GNUnet  0.11.x
gnsrecord_crypto.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet.
3  Copyright (C) 2009-2013, 2018 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
28 #include "platform.h"
29 #include "gnunet_util_lib.h"
30 #include "gnunet_constants.h"
31 #include "gnunet_signatures.h"
32 #include "gnunet_arm_service.h"
33 #include "gnunet_gnsrecord_lib.h"
34 #include "gnunet_dnsparser_lib.h"
35 #include "gnunet_tun_lib.h"
36 
37 
38 #define LOG(kind, ...) GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)
39 
40 ssize_t
41 ecdsa_symmetric_decrypt (
42  const void *block,
43  size_t size,
44  const unsigned char *key,
45  const unsigned char *ctr,
46  void *result)
47 {
48  gcry_cipher_hd_t handle;
49  int rc;
50 
51  GNUNET_assert (0 == gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
52  GCRY_CIPHER_MODE_CTR, 0));
53  rc = gcry_cipher_setkey (handle,
54  key,
55  GNUNET_CRYPTO_AES_KEY_LENGTH);
56  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
57  rc = gcry_cipher_setctr (handle,
58  ctr,
59  GNUNET_CRYPTO_AES_KEY_LENGTH / 2);
60  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
61  GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size));
62  gcry_cipher_close (handle);
63  return size;
64 }
65 
66 
67 
68 ssize_t
69 ecdsa_symmetric_encrypt (
70  const void *block,
71  size_t size,
72  const unsigned char *key,
73  const unsigned char *ctr,
74  void *result)
75 {
76  gcry_cipher_hd_t handle;
77  int rc;
78 
79  GNUNET_assert (0 == gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
80  GCRY_CIPHER_MODE_CTR, 0));
81  rc = gcry_cipher_setkey (handle,
82  key,
83  GNUNET_CRYPTO_AES_KEY_LENGTH);
84  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
85  rc = gcry_cipher_setctr (handle,
86  ctr,
87  GNUNET_CRYPTO_AES_KEY_LENGTH / 2);
88  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
89  GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, size, block, size));
90  gcry_cipher_close (handle);
91  return size;
92 }
93 
94 
95 
104 static void
105 derive_block_aes_key (unsigned char *ctr,
106  unsigned char *key,
107  const char *label,
108  uint64_t exp,
109  const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
110 {
111  static const char ctx_key[] = "gns-aes-ctx-key";
112  static const char ctx_iv[] = "gns-aes-ctx-iv";
113 
114  GNUNET_CRYPTO_kdf (key, GNUNET_CRYPTO_AES_KEY_LENGTH,
115  ctx_key, strlen (ctx_key),
116  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
117  label, strlen (label),
118  NULL, 0);
119  memset (ctr, 0, GNUNET_CRYPTO_AES_KEY_LENGTH / 2);
121  GNUNET_CRYPTO_kdf (ctr, 4,
122  ctx_iv, strlen (ctx_iv),
123  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
124  label, strlen (label),
125  NULL, 0);
127  memcpy (ctr + 4, &exp, sizeof (exp));
129  ctr[15] |= 0x01;
130 }
131 
132 
144 static struct GNUNET_GNSRECORD_Block *
145 block_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key,
146  const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey,
147  struct GNUNET_TIME_Absolute expire,
148  const char *label,
149  const struct GNUNET_GNSRECORD_Data *rd,
150  unsigned int rd_count)
151 {
152  ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
153  rd);
154  struct GNUNET_GNSRECORD_Block *block;
155  struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;
156  struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
157  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
158  unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
159  struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
160  uint32_t rd_count_nbo;
161  struct GNUNET_TIME_Absolute now;
162 
163  if (payload_len < 0)
164  {
165  GNUNET_break (0);
166  return NULL;
167  }
168  if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE)
169  {
170  GNUNET_break (0);
171  return NULL;
172  }
173  /* convert relative to absolute times */
174  now = GNUNET_TIME_absolute_get ();
175  for (unsigned int i = 0; i < rd_count; i++)
176  {
177  rdc[i] = rd[i];
178  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
179  {
180  struct GNUNET_TIME_Relative t;
181 
182  /* encrypted blocks must never have relative expiration times, convert! */
183  rdc[i].flags &= ~GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
184  t.rel_value_us = rdc[i].expiration_time;
185  rdc[i].expiration_time = GNUNET_TIME_absolute_add (now, t).abs_value_us;
186  }
187  }
188  /* serialize */
189  rd_count_nbo = htonl (rd_count);
190  {
191  char payload[sizeof(uint32_t) + payload_len];
192 
193  GNUNET_memcpy (payload,
194  &rd_count_nbo,
195  sizeof(uint32_t));
196  GNUNET_assert (payload_len ==
197  GNUNET_GNSRECORD_records_serialize (rd_count,
198  rdc,
199  payload_len,
200  &payload[sizeof(uint32_t)
201  ]));
202  block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block)
203  + sizeof(uint32_t)
204  + payload_len);
205  ecblock = &block->ecdsa_block;
206  block->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
207  ecblock->purpose.size = htonl (sizeof(uint32_t)
208  + payload_len
209  + sizeof(struct
210  GNUNET_CRYPTO_EccSignaturePurpose)
211  + sizeof(struct GNUNET_TIME_AbsoluteNBO));
212  ecblock->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN);
213  ecblock->expiration_time = GNUNET_TIME_absolute_hton (expire);
214  /* encrypt and sign */
215  dkey = GNUNET_CRYPTO_ecdsa_private_key_derive (key,
216  label,
217  "gns");
218  GNUNET_CRYPTO_ecdsa_key_get_public (dkey,
219  &ecblock->derived_key);
220  derive_block_aes_key (ctr,
221  skey,
222  label,
223  ecblock->expiration_time.abs_value_us__,
224  pkey);
225  GNUNET_break (payload_len + sizeof(uint32_t) ==
226  ecdsa_symmetric_encrypt (payload,
227  payload_len
228  + sizeof(uint32_t),
229  skey,
230  ctr,
231  &ecblock[1]));
232  }
233  if (GNUNET_OK !=
234  GNUNET_CRYPTO_ecdsa_sign_ (dkey,
235  &ecblock->purpose,
236  &ecblock->signature))
237  {
238  GNUNET_break (0);
239  GNUNET_free (dkey);
240  GNUNET_free (block);
241  return NULL;
242  }
243  GNUNET_free (dkey);
244  return block;
245 }
246 
247 
258 struct GNUNET_GNSRECORD_Block *
259 GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key,
260  struct GNUNET_TIME_Absolute expire,
261  const char *label,
262  const struct GNUNET_GNSRECORD_Data *rd,
263  unsigned int rd_count)
264 {
265  struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
266 
267  switch (ntohl (key->type))
268  {
269  case GNUNET_GNSRECORD_TYPE_PKEY:
270  GNUNET_CRYPTO_ecdsa_key_get_public (&key->ecdsa_key,
271  &pkey);
272  return block_create_ecdsa (&key->ecdsa_key,
273  &pkey,
274  expire,
275  label,
276  rd,
277  rd_count);
278  default:
279  GNUNET_assert (0);
280  }
281  return NULL;
282 }
283 
284 
288 struct KeyCacheLine
289 {
293  struct GNUNET_CRYPTO_EcdsaPrivateKey key;
294 
298  struct GNUNET_CRYPTO_EcdsaPublicKey pkey;
299 };
300 
301 
314 struct GNUNET_GNSRECORD_Block *
315 GNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey,
316  struct GNUNET_TIME_Absolute expire,
317  const char *label,
318  const struct GNUNET_GNSRECORD_Data *rd,
319  unsigned int rd_count)
320 {
321  const struct GNUNET_CRYPTO_EcdsaPrivateKey *key;
322 
323  if (GNUNET_IDENTITY_TYPE_ECDSA != ntohl (pkey->type))
324  {
325  return NULL; // FIXME
326  }
327  key = &pkey->ecdsa_key;
328 #define CSIZE 64
329  static struct KeyCacheLine cache[CSIZE];
330  struct KeyCacheLine *line;
331 
332  line = &cache[(*(unsigned int *) key) % CSIZE];
333  if (0 != memcmp (&line->key,
334  key,
335  sizeof(*key)))
336  {
337  /* cache miss, recompute */
338  line->key = *key;
339  GNUNET_CRYPTO_ecdsa_key_get_public (key,
340  &line->pkey);
341  }
342 #undef CSIZE
343  return block_create_ecdsa (key,
344  &line->pkey,
345  expire,
346  label,
347  rd,
348  rd_count);
349 }
350 
351 
359 enum GNUNET_GenericReturnValue
360 GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block)
361 {
362  const struct GNUNET_CRYPTO_EcdsaPublicKey *key;
363  const struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;
364 
365  if (GNUNET_GNSRECORD_TYPE_PKEY != ntohl (block->type))
366  {
367  GNUNET_break (0);
368  return GNUNET_NO;
369  }
370  ecblock = &block->ecdsa_block;
371  key = &ecblock->derived_key;
372 
373  return GNUNET_CRYPTO_ecdsa_verify_ (GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN,
374  &ecblock->purpose,
375  &ecblock->signature,
376  key);
377 }
378 
379 
380 enum GNUNET_GenericReturnValue
381 block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block,
382  const struct
383  GNUNET_CRYPTO_EcdsaPublicKey *zone_key,
384  const char *label,
385  GNUNET_GNSRECORD_RecordCallback proc,
386  void *proc_cls)
387 {
388  size_t payload_len = ntohl (block->purpose.size)
389  - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
390  - sizeof(struct GNUNET_TIME_AbsoluteNBO);
391  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
392  unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH];
393 
394  if (ntohl (block->purpose.size) <
395  sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
396  + sizeof(struct GNUNET_TIME_AbsoluteNBO))
397  {
398  GNUNET_break_op (0);
399  return GNUNET_SYSERR;
400  }
401  derive_block_aes_key (ctr,
402  key,
403  label,
404  block->expiration_time.abs_value_us__,
405  zone_key);
406  {
407  char payload[payload_len];
408  uint32_t rd_count;
409 
410  GNUNET_break (payload_len ==
411  ecdsa_symmetric_decrypt (&block[1], payload_len,
412  key, ctr,
413  payload));
414  GNUNET_memcpy (&rd_count,
415  payload,
416  sizeof(uint32_t));
417  rd_count = ntohl (rd_count);
418  if (rd_count > 2048)
419  {
420  /* limit to sane value */
421  GNUNET_break_op (0);
422  return GNUNET_SYSERR;
423  }
424  {
425  struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL (rd_count)];
426  unsigned int j;
427  struct GNUNET_TIME_Absolute now;
428 
429  if (GNUNET_OK !=
430  GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t),
431  &payload[sizeof(uint32_t)],
432  rd_count,
433  rd))
434  {
435  GNUNET_break_op (0);
436  return GNUNET_SYSERR;
437  }
438  /* hide expired records */
439  now = GNUNET_TIME_absolute_get ();
440  j = 0;
441  for (unsigned int i = 0; i < rd_count; i++)
442  {
443  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
444  {
445  /* encrypted blocks must never have relative expiration times, skip! */
446  GNUNET_break_op (0);
447  continue;
448  }
449 
450  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD))
451  {
452  int include_record = GNUNET_YES;
453  /* Shadow record, figure out if we have a not expired active record */
454  for (unsigned int k = 0; k < rd_count; k++)
455  {
456  if (k == i)
457  continue;
458  if (rd[i].expiration_time < now.abs_value_us)
459  include_record = GNUNET_NO; /* Shadow record is expired */
460  if ((rd[k].record_type == rd[i].record_type) &&
461  (rd[k].expiration_time >= now.abs_value_us) &&
462  (0 == (rd[k].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD)))
463  {
464  include_record = GNUNET_NO; /* We have a non-expired, non-shadow record of the same type */
465  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
466  "Ignoring shadow record\n");
467  break;
468  }
469  }
470  if (GNUNET_YES == include_record)
471  {
472  rd[i].flags ^= GNUNET_GNSRECORD_RF_SHADOW_RECORD; /* Remove Flag */
473  if (j != i)
474  rd[j] = rd[i];
475  j++;
476  }
477  }
478  else if (rd[i].expiration_time >= now.abs_value_us)
479  {
480  /* Include this record */
481  if (j != i)
482  rd[j] = rd[i];
483  j++;
484  }
485  else
486  {
487  struct GNUNET_TIME_Absolute at;
488 
489  at.abs_value_us = rd[i].expiration_time;
490  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
491  "Excluding record that expired %s (%llu ago)\n",
492  GNUNET_STRINGS_absolute_time_to_string (at),
493  (unsigned long long) rd[i].expiration_time
494  - now.abs_value_us);
495  }
496  }
497  rd_count = j;
498  if (NULL != proc)
499  proc (proc_cls,
500  rd_count,
501  (0 != rd_count) ? rd : NULL);
502  }
503  }
504  return GNUNET_OK;
505 }
506 
507 
519 enum GNUNET_GenericReturnValue
520 GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block,
521  const struct
522  GNUNET_IDENTITY_PublicKey *zone_key,
523  const char *label,
524  GNUNET_GNSRECORD_RecordCallback proc,
525  void *proc_cls)
526 {
527  const struct GNUNET_CRYPTO_EcdsaPublicKey *key;
528 
529  if (GNUNET_IDENTITY_TYPE_ECDSA != ntohl (zone_key->type))
530  {
531  return GNUNET_NO;
532  }
533  key = &zone_key->ecdsa_key;
534 
535  return block_decrypt_ecdsa (&block->ecdsa_block,
536  key, label, proc, proc_cls);
537 
538 }
539 
540 
548 void
549 GNUNET_GNSRECORD_query_from_private_key (const struct
550  GNUNET_IDENTITY_PrivateKey *zone,
551  const char *label,
552  struct GNUNET_HashCode *query)
553 {
554  struct GNUNET_IDENTITY_PublicKey pub;
555  switch (ntohl (zone->type))
556  {
557  case GNUNET_GNSRECORD_TYPE_PKEY:
558 
559  GNUNET_IDENTITY_key_get_public (zone,
560  &pub);
561  GNUNET_GNSRECORD_query_from_public_key (&pub,
562  label,
563  query);
564  break;
565  default:
566  GNUNET_assert (0);
567  }
568 }
569 
570 
578 void
579 GNUNET_GNSRECORD_query_from_public_key (const struct
580  GNUNET_IDENTITY_PublicKey *pub,
581  const char *label,
582  struct GNUNET_HashCode *query)
583 {
584  struct GNUNET_IDENTITY_PublicKey pd;
585 
586  switch (ntohl (pub->type))
587  {
588  case GNUNET_GNSRECORD_TYPE_PKEY:
589  pd.type = pub->type;
590  GNUNET_CRYPTO_ecdsa_public_key_derive (&pub->ecdsa_key,
591  label,
592  "gns",
593  &pd.ecdsa_key);
594  GNUNET_CRYPTO_hash (&pd.ecdsa_key,
595  sizeof (pd.ecdsa_key),
596  query);
597  break;
598  default:
599  GNUNET_assert (0);
600  }
601 }
602 
603 
604 /* end of gnsrecord_crypto.c */
gnunet_constants.h
gnunet_gnsrecord_lib.h
GNUNET_GNSRECORD_EcdsaBlock
Information we have in an encrypted block with record data (i.e.
Definition: gnunet_gnsrecord_lib.h:274
GNUNET_GNSRECORD_EcdsaBlock::signature
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of the block.
Definition: gnunet_gnsrecord_lib.h:284
GNUNET_GNSRECORD_RF_SHADOW_RECORD
This record should not be used unless all (other) records with an absolute expiration time have expir...
Definition: gnunet_gnsrecord_lib.h:193
GNUNET_GNSRECORD_Data
A GNS record.
Definition: gnunet_gnsrecord_lib.h:213
GNUNET_CRYPTO_ecdsa_public_key_derive
void GNUNET_CRYPTO_ecdsa_public_key_derive(const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EcdsaPublicKey *result)
Derive a public key from a given public key and a label.
Definition: crypto_ecc.c:963
GNUNET_GNSRECORD_records_get_size
GNUNET_NETWORK_STRUCT_END ssize_t GNUNET_GNSRECORD_records_get_size(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Calculate how many bytes we will need to serialize the given records.
Definition: gnsrecord_serialization.c:88
GNUNET_TIME_Relative::rel_value_us
uint64_t rel_value_us
The actual value.
Definition: gnunet_time_lib.h:65
pkey
static char * pkey
Public key of the zone to look in, in ASCII.
Definition: gnunet-namecache.c:59
KeyCacheLine::pkey
struct GNUNET_CRYPTO_EcdsaPublicKey pkey
Associated public key.
Definition: gnsrecord_crypto.c:298
GNUNET_IDENTITY_PublicKey::type
uint32_t type
Type of public key.
Definition: gnunet_identity_service.h:123
GNUNET_CRYPTO_EccSignaturePurpose::purpose
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
Definition: gnunet_crypto_lib.h:146
GNUNET_GNSRECORD_Block::ecdsa_block
struct GNUNET_GNSRECORD_EcdsaBlock ecdsa_block
Definition: gnunet_gnsrecord_lib.h:306
GNUNET_GNSRECORD_records_serialize
ssize_t GNUNET_GNSRECORD_records_serialize(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd, size_t dest_size, char *dest)
Serialize the given records to the given destination buffer.
Definition: gnsrecord_serialization.c:154
expire
static void expire(void *cls)
Expire a PooledConnection object.
Definition: gnunet-service-testbed_connectionpool.c:338
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:853
GNUNET_GNSRECORD_EcdsaBlock::expiration_time
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
Definition: gnunet_gnsrecord_lib.h:295
gnunet_dnsparser_lib.h
GNUNET_GNSRECORD_MAX_BLOCK_SIZE
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
Definition: gnunet_gnsrecord_lib.h:49
GNUNET_IDENTITY_PrivateKey
A private key for an identity as per LSD0001.
Definition: gnunet_identity_service.h:89
GNUNET_memcpy
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
Definition: gnunet_common.h:1204
GNUNET_GNSRECORD_EcdsaBlock::derived_key
struct GNUNET_CRYPTO_EcdsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
Definition: gnunet_gnsrecord_lib.h:279
GNUNET_GenericReturnValue
GNUNET_GenericReturnValue
Named constants for return values.
Definition: gnunet_common.h:83
GNUNET_TIME_absolute_add
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:395
GNUNET_NO
Definition: gnunet_common.h:86
GNUNET_CRYPTO_EcdsaPrivateKey
Private ECC key encoded for transmission.
Definition: gnunet_crypto_lib.h:256
GNUNET_IDENTITY_TYPE_ECDSA
The identity type.
Definition: gnunet_identity_service.h:66
GNUNET_GNSRECORD_records_deserialize
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
Definition: gnsrecord_serialization.c:227
gnunet_util_lib.h
GNUNET_GNSRECORD_Block
Definition: gnunet_gnsrecord_lib.h:300
GNUNET_TIME_AbsoluteNBO
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
Definition: gnunet_time_lib.h:85
ecdsa_symmetric_encrypt
ssize_t ecdsa_symmetric_encrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
Definition: gnsrecord_crypto.c:69
GNUNET_TIME_Absolute::abs_value_us
uint64_t abs_value_us
The actual value.
Definition: gnunet_time_lib.h:53
GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
Definition: gnunet_common.h:934
GNUNET_GNSRECORD_block_create
struct GNUNET_GNSRECORD_Block * GNUNET_GNSRECORD_block_create(const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
Sign name and records.
Definition: gnsrecord_crypto.c:259
zone
static char * zone
Name of the zone we manage.
Definition: gnunet-namestore-fcfsd.c:244
GNUNET_CRYPTO_EccSignaturePurpose
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
Definition: gnunet_crypto_lib.h:131
GNUNET_GNSRECORD_EcdsaBlock::purpose
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
Definition: gnunet_gnsrecord_lib.h:290
GNUNET_IDENTITY_PrivateKey::ecdsa_key
struct GNUNET_CRYPTO_EcdsaPrivateKey ecdsa_key
An ECDSA identity key.
Definition: gnunet_identity_service.h:103
GNUNET_OK
Definition: gnunet_common.h:87
line
static char * line
Desired phone line (string to be converted to a hash).
Definition: gnunet-conversation.c:157
KeyCacheLine::key
struct GNUNET_CRYPTO_EcdsaPrivateKey key
A private key.
Definition: gnsrecord_crypto.c:293
GNUNET_GNSRECORD_TYPE_PKEY
#define GNUNET_GNSRECORD_TYPE_PKEY
Record type for GNS zone transfer ("PKEY").
Definition: gnunet_gnsrecord_lib.h:60
derive_block_aes_key
static void derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive session key and iv from label and public key.
Definition: gnsrecord_crypto.c:105
CSIZE
#define CSIZE
GNUNET_break_op
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
Definition: gnunet_common.h:956
GNUNET_CRYPTO_hash
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:48
GNUNET_IDENTITY_PublicKey::ecdsa_key
struct GNUNET_CRYPTO_EcdsaPublicKey ecdsa_key
An ECDSA identity key.
Definition: gnunet_identity_service.h:130
GNUNET_GNSRECORD_Data::expiration_time
uint64_t expiration_time
Expiration time for the DNS record.
Definition: gnunet_gnsrecord_lib.h:227
block_create_ecdsa
static struct GNUNET_GNSRECORD_Block * block_create_ecdsa(const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
Sign name and records.
Definition: gnsrecord_crypto.c:145
GNUNET_GNSRECORD_block_create2
struct GNUNET_GNSRECORD_Block * GNUNET_GNSRECORD_block_create2(const struct GNUNET_IDENTITY_PrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
Sign name and records, cache derived public key (also keeps the private key in static memory...
Definition: gnsrecord_crypto.c:315
handle
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
Definition: gnunet-dns-monitor.c:35
result
static int result
Global testing status.
Definition: gnunet-regex-profiler.c:244
GNUNET_IDENTITY_key_get_public
enum GNUNET_GenericReturnValue GNUNET_IDENTITY_key_get_public(const struct GNUNET_IDENTITY_PrivateKey *privkey, struct GNUNET_IDENTITY_PublicKey *key)
Retrieves the public key representation of a private key.
Definition: identity_api.c:175
gnunet_signatures.h
GNUNET_CRYPTO_EccSignaturePurpose::size
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Definition: gnunet_crypto_lib.h:138
GNUNET_SYSERR
Definition: gnunet_common.h:85
GNUNET_HashCode
A 512-bit hashcode.
Definition: gnunet_common.h:242
GNUNET_GNSRECORD_query_from_public_key
void GNUNET_GNSRECORD_query_from_public_key(const struct GNUNET_IDENTITY_PublicKey *pub, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
Definition: gnsrecord_crypto.c:579
GNUNET_TIME_absolute_get
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
GNUNET_GNSRECORD_block_verify
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_verify(const struct GNUNET_GNSRECORD_Block *block)
Check if a signature is valid.
Definition: gnsrecord_crypto.c:360
GNUNET_CRYPTO_AES_KEY_LENGTH
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
Definition: gnunet_crypto_lib.h:101
key
struct GNUNET_HashCode key
The key used in the DHT.
Definition: gnunet-dht-put.c:37
size
static unsigned int size
Size of the "table".
Definition: peer.c:67
GNUNET_CRYPTO_ecdsa_key_get_public
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:176
GNUNET_GNSRECORD_Block::type
uint32_t type
Definition: gnunet_gnsrecord_lib.h:302
gnunet_arm_service.h
GNUNET_IDENTITY_PrivateKey::type
uint32_t type
Type of public key.
Definition: gnunet_identity_service.h:96
GNUNET_GNSRECORD_block_decrypt
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_decrypt(const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_IDENTITY_PublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
Decrypt block.
Definition: gnsrecord_crypto.c:520
GNUNET_CRYPTO_ecdsa_sign_
int GNUNET_CRYPTO_ecdsa_sign_(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:645
payload
static unsigned long long payload
How much data are we currently storing in the database?
Definition: gnunet-service-datastore.c:183
GNUNET_GNSRECORD_query_from_private_key
void GNUNET_GNSRECORD_query_from_private_key(const struct GNUNET_IDENTITY_PrivateKey *zone, const char *label, struct GNUNET_HashCode *query)
Calculate the DHT query for a given label in a given zone.
Definition: gnsrecord_crypto.c:549
GNUNET_CRYPTO_ecdsa_verify_
int GNUNET_CRYPTO_ecdsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EcdsaSignature *sig, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Verify ECDSA signature.
Definition: crypto_ecc.c:745
GNUNET_GNSRECORD_RecordCallback
void(* GNUNET_GNSRECORD_RecordCallback)(void *cls, unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Process a records that were decrypted from a block.
Definition: gnunet_gnsrecord_lib.h:375
GNUNET_IDENTITY_PublicKey
An identity key as per LSD0001.
Definition: gnunet_identity_service.h:116
GNUNET_ERROR_TYPE_INFO
Definition: gnunet_common.h:397
pub
static struct GNUNET_CRYPTO_EddsaPublicKey pub
Definition: gnunet-scrypt.c:46
GNUNET_TIME_AbsoluteNBO::abs_value_us__
uint64_t abs_value_us__
The actual value (in network byte order).
Definition: gnunet_time_lib.h:90
GNUNET_CRYPTO_EcdsaPublicKey
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Definition: gnunet_crypto_lib.h:206
GNUNET_log
#define GNUNET_log(kind,...)
Definition: gnunet_common.h:521
GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
Signature of a gnunet naming system record block.
Definition: gnunet_signatures.h:125
block_decrypt_ecdsa
enum GNUNET_GenericReturnValue block_decrypt_ecdsa(const struct GNUNET_GNSRECORD_EcdsