Provides cryptographic primitives. More...
Macros | |
#define | GNUNET_CRYPTO_eddsa_sign(priv, ps, sig) |
EdDSA sign a given block. More... | |
#define | GNUNET_CRYPTO_ecdsa_sign(priv, ps, sig) |
ECDSA sign a given block. More... | |
#define | GNUNET_CRYPTO_edx25519_sign(priv, ps, sig) |
Edx25519 sign a given block. More... | |
#define | GNUNET_CRYPTO_eddsa_verify(purp, ps, sig, pub) |
Verify EdDSA signature. More... | |
#define | GNUNET_CRYPTO_ecdsa_verify(purp, ps, sig, pub) |
Verify ECDSA signature. More... | |
#define | GNUNET_CRYPTO_edx25519_verify(purp, ps, sig, pub) |
Verify Edx25519 signature. More... | |
Enumerations | |
enum | GNUNET_CRYPTO_Quality { GNUNET_CRYPTO_QUALITY_WEAK , GNUNET_CRYPTO_QUALITY_STRONG , GNUNET_CRYPTO_QUALITY_NONCE } |
Desired quality level for random numbers. More... | |
Provides cryptographic primitives.
#define GNUNET_CRYPTO_eddsa_sign | ( | priv, | |
ps, | |||
sig | |||
) |
EdDSA sign a given block.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
priv | private key to use for the signing | |
ps | packed struct with what to sign, MUST begin with a purpose | |
[out] | sig | where to write the signature |
Definition at line 2039 of file gnunet_crypto_lib.h.
#define GNUNET_CRYPTO_ecdsa_sign | ( | priv, | |
ps, | |||
sig | |||
) |
ECDSA sign a given block.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
priv | private key to use for the signing | |
ps | packed struct with what to sign, MUST begin with a purpose | |
[out] | sig | where to write the signature |
Definition at line 2101 of file gnunet_crypto_lib.h.
#define GNUNET_CRYPTO_edx25519_sign | ( | priv, | |
ps, | |||
sig | |||
) |
Edx25519 sign a given block.
The resulting signature is compatible with EdDSA.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
priv | private key to use for the signing | |
ps | packed struct with what to sign, MUST begin with a purpose | |
[out] | sig | where to write the signature |
Definition at line 2148 of file gnunet_crypto_lib.h.
#define GNUNET_CRYPTO_eddsa_verify | ( | purp, | |
ps, | |||
sig, | |||
pub | |||
) |
Verify EdDSA signature.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
purp | purpose of the signature, must match 'ps->purpose.purpose' (except in host byte order) |
priv | private key to use for the signing |
ps | packed struct with what to sign, MUST begin with a purpose |
sig | where to write the signature |
Definition at line 2201 of file gnunet_crypto_lib.h.
#define GNUNET_CRYPTO_ecdsa_verify | ( | purp, | |
ps, | |||
sig, | |||
pub | |||
) |
Verify ECDSA signature.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
purp | purpose of the signature, must match 'ps->purpose.purpose' (except in host byte order) |
priv | private key to use for the signing |
ps | packed struct with what to sign, MUST begin with a purpose |
sig | where to write the signature |
Definition at line 2253 of file gnunet_crypto_lib.h.
#define GNUNET_CRYPTO_edx25519_verify | ( | purp, | |
ps, | |||
sig, | |||
pub | |||
) |
Verify Edx25519 signature.
The ps data must be a fixed-size struct for which the signature is to be created. The size
field in ps->purpose must correctly indicate the number of bytes of the data structure, including its header.
purp | purpose of the signature, must match 'ps->purpose.purpose' (except in host byte order) |
priv | private key to use for the signing |
ps | packed struct with what to sign, MUST begin with a purpose |
sig | where to write the signature |
Definition at line 2305 of file gnunet_crypto_lib.h.
Desired quality level for random numbers.
Definition at line 84 of file gnunet_crypto_lib.h.
void GNUNET_CRYPTO_seed_weak_random | ( | int32_t | seed | ) |
Seed a weak random generator.
Only GNUNET_CRYPTO_QUALITY_WEAK-mode generator can be seeded.
seed | the seed to use |
Definition at line 91 of file crypto_random.c.
Referenced by __attribute__().
void GNUNET_CRYPTO_zero_keys | ( | void * | buffer, |
size_t | length | ||
) |
Zero out buffer, securely against compiler optimizations.
Used to delete key material.
buffer | the buffer to zap |
length | buffer length |
Definition at line 110 of file crypto_random.c.
References p.
Referenced by dv_key_clean(), GNUNET_IDENTITY_decrypt(), and GNUNET_IDENTITY_decrypt_old().
void GNUNET_CRYPTO_random_block | ( | enum GNUNET_CRYPTO_Quality | mode, |
void * | buffer, | ||
size_t | length | ||
) |
Fill block with a random values.
mode | desired quality of the random number | |
[out] | buffer | the buffer to fill |
length | buffer length | |
mode | desired quality of the random number | |
buffer | the buffer to fill | |
length | buffer length |
Definition at line 133 of file crypto_random.c.
References GNUNET_assert, GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_QUALITY_STRONG, GNUNET_CRYPTO_QUALITY_WEAK, and mode.
Referenced by delayed_put(), do_pad(), encode_message_body(), GCC_create(), generate_free_member_id(), GNUNET_async_scope_fresh(), GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_CRYPTO_ecdsa_key_create(), GNUNET_CRYPTO_eddsa_key_create(), GNUNET_CRYPTO_edx25519_key_create(), GNUNET_CRYPTO_random_timeflake(), handle_validation_response(), mq_init(), output_vectors(), prepare_pending_acknowledgement(), RPS_sampler_elem_reinit(), run(), sock_read(), start_address_validation(), start_dv_learn(), and transmit_kx().
void GNUNET_CRYPTO_random_timeflake | ( | enum GNUNET_CRYPTO_Quality | mode, |
struct GNUNET_Uuid * | uuid | ||
) |
Fill UUID with a timeflake pseudo-random value.
Note that timeflakes use only 80 bits of randomness and 48 bits to encode a timestamp in milliseconds. So what we return here is not a completely random number.
mode | desired quality of the random number | |
[out] | uuid | the value to fill |
Note that timeflakes use only 80 bits of randomness and 48 bits to encode a timestamp in milliseconds. So what we return here is not a completely random number.
mode | desired quality of the random number |
uuid | the value to fill |
Definition at line 316 of file crypto_random.c.
References GNUNET_TIME_Absolute::abs_value_us, GNUNET_CRYPTO_random_block(), GNUNET_htonll(), GNUNET_TIME_absolute_get(), GNUNET_TIME_UNIT_MILLISECONDS, and mode.
uint32_t GNUNET_CRYPTO_random_u32 | ( | enum GNUNET_CRYPTO_Quality | mode, |
uint32_t | i | ||
) |
Produce a random value.
mode | desired quality of the random number |
i | the upper limit (exclusive) for the random number |
Produce a random value.
mode | desired quality of the random number |
i | the upper limit (exclusive) for the random number |
Definition at line 178 of file crypto_random.c.
References get_weak_random(), GNUNET_assert, GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_QUALITY_STRONG, GNUNET_CRYPTO_QUALITY_WEAK, mode, and ret.
Referenced by __attribute__(), adjust_running_peers(), allocate_v4_address(), allocate_v6_address(), attempt_connect_task(), barrier_wait_cb(), calculate_seed(), channel_new_cb(), compute_service_response(), daemon_started(), delayed_get(), delayed_put(), download_get_url(), find_validation_entry(), GDS_am_closest_peer(), gen_topo_random(), generate_indices(), generate_request_id(), get_any(), get_bootstrap_server(), get_preference(), get_property(), get_random_literal(), get_random_peer_from_peermap(), get_request_socket(), get_typed(), GNUNET_BLOCK_GROUP_bf_create(), GNUNET_CONTAINER_heap_walk_get_next(), GNUNET_CONTAINER_multihashmap_get_random(), GNUNET_CONTAINER_multipeermap_get_random(), GNUNET_CONTAINER_multishortmap_get_random(), GNUNET_CONTAINER_multiuuidmap_get_random(), GNUNET_CRYPTO_hash_create_random(), GNUNET_CRYPTO_random_permute(), GNUNET_FRAGMENT_context_create(), GNUNET_FS_search_start_probe_(), GNUNET_TUN_initialize_ipv4_header(), GSC_CLIENTS_deliver_message(), GSF_pending_request_get_message_(), handle_client_evaluate(), handle_dns_request(), handle_dv_learn(), handle_flow_control(), handle_p2p_get(), handle_p2p_put(), handle_resolve_result(), main(), manage_service_wrapper(), ogg_init(), plan(), queue(), reannounce_regex(), recursive_dns_resolution(), REGEX_TEST_generate_random_regex(), REGEX_TEST_generate_random_string(), resolve_and_cache(), revalidate_address(), run(), second_stage(), select_peer(), select_random_peer(), send_bloomfilter(), send_hello(), send_keepalive(), setup_fresh_address(), setup_fresh_ping(), setup_sockets(), should_I_drop(), shuffle_answers(), start_dv_learn(), test_run(), transmit_typemap_task(), and try_open_exit().
uint64_t GNUNET_CRYPTO_random_u64 | ( | enum GNUNET_CRYPTO_Quality | mode, |
uint64_t | max | ||
) |
Generate a random unsigned 64-bit value.
mode | desired quality of the random number |
max | value returned will be in range [0,max) (exclusive) |
Definition at line 262 of file crypto_random.c.
References get_weak_random(), GNUNET_assert, GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_QUALITY_STRONG, GNUNET_CRYPTO_QUALITY_WEAK, max, mode, and ret.
Referenced by activate_core_visible_dv_path(), calculate_fork_degree(), choose_exit(), dht_connected(), gen_topo_scale_free(), GNUNET_DHT_connect(), GNUNET_REVOCATION_pow_start(), handle_dht_p2p_put(), handle_flow_control(), handle_validation_response(), ifc_broadcast(), namestore_flat_store_records(), pick_random_dv_hops(), postgres_plugin_get_key(), postgres_plugin_put(), put_migration_continuation(), run(), sampler_get_rand_peer(), send_find_peer_message(), send_full_set(), setup_out_cipher(), sqlite_plugin_get_key(), sqlite_plugin_get_replication(), sqlite_plugin_put(), and update_next_challenge_time().
unsigned int* GNUNET_CRYPTO_random_permute | ( | enum GNUNET_CRYPTO_Quality | mode, |
unsigned int | n | ||
) |
Get an array with a random permutation of the numbers 0...n-1.
mode | GNUNET_CRYPTO_QUALITY_STRONG if the strong (but expensive) PRNG should be used, GNUNET_CRYPTO_QUALITY_WEAK or GNUNET_CRYPTO_QUALITY_NONCE otherwise |
n | the size of the array |
mode | #GNUNET_RANDOM_QUALITY_STRONG if the strong (but expensive) PRNG should be used, #GNUNET_RANDOM_QUALITY_WEAK otherwise |
n | the size of the array |
Definition at line 238 of file crypto_random.c.
References GNUNET_assert, GNUNET_CRYPTO_random_u32(), GNUNET_malloc, mode, and ret.
Referenced by churn(), compute_service_response(), and do_round().
void GNUNET_CRYPTO_symmetric_create_session_key | ( | struct GNUNET_CRYPTO_SymmetricSessionKey * | key | ) |
Create a new random session key.
key | key to initialize |
Create a new random session key.
key | session key to initialize |
Definition at line 42 of file crypto_symmetric.c.
References GNUNET_CRYPTO_AES_KEY_LENGTH, and key.
ssize_t GNUNET_CRYPTO_symmetric_encrypt | ( | const void * | block, |
size_t | size, | ||
const struct GNUNET_CRYPTO_SymmetricSessionKey * | sessionkey, | ||
const struct GNUNET_CRYPTO_SymmetricInitializationVector * | iv, | ||
void * | result | ||
) |
Encrypt a block using a symmetric sessionkey.
block | the block to encrypt |
size | the size of the block |
sessionkey | the key used to encrypt |
iv | the initialization vector to use, use INITVALUE for streams. |
Encrypt a block using a symmetric sessionkey.
block | the block to encrypt |
size | the size of the block |
sessionkey | the key used to encrypt |
iv | the initialization vector to use, use INITVALUE for streams |
result | the output parameter in which to store the encrypted result can be the same or overlap with block |
len
. Definition at line 131 of file crypto_symmetric.c.
References GNUNET_assert, GNUNET_OK, handle, result, setup_cipher_aes(), setup_cipher_twofish(), and size.
Referenced by do_encrypt(), encrypt_existing_match(), GNUNET_FS_handle_on_demand_block(), GNUNET_FS_publish_ublock_(), GNUNET_FS_tree_encoder_next(), GNUNET_IDENTITY_decrypt(), t_ax_encrypt(), t_h_encrypt(), and try_match_block().
ssize_t GNUNET_CRYPTO_symmetric_decrypt | ( | const void * | block, |
size_t | size, | ||
const struct GNUNET_CRYPTO_SymmetricSessionKey * | sessionkey, | ||
const struct GNUNET_CRYPTO_SymmetricInitializationVector * | iv, | ||
void * | result | ||
) |
Decrypt a given block using a symmetric sessionkey.
block | the data to decrypt, encoded as returned by encrypt |
size | how big is the block? |
sessionkey | the key used to decrypt |
iv | the initialization vector to use |
result | address to store the result at |
Decrypt a given block using a symmetric sessionkey.
block | the data to decrypt, encoded as returned by encrypt |
size | the size of the block to decrypt |
sessionkey | the key used to decrypt |
iv | the initialization vector to use, use INITVALUE for streams |
result | address to store the result at can be the same or overlap with block |
size
. Definition at line 169 of file crypto_symmetric.c.
References GNUNET_assert, GNUNET_OK, handle, result, setup_cipher_aes(), setup_cipher_twofish(), and size.
Referenced by do_decrypt(), GNUNET_FS_ublock_decrypt_(), GNUNET_IDENTITY_decrypt_old(), process_result_with_request(), t_ax_decrypt(), t_h_decrypt(), and try_old_ax_keys().
void GNUNET_CRYPTO_symmetric_derive_iv | ( | struct GNUNET_CRYPTO_SymmetricInitializationVector * | iv, |
const struct GNUNET_CRYPTO_SymmetricSessionKey * | skey, | ||
const void * | salt, | ||
size_t | salt_len, | ||
... | |||
) |
Derive an IV.
iv | initialization vector |
skey | session key |
salt | salt for the derivation |
salt_len | size of the salt |
... | pairs of void * & size_t for context chunks, terminated by NULL |
Definition at line 203 of file crypto_symmetric.c.
References GNUNET_CRYPTO_symmetric_derive_iv_v(), and salt.
Referenced by derive_iv(), derive_pong_iv(), t_ax_decrypt(), t_ax_encrypt(), t_h_decrypt(), t_h_encrypt(), and try_old_ax_keys().
void GNUNET_CRYPTO_ecdsa_key_get_public | ( | const struct GNUNET_CRYPTO_EcdsaPrivateKey * | priv, |
struct GNUNET_CRYPTO_EcdsaPublicKey * | pub | ||
) |
Extract the public key for the given private key.
priv | the private key |
pub | where to write the public key |
Definition at line 187 of file crypto_ecc.c.
References BENCHMARK_END, BENCHMARK_START, GNUNET_CRYPTO_EcdsaPrivateKey::d, pub, and GNUNET_CRYPTO_EddsaPublicKey::q_y.
Referenced by decrypt_block_with_keyword(), get_update_information_directory(), GNUNET_CRYPTO_ecdsa_private_key_derive(), GNUNET_FS_publish_sks(), GNUNET_FS_publish_ublock_(), GNUNET_FS_search_start_searching_(), GNUNET_FS_unindex_do_remove_kblocks_(), and process_kblock_for_unindex().
void GNUNET_CRYPTO_eddsa_key_get_public | ( | const struct GNUNET_CRYPTO_EddsaPrivateKey * | priv, |
struct GNUNET_CRYPTO_EddsaPublicKey * | pub | ||
) |
Extract the public key for the given private key.
priv | the private key |
pub | where to write the public key |
Definition at line 198 of file crypto_ecc.c.
References BENCHMARK_END, BENCHMARK_START, GNUNET_CRYPTO_EddsaPrivateKey::d, GNUNET_assert, GNUNET_memcpy, pk, pub, and GNUNET_CRYPTO_EddsaPublicKey::q_y.
Referenced by advertise_dns_exit(), checkvec(), create_keys(), get_identity(), GNUNET_CRYPTO_eddsa_private_key_derive(), GNUNET_FS_uri_loc_create(), GNUNET_TESTING_get_peer(), GNUNET_TESTING_hostkey_get(), GSC_KX_init(), init_socket(), main_init(), output_vectors(), print_key(), regex_iterator(), and run().
void GNUNET_CRYPTO_edx25519_key_get_public | ( | const struct GNUNET_CRYPTO_Edx25519PrivateKey * | priv, |
struct GNUNET_CRYPTO_Edx25519PublicKey * | pub | ||
) |
Extract the public key for the given private key.
priv | the private key |
pub | where to write the public key |
Definition at line 79 of file crypto_edx25519.c.
References GNUNET_CRYPTO_Edx25519PrivateKey::a, pub, and GNUNET_CRYPTO_EddsaPublicKey::q_y.
Referenced by GNUNET_CRYPTO_edx25519_private_key_derive(), and output_vectors().
void GNUNET_CRYPTO_ecdhe_key_get_public | ( | const struct GNUNET_CRYPTO_EcdhePrivateKey * | priv, |
struct GNUNET_CRYPTO_EcdhePublicKey * | pub | ||
) |
Extract the public key for the given private key.
priv | the private key |
pub | where to write the public key |
Definition at line 214 of file crypto_ecc.c.
References BENCHMARK_END, BENCHMARK_START, GNUNET_CRYPTO_EcdhePrivateKey::d, GNUNET_assert, pub, and GNUNET_CRYPTO_EddsaPublicKey::q_y.
Referenced by GCT_add_channel(), GCT_send(), GNUNET_IDENTITY_decrypt(), output_vectors(), print_examples_ecdh(), send_kx(), send_kx_auth(), and sign_ephemeral_key().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_key_from_file | ( | const char * | filename, |
int | do_create, | ||
struct GNUNET_CRYPTO_EcdsaPrivateKey * | pkey | ||
) |
Create a new private key by reading it from a file.
If the files does not exist and do_create is set, creates a new key and write it to the file.
If the contents of the file are invalid, an error is returned.
filename | name of file to use to store the key | |
do_create | should a file be created? | |
[out] | pkey | set to the private key from filename on success |
Definition at line 1 of file crypto_ecc_setup.c.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_key_from_file | ( | const char * | filename, |
int | do_create, | ||
struct GNUNET_CRYPTO_EddsaPrivateKey * | pkey | ||
) |
Create a new private key by reading it from a file.
If the files does not exist and do_create is set, creates a new key and write it to the file.
If the contents of the file are invalid, an error is returned.
filename | name of file to use to store the key | |
do_create | should a file be created? | |
[out] | pkey | set to the private key from filename on success |
If the files does not exist and do_create is set, creates a new key and write it to the file.
If the contents of the file are invalid, an error is returned.
filename | name of file to use to store the key | |
do_create | should a file be created? | |
[out] | pkey | set to the private key from filename on success |
Definition at line 1 of file crypto_ecc_setup.c.
Referenced by GNUNET_CRYPTO_eddsa_key_create_from_configuration(), main_init(), and run().
struct GNUNET_CRYPTO_EddsaPrivateKey* GNUNET_CRYPTO_eddsa_key_create_from_configuration | ( | const struct GNUNET_CONFIGURATION_Handle * | cfg | ) |
Create a new private key by reading our peer's key from the file specified in the configuration.
cfg | the configuration to use |
cfg | the configuration to use |
Definition at line 247 of file crypto_ecc_setup.c.
References cfg, GNUNET_CONFIGURATION_get_value_filename(), GNUNET_CRYPTO_eddsa_key_from_file(), GNUNET_free, GNUNET_new, GNUNET_OK, GNUNET_SYSERR, and GNUNET_YES.
Referenced by advertise_dns_exit(), GNUNET_CRYPTO_eddsa_setup_key(), init_socket(), and run().
void GNUNET_CRYPTO_ecdsa_key_create | ( | struct GNUNET_CRYPTO_EcdsaPrivateKey * | pk | ) |
Create a new private key.
[out] | pk | private key to initialize |
Definition at line 447 of file crypto_ecc.c.
References BENCHMARK_END, BENCHMARK_START, GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_random_block(), and pk.
Referenced by run_edkey(), and run_pkey().
void GNUNET_CRYPTO_eddsa_key_create | ( | struct GNUNET_CRYPTO_EddsaPrivateKey * | pk | ) |
Create a new private key.
[out] | pk | private key to initialize |
Definition at line 462 of file crypto_ecc.c.
References BENCHMARK_END, BENCHMARK_START, GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_random_block(), and pk.
Referenced by create_keys(), output_vectors(), and run_edkey().
void GNUNET_CRYPTO_edx25519_key_create | ( | struct GNUNET_CRYPTO_Edx25519PrivateKey * | pk | ) |
Create a new private key.
[out] | pk | private key to initialize |
Definition at line 65 of file crypto_edx25519.c.
References GNUNET_CRYPTO_edx25519_key_create_from_seed(), GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_random_block(), and pk.
Referenced by output_vectors().
void GNUNET_CRYPTO_edx25519_key_create_from_seed | ( | const void * | seed, |
size_t | seedsize, | ||
struct GNUNET_CRYPTO_Edx25519PrivateKey * | pk | ||
) |
Create a new private key for Edx25519 from a given seed.
After expanding the seed, the first half of the key will be clamped according to EdDSA.
seed | seed input | |
seedsize | size of the seed in bytes | |
[out] | pk | private key to initialize |
Definition at line 45 of file crypto_edx25519.c.
References GNUNET_CRYPTO_hash(), GNUNET_static_assert, and pk.
Referenced by GNUNET_CRYPTO_edx25519_key_create().
void GNUNET_CRYPTO_ecdhe_key_create | ( | struct GNUNET_CRYPTO_EcdhePrivateKey * | pk | ) |
Create a new private key.
Clear with GNUNET_CRYPTO_ecdhe_key_clear().
[out] | pk | set to fresh private key; |
Definition at line 436 of file crypto_ecc.c.
References BENCHMARK_END, BENCHMARK_START, GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_random_block(), and pk.
Referenced by do_rekey(), GCT_create_tunnel(), GNUNET_IDENTITY_decrypt(), GSC_KX_init(), new_ephemeral(), output_vectors(), and print_examples_ecdh().
void GNUNET_CRYPTO_eddsa_key_clear | ( | struct GNUNET_CRYPTO_EddsaPrivateKey * | pk | ) |
Clear memory that was used to store a private key.
pk | location of the key |
Definition at line 429 of file crypto_ecc.c.
References pk.
void GNUNET_CRYPTO_ecdsa_key_clear | ( | struct GNUNET_CRYPTO_EcdsaPrivateKey * | pk | ) |
Clear memory that was used to store a private key.
pk | location of the key |
Definition at line 422 of file crypto_ecc.c.
References pk.
void GNUNET_CRYPTO_edx25519_key_clear | ( | struct GNUNET_CRYPTO_Edx25519PrivateKey * | pk | ) |
Clear memory that was used to store a private key.
pk | location of the key |
Definition at line 38 of file crypto_edx25519.c.
References pk.
void GNUNET_CRYPTO_ecdhe_key_clear | ( | struct GNUNET_CRYPTO_EcdhePrivateKey * | pk | ) |
Clear memory that was used to store a private key.
pk | location of the key |
Definition at line 415 of file crypto_ecc.c.
References pk.
Referenced by cleanup_ax(), and GNUNET_IDENTITY_decrypt().
const struct GNUNET_CRYPTO_EcdsaPrivateKey* GNUNET_CRYPTO_ecdsa_key_get_anonymous | ( | void | ) |
Get the shared private key we use for anonymous users.
'anonymous' pseudonym (global static, d=1, public key = G (generator).
Definition at line 482 of file crypto_ecc.c.
References GNUNET_CRYPTO_EcdsaPrivateKey::d, GNUNET_CRYPTO_mpi_print_unsigned(), and once.
Referenced by decrypt_block_with_keyword(), GNUNET_FS_search_start_searching_(), GNUNET_FS_unindex_do_remove_kblocks_(), GNUNET_IDENTITY_ego_get_anonymous(), process_kblock_for_unindex(), and publish_ksk_cont().
void GNUNET_CRYPTO_eddsa_setup_hostkey | ( | const char * | cfg_name | ) |
Setup a hostkey file for a peer given the name of the configuration file (!).
This function is used so that at a later point code can be certain that reading a hostkey is fast (for example in time-dependent testcases).
cfg_name | name of the configuration file to use |
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_get_peer_identity | ( | const struct GNUNET_CONFIGURATION_Handle * | cfg, |
struct GNUNET_PeerIdentity * | dst | ||
) |
Retrieve the identity of the host's peer.
cfg | configuration to use |
dst | pointer to where to write the peer identity |
Definition at line 247 of file crypto_ecc_setup.c.
Referenced by get_result_iterator(), get_service_peer_identity(), GNUNET_CONVERSATION_phone_create(), libgnunet_plugin_dhtu_ip_init(), on_peer(), and run().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecc_ecdh | ( | const struct GNUNET_CRYPTO_EcdhePrivateKey * | priv, |
const struct GNUNET_CRYPTO_EcdhePublicKey * | pub, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Derive key material from a public and a private ECC key.
priv | private key to use for the ECDH (x) |
pub | public key to use for the ECDH (yG) |
key_material | where to write the key material (xyG) |
Definition at line 513 of file crypto_ecc.c.
References data, GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_ERROR, LOG_GCRY, and GNUNET_CRYPTO_EccSignaturePurpose::size.
Referenced by checkvec(), derive_session_keys(), output_vectors(), print_examples_ecdh(), t_ax_decrypt_and_validate(), t_ax_encrypt(), and update_ax_by_kx().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_ecdh | ( | const struct GNUNET_CRYPTO_EddsaPrivateKey * | priv, |
const struct GNUNET_CRYPTO_EcdhePublicKey * | pub, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Derive key material from a ECDH public key and a private EdDSA key.
Dual to #GNUNET_CRRYPTO_ecdh_eddsa.
priv | private key from EdDSA to use for the ECDH (x) |
pub | public key to use for the ECDH (yG) |
key_material | where to write the key material H(h(x)yG) |
Definition at line 513 of file crypto_ecc.c.
Referenced by GNUNET_IDENTITY_decrypt_old(), and update_ax_by_kx().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_kem_decaps | ( | const struct GNUNET_CRYPTO_EddsaPrivateKey * | priv, |
const struct GNUNET_CRYPTO_EcdhePublicKey * | c, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Decapsulate a key for a private EdDSA key.
Dual to #GNUNET_CRRYPTO_eddsa_kem_encaps.
priv | private key from EdDSA to use for the ECDH (x) |
c | the encapsulated key |
key_material | where to write the key material H(h(x)yG) |
Definition at line 513 of file crypto_ecc.c.
Referenced by handle_dv_box(), setup_in_cipher(), and setup_shared_secret_dec().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_kem_encaps | ( | const struct GNUNET_CRYPTO_EddsaPublicKey * | pub, |
struct GNUNET_CRYPTO_EcdhePublicKey * | c, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Encapsulate key material for a EdDSA public key.
Dual to #GNUNET_CRRYPTO_eddsa_kem_decaps.
priv | private key to use for the ECDH (y) |
c | public key from EdDSA to use for the ECDH (X=h(x)G) |
key_material | where to write the key material H(yX)=H(h(x)yG) |
Definition at line 513 of file crypto_ecc.c.
Referenced by inject_rekey(), setup_shared_secret_ephemeral(), and start_initial_kx_out().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_fo_kem_encaps | ( | const struct GNUNET_CRYPTO_EddsaPublicKey * | pub, |
struct GNUNET_CRYPTO_FoKemC * | c, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Encapsulate key material using a CCA-secure KEM.
The KEM is using a OWTF with image oracle constructed from a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_decaps.
pub | public key to encapsulated for | |
[out] | c | the encapsulation |
[out] | key_material | the encapsulated key |
Definition at line 513 of file crypto_ecc.c.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_fo_kem_decaps | ( | const struct GNUNET_CRYPTO_EddsaPrivateKey * | priv, |
const struct GNUNET_CRYPTO_FoKemC * | c, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Decapsulate key material using a CCA-secure KEM.
The KEM is using a OWTF with image oracle constructed from a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_encaps.
priv | private key this encapsulation is for | |
c | the encapsulation | |
[out] | key_material | the encapsulated key |
Decapsulate key material using a CCA-secure KEM.
Definition at line 513 of file crypto_ecc.c.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_fo_kem_encaps | ( | const struct GNUNET_CRYPTO_EcdsaPublicKey * | pub, |
struct GNUNET_CRYPTO_FoKemC * | c, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Encapsulate key material using a CCA-secure KEM.
The KEM is using a OWTF with image oracle constructed from a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_decaps.
pub | public key to encapsulated for | |
[out] | c | the encapsulation |
[out] | key_material | the encapsulated key |
Definition at line 513 of file crypto_ecc.c.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_fo_kem_decaps | ( | const struct GNUNET_CRYPTO_EcdsaPrivateKey * | priv, |
struct GNUNET_CRYPTO_FoKemC * | c, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Decapsulate key material using a CCA-secure KEM.
The KEM is using a OWTF with image oracle constructed from a Fujusaki-Okamoto transformation using ElGamal (DH plus XOR OTP). Dual to #GNUNET_CRRYPTO_eddsa_fo_kem_encaps.
priv | private key this encapsulation is for | |
c | the encapsulation | |
[out] | key_material | the encapsulated key |
Definition at line 513 of file crypto_ecc.c.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_ecdh | ( | const struct GNUNET_CRYPTO_EcdsaPrivateKey * | priv, |
const struct GNUNET_CRYPTO_EcdhePublicKey * | pub, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Derive key material from a ECDH public key and a private ECDSA key.
Dual to #GNUNET_CRRYPTO_ecdh_ecdsa.
priv | private key from ECDSA to use for the ECDH (x) |
pub | public key to use for the ECDH (yG) |
key_material | where to write the key material H(h(x)yG) |
Definition at line 513 of file crypto_ecc.c.
Referenced by GNUNET_IDENTITY_decrypt_old().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdh_eddsa | ( | const struct GNUNET_CRYPTO_EcdhePrivateKey * | priv, |
const struct GNUNET_CRYPTO_EddsaPublicKey * | pub, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Derive key material from a EdDSA public key and a private ECDH key.
Dual to #GNUNET_CRRYPTO_eddsa_ecdh.
priv | private key to use for the ECDH (y) |
pub | public key from EdDSA to use for the ECDH (X=h(x)G) |
key_material | where to write the key material H(yX)=H(h(x)yG) |
Definition at line 513 of file crypto_ecc.c.
Referenced by checkvec(), GNUNET_IDENTITY_decrypt(), output_vectors(), and update_ax_by_kx().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdh_ecdsa | ( | const struct GNUNET_CRYPTO_EcdhePrivateKey * | priv, |
const struct GNUNET_CRYPTO_EcdsaPublicKey * | pub, | ||
struct GNUNET_HashCode * | key_material | ||
) |
Derive key material from a EcDSA public key and a private ECDH key.
Dual to #GNUNET_CRRYPTO_ecdsa_ecdh.
priv | private key to use for the ECDH (y) |
pub | public key from ECDSA to use for the ECDH (X=h(x)G) |
key_material | where to write the key material H(yX)=H(h(x)yG) |
Definition at line 513 of file crypto_ecc.c.
Referenced by GNUNET_IDENTITY_decrypt().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_ | ( | const struct GNUNET_CRYPTO_EddsaPrivateKey * | priv, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | purpose, | ||
struct GNUNET_CRYPTO_EddsaSignature * | sig | ||
) |
EdDSA sign a given block.
The purpose data is the beginning of the data of which the signature is to be created. The size
field in purpose must correctly indicate the number of bytes of the data structure, including its header. If possible, use GNUNET_CRYPTO_eddsa_sign() instead of this function (only if validate is not fixed-size, you must use this function directly).
priv | private key to use for the signing | |
purpose | what to sign (size, purpose) | |
[out] | sig | where to write the signature |
Definition at line 513 of file crypto_ecc.c.
Referenced by do_dht_put(), GST_validation_handle_ping(), insert_decrypt_element(), insert_round1_element(), insert_round2_element(), regex_iterator(), send_disconnect(), setup_flood_message(), and sign_ephemeral_key().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_sign_ | ( | const struct GNUNET_CRYPTO_EcdsaPrivateKey * | priv, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | purpose, | ||
struct GNUNET_CRYPTO_EcdsaSignature * | sig | ||
) |
ECDSA Sign a given block.
The purpose data is the beginning of the data of which the signature is to be created. The size
field in purpose must correctly indicate the number of bytes of the data structure, including its header. If possible, use GNUNET_CRYPTO_ecdsa_sign() instead of this function (only if validate is not fixed-size, you must use this function directly).
priv | private key to use for the signing | |
purpose | what to sign (size, purpose) | |
[out] | sig | where to write the signature |
Definition at line 513 of file crypto_ecc.c.
Referenced by GNUNET_FS_publish_ublock_().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_edx25519_sign_ | ( | const struct GNUNET_CRYPTO_Edx25519PrivateKey * | priv, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | purpose, | ||
struct GNUNET_CRYPTO_Edx25519Signature * | sig | ||
) |
Edx25519 sign a given block.
The purpose data is the beginning of the data of which the signature is to be created. The size
field in purpose must correctly indicate the number of bytes of the data structure, including its header. If possible, use GNUNET_CRYPTO_edx25519_sign() instead of this function (only if validate is not fixed-size, you must use this function directly).
priv | private key to use for the signing | |
purpose | what to sign (size, purpose) | |
[out] | sig | where to write the signature |
Edx25519 sign a given block.
But instead of expanding a private seed (which is usually the case for crypto APIs) and using the resulting scalars, it takes the scalars directly from Edx25519PrivateKey. We require this functionality in order to use derived private keys for signatures.
The resulting signature is a standard EdDSA signature which can be verified using the usual APIs.
priv | the private key (containing two scalars .a and .b) |
purp | the signature purpose |
sig | the resulting signature |
Calculate the public key P from the private scalar in the key.
Calculate r: r = SHA512 (b ∥ M) where M is our message (purpose).
Temporarily put P into S
Reduce the scalar value r
Calculate R := r * G of the signature
Calculate hram := SHA512 (R ∥ P ∥ M)
Reduce the resulting scalar value
Calculate S := r + hram * s mod L
Definition at line 79 of file crypto_edx25519.c.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_verify_ | ( | uint32_t | purpose, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | validate, | ||
const struct GNUNET_CRYPTO_EddsaSignature * | sig, | ||
const struct GNUNET_CRYPTO_EddsaPublicKey * | pub | ||
) |
Verify EdDSA signature.
The validate data is the beginning of the data of which the signature is to be verified. The size
field in validate must correctly indicate the number of bytes of the data structure, including its header. If purpose does not match the purpose given in validate (the latter must be in big endian), signature verification fails. If possible, use GNUNET_CRYPTO_eddsa_verify() instead of this function (only if validate is not fixed-size, you must use this function directly).
purpose | what is the purpose that the signature should have? |
validate | block to validate (size, purpose, data) |
sig | signature that is being validated |
pub | public key of the signer |
Definition at line 513 of file crypto_ecc.c.
Referenced by GST_neighbours_handle_disconnect_message(), GST_validation_handle_pong(), handle_ephemeral_key(), keygen_round1_new_element(), keygen_round2_new_element(), and verify_message_crypto().
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_verify_ | ( | uint32_t | purpose, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | validate, | ||
const struct GNUNET_CRYPTO_EcdsaSignature * | sig, | ||
const struct GNUNET_CRYPTO_EcdsaPublicKey * | pub | ||
) |
Verify ECDSA signature.
The validate data is the beginning of the data of which the signature is to be verified. The size
field in validate must correctly indicate the number of bytes of the data structure, including its header. If purpose does not match the purpose given in validate (the latter must be in big endian), signature verification fails. If possible, use GNUNET_CRYPTO_eddsa_verify() instead of this function (only if validate is not fixed-size, you must use this function directly).
purpose | what is the purpose that the signature should have? |
validate | block to validate (size, purpose, data) |
sig | signature that is being validated |
pub | public key of the signer |
Definition at line 513 of file crypto_ecc.c.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_edx25519_verify_ | ( | uint32_t | purpose, |
const struct GNUNET_CRYPTO_EccSignaturePurpose * | validate, | ||
const struct GNUNET_CRYPTO_Edx25519Signature * | sig, | ||
const struct GNUNET_CRYPTO_Edx25519PublicKey * | pub | ||
) |
Verify Edx25519 signature.
The validate data is the beginning of the data of which the signature is to be verified. The size
field in validate must correctly indicate the number of bytes of the data structure, including its header. If purpose does not match the purpose given in validate (the latter must be in big endian), signature verification fails. If possible, use GNUNET_CRYPTO_edx25519_verify() instead of this function (only if validate is not fixed-size, you must use this function directly).
purpose | what is the purpose that the signature should have? |
validate | block to validate (size, purpose, data) |
sig | signature that is being validated |
pub | public key of the signer |
Definition at line 79 of file crypto_edx25519.c.
struct GNUNET_CRYPTO_EcdsaPrivateKey* GNUNET_CRYPTO_ecdsa_private_key_derive | ( | const struct GNUNET_CRYPTO_EcdsaPrivateKey * | priv, |
const char * | label, | ||
const char * | context | ||
) |
Derive a private key from a given private key and a label.
Essentially calculates a private key 'h = H(l,P) * d mod n' where n is the size of the ECC group and P is the public key associated with the private key 'd'.
priv | original private key |
label | label to use for key deriviation |
context | additional context to use for HKDF of 'h'; typically the name of the subsystem/application |
Definition at line 196 of file crypto_ecc_gnsrecord.c.
References context, ctx, CURVE, GNUNET_CRYPTO_EcdsaPrivateKey::d, dc, derive_h(), GNUNET_assert, GNUNET_CRYPTO_ecdsa_key_get_public(), GNUNET_CRYPTO_mpi_print_unsigned(), GNUNET_CRYPTO_mpi_scan_unsigned(), GNUNET_new, h, pub, and ret.
Referenced by GNUNET_FS_publish_ublock_(), and run_pkey().
void GNUNET_CRYPTO_ecdsa_public_key_derive | ( | const struct GNUNET_CRYPTO_EcdsaPublicKey * | pub, |
const char * | label, | ||
const char * | context, | ||
struct GNUNET_CRYPTO_EcdsaPublicKey * | result | ||
) |
Derive a public key from a given public key and a label.
Essentially calculates a public key 'V = H(l,P) * P'.
pub | original public key |
label | label to use for key deriviation |
context | additional context to use for HKDF of 'h'. typically the name of the subsystem/application |
result | where to write the derived public key |
Definition at line 241 of file crypto_ecc_gnsrecord.c.
References context, ctx, CURVE, derive_h(), GNUNET_assert, GNUNET_CRYPTO_mpi_print_unsigned(), GNUNET_CRYPTO_mpi_scan_unsigned(), h, pub, q, GNUNET_CRYPTO_EddsaPublicKey::q_y, and result.
Referenced by GNUNET_FS_search_start_searching_(), GNUNET_FS_unindex_do_remove_kblocks_(), run_pkey(), and schedule_transmit_search_request().
void GNUNET_CRYPTO_eddsa_private_key_derive | ( | const struct GNUNET_CRYPTO_EddsaPrivateKey * | priv, |
const char * | label, | ||
const char * | context, | ||
struct GNUNET_CRYPTO_EddsaPrivateScalar * | result | ||
) |
Derive a private scalar from a given private key and a label.
Essentially calculates a private key 'h = H(l,P) * d mod n' where n is the size of the ECC group and P is the public key associated with the private key 'd'. The result is the derived private scalar, not the private key as for EdDSA we cannot derive before we hash the private key.
priv | original private key |
label | label to use for key deriviation |
context | additional context to use for HKDF of 'h'; typically the name of the subsystem/application |
result | derived private scalar |
Libsodium does not offer an API with arbitrary arithmetic. Hence we have to use libgcrypt here.
Get our modulo L
This is the standard private key expansion in Ed25519. The first 32 octets are used as a little-endian private scalar. We derive this scalar using our "h".
Get h mod L
dc now contains the private scalar "a". We calculate: d' := h * a mod L
We hash the derived "h" parameter with the other half of the expanded private key. This ensures that for signature generation, the "R" is derived from the same derivation path as "h" and is not reused.
Definition at line 294 of file crypto_ecc_gnsrecord.c.
References context, ctx, GNUNET_CRYPTO_EddsaPrivateKey::d, dc, derive_h(), GNUNET_assert, GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_CRYPTO_mpi_print_unsigned(), GNUNET_CRYPTO_mpi_scan_unsigned(), h, pub, and result.
Referenced by run_edkey().
void GNUNET_CRYPTO_eddsa_public_key_derive | ( | const struct GNUNET_CRYPTO_EddsaPublicKey * | pub, |
const char * | label, | ||
const char * | context, | ||
struct GNUNET_CRYPTO_EddsaPublicKey * | result | ||
) |
Derive a public key from a given public key and a label.
Essentially calculates a public key 'V = H(l,P) * P'.
pub | original public key |
label | label to use for key deriviation |
context | additional context to use for HKDF of 'h'. typically the name of the subsystem/application |
result | where to write the derived public key |
Definition at line 381 of file crypto_ecc_gnsrecord.c.
References context, ctx, derive_h(), GNUNET_assert, GNUNET_CRYPTO_mpi_print_unsigned(), GNUNET_CRYPTO_mpi_scan_unsigned(), h, pub, q, GNUNET_CRYPTO_EddsaPublicKey::q_y, and result.
Referenced by run_edkey().
void GNUNET_CRYPTO_edx25519_private_key_derive | ( | const struct GNUNET_CRYPTO_Edx25519PrivateKey * | priv, |
const void * | seed, | ||
size_t | seedsize, | ||
struct GNUNET_CRYPTO_Edx25519PrivateKey * | result | ||
) |
Derive a private scalar from a given private key and a label.
Essentially calculates a private key 'h = H(l,P) * d mod n' where n is the size of the ECC group and P is the public key associated with the private key 'd'.
priv | original private key |
seed | input seed |
seedsize | size of the seed |
result | derived private key |
dc now contains the private scalar "a". We carefully remove the clamping and derive a'. Calculate: a1 := a / 8 a2 := h * a1 mod n a' := a2 * 8 mod n
Definition at line 239 of file crypto_edx25519.c.
References GNUNET_CRYPTO_Edx25519PrivateKey::a, GNUNET_CRYPTO_Edx25519PrivateKey::b, derive_h(), GNUNET_assert, GNUNET_CRYPTO_edx25519_key_get_public(), GNUNET_CRYPTO_hash_context_finish(), GNUNET_CRYPTO_hash_context_read(), GNUNET_CRYPTO_hash_context_start(), h, pub, result, and zero.
Referenced by output_vectors().
void GNUNET_CRYPTO_edx25519_public_key_derive | ( | const struct GNUNET_CRYPTO_Edx25519PublicKey * | pub, |
const void * | seed, | ||
size_t | seedsize, | ||
struct GNUNET_CRYPTO_Edx25519PublicKey * | result | ||
) |
Derive a public key from a given public key and a label.
Essentially calculates a public key 'V = H(l,P) * P'.
pub | original public key |
seed | input seed |
seedsize | size of the seed |
result | where to write the derived public key |
Definition at line 333 of file crypto_edx25519.c.
References derive_h(), GNUNET_assert, h, pub, GNUNET_CRYPTO_EddsaPublicKey::q_y, and result.
Referenced by output_vectors().