUNET_NO;
329 }
330
331 }
332 else if (0 == strcmp (operation, "eddsa_signing"))
333 {
334 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
335 struct GNUNET_CRYPTO_EddsaPublicKey pub;
336 struct TestSignatureDataPS data = { 0 };
337 struct GNUNET_CRYPTO_EddsaSignature sig;
338 struct GNUNET_CRYPTO_EddsaSignature sig_comp;
339
340 if (GNUNET_OK != expect_data_fixed (vec,
341 "priv",
342 &priv,
343 sizeof (priv)))
344 {
345 GNUNET_break (0);
346 return GNUNET_NO;
347 }
348
349 if (GNUNET_OK != expect_data_fixed (vec,
350 "pub",
351 &pub,
352 sizeof (pub)))
353 {
354 GNUNET_break (0);
355 return GNUNET_NO;
356 }
357
358 if (GNUNET_OK != expect_data_fixed (vec,
359 "data",
360 &data,
361 sizeof (data)))
362 {
363 GNUNET_break (0);
364 return GNUNET_NO;
365 }
366
367 if (GNUNET_OK != expect_data_fixed (vec,
368 "sig",
369 &sig,
370 sizeof (sig)))
371 {
372 GNUNET_break (0);
373 return GNUNET_NO;
374 }
375
376 GNUNET_CRYPTO_eddsa_sign (&priv,
377 &data,
378 &sig_comp);
379 GNUNET_assert (GNUNET_OK ==
380 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TEST,
381 &data,
382 &sig,
383 &pub));
384 if (0 != GNUNET_memcmp (&sig, &sig_comp))
385 {
386 GNUNET_break (0);
387 return GNUNET_NO;
388 }
389 }
390 else if (0 == strcmp (operation, "kdf"))
391 {
392 size_t out_len;
393 void *out;
394 size_t out_len_comp;
395 void *out_comp;
396 void *ikm;
397 size_t ikm_len;
398 void *salt;
399 size_t salt_len;
400 void *ctx;
401 size_t ctx_len;
402
403 if (GNUNET_OK != expect_data_dynamic (vec,
404 "out",
405 &out,
406 &out_len))
407 {
408 GNUNET_break (0);
409 return GNUNET_SYSERR;
410 }
411
412 out_len_comp = out_len;
413 out_comp = GNUNET_malloc (out_len_comp);
414
415 if (GNUNET_OK != expect_data_dynamic (vec,
416 "ikm",
417 &ikm,
418 &ikm_len))
419 {
420 GNUNET_free (out);
421 GNUNET_free (out_comp);
422 GNUNET_break (0);
423 return GNUNET_SYSERR;
424 }
425
426 if (GNUNET_OK != expect_data_dynamic (vec,
427 "salt",
428 &salt,
429 &salt_len))
430 {
431 GNUNET_free (out);
432 GNUNET_free (out_comp);
433 GNUNET_free (ikm);
434 GNUNET_break (0);
435 return GNUNET_SYSERR;
436 }
437
438 if (GNUNET_OK != expect_data_dynamic (vec,
439 "ctx",
440 &ctx,
441 &ctx_len))
442 {
443 GNUNET_free (out);
444 GNUNET_free (out_comp);
445 GNUNET_free (ikm);
446 GNUNET_free (salt);
447 GNUNET_break (0);
448 return GNUNET_SYSERR;
449 }
450
451 GNUNET_assert (GNUNET_OK ==
452 GNUNET_CRYPTO_kdf (out_comp,
453 out_len_comp,
454 salt,
455 salt_len,
456 ikm,
457 ikm_len,
458 ctx,
459 ctx_len,
460 NULL));
461
462 if (0 != memcmp (out, out_comp, out_len))
463 {
464 GNUNET_free (out);
465 GNUNET_free (out_comp);
466 GNUNET_free (ikm);
467 GNUNET_free (salt);
468 GNUNET_free (ctx);
469 GNUNET_break (0);
470 return GNUNET_NO;
471 }
472 GNUNET_free (out);
473 GNUNET_free (out_comp);
474 GNUNET_free (ikm);
475 GNUNET_free (salt);
476 GNUNET_free (ctx);
477 }
478 else if (0 == strcmp (operation, "eddsa_ecdh"))
479 {
480 struct GNUNET_CRYPTO_EcdhePrivateKey priv_ecdhe;
481 struct GNUNET_CRYPTO_EcdhePublicKey pub_ecdhe;
482 struct GNUNET_CRYPTO_EddsaPrivateKey priv_eddsa;
483 struct GNUNET_CRYPTO_EddsaPublicKey pub_eddsa;
484 struct GNUNET_HashCode key_material;
485 struct GNUNET_HashCode key_material_comp;
486
487 if (GNUNET_OK != expect_data_fixed (vec,
488 "priv_ecdhe",
489 &priv_ecdhe,
490 sizeof (priv_ecdhe)))
491 {
492 GNUNET_break (0);
493 return GNUNET_NO;
494 }
495
496 if (GNUNET_OK != expect_data_fixed (vec,
497 "pub_ecdhe",
498 &pub_ecdhe,
499 sizeof (pub_ecdhe)))
500 {
501 GNUNET_break (0);
502 return GNUNET_NO;
503 }
504
505 if (GNUNET_OK != expect_data_fixed (vec,
506 "priv_eddsa",
507 &priv_eddsa,
508 sizeof (priv_eddsa)))
509 {
510 GNUNET_break (0);
511 return GNUNET_NO;
512 }
513
514 if (GNUNET_OK != expect_data_fixed (vec,
515 "pub_eddsa",
516 &pub_eddsa,
517 sizeof (pub_eddsa)))
518 {
519 GNUNET_break (0);
520 return GNUNET_NO;
521 }
522
523 if (GNUNET_OK != expect_data_fixed (vec,
524 "key_material",
525 &key_material,
526 sizeof (key_material)))
527 {
528 GNUNET_break (0);
529 return GNUNET_NO;
530 }
531
532 GNUNET_CRYPTO_ecdh_eddsa (&priv_ecdhe,
533 &pub_eddsa,
534 &key_material_comp);
535
536 if (0 != GNUNET_memcmp (&key_material,
537 &key_material_comp))
538 {
539 GNUNET_break (0);
540 return GNUNET_NO;
541 }
542 }
543 else if (0 == strcmp (operation, "rsa_blind_signing"))
544 {
545 struct GNUNET_CRYPTO_RsaPrivateKey *skey;
546 struct GNUNET_CRYPTO_RsaPublicKey *pkey;
547 struct GNUNET_HashCode message_hash;
548 struct GNUNET_CRYPTO_RsaBlindingKeySecret bks;
549 struct GNUNET_CRYPTO_RsaSignature *blinded_sig;
550 struct GNUNET_CRYPTO_RsaSignature *sig;
551 struct GNUNET_CRYPTO_RsaBlindedMessage bm;
552 struct GNUNET_CRYPTO_RsaBlindedMessage bm_comp;
553 void *public_enc_data;
554 size_t public_enc_len;
555 void *secret_enc_data;
556 size_t secret_enc_len;
557 void *sig_enc_data;
558 size_t sig_enc_length;
559 void *sig_enc_data_comp;
560 size_t sig_enc_length_comp;
561
562 if (GNUNET_OK !=
563 expect_data_fixed (vec,
564 "message_hash",
565 &message_hash,
566 sizeof (message_hash)))
567 {
568 GNUNET_break (0);
569 return GNUNET_SYSERR;
570 }
571
572 if (GNUNET_OK !=
573 expect_data_fixed (vec,
574 "blinding_key_secret",
575 &bks,
576 sizeof (bks)))
577 {
578 GNUNET_break (0);
579 return GNUNET_SYSERR;
580 }
581
582 if (GNUNET_OK !=
583 expect_data_dynamic (vec,
584 "blinded_message",
585 &bm.blinded_msg,
586 &bm.blinded_msg_size))
587 {
588 GNUNET_break (0);
589 return GNUNET_SYSERR;
590 }
591 if (GNUNET_OK !=
592 expect_data_dynamic (vec,
593 "rsa_public_key",
594 &public_enc_data,
595 &public_enc_len))
596 {
597 GNUNET_CRYPTO_rsa_blinded_message_free (&bm);
598 GNUNET_break (0);
599 return GNUNET_SYSERR;
600 }
601 if (GNUNET_OK !=
602 expect_data_dynamic (vec,
603 "rsa_private_key",
604 &secret_enc_data,
605 &secret_enc_len))
606 {
607 GNUNET_CRYPTO_rsa_blinded_message_free (&bm);
608 GNUNET_free (public_enc_data);
609 GNUNET_break (0);
610 return GNUNET_SYSERR;
611 }
612 if (GNUNET_OK !=
613 expect_data_dynamic (vec,
614 "sig",
615 &sig_enc_data,
616 &sig_enc_length))
617 {
618 GNUNET_CRYPTO_rsa_blinded_message_free (&bm);
619 GNUNET_free (public_enc_data);
620 GNUNET_free (secret_enc_data);
621 GNUNET_break (0);
622 return GNUNET_SYSERR;
623 }
624
625 pkey = GNUNET_CRYPTO_rsa_public_key_decode (public_enc_data,
626 public_enc_len);
627 GNUNET_assert (NULL != pkey);
628 skey = GNUNET_CRYPTO_rsa_private_key_decode (secret_enc_data,
629 secret_enc_len);
630 GNUNET_assert (NULL != skey);
631
632 GNUNET_assert (GNUNET_YES ==
633 GNUNET_CRYPTO_rsa_blind (&message_hash,
634 sizeof (message_hash),
635 &bks,
636 pkey,
637 &bm_comp));
638 if ( (bm.blinded_msg_size !=
639 bm_comp.blinded_msg_size) ||
640 (0 != memcmp (bm.blinded_msg,
641 bm_comp.blinded_msg,
642 bm.blinded_msg_size)) )
643 {
644 GNUNET_CRYPTO_rsa_blinded_message_free (&bm);
645 GNUNET_CRYPTO_rsa_blinded_message_free (&bm_comp);
646 GNUNET_free (public_enc_data);
647 GNUNET_free (secret_enc_data);
648 GNUNET_free (sig_enc_data);
649 GNUNET_CRYPTO_rsa_private_key_free (skey);
650 GNUNET_CRYPTO_rsa_public_key_free (pkey);
651 GNUNET_break (0);
652 return GNUNET_NO;
653 }
654 blinded_sig = GNUNET_CRYPTO_rsa_sign_blinded (skey,
655 &bm);
656 sig = GNUNET_CRYPTO_rsa_unblind (blinded_sig,
657 &bks,
658 pkey);
659 GNUNET_assert (GNUNET_YES ==
660 GNUNET_CRYPTO_rsa_verify (&message_hash,
661 sizeof (message_hash),
662 sig,
663 pkey));
664 GNUNET_free (public_enc_data);
665 public_enc_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey,
666 &public_enc_data);
667 sig_enc_length_comp = GNUNET_CRYPTO_rsa_signature_encode (sig,
668 &sig_enc_data_comp
669 );
670
671 if ( (sig_enc_length != sig_enc_length_comp) ||
672 (0 != memcmp (sig_enc_data, sig_enc_data_comp, sig_enc_length) ))
673 {
674 GNUNET_CRYPTO_rsa_signature_free (blinded_sig);
675 GNUNET_CRYPTO_rsa_blinded_message_free (&bm);
676 GNUNET_CRYPTO_rsa_blinded_message_free (&bm_comp);
677 GNUNET_free (public_enc_data);
678 GNUNET_free (secret_enc_data);
679 GNUNET_free (sig_enc_data);
680 GNUNET_free (sig_enc_data_comp);
681 GNUNET_CRYPTO_rsa_private_key_free (skey);
682 GNUNET_CRYPTO_rsa_signature_free (sig);
683 GNUNET_CRYPTO_rsa_public_key_free (pkey);
684 GNUNET_break (0);
685 return GNUNET_NO;
686 }
687 GNUNET_CRYPTO_rsa_signature_free (blinded_sig);
688 GNUNET_CRYPTO_rsa_blinded_message_free (&bm);
689 GNUNET_CRYPTO_rsa_blinded_message_free (&bm_comp);
690 GNUNET_free (public_enc_data);
691 GNUNET_free (secret_enc_data);
692 GNUNET_free (sig_enc_data);
693 GNUNET_free (sig_enc_data_comp);
694 GNUNET_CRYPTO_rsa_signature_free (sig);
695 GNUNET_CRYPTO_rsa_public_key_free (pkey);
696 GNUNET_CRYPTO_rsa_private_key_free (skey);
697 }
698 else if (0 == strcmp (operation, "cs_blind_signing"))
699 {
700 struct GNUNET_CRYPTO_CsPrivateKey priv;
701 struct GNUNET_CRYPTO_CsPublicKey pub;
702 struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
703 struct GNUNET_CRYPTO_CsRSecret r_priv[2];
704 struct GNUNET_CRYPTO_CsRPublic r_pub[2];
705 struct GNUNET_CRYPTO_CSPublicRPairP r_pub_blind;
706 struct GNUNET_CRYPTO_CsC c[2];
707 struct GNUNET_CRYPTO_CsS signature_scalar;
708 struct GNUNET_CRYPTO_CsBlindS blinded_s;
709 struct GNUNET_CRYPTO_CsSignature sig;
710 struct GNUNET_CRYPTO_CsSessionNonce snonce;
711 struct GNUNET_CRYPTO_CsBlindingNonce bnonce;
712 struct GNUNET_HashCode message_hash;
713 unsigned int b;
714
715 if (GNUNET_OK != expect_data_fixed (vec,
716 "message_hash",
717 &message_hash,
718 sizeof (message_hash)))
719 {
720 GNUNET_break (0);
721 return GNUNET_SYSERR;
722 }
723 if (GNUNET_OK != expect_data_fixed (vec,
724 "cs_public_key",
725 &pub,
726 sizeof (pub)))
727 {
728 GNUNET_break (0);
729 return GNUNET_SYSERR;
730 }
731
732 if (GNUNET_OK !=
733 expect_data_fixed (vec,
734 "cs_private_key",
735 &priv,
736 sizeof (priv)))
737 {
738 GNUNET_break (0);
739 return GNUNET_SYSERR;
740 }
741 if (GNUNET_OK !=
742 expect_data_fixed (vec,
743 "cs_nonce",
744 &snonce,
745 sizeof (snonce)))
746 {
747 GNUNET_break (0);
748 return GNUNET_SYSERR;
749 }
750 /* historically, the tvg used the same nonce for
751 both, which is HORRIBLE for production, but
752 maybe OK for TVG... */
753 memcpy (&bnonce,
754 &snonce,
755 sizeof (snonce));
756 if (GNUNET_OK !=
757 expect_data_fixed (vec,
758 "cs_r_priv_0",
759 &r_priv[0],
760 sizeof (r_priv[0])))
761 {
762 GNUNET_break (0);
763 return GNUNET_SYSERR;
764 }
765 if (GNUNET_OK != expect_data_fixed (vec,
766 "cs_r_priv_1",
767 &r_priv[1],
768 sizeof (r_priv[1])))
769 {
770 GNUNET_break (0);
771 return GNUNET_SYSERR;
772 }
773 if (GNUNET_OK != expect_data_fixed (vec,
774 "cs_r_pub_0",
775 &r_pub[0],
776 sizeof (r_pub[0])))
777 {
778 GNUNET_break (0);
779 return GNUNET_SYSERR;
780 }
781 if (GNUNET_OK != expect_data_fixed (vec,
782 "cs_r_pub_1",
783 &r_pub[1],
784 sizeof (r_pub[1])))
785 {
786 GNUNET_break (0);
787 return GNUNET_SYSERR;
788 }
789
790 if (GNUNET_OK != expect_data_fixed (vec,
791 "cs_bs_alpha_0",
792 &bs[0].alpha,
793 sizeof (bs[0].alpha)))
794 {
795 GNUNET_break (0);
796 return GNUNET_SYSERR;
797 }
798 if (GNUNET_OK != expect_data_fixed (vec,
799 "cs_bs_alpha_1",
800 &bs[1].alpha,
801 sizeof (bs[1].alpha)))
802 {
803 GNUNET_break (0);
804 return GNUNET_SYSERR;
805 }
806 if (GNUNET_OK != expect_data_fixed (vec,
807 "cs_bs_beta_0",
808 &bs[0].beta,
809 sizeof (bs[0].beta)))
810 {
811 GNUNET_break (0);
812 return GNUNET_SYSERR;
813 }
814 if (GNUNET_OK !=
815 expect_data_fixed (vec,
816 "cs_bs_beta_1",
817 &bs[1].beta,
818 sizeof (bs[1].beta)))
819 {
820 GNUNET_break (0);
821 return GNUNET_SYSERR;
822 }
823 if (GNUNET_OK !=
824 expect_data_fixed (vec,
825 "cs_r_pub_blind_0",
826 &r_pub_blind.r_pub[0],
827 sizeof (r_pub_blind.r_pub[0])))
828 {
829 GNUNET_break (0);
830 return GNUNET_SYSERR;
831 }
832 if (GNUNET_OK !=
833 expect_data_fixed (vec,
834 "cs_r_pub_blind_1",
835 &r_pub_blind.r_pub[1],
836 sizeof (r_pub_blind.r_pub[1])))
837 {
838 GNUNET_break (0);
839 return GNUNET_SYSERR;
840 }
841 if (GNUNET_OK !=
842 expect_data_fixed (vec,
843 "cs_c_0",
844 &c[0],
845 sizeof (c[0])))
846 {
847 GNUNET_break (0);
848 return GNUNET_SYSERR;
849 }
850 if (GNUNET_OK != expect_data_fixed (vec,
851 "cs_c_1",
852 &c[1],
853 sizeof (c[1])))
854 {
855 GNUNET_break (0);
856 return GNUNET_SYSERR;
857 }
858 if (GNUNET_OK != expect_data_fixed (vec,
859 "cs_blind_s",
860 &blinded_s,
861 sizeof (blinded_s)))
862 {
863 GNUNET_break (0);
864 return GNUNET_SYSERR;
865 }
866 if (GNUNET_OK != expect_data_fixed (vec,
867 "cs_b",
868 &b,
869 sizeof (b)))
870 {
871 GNUNET_break (0);
872 return GNUNET_SYSERR;
873 }
874 if (GNUNET_OK != expect_data_fixed (vec,
875 "cs_sig_s",
876 &signature_scalar,
877 sizeof (signature_scalar)))
878 {
879 GNUNET_break (0);
880 return GNUNET_SYSERR;
881 }
882 sig.s_scalar = signature_scalar;
883 if (GNUNET_OK != expect_data_fixed (vec,
884 "cs_sig_R",
885 &sig.r_point,
886 sizeof (sig.r_point)))
887 {
888 GNUNET_break (0);
889 return GNUNET_SYSERR;
890 }
891
892 if ((b != 1) && (b != 0))
893 {
894 GNUNET_break (0);
895 return GNUNET_SYSERR;
896 }
897 {
898 struct GNUNET_CRYPTO_CsRSecret r_priv_comp[2];
899 struct GNUNET_CRYPTO_CsRPublic r_pub_comp[2];
900 struct GNUNET_CRYPTO_CsBlindingSecret bs_comp[2];
901 struct GNUNET_CRYPTO_CsC c_comp[2];
902 struct GNUNET_CRYPTO_CSPublicRPairP r_pub_blind_comp;
903 struct GNUNET_CRYPTO_CsBlindSignature blinded_s_comp;
904 struct GNUNET_CRYPTO_CsS signature_scalar_comp;
905 struct GNUNET_CRYPTO_CsSignature sig_comp;
906
907 GNUNET_CRYPTO_cs_r_derive (&snonce,
908 "rw",
909 &priv,
910 r_priv_comp);
911 GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[0],
912 &r_pub_comp[0]);
913 GNUNET_CRYPTO_cs_r_get_public (&r_priv_comp[1],
914 &r_pub_comp[1]);
915 GNUNET_assert (0 == memcmp (&r_priv_comp,
916 &r_priv,
917 sizeof(struct GNUNET_CRYPTO_CsRSecret) * 2));
918 GNUNET_assert (0 == memcmp (&r_pub_comp,
919 &r_pub,
920 sizeof(struct GNUNET_CRYPTO_CsRPublic) * 2));
921
922 GNUNET_CRYPTO_cs_blinding_secrets_derive (&bnonce,
923 bs_comp);
924 GNUNET_assert (0 ==
925 memcmp (&bs_comp,
926 &bs,
927 sizeof(struct GNUNET_CRYPTO_CsBlindingSecret)
928 * 2));
929 GNUNET_CRYPTO_cs_calc_blinded_c (bs_comp,
930 r_pub_comp,
931 &pub,
932 &message_hash,
933 sizeof(message_hash),
934 c_comp,
935 &r_pub_blind_comp);
936 GNUNET_assert (0 ==
937 memcmp (&c_comp,
938 &c,
939 sizeof(struct GNUNET_CRYPTO_CsC) * 2));
940 GNUNET_assert (0 ==
941 GNUNET_memcmp (&r_pub_blind_comp,
942 &r_pub_blind));
943 {
944 struct GNUNET_CRYPTO_CsBlindedMessage bm = {
945 .c[0] = c_comp[0],
946 .c[1] = c_comp[1],
947 .nonce = snonce
948 };
949
950 GNUNET_CRYPTO_cs_sign_derive (&priv,
951 r_priv_comp,
952 &bm,
953 &blinded_s_comp);
954 }
955 GNUNET_assert (0 ==
956 GNUNET_memcmp (&blinded_s_comp.s_scalar,
957 &blinded_s));
958 GNUNET_assert (b == blinded_s_comp.b);
959 GNUNET_CRYPTO_cs_unblind (&blinded_s_comp.s_scalar,
960 &bs_comp[b],
961 &signature_scalar_comp);
962 GNUNET_assert (0 ==
963 GNUNET_memcmp (&signature_scalar_comp,
964 &signature_scalar));
965 sig_comp.r_point = r_pub_blind_comp.r_pub[b];
966 sig_comp.s_scalar = signature_scalar_comp;
967 GNUNET_assert (0 == memcmp (&sig_comp,
968 &sig,
969 sizeof(sig_comp)));
970 if (GNUNET_OK !=
971 GNUNET_CRYPTO_cs_verify (&sig_comp,
972 &pub,
973 &message_hash,
974 sizeof(message_hash)))
975 {
976 GNUNET_break (0);
977 return GNUNET_SYSERR;
978 }
979 }
980 }
981 else
982 {
983 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
984 "unsupported operation '%s'\n", operation);
985 }
986
987 return GNUNET_OK;
988}
expect_data_fixed
static int expect_data_fixed(json_t *vec, const char *name, void *data, size_t expect_len)
Definition: gnunet-crypto-tvg.c:152
expect_data_dynamic
static int expect_data_dynamic(json_t *vec, const char *name, void **data, size_t *ret_len)
Definition: gnunet-crypto-tvg.c:172
ctx
static struct GNUNET_FS_Handle * ctx
Definition: gnunet-download.c:40
pkey
static char * pkey
Public key of the zone to look in, in ASCII.
Definition: gnunet-namecache.c:58
pub
static struct GNUNET_CRYPTO_EddsaPublicKey pub
Definition: gnunet-scrypt.c:47
salt
static struct GNUNET_CRYPTO_PowSalt salt
Salt for PoW calculations.
Definition: gnunet-scrypt.c:34
beta
static float beta
Percentage of total peer number in the view to send random PULLs to.
Definition: gnunet-service-rps.c:494
alpha
static float alpha
Percentage of total peer number in the view to send random PUSHes to.
Definition: gnunet-service-rps.c:488
GNUNET_CRYPTO_ecc_ecdh
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
Definition: crypto_ecc.c:732
GNUNET_CRYPTO_eddsa_key_get_public
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:201
GNUNET_CRYPTO_ecdh_eddsa
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:823
GNUNET_CRYPTO_eddsa_sign
#define GNUNET_CRYPTO_eddsa_sign(priv, ps, sig)
EdDSA sign a given block.
Definition: gnunet_crypto_lib.h:2810
GNUNET_CRYPTO_eddsa_verify
#define GNUNET_CRYPTO_eddsa_verify(purp, ps, sig, pub)
Verify EdDSA signature.
Definition: gnunet_crypto_lib.h:2972
GNUNET_CRYPTO_hash
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41
GNUNET_CRYPTO_kdf
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:62
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:548
GNUNET_CRYPTO_rsa_signature_free
void GNUNET_CRYPTO_rsa_signature_free(struct GNUNET_CRYPTO_RsaSignature *sig)
Free memory occupied by signature.
Definition: crypto_rsa.c:1015
GNUNET_CRYPTO_rsa_blind
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_rsa_blind(const void *message, size_t message_size, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey, struct GNUNET_CRYPTO_RsaBlindedMessage *bm)
Blinds the given message with the given blinding key.
Definition: crypto_rsa.c:807
GNUNET_CRYPTO_cs_r_get_public
void GNUNET_CRYPTO_cs_r_get_public(const struct GNUNET_CRYPTO_CsRSecret *r_priv, struct GNUNET_CRYPTO_CsRPublic *r_pub)
Extract the public R of the given secret r.
Definition: crypto_cs.c:98
GNUNET_CRYPTO_rsa_private_key_free
void GNUNET_CRYPTO_rsa_private_key_free(struct GNUNET_CRYPTO_RsaPrivateKey *key)
Free memory occupied by the private key.
Definition: crypto_rsa.c:173
GNUNET_CRYPTO_cs_r_derive
void GNUNET_CRYPTO_cs_r_derive(const struct GNUNET_CRYPTO_CsSessionNonce *nonce, const char *seed, const struct GNUNET_CRYPTO_CsPrivateKey *lts, struct GNUNET_CRYPTO_CsRSecret r[2])
Derive a new secret r pair r0 and r1.
Definition: crypto_cs.c:79
GNUNET_CRYPTO_rsa_public_key_decode
struct GNUNET_CRYPTO_RsaPublicKey * GNUNET_CRYPTO_rsa_public_key_decode(const char *buf, size_t len)
Decode the public key from the data-format back to the "normal", internal format.
Definition: crypto_rsa.c:423
GNUNET_CRYPTO_cs_unblind
void GNUNET_CRYPTO_cs_unblind(const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, const struct GNUNET_CRYPTO_CsBlindingSecret *bs, struct GNUNET_CRYPTO_CsS *signature_scalar)
Unblind a blind-signed signature using a c that was blinded.
Definition: crypto_cs.c:318
GNUNET_CRYPTO_rsa_blinded_message_free
void GNUNET_CRYPTO_rsa_blinded_message_free(struct GNUNET_CRYPTO_RsaBlindedMessage *bm)
Free memory occupied by blinded message.
Definition: crypto_rsa.c:799
GNUNET_CRYPTO_rsa_private_key_decode
struct GNUNET_CRYPTO_RsaPrivateKey * GNUNET_CRYPTO_rsa_private_key_decode(const void *buf, size_t buf_size)
Decode the private key from the data-format back to the "normal", internal format.
Definition: crypto_rsa.c:204
GNUNET_CRYPTO_rsa_public_key_free
void GNUNET_CRYPTO_rsa_public_key_free(struct GNUNET_CRYPTO_RsaPublicKey *key)
Free memory occupied by the public key.
Definition: crypto_rsa.c:268
GNUNET_CRYPTO_cs_calc_blinded_c
void GNUNET_CRYPTO_cs_calc_blinded_c(const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], const struct GNUNET_CRYPTO_CsRPublic r_pub[2], const struct GNUNET_CRYPTO_CsPublicKey *pub, const void *msg, size_t msg_len, struct GNUNET_CRYPTO_CsC blinded_c[2], struct GNUNET_CRYPTO_CSPublicRPairP *r_pub_blind)
Calculate two blinded c's.
Definition: crypto_cs.c:240
GNUNET_CRYPTO_rsa_public_key_encode
size_t GNUNET_CRYPTO_rsa_public_key_encode(const struct GNUNET_CRYPTO_RsaPublicKey *key, void **buffer)
Encode the public key in a format suitable for storing it into a file.
Definition: crypto_rsa.c:325
GNUNET_memcmp
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
Definition: gnunet_common.h:1246
GNUNET_CRYPTO_rsa_signature_encode
size_t GNUNET_CRYPTO_rsa_signature_encode(const struct GNUNET_CRYPTO_RsaSignature *sig, void **buffer)
Encode the given signature in a format suitable for storing it into a file.
Definition: crypto_rsa.c:1023
GNUNET_CRYPTO_rsa_sign_blinded
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_sign_blinded(const struct GNUNET_CRYPTO_RsaPrivateKey *key, const struct GNUNET_CRYPTO_RsaBlindedMessage *bm)
Sign a blinded value, which must be a full domain hash of a message.
Definition: crypto_rsa.c:970
GNUNET_CRYPTO_cs_verify
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_cs_verify(const struct GNUNET_CRYPTO_CsSignature *sig, const struct GNUNET_CRYPTO_CsPublicKey *pub, const void *msg, size_t msg_len)
Verify whether the given message corresponds to the given signature and the signature is valid with r...
Definition: crypto_cs.c:330
GNUNET_CRYPTO_rsa_unblind
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_unblind(const struct GNUNET_CRYPTO_RsaSignature *sig, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey)
Unblind a blind-signed signature.
Definition: crypto_rsa.c:1118
GNUNET_CRYPTO_cs_sign_derive
void GNUNET_CRYPTO_cs_sign_derive(const struct GNUNET_CRYPTO_CsPrivateKey *priv, const struct GNUNET_CRYPTO_CsRSecret r[2], const struct GNUNET_CRYPTO_CsBlindedMessage *bm, struct GNUNET_CRYPTO_CsBlindSignature *cs_blind_sig)
Sign a blinded c.
Definition: crypto_cs.c:284
GNUNET_CRYPTO_rsa_verify
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_rsa_verify(const void *message, size_t message_size, const struct GNUNET_CRYPTO_RsaSignature *sig, const struct GNUNET_CRYPTO_RsaPublicKey *public_key)
Verify whether the given hash corresponds to the given signature and the signature is valid with resp...
Definition: crypto_rsa.c:1199
GNUNET_CRYPTO_cs_blinding_secrets_derive
void GNUNET_CRYPTO_cs_blinding_secrets_derive(const struct GNUNET_CRYPTO_CsBlindingNonce *blind_seed, struct GNUNET_CRYPTO_CsBlindingSecret bs[2])
Derives new random blinding factors.
Definition: crypto_cs.c:108
GNUNET_YES
@ GNUNET_YES
Definition: gnunet_common.h:113
GNUNET_SYSERR
@ GNUNET_SYSERR
Definition: gnunet_common.h:109
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:956
GNUNET_ERROR_TYPE_ERROR
@ GNUNET_ERROR_TYPE_ERROR
Definition: gnunet_common.h:414
GNUNET_ERROR_TYPE_INFO
@ GNUNET_ERROR_TYPE_INFO
Definition: gnunet_common.h:420
GNUNET_SIGNATURE_PURPOSE_TEST
#define GNUNET_SIGNATURE_PURPOSE_TEST
WARNING: This header is generated! In order to add a signature purpose, you must register them in GAN...
Definition: gnunet_signatures.h:52
GNUNET_CRYPTO_CSPublicRPairP
Pair of Public R values for Cs denominations.
Definition: gnunet_crypto_lib.h:3907
GNUNET_CRYPTO_CsBlindS
blinded s in the signature
Definition: gnunet_crypto_lib.h:674
GNUNET_CRYPTO_CsBlindSignature
The Sign Answer for Clause Blind Schnorr signature.
Definition: gnunet_crypto_lib.h:3941
GNUNET_CRYPTO_CsBlindedMessage
CS Parameters derived from the message during blinding to create blinded signature.
Definition: gnunet_crypto_lib.h:3889
GNUNET_CRYPTO_CsBlindedMessage::c
struct GNUNET_CRYPTO_CsC c[2]
The Clause Schnorr c_0 and c_1 containing the blinded message.
Definition: gnunet_crypto_lib.h:3893
GNUNET_CRYPTO_CsBlindingNonce
Nonce for computing blinding factors.
Definition: gnunet_crypto_lib.h:712
GNUNET_CRYPTO_CsBlindingNonce::bnonce
unsigned char bnonce[256/8]
Definition: gnunet_crypto_lib.h:714
GNUNET_CRYPTO_CsBlindingSecret
Secret used for blinding (alpha and beta).
Definition: gnunet_crypto_lib.h:628
GNUNET_CRYPTO_CsC
Schnorr c to be signed.
Definition: gnunet_crypto_lib.h:656
GNUNET_CRYPTO_CsPrivateKey
The private information of an Schnorr key pair.
Definition: gnunet_crypto_lib.h:610
GNUNET_CRYPTO_CsPublicKey
The public information of an Schnorr key pair.
Definition: gnunet_crypto_lib.h:619
GNUNET_CRYPTO_CsRPublic
the public R (derived from r) used in c
Definition: gnunet_crypto_lib.h:647
GNUNET_CRYPTO_CsRSecret
the private r used in the signature
Definition: gnunet_crypto_lib.h:638
GNUNET_CRYPTO_CsS
s in the signature
Definition: gnunet_crypto_lib.h:665
GNUNET_CRYPTO_CsSessionNonce
Nonce for the session, picked by client, shared with the signer.
Definition: gnunet_crypto_lib.h:701
GNUNET_CRYPTO_CsSessionNonce::snonce
unsigned char snonce[256/8]
Definition: gnunet_crypto_lib.h:703
GNUNET_CRYPTO_CsSignature
CS Signtature containing scalar s and point R.
Definition: gnunet_crypto_lib.h:683
GNUNET_CRYPTO_EcdhePrivateKey
Private ECC key encoded for transmission.
Definition: gnunet_crypto_lib.h:254
GNUNET_CRYPTO_EcdhePublicKey
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
Definition: gnunet_crypto_lib.h:240
GNUNET_CRYPTO_EddsaPrivateKey
Private ECC key encoded for transmission.
Definition: gnunet_crypto_lib.h:278
GNUNET_CRYPTO_EddsaPublicKey
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
Definition: gnunet_crypto_lib.h:201
GNUNET_CRYPTO_EddsaSignature
an ECC signature using EdDSA.
Definition: gnunet_crypto_lib.h:164
GNUNET_CRYPTO_RsaBlindedMessage
RSA Parameters to create blinded signature.
Definition: gnunet_crypto_lib.h:3664
GNUNET_CRYPTO_RsaBlindingKeySecret
Constant-size pre-secret for blinding key generation.
Definition: gnunet_crypto_lib.h:3465
GNUNET_CRYPTO_RsaPrivateKey
The private information of an RSA key pair.
Definition: crypto_rsa.c:41
GNUNET_CRYPTO_RsaPublicKey
The public information of an RSA key pair.
Definition: crypto_rsa.c:53
GNUNET_CRYPTO_RsaSignature
an RSA signature
Definition: crypto_rsa.c:65
GNUNET_HashCode
A 512-bit hashcode.
Definition: gnunet_common.h:284
TestSignatureDataPS
Sample signature struct.
Definition: gnunet-crypto-tvg.c:65

References alpha, GNUNET_CRYPTO_CsBlindSignature::b, beta, GNUNET_CRYPTO_RsaBlindedMessage::blinded_msg, GNUNET_CRYPTO_RsaBlindedMessage::blinded_msg_size, GNUNET_CRYPTO_CsBlindingNonce::bnonce, GNUNET_CRYPTO_CsBlindedMessage::c, ctx, data, expect_data_dynamic(), expect_data_fixed(), GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_cs_blinding_secrets_derive(), GNUNET_CRYPTO_cs_calc_blinded_c(), GNUNET_CRYPTO_cs_r_derive(), GNUNET_CRYPTO_cs_r_get_public(), GNUNET_CRYPTO_cs_sign_derive(), GNUNET_CRYPTO_cs_unblind(), GNUNET_CRYPTO_cs_verify(), GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_CRYPTO_eddsa_sign, GNUNET_CRYPTO_eddsa_verify, GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_kdf(), GNUNET_CRYPTO_rsa_blind(), GNUNET_CRYPTO_rsa_blinded_message_free(), GNUNET_CRYPTO_rsa_private_key_decode(), GNUNET_CRYPTO_rsa_private_key_free(), GNUNET_CRYPTO_rsa_public_key_decode(), GNUNET_CRYPTO_rsa_public_key_encode(), GNUNET_CRYPTO_rsa_public_key_free(), GNUNET_CRYPTO_rsa_sign_blinded(), GNUNET_CRYPTO_rsa_signature_encode(), GNUNET_CRYPTO_rsa_signature_free(), GNUNET_CRYPTO_rsa_unblind(), GNUNET_CRYPTO_rsa_verify(), GNUNET_ERROR_TYPE_ERROR, GNUNET_ERROR_TYPE_INFO, GNUNET_free, GNUNET_log, GNUNET_malloc, GNUNET_memcmp, GNUNET_NO, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_TEST, GNUNET_SYSERR, GNUNET_YES, pkey, pub, GNUNET_CRYPTO_CsSignature::r_point, GNUNET_CRYPTO_CSPublicRPairP::r_pub, GNUNET_CRYPTO_CsSignature::s_scalar, GNUNET_CRYPTO_CsBlindSignature::s_scalar, salt, and GNUNET_CRYPTO_CsSessionNonce::snonce.

Referenced by check_vectors().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_vectors()

static int check_vectors ( )
static

Check test vectors from stdin.

Returns
global exit code

Definition at line 997 of file gnunet-crypto-tvg.c.

998{
999 json_error_t err;
1000 json_t *vecfile = json_loadf (stdin, 0, &err);
1001 const char *encoding;
1002 json_t *vectors;
1003
1004 if (NULL == vecfile)
1005 {
1006 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "unable to parse JSON\n");
1007 return 1;
1008 }
1009 encoding = json_string_value (json_object_get (vecfile,
1010 "encoding"));
1011 if ( (NULL == encoding) || (0 != strcmp (encoding, "base32crockford")) )
1012 {
1013 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "unsupported or missing encoding\n");
1014 json_decref (vecfile);
1015 return 1;
1016 }
1017 vectors = json_object_get (vecfile, "vectors");
1018 if (! json_is_array (vectors))
1019 {
1020 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "bad vectors\n");
1021 json_decref (vecfile);
1022 return 1;
1023 }
1024 {
1025 /* array is a JSON array */
1026 size_t index;
1027 json_t *value;
1028 enum GNUNET_GenericReturnValue ret = GNUNET_OK;
1029
1030 json_array_foreach (vectors, index, value) {
1031 const char *op = json_string_value (json_object_get (value,
1032 "operation"));
1033
1034 if (NULL == op)
1035 {
1036 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1037 "missing operation\n");
1038 ret = GNUNET_SYSERR;
1039 break;
1040 }
1041 ret = checkvec (op, value);
1042 if (GNUNET_OK != ret)
1043 {
1044 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1045 "bad vector %u\n",
1046 (unsigned int) index);
1047 break;
1048 }
1049 }
1050 json_decref (vecfile);
1051 return (ret == GNUNET_OK) ? 0 : 1;
1052 }
1053}
op
static struct GNUNET_ARM_Operation * op
Current operation.
Definition: gnunet-arm.c:143
ret
static int ret
Final status code.
Definition: gnunet-arm.c:93
checkvec
static int checkvec(const char *operation, json_t *vec)
Check a single vector.
Definition: gnunet-crypto-tvg.c:208
value
static char * value
Value of the record to add/remove.
Definition: gnunet-namestore.c:271
GNUNET_GenericReturnValue
GNUNET_GenericReturnValue
Named constants for return values.
Definition: gnunet_common.h:108

References checkvec(), GNUNET_ERROR_TYPE_ERROR, GNUNET_log, GNUNET_OK, GNUNET_SYSERR, op, ret, and value.

Referenced by run().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ output_vectors()

static int output_vectors ( )
static

Output test vectors.

Returns
global exit code

Definition at line 1062 of file gnunet-crypto-tvg.c.

1063{
1064 json_t *vecfile = json_object ();
1065 json_t *vecs = json_array ();
1066
1067 json_object_set_new (vecfile,
1068 "encoding",
1069 json_string ("base32crockford"));
1070 json_object_set_new (vecfile,
1071 "producer",
1072 json_string ("GNUnet " PACKAGE_VERSION " " VCS_VERSION));
1073 json_object_set_new (vecfile,
1074 "vectors",
1075 vecs);
1076
1077 {
1078 json_t *vec = vec_for (vecs, "hash");
1079 struct GNUNET_HashCode hc;
1080 const char *str = "Hello, GNUnet";
1081
1082 GNUNET_CRYPTO_hash (str, strlen (str), &hc);
1083
1084 d2j (vec, "input", str, strlen (str));
1085 d2j (vec, "output", &hc, sizeof (struct GNUNET_HashCode));
1086 }
1087 {
1088 json_t *vec = vec_for (vecs, "ecc_ecdh");
1089 struct GNUNET_CRYPTO_EcdhePrivateKey priv1;
1090 struct GNUNET_CRYPTO_EcdhePublicKey pub1;
1091 struct GNUNET_CRYPTO_EcdhePrivateKey priv2;
1092 struct GNUNET_HashCode skm;
1093
1094 GNUNET_CRYPTO_ecdhe_key_create (&priv1);
1095 GNUNET_CRYPTO_ecdhe_key_create (&priv2);
1096 GNUNET_CRYPTO_ecdhe_key_get_public (&priv1,
1097 &pub1);
1098 GNUNET_assert (GNUNET_OK ==
1099 GNUNET_CRYPTO_ecc_ecdh (&priv2,
1100 &pub1,
1101 &skm));
1102
1103 d2j (vec,
1104 "priv1",
1105 &priv1,
1106 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
1107 d2j (vec,
1108 "pub1",
1109 &pub1,
1110 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
1111 d2j (vec,
1112 "priv2",
1113 &priv2,
1114 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
1115 d2j (vec,
1116 "skm",
1117 &skm,
1118 sizeof (struct GNUNET_HashCode));
1119 }
1120
1121 {
1122 json_t *vec = vec_for (vecs, "eddsa_key_derivation");
1123 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
1124 struct GNUNET_CRYPTO_EddsaPublicKey pub;
1125
1126 GNUNET_CRYPTO_eddsa_key_create (&priv);
1127 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
1128 &pub);
1129
1130 d2j (vec,
1131 "priv",
1132 &priv,
1133 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
1134 d2j (vec,
1135 "pub",
1136 &pub,
1137 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
1138 }
1139 {
1140 json_t *vec = vec_for (vecs, "eddsa_signing");
1141 struct GNUNET_CRYPTO_EddsaPrivateKey priv;
1142 struct GNUNET_CRYPTO_EddsaPublicKey pub;
1143 struct GNUNET_CRYPTO_EddsaSignature sig;
1144 struct TestSignatureDataPS data = { 0 };
1145
1146 GNUNET_CRYPTO_eddsa_key_create (&priv);
1147 GNUNET_CRYPTO_eddsa_key_get_public (&priv,
1148 &pub);
1149 data.purpose.size = htonl (sizeof (data));
1150 data.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST);
1151 GNUNET_CRYPTO_eddsa_sign (&priv,
1152 &data,
1153 &sig);
1154 GNUNET_assert (GNUNET_OK ==
1155 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TEST,
1156 &data,
1157 &sig,
1158 &pub));
1159
1160 d2j (vec,
1161 "priv",
1162 &priv,
1163 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
1164 d2j (vec,
1165 "pub",
1166 &pub,
1167 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
1168 d2j (vec,
1169 "data",
1170 &data,
1171 sizeof (struct TestSignatureDataPS));
1172 d2j (vec,
1173 "sig",
1174 &sig,
1175 sizeof (struct GNUNET_CRYPTO_EddsaSignature));
1176 }
1177
1178 {
1179 json_t *vec = vec_for (vecs, "kdf");
1180 size_t out_len = 64;
1181 char out[out_len];
1182 const char *ikm = "I'm the secret input key material";
1183 const char *salt = "I'm very salty";
1184 const char *ctx = "I'm a context chunk, also known as 'info' in the RFC";
1185
1186 GNUNET_assert (GNUNET_OK ==
1187 GNUNET_CRYPTO_kdf (&out,
1188 out_len,
1189 salt,
1190 strlen (salt),
1191 ikm,
1192 strlen (ikm),
1193 ctx,
1194 strlen (ctx),
1195 NULL));
1196
1197 d2j (vec,
1198 "salt",
1199 salt,
1200 strlen (salt));
1201 d2j (vec,
1202 "ikm",
1203 ikm,
1204 strlen (ikm));
1205 d2j (vec,
1206 "ctx",
1207 ctx,
1208 strlen (ctx));
1209 uint2j (vec,
1210 "out_len",
1211 (unsigned int) out_len);
1212 d2j (vec,
1213 "out",
1214 out,
1215 out_len);
1216 }
1217 {
1218 json_t *vec = vec_for (vecs, "eddsa_ecdh");
1219 struct GNUNET_CRYPTO_EcdhePrivateKey priv_ecdhe;
1220 struct GNUNET_CRYPTO_EcdhePublicKey pub_ecdhe;
1221 struct GNUNET_CRYPTO_EddsaPrivateKey priv_eddsa;
1222 struct GNUNET_CRYPTO_EddsaPublicKey pub_eddsa;
1223 struct GNUNET_HashCode key_material;
1224
1225 GNUNET_CRYPTO_ecdhe_key_create (&priv_ecdhe);
1226 GNUNET_CRYPTO_ecdhe_key_get_public (&priv_ecdhe, &pub_ecdhe);
1227 GNUNET_CRYPTO_eddsa_key_create (&priv_eddsa);
1228 GNUNET_CRYPTO_eddsa_key_get_public (&priv_eddsa, &pub_eddsa);
1229 GNUNET_CRYPTO_ecdh_eddsa (&priv_ecdhe, &pub_eddsa, &key_material);
1230
1231 d2j (vec, "priv_ecdhe",
1232 &priv_ecdhe,
1233 sizeof (struct GNUNET_CRYPTO_EcdhePrivateKey));
1234 d2j (vec, "pub_ecdhe",
1235 &pub_ecdhe,
1236 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
1237 d2j (vec, "priv_eddsa",
1238 &priv_eddsa,
1239 sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey));
1240 d2j (vec, "pub_eddsa",
1241 &pub_eddsa,
1242 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey));
1243 d2j (vec, "key_material",
1244 &key_material,
1245 sizeof (struct GNUNET_HashCode));
1246 }
1247
1248 {
1249 json_t *vec = vec_for (vecs, "edx25519_derive");
1250 struct GNUNET_CRYPTO_Edx25519PrivateKey priv1_edx;
1251 struct GNUNET_CRYPTO_Edx25519PublicKey pub1_edx;
1252 struct GNUNET_CRYPTO_Edx25519PrivateKey priv2_edx;
1253 struct GNUNET_CRYPTO_Edx25519PublicKey pub2_edx;
1254 struct GNUNET_HashCode seed;
1255
1256 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
1257 &seed,
1258 sizeof (struct GNUNET_HashCode));
1259 GNUNET_CRYPTO_edx25519_key_create (&priv1_edx);
1260 GNUNET_CRYPTO_edx25519_key_get_public (&priv1_edx, &pub1_edx);
1261 GNUNET_CRYPTO_edx25519_private_key_derive (&priv1_edx,
1262 &seed,
1263 sizeof (seed),
1264 &priv2_edx);
1265 GNUNET_CRYPTO_edx25519_public_key_derive (&pub1_edx,
1266 &seed,
1267 sizeof (seed),
1268 &pub2_edx);
1269
1270 d2j (vec, "priv1_edx",
1271 &priv1_edx,
1272 sizeof (struct GNUNET_CRYPTO_Edx25519PrivateKey));
1273 d2j (vec, "pub1_edx",
1274 &pub1_edx,
1275 sizeof (struct GNUNET_CRYPTO_Edx25519PublicKey));
1276 d2j (vec, "seed",
1277 &seed,
1278 sizeof (struct GNUNET_HashCode));
1279 d2j (vec, "priv2_edx",
1280 &priv2_edx,
1281 sizeof (struct GNUNET_CRYPTO_Edx25519PrivateKey));
1282 d2j (vec, "pub2_edx",
1283 &pub2_edx,
1284 sizeof (struct GNUNET_CRYPTO_Edx25519PublicKey));
1285 }
1286
1287 {
1288 json_t *vec = vec_for (vecs, "rsa_blind_signing");
1289
1290 struct GNUNET_CRYPTO_RsaPrivateKey *skey;
1291 struct GNUNET_CRYPTO_RsaPublicKey *pkey;
1292 struct GNUNET_HashCode message_hash;
1293 struct GNUNET_CRYPTO_RsaBlindingKeySecret bks;
1294 struct GNUNET_CRYPTO_RsaSignature *blinded_sig;
1295 struct GNUNET_CRYPTO_RsaSignature *sig;
1296 struct GNUNET_CRYPTO_RsaBlindedMessage bm;
1297 void *public_enc_data;
1298 size_t public_enc_len;
1299 void *secret_enc_data;
1300 size_t secret_enc_len;
1301 void *blinded_sig_enc_data;
1302 size_t blinded_sig_enc_length;
1303 void *sig_enc_data;
1304 size_t sig_enc_length;
1305
1306 skey = GNUNET_CRYPTO_rsa_private_key_create (2048);
1307 pkey = GNUNET_CRYPTO_rsa_private_key_get_public (skey);
1308 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
1309 &message_hash,
1310 sizeof (struct GNUNET_HashCode));
1311 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
1312 &bks,
1313 sizeof (struct
1314 GNUNET_CRYPTO_RsaBlindingKeySecret));
1315 GNUNET_assert (GNUNET_YES ==
1316 GNUNET_CRYPTO_rsa_blind (&message_hash,
1317 sizeof (message_hash),
1318 &bks,
1319 pkey,
1320 &bm));
1321 blinded_sig = GNUNET_CRYPTO_rsa_sign_blinded (skey,
1322 &bm);
1323 sig = GNUNET_CRYPTO_rsa_unblind (blinded_sig,
1324 &bks,
1325 pkey);
1326 GNUNET_assert (GNUNET_YES ==
1327 GNUNET_CRYPTO_rsa_verify (&message_hash,
1328 sizeof (message_hash),
1329 sig,
1330 pkey));
1331 public_enc_len = GNUNET_CRYPTO_rsa_public_key_encode (pkey,
1332 &public_enc_data);
1333 secret_enc_len = GNUNET_CRYPTO_rsa_private_key_encode (skey,
1334 &secret_enc_data);
1335 blinded_sig_enc_length
1336 = GNUNET_CRYPTO_rsa_signature_encode (blinded_sig,
1337 &blinded_sig_enc_data);
1338 sig_enc_length = GNUNET_CRYPTO_rsa_signature_encode (sig,
1339 &sig_enc_data);
1340 d2j (vec,
1341 "message_hash",
1342 &message_hash,
1343 sizeof (struct GNUNET_HashCode));
1344 d2j (vec,
1345 "rsa_public_key",
1346 public_enc_data,
1347 public_enc_len);
1348 d2j (vec,
1349 "rsa_private_key",
1350 secret_enc_data,
1351 secret_enc_len);
1352 d2j (vec,
1353 "blinding_key_secret",
1354 &bks,
1355 sizeof (struct GNUNET_CRYPTO_RsaBlindingKeySecret));
1356 d2j (vec,
1357 "blinded_message",
1358 bm.blinded_msg,
1359 bm.blinded_msg_size);
1360 d2j (vec,
1361 "blinded_sig",
1362 blinded_sig_enc_data,
1363 blinded_sig_enc_length);
1364 d2j (vec,
1365 "sig",
1366 sig_enc_data,
1367 sig_enc_length);
1368 GNUNET_CRYPTO_rsa_private_key_free (skey);
1369 GNUNET_CRYPTO_rsa_public_key_free (pkey);
1370 GNUNET_CRYPTO_rsa_signature_free (sig);
1371 GNUNET_CRYPTO_rsa_signature_free (blinded_sig);
1372 GNUNET_free (public_enc_data);
1373 GNUNET_CRYPTO_rsa_blinded_message_free (&bm);
1374 GNUNET_free (sig_enc_data);
1375 GNUNET_free (blinded_sig_enc_data);
1376 GNUNET_free (secret_enc_data);
1377 }
1378
1379 {
1380 json_t *vec = vec_for (vecs, "cs_blind_signing");
1381
1382 struct GNUNET_CRYPTO_CsPrivateKey priv;
1383 struct GNUNET_CRYPTO_CsPublicKey pub;
1384 struct GNUNET_CRYPTO_CsBlindingSecret bs[2];
1385 struct GNUNET_CRYPTO_CsRSecret r_priv[2];
1386 struct GNUNET_CRYPTO_CsRPublic r_pub[2];
1387 struct GNUNET_CRYPTO_CSPublicRPairP r_pub_blind;
1388 struct GNUNET_CRYPTO_CsC c[2];
1389 struct GNUNET_CRYPTO_CsS signature_scalar;
1390 struct GNUNET_CRYPTO_CsBlindSignature blinded_s;
1391 struct GNUNET_CRYPTO_CsSignature sig;
1392 struct GNUNET_CRYPTO_CsSessionNonce snonce;
1393 struct GNUNET_CRYPTO_CsBlindingNonce bnonce;
1394 struct GNUNET_HashCode message_hash;
1395
1396 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
1397 &message_hash,
1398 sizeof (struct GNUNET_HashCode));
1399
1400 GNUNET_CRYPTO_cs_private_key_generate (&priv);
1401 GNUNET_CRYPTO_cs_private_key_get_public (&priv,
1402 &pub);
1403 GNUNET_assert (GNUNET_YES ==
1404 GNUNET_CRYPTO_hkdf_gnunet (&snonce,
1405 sizeof(snonce),
1406 "nonce",
1407 strlen ("nonce"),
1408 "nonce_secret",
1409 strlen ("nonce_secret"),
1410 NULL,
1411 0));
1412 /* NOTE: historically, we made the bad choice of
1413 making both nonces the same. Maybe barely OK
1414 for the TGV, not good for production! */
1415 memcpy (&bnonce,
1416 &snonce,
1417 sizeof (snonce));
1418 GNUNET_CRYPTO_cs_r_derive (&snonce,
1419 "rw",
1420 &priv,
1421 r_priv);
1422 GNUNET_CRYPTO_cs_r_get_public (&r_priv[0],
1423 &r_pub[0]);
1424 GNUNET_CRYPTO_cs_r_get_public (&r_priv[1],
1425 &r_pub[1]);
1426 GNUNET_CRYPTO_cs_blinding_secrets_derive (&bnonce,
1427 bs);
1428 GNUNET_CRYPTO_cs_calc_blinded_c (bs,
1429 r_pub,
1430 &pub,
1431 &message_hash,
1432 sizeof(message_hash),
1433 c,
1434 &r_pub_blind);
1435 {
1436 struct GNUNET_CRYPTO_CsBlindedMessage bm = {
1437 .c[0] = c[0],
1438 .c[1] = c[1],
1439 .nonce = snonce
1440 };
1441
1442 GNUNET_CRYPTO_cs_sign_derive (&priv,
1443 r_priv,
1444 &bm,
1445 &blinded_s);
1446 }
1447 GNUNET_CRYPTO_cs_unblind (&blinded_s.s_scalar,
1448 &bs[blinded_s.b],
1449 &signature_scalar);
1450 sig.r_point = r_pub_blind.r_pub[blinded_s.b];
1451 sig.s_scalar = signature_scalar;
1452 if (GNUNET_OK !=
1453 GNUNET_CRYPTO_cs_verify (&sig,
1454 &pub,
1455 &message_hash,
1456 sizeof(message_hash)))
1457 {
1458 GNUNET_break (0);
1459 return GNUNET_SYSERR;
1460 }
1461 d2j (vec,
1462 "message_hash",
1463 &message_hash,
1464 sizeof (struct GNUNET_HashCode));
1465 d2j (vec,
1466 "cs_public_key",
1467 &pub,
1468 sizeof(pub));
1469 d2j (vec,
1470 "cs_private_key",
1471 &priv,
1472 sizeof(priv));
1473 d2j (vec,
1474 "cs_nonce",
1475 &snonce,
1476 sizeof(snonce));
1477 d2j (vec,
1478 "cs_r_priv_0",
1479 &r_priv[0],
1480 sizeof(r_priv[0]));
1481 d2j (vec,
1482 "cs_r_priv_1",
1483 &r_priv[1],
1484 sizeof(r_priv[1]));
1485 d2j (vec,
1486 "cs_r_pub_0",
1487 &r_pub[0],
1488 sizeof(r_pub[0]));
1489 d2j (vec,
1490 "cs_r_pub_1",
1491 &r_pub[1],
1492 sizeof(r_pub[1]));
1493 d2j (vec,
1494 "cs_bs_alpha_0",
1495 &bs[0].alpha,
1496 sizeof(bs[0].alpha));
1497 d2j (vec,
1498 "cs_bs_alpha_1",
1499 &bs[1].alpha,
1500 sizeof(bs[1].alpha));
1501 d2j (vec,
1502 "cs_bs_beta_0",
1503 &bs[0].beta,
1504 sizeof(bs[0].beta));
1505 d2j (vec,
1506 "cs_bs_beta_1",
1507 &bs[1].beta,
1508 sizeof(bs[1].beta));
1509 d2j (vec,
1510 "cs_r_pub_blind_0",
1511 &r_pub_blind.r_pub[0],
1512 sizeof(r_pub_blind.r_pub[0]));
1513 d2j (vec,
1514 "cs_r_pub_blind_1",
1515 &r_pub_blind.r_pub[1],
1516 sizeof(r_pub_blind.r_pub[1]));
1517 d2j (vec,
1518 "cs_c_0",
1519 &c[0],
1520 sizeof(c[0]));
1521 d2j (vec,
1522 "cs_c_1",
1523 &c[1],
1524 sizeof(c[1]));
1525 d2j (vec,
1526 "cs_blind_s",
1527 &blinded_s,
1528 sizeof(blinded_s));
1529 d2j (vec,
1530 "cs_b",
1531 &blinded_s.b,
1532 sizeof(blinded_s.b));
1533 d2j (vec,
1534 "cs_sig_s",
1535 &signature_scalar,
1536 sizeof(signature_scalar));
1537 d2j (vec,
1538 "cs_sig_R",
1539 &r_pub_blind.r_pub[blinded_s.b],
1540 sizeof(r_pub_blind.r_pub[blinded_s.b]));
1541 }
1542
1543 json_dumpf (vecfile, stdout, JSON_INDENT (2));
1544 json_decref (vecfile);
1545 printf ("\n");
1546
1547 return 0;
1548}
vec_for
static json_t * vec_for(json_t *vecs, const char *vecname)
Create a fresh test vector for a given operation label.
Definition: gnunet-crypto-tvg.c:93
uint2j
static void uint2j(json_t *vec, const char *label, unsigned int num)
Add a number to a test vector.
Definition: gnunet-crypto-tvg.c:141
d2j
static void d2j(json_t *vec, const char *label, const void *data, size_t size)
Add a base32crockford encoded value to a test vector.
Definition: gnunet-crypto-tvg.c:115
seed
static uint8_t seed
Definition: gnunet-elligator-tvg.c:32
GNUNET_CRYPTO_ecdhe_key_create
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:454
GNUNET_CRYPTO_edx25519_key_get_public
void GNUNET_CRYPTO_edx25519_key_get_public(const struct GNUNET_CRYPTO_Edx25519PrivateKey *priv, struct GNUNET_CRYPTO_Edx25519PublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_edx25519.c:79
GNUNET_CRYPTO_edx25519_private_key_derive
void GNUNET_CRYPTO_edx25519_private_key_derive(const struct GNUNET_CRYPTO_Edx25519PrivateKey *priv, const void *seed, size_t seedsize, struct GNUNET_CRYPTO_Edx25519PrivateKey *result)
Derive a private scalar from a given private key and a label.
Definition: crypto_edx25519.c:245
GNUNET_CRYPTO_edx25519_public_key_derive
void GNUNET_CRYPTO_edx25519_public_key_derive(const struct GNUNET_CRYPTO_Edx25519PublicKey *pub, const void *seed, size_t seedsize, struct GNUNET_CRYPTO_Edx25519PublicKey *result)
Derive a public key from a given public key and a label.
Definition: crypto_edx25519.c:339
GNUNET_CRYPTO_random_block
void GNUNET_CRYPTO_random_block(enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length)
Fill block with a random values.
Definition: crypto_random.c:133
GNUNET_CRYPTO_eddsa_key_create
void GNUNET_CRYPTO_eddsa_key_create(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:480
GNUNET_CRYPTO_edx25519_key_create
void GNUNET_CRYPTO_edx25519_key_create(struct GNUNET_CRYPTO_Edx25519PrivateKey *pk)
Create a new private key.
Definition: crypto_edx25519.c:65
GNUNET_CRYPTO_ecdhe_key_get_public
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:217
GNUNET_CRYPTO_QUALITY_WEAK
@ GNUNET_CRYPTO_QUALITY_WEAK
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
Definition: gnunet_crypto_lib.h:91
GNUNET_CRYPTO_hkdf_gnunet
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_hkdf_gnunet(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
A peculiar HKDF instantiation that tried to mimic Truncated NMAC.
Definition: crypto_hkdf.c:199
GNUNET_CRYPTO_rsa_private_key_create
struct GNUNET_CRYPTO_RsaPrivateKey * GNUNET_CRYPTO_rsa_private_key_create(unsigned int len)
Create a new private key.
Definition: crypto_rsa.c:144
GNUNET_CRYPTO_cs_private_key_get_public
void GNUNET_CRYPTO_cs_private_key_get_public(const struct GNUNET_CRYPTO_CsPrivateKey *priv, struct GNUNET_CRYPTO_CsPublicKey *pub)
Extract the public key of the given private key.
Definition: crypto_cs.c:52
GNUNET_CRYPTO_rsa_private_key_get_public
struct GNUNET_CRYPTO_RsaPublicKey * GNUNET_CRYPTO_rsa_private_key_get_public(const struct GNUNET_CRYPTO_RsaPrivateKey *priv)
Extract the public key of the given private key.
Definition: crypto_rsa.c:233
GNUNET_CRYPTO_cs_private_key_generate
void GNUNET_CRYPTO_cs_private_key_generate(struct GNUNET_CRYPTO_CsPrivateKey *priv)
Create a new random private key.
Definition: crypto_cs.c:45
GNUNET_CRYPTO_rsa_private_key_encode
size_t GNUNET_CRYPTO_rsa_private_key_encode(const struct GNUNET_CRYPTO_RsaPrivateKey *key, void **buffer)
Encode the private key in a format suitable for storing it into a file.
Definition: crypto_rsa.c:181
GNUNET_CRYPTO_Edx25519PrivateKey
Private ECC key material encoded for transmission.
Definition: gnunet_crypto_lib.h:304
GNUNET_CRYPTO_Edx25519PublicKey
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
Definition: gnunet_crypto_lib.h:326

References alpha, GNUNET_CRYPTO_CsBlindSignature::b, beta, GNUNET_CRYPTO_RsaBlindedMessage::blinded_msg, GNUNET_CRYPTO_RsaBlindedMessage::blinded_msg_size, GNUNET_CRYPTO_CsBlindingNonce::bnonce, GNUNET_CRYPTO_CsBlindedMessage::c, ctx, d2j(), data, GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_cs_blinding_secrets_derive(), GNUNET_CRYPTO_cs_calc_blinded_c(), GNUNET_CRYPTO_cs_private_key_generate(), GNUNET_CRYPTO_cs_private_key_get_public(), GNUNET_CRYPTO_cs_r_derive(), GNUNET_CRYPTO_cs_r_get_public(), GNUNET_CRYPTO_cs_sign_derive(), GNUNET_CRYPTO_cs_unblind(), GNUNET_CRYPTO_cs_verify(), GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_eddsa_key_create(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_CRYPTO_eddsa_sign, GNUNET_CRYPTO_eddsa_verify, GNUNET_CRYPTO_edx25519_key_create(), GNUNET_CRYPTO_edx25519_key_get_public(), GNUNET_CRYPTO_edx25519_private_key_derive(), GNUNET_CRYPTO_edx25519_public_key_derive(), GNUNET_CRYPTO_hash(), GNUNET_CRYPTO_hkdf_gnunet(), GNUNET_CRYPTO_kdf(), GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block(), GNUNET_CRYPTO_rsa_blind(), GNUNET_CRYPTO_rsa_blinded_message_free(), GNUNET_CRYPTO_rsa_private_key_create(), GNUNET_CRYPTO_rsa_private_key_encode(), GNUNET_CRYPTO_rsa_private_key_free(), GNUNET_CRYPTO_rsa_private_key_get_public(), GNUNET_CRYPTO_rsa_public_key_encode(), GNUNET_CRYPTO_rsa_public_key_free(), GNUNET_CRYPTO_rsa_sign_blinded(), GNUNET_CRYPTO_rsa_signature_encode(), GNUNET_CRYPTO_rsa_signature_free(), GNUNET_CRYPTO_rsa_unblind(), GNUNET_CRYPTO_rsa_verify(), GNUNET_free, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_TEST, GNUNET_SYSERR, GNUNET_YES, pkey, pub, GNUNET_CRYPTO_CsSignature::r_point, GNUNET_CRYPTO_CSPublicRPairP::r_pub, GNUNET_CRYPTO_CsSignature::s_scalar, GNUNET_CRYPTO_CsBlindSignature::s_scalar, salt, seed, GNUNET_CRYPTO_CsSessionNonce::snonce, uint2j(), and vec_for().

Referenced by run().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ run()

static void run ( void *  cls,
char *const *  args,
const char *  cfgfile,
const struct GNUNET_CONFIGURATION_Handle cfg 
)
static

Main function that will be run.

Parameters
clsclosure
argsremaining command-line arguments
cfgfilename of the configuration file used (for saving, can be NULL!)
cfgconfiguration

Definition at line 1560 of file gnunet-crypto-tvg.c.

1564{
1565 if (GNUNET_YES == verify_flag)
1566 global_ret = check_vectors ();
1567 else
1568 global_ret = output_vectors ();
1569}
verify_flag
static GNUNET_NETWORK_STRUCT_END int verify_flag
Should we verify or output test vectors?
Definition: gnunet-crypto-tvg.c:76
global_ret
static int global_ret
Global exit code.
Definition: gnunet-crypto-tvg.c:82
check_vectors
static int check_vectors()
Check test vectors from stdin.
Definition: gnunet-crypto-tvg.c:997
output_vectors
static int output_vectors()
Output test vectors.
Definition: gnunet-crypto-tvg.c:1062

References check_vectors(), global_ret, GNUNET_YES, output_vectors(), and verify_flag.

Referenced by main().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ main()

int main ( int  argc,
char *const *  argv 
)

The main function of the test vector generation tool.

Parameters
argcnumber of arguments from the command line
argvcommand line arguments
Returns
0 ok, 1 on error

Definition at line 1580 of file gnunet-crypto-tvg.c.

1582{
1583 const struct GNUNET_GETOPT_CommandLineOption options[] = {
1584 GNUNET_GETOPT_option_flag ('V',
1585 "verify",
1586 gettext_noop (
1587 "verify a test vector from stdin"),
1588 &verify_flag),
1589 GNUNET_GETOPT_OPTION_END
1590 };
1591
1592 GNUNET_assert (GNUNET_OK ==
1593 GNUNET_log_setup ("gnunet-crypto-tvg",
1594 "INFO",
1595 NULL));
1596 if (GNUNET_OK !=
1597 GNUNET_PROGRAM_run (GNUNET_OS_project_data_gnunet (),
1598 argc, argv,
1599 "gnunet-crypto-tvg",
1600 "Generate test vectors for cryptographic operations",
1601 options,
1602 &run, NULL))
1603 return 1;
1604 return global_ret;
1605}
GNUNET_GETOPT_OPTION_END
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
options
struct GNUNET_GETOPT_CommandLineOption options[]
Definition: 002.c:5
gettext_noop
#define gettext_noop(String)
Definition: gettext.h:74
run
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *cfg)
Main function that will be run.
Definition: gnunet-crypto-tvg.c:1560
GNUNET_GETOPT_option_flag
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_option_flag(char shortName, const char *name, const char *description, int *val)
Allow user to specify a flag (which internally means setting an integer to 1/GNUNET_YES/GNUNET_OK.
Definition: getopt_helpers.c:313
GNUNET_log_setup
enum GNUNET_GenericReturnValue GNUNET_log_setup(const char *comp, const char *loglevel, const char *logfile)
Setup logging.
Definition: common_logging.c:729
GNUNET_OS_project_data_gnunet
const struct GNUNET_OS_ProjectData * GNUNET_OS_project_data_gnunet(void)
Return default project data used by 'libgnunetutil' for GNUnet.
Definition: os_installation.c:82
GNUNET_PROGRAM_run
enum GNUNET_GenericReturnValue GNUNET_PROGRAM_run(const struct GNUNET_OS_ProjectData *pd, int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration,...
Definition: program.c:407
GNUNET_GETOPT_CommandLineOption
Definition of a command line option.
Definition: gnunet_getopt_lib.h:110

References gettext_noop, global_ret, GNUNET_assert, GNUNET_GETOPT_OPTION_END, GNUNET_GETOPT_option_flag(), GNUNET_log_setup(), GNUNET_OK, GNUNET_OS_project_data_gnunet(), GNUNET_PROGRAM_run(), options, run(), and verify_flag.

Here is the call graph for this function:

Variable Documentation

◆ verify_flag

GNUNET_NETWORK_STRUCT_END int verify_flag = GNUNET_NO
static

Should we verify or output test vectors?

Definition at line 76 of file gnunet-crypto-tvg.c.

Referenced by main(), and run().

◆ global_ret

int global_ret = 0
static

Global exit code.

Definition at line 82 of file gnunet-crypto-tvg.c.

Referenced by main(), and run().