GNUnet  0.11.x
gnsrecord_crypto.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013, 2018 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_constants.h"
31 #include "gnunet_signatures.h"
32 #include "gnunet_arm_service.h"
33 #include "gnunet_gnsrecord_lib.h"
34 #include "gnunet_dnsparser_lib.h"
35 #include "gnunet_tun_lib.h"
36 
37 
38 #define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)
39 
40 
49 static void
50 derive_block_aes_key (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
51  struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
52  const char *label,
53  const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
54 {
55  static const char ctx_key[] = "gns-aes-ctx-key";
56  static const char ctx_iv[] = "gns-aes-ctx-iv";
57 
58  GNUNET_CRYPTO_kdf (skey, sizeof(struct GNUNET_CRYPTO_SymmetricSessionKey),
59  ctx_key, strlen (ctx_key),
60  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
61  label, strlen (label),
62  NULL, 0);
63  GNUNET_CRYPTO_kdf (iv, sizeof(struct
64  GNUNET_CRYPTO_SymmetricInitializationVector),
65  ctx_iv, strlen (ctx_iv),
66  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
67  label, strlen (label),
68  NULL, 0);
69 }
70 
71 
83 static struct GNUNET_GNSRECORD_Block *
84 block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
85  const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey,
86  struct GNUNET_TIME_Absolute expire,
87  const char *label,
88  const struct GNUNET_GNSRECORD_Data *rd,
89  unsigned int rd_count)
90 {
91  ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
92  rd);
93  struct GNUNET_GNSRECORD_Block *block;
94  struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
95  struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
96  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
97  struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
98  uint32_t rd_count_nbo;
99  struct GNUNET_TIME_Absolute now;
100 
101  if (payload_len < 0)
102  {
103  GNUNET_break (0);
104  return NULL;
105  }
106  if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE)
107  {
108  GNUNET_break (0);
109  return NULL;
110  }
111  /* convert relative to absolute times */
112  now = GNUNET_TIME_absolute_get ();
113  for (unsigned int i = 0; i < rd_count; i++)
114  {
115  rdc[i] = rd[i];
116  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
117  {
118  struct GNUNET_TIME_Relative t;
119 
120  /* encrypted blocks must never have relative expiration times, convert! */
121  rdc[i].flags &= ~GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
122  t.rel_value_us = rdc[i].expiration_time;
123  rdc[i].expiration_time = GNUNET_TIME_absolute_add (now, t).abs_value_us;
124  }
125  }
126  /* serialize */
127  rd_count_nbo = htonl (rd_count);
128  {
129  char payload[sizeof(uint32_t) + payload_len];
130 
131  GNUNET_memcpy (payload,
132  &rd_count_nbo,
133  sizeof(uint32_t));
134  GNUNET_assert (payload_len ==
135  GNUNET_GNSRECORD_records_serialize (rd_count,
136  rdc,
137  payload_len,
138  &payload[sizeof(uint32_t)
139  ]));
140  block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block)
141  + sizeof(uint32_t)
142  + payload_len);
143  block->purpose.size = htonl (sizeof(uint32_t)
144  + payload_len
145  + sizeof(struct
146  GNUNET_CRYPTO_EccSignaturePurpose)
147  + sizeof(struct GNUNET_TIME_AbsoluteNBO));
148  block->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
149  block->expiration_time = GNUNET_TIME_absolute_hton (expire);
150  /* encrypt and sign */
151  dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key,
152  label,
153  "gns");
154  GNUNET_CRYPTO_ecdsa_key_get_public (dkey,
155  &block->derived_key);
156  derive_block_aes_key (&iv,
157  &skey,
158  label,
159  pkey);
160  GNUNET_break (payload_len + sizeof(uint32_t) ==
161  GNUNET_CRYPTO_symmetric_encrypt (payload,
162  payload_len
163  + sizeof(uint32_t),
164  &skey,
165  &iv,
166  &block[1]));
167  }
168  if (GNUNET_OK !=
169  GNUNET_CRYPTO_ecdsa_sign (dkey,
170  &block->purpose,
171  &block->signature))
172  {
173  GNUNET_break (0);
174  GNUNET_free (dkey);
175  GNUNET_free (block);
176  return NULL;
177  }
178  GNUNET_free (dkey);
179  return block;
180 }
181 
182 
193 struct GNUNET_GNSRECORD_Block *
194 GNUNET_GNSRECORD_block_create (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
195  struct GNUNET_TIME_Absolute expire,
196  const char *label,
197  const struct GNUNET_GNSRECORD_Data *rd,
198  unsigned int rd_count)
199 {
200  struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
201 
202  GNUNET_CRYPTO_ecdsa_key_get_public (key,
203  &pkey);
204  return block_create (key,
205  &pkey,
206  expire,
207  label,
208  rd,
209  rd_count);
210 }
211 
212 
216 struct KeyCacheLine
217 {
221  struct GNUNET_CRYPTO_EcdsaPrivateKey key;
222 
226  struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
227 };
228 
229 
242 struct GNUNET_GNSRECORD_Block *
243 GNUNET_GNSRECORD_block_create2 (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
244  struct GNUNET_TIME_Absolute expire,
245  const char *label,
246  const struct GNUNET_GNSRECORD_Data *rd,
247  unsigned int rd_count)
248 {
249 #define CSIZE 64
250  static struct KeyCacheLine cache[CSIZE];
251  struct KeyCacheLine *line;
252 
253  line = &cache[(*(unsigned int *) key) % CSIZE];
254  if (0 != memcmp (&line->key,
255  key,
256  sizeof(*key)))
257  {
258  /* cache miss, recompute */
259  line->key = *key;
260  GNUNET_CRYPTO_ecdsa_key_get_public (key,
261  &line->pkey);
262  }
263 #undef CSIZE
264  return block_create (key,
265  &line->pkey,
266  expire,
267  label,
268  rd,
269  rd_count);
270 }
271 
272 
280 int
281 GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block)
282 {
283  return GNUNET_CRYPTO_ecdsa_verify (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN,
284  &block->purpose,
285  &block->signature,
286  &block->derived_key);
287 }
288 
289 
301 int
302 GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block,
303  const struct
304  GNUNET_CRYPTO_EcdsaPublicKey *zone_key,
305  const char *label,
306  GNUNET_GNSRECORD_RecordCallback proc,
307  void *proc_cls)
308 {
309  size_t payload_len = ntohl (block->purpose.size)
310  - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
311  - sizeof(struct GNUNET_TIME_AbsoluteNBO);
312  struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
313  struct GNUNET_CRYPTO_SymmetricSessionKey skey;
314 
315  if (ntohl (block->purpose.size) <
316  sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
317  + sizeof(struct GNUNET_TIME_AbsoluteNBO))
318  {
319  GNUNET_break_op (0);
320  return GNUNET_SYSERR;
321  }
322  derive_block_aes_key (&iv,
323  &skey,
324  label,
325  zone_key);
326  {
327  char payload[payload_len];
328  uint32_t rd_count;
329 
330  GNUNET_break (payload_len ==
331  GNUNET_CRYPTO_symmetric_decrypt (&block[1], payload_len,
332  &skey, &iv,
333  payload));
334  GNUNET_memcpy (&rd_count,
335  payload,
336  sizeof(uint32_t));
337  rd_count = ntohl (rd_count);
338  if (rd_count > 2048)
339  {
340  /* limit to sane value */
341  GNUNET_break_op (0);
342  return GNUNET_SYSERR;
343  }
344  {
345  struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL (rd_count)];
346  unsigned int j;
347  struct GNUNET_TIME_Absolute now;
348 
349  if (GNUNET_OK !=
350  GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t),
351  &payload[sizeof(uint32_t)],
352  rd_count,
353  rd))
354  {
355  GNUNET_break_op (0);
356  return GNUNET_SYSERR;
357  }
358  /* hide expired records */
359  now = GNUNET_TIME_absolute_get ();
360  j = 0;
361  for (unsigned int i = 0; i < rd_count; i++)
362  {
363  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
364  {
365  /* encrypted blocks must never have relative expiration times, skip! */
366  GNUNET_break_op (0);
367  continue;
368  }
369 
370  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD))
371  {
372  int include_record = GNUNET_YES;
373  /* Shadow record, figure out if we have a not expired active record */
374  for (unsigned int k = 0; k < rd_count; k++)
375  {
376  if (k == i)
377  continue;
378  if (rd[i].expiration_time < now.abs_value_us)
379  include_record = GNUNET_NO; /* Shadow record is expired */
380  if ((rd[k].record_type == rd[i].record_type) &&
381  (rd[k].expiration_time >= now.abs_value_us) &&
382  (0 == (rd[k].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD)))
383  {
384  include_record = GNUNET_NO; /* We have a non-expired, non-shadow record of the same type */
385  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
386  "Ignoring shadow record\n");
387  break;
388  }
389  }
390  if (GNUNET_YES == include_record)
391  {
392  rd[i].flags ^= GNUNET_GNSRECORD_RF_SHADOW_RECORD; /* Remove Flag */
393  if (j != i)
394  rd[j] = rd[i];
395  j++;
396  }
397  }
398  else if (rd[i].expiration_time >= now.abs_value_us)
399  {
400  /* Include this record */
401  if (j != i)
402  rd[j] = rd[i];
403  j++;
404  }
405  else
406  {
407  struct GNUNET_TIME_Absolute at;
408 
409  at.abs_value_us = rd[i].expiration_time;
410  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
411  "Excluding record that expired %s (%llu ago)\n",
412  GNUNET_STRINGS_absolute_time_to_string (at),
413  (unsigned long long) rd[i].expiration_time
414  - now.abs_value_us);
415  }
416  }
417  rd_count = j;
418  if (NULL != proc)
419  proc (proc_cls,
420  rd_count,
421  (0 != rd_count) ? rd : NULL);
422  }
423  }
424  return GNUNET_OK;
425 }
426 
427 
435 void
436 GNUNET_GNSRECORD_query_from_private_key (const struct
437  GNUNET_CRYPTO_EcdsaPrivateKey *zone,
438  const char *label,
439  struct GNUNET_HashCode *query)
440 {
441  struct GNUNET_CRYPTO_EcdsaPublicKey pub;
442 
443  GNUNET_CRYPTO_ecdsa_key_get_public (zone,
444  &pub);
445  GNUNET_GNSRECORD_query_from_public_key (&pub,
446  label,
447  query);
448 }
449 
450 
458 void
459 GNUNET_GNSRECORD_query_from_public_key (const struct
460  GNUNET_CRYPTO_EcdsaPublicKey *pub,
461  const char *label,
462  struct GNUNET_HashCode *query)
463 {
464  struct GNUNET_CRYPTO_EcdsaPublicKey pd;
465  GNUNET_CRYPTO_ecdsa_public_key_derive (pub,
466  label,
467  "gns",
468  &pd);
469  GNUNET_CRYPTO_hash (&pd,
470  sizeof(pd),
471  query);
472 }
473 
474 
475 /* end of gnsrecord_crypto.c */
gnunet_constants.h
gnunet_gnsrecord_lib.h
GNUNET_GNSRECORD_RecordCallback
GNUNET_NETWORK_STRUCT_END typedef void(* GNUNET_GNSRECORD_RecordCallback)(void *cls, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Process a records that were decrypted from a block.
Definition: gnunet_gnsrecord_lib.h:357
GNUNET_GNSRECORD_Block::expiration_time
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
Definition: gnunet_gnsrecord_lib.h:288
GNUNET_GNSRECORD_RF_SHADOW_RECORD
This record should not be used unless all (other) records with an absolute expiration time have expir...
Definition: gnunet_gnsrecord_lib.h:185
GNUNET_GNSRECORD_Data
A GNS record.
Definition: gnunet_gnsrecord_lib.h:205
GNUNET_CRYPTO_ecdsa_public_key_derive
void GNUNET_CRYPTO_ecdsa_public_key_derive(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EcdsaPublicKey *result)
Derive a public key from a given public key and a label.
Definition: crypto_ecc.c:979
GNUNET_GNSRECORD_records_get_size
GNUNET_NETWORK_STRUCT_END ssize_t GNUNET_GNSRECORD_records_get_size(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Calculate how many bytes we will need to serialize the given records.
Definition: gnsrecord_serialization.c:88
GNUNET_TIME_Relative::rel_value_us
uint64_t rel_value_us
The actual value.
Definition: gnunet_time_lib.h:65
pkey
static char * pkey
Public key of the zone to look in, in ASCII.
Definition: gnunet-namecache.c:59
KeyCacheLine::pkey
struct GNUNET_CRYPTO_EcdsaPublicKey pkey
Associated public key.
Definition: gnsrecord_crypto.c:226
GNUNET_CRYPTO_ecdsa_verify
int GNUNET_CRYPTO_ecdsa_verify(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EcdsaSignature *sig, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Verify ECDSA signature.
Definition: crypto_ecc.c:776
block_create
static struct GNUNET_GNSRECORD_Block * block_create(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
Sign name and records.
Definition: gnsrecord_crypto.c:84
GNUNET_GNSRECORD_block_create
struct GNUNET_GNSRECORD_Block * GNUNET_GNSRECORD_block_create(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
Sign name and records.
Definition: gnsrecord_crypto.c:194
GNUNET_CRYPTO_EccSignaturePurpose::purpose
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Definition: gnunet_crypto_lib.h:145
GNUNET_GNSRECORD_records_serialize
ssize_t GNUNET_GNSRECORD_records_serialize(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd, size_t dest_size, char *dest)
Serialize the given records to the given destination buffer.
Definition: gnsrecord_serialization.c:154
expire
static void expire(void *cls)
Expire a PooledConnection object.
Definition: gnunet-service-testbed_connectionpool.c:338
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:837
GNUNET_GNSRECORD_block_create2
struct GNUNET_GNSRECORD_Block * GNUNET_GNSRECORD_block_create2(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
Sign name and records, cache derived public key (also keeps the private key in static memory...
Definition: gnsrecord_crypto.c:243
gnunet_dnsparser_lib.h
GNUNET_GNSRECORD_MAX_BLOCK_SIZE
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
Definition: gnunet_gnsrecord_lib.h:47
GNUNET_memcpy
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
Definition: gnunet_common.h:1124
GNUNET_NO
#define GNUNET_NO
Definition: gnunet_common.h:86
GNUNET_OK
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:83
GNUNET_TIME_absolute_add
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:395
GNUNET_CRYPTO_EcdsaPrivateKey
Private ECC key encoded for transmission.
Definition: gnunet_crypto_lib.h:255
GNUNET_GNSRECORD_records_deserialize
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
Definition: gnsrecord_serialization.c:227
gnunet_util_lib.h
GNUNET_GNSRECORD_Block
Information we have in an encrypted block with record data (i.e.
Definition: gnunet_gnsrecord_lib.h:267
GNUNET_TIME_AbsoluteNBO
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
Definition: gnunet_time_lib.h:85
GNUNET_TIME_Absolute::abs_value_us
uint64_t abs_value_us
The actual value.
Definition: gnunet_time_lib.h:53
GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
Definition: gnunet_common.h:896
zone
static char * zone
Name of the zone we manage.
Definition: gnunet-namestore-fcfsd.c:243
GNUNET_GNSRECORD_query_from_private_key
void GNUNET_GNSRECORD_query_from_private_key(const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
Definition: gnsrecord_crypto.c:436
GNUNET_CRYPTO_EccSignaturePurpose
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
Definition: gnunet_crypto_lib.h:130
GNUNET_CRYPTO_ecdsa_sign
int GNUNET_CRYPTO_ecdsa_sign(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:687
GNUNET_CRYPTO_SymmetricSessionKey
type for session keys
Definition: gnunet_crypto_lib.h:279
line
static char * line
Desired phone line (string to be converted to a hash).
Definition: gnunet-conversation.c:157
KeyCacheLine::key
struct GNUNET_CRYPTO_EcdsaPrivateKey key
A private key.
Definition: gnsrecord_crypto.c:221
CSIZE
#define CSIZE
GNUNET_break_op
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
Definition: gnunet_common.h:918
GNUNET_CRYPTO_hash
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:48
GNUNET_CRYPTO_symmetric_encrypt
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block using a symmetric sessionkey.
Definition: crypto_symmetric.c:130
GNUNET_GNSRECORD_Data::expiration_time
uint64_t expiration_time
Expiration time for the DNS record.
Definition: gnunet_gnsrecord_lib.h:219
gnunet_signatures.h
GNUNET_CRYPTO_EccSignaturePurpose::size
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Definition: gnunet_crypto_lib.h:137
GNUNET_HashCode
A 512-bit hashcode.
Definition: gnunet_common.h:237
GNUNET_TIME_absolute_get
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
GNUNET_GNSRECORD_block_verify
int GNUNET_GNSRECORD_block_verify(const struct GNUNET_GNSRECORD_Block *block)
Check if a signature is valid.
Definition: gnsrecord_crypto.c:281
key
struct GNUNET_HashCode key
The key used in the DHT.
Definition: gnunet-dht-put.c:37
GNUNET_SYSERR
#define GNUNET_SYSERR
Definition: gnunet_common.h:84
GNUNET_CRYPTO_ecdsa_key_get_public
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:172
gnunet_arm_service.h
payload
static unsigned long long payload
How much data are we currently storing in the database?
Definition: gnunet-service-datastore.c:183
derive_block_aes_key
static void derive_block_aes_key(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const char *label, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive session key and iv from label and public key.
Definition: gnsrecord_crypto.c:50
GNUNET_GNSRECORD_Block::signature
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of the block.
Definition: gnunet_gnsrecord_lib.h:272
GNUNET_ERROR_TYPE_INFO
Definition: gnunet_common.h:388
pub
static struct GNUNET_CRYPTO_EddsaPublicKey pub
Definition: gnunet-scrypt.c:39
GNUNET_GNSRECORD_block_decrypt
int GNUNET_GNSRECORD_block_decrypt(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
Decrypt block.
Definition: gnsrecord_crypto.c:302
GNUNET_CRYPTO_EcdsaPublicKey
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Definition: gnunet_crypto_lib.h:205
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:511
GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
Signature of a gnunet naming system record block.
Definition: gnunet_signatures.h:125
GNUNET_TIME_Absolute
Time for absolute times used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:48
GNUNET_YES
#define GNUNET_YES
Definition: gnunet_common.h:85
GNUNET_GNSRECORD_query_from_public_key
void GNUNET_GNSRECORD_query_from_public_key(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
Definition: gnsrecord_crypto.c:459
KeyCacheLine
Line in cache mapping private keys to public keys.
Definition: gnsrecord_crypto.c:216
GNUNET_GNSRECORD_Data::flags
enum GNUNET_GNSRECORD_Flags flags
Flags for the record.
Definition: gnunet_gnsrecord_lib.h:234
GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION
This expiration time of the record is a relative time (not an absolute time).
Definition: gnunet_gnsrecord_lib.h:179
GNUNET_CRYPTO_SymmetricInitializationVector
IV for sym cipher.
Definition: gnunet_crypto_lib.h:300
GNUNET_STRINGS_absolute_time_to_string
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
Definition: strings.c:745
GNUNET_CRYPTO_ecdsa_private_key_derive
struct GNUNET_CRYPTO_EcdsaPrivateKey * GNUNET_CRYPTO_ecdsa_private_key_derive(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const char *label, const char *context)
Derive a private key from a given private key and a label.
Definition: crypto_ecc.c:935
GNUNET_CRYPTO_symmetric_decrypt
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
Definition: crypto_symmetric.c:168
GNUNET_GNSRECORD_Block::purpose
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
Definition: gnunet_gnsrecord_lib.h:283
GNUNET_TIME_absolute_hton
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
GNUNET_GNSRECORD_Block::derived_key
struct GNUNET_CRYPTO_EcdsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
Definition: gnunet_gnsrecord_lib.h:277
GNUNET_CRYPTO_kdf
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:89
gnunet_tun_lib.h
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1179
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1223
GNUNET_TIME_Relative
Time for relative time used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:60
Generated by   doxygen 1.8.13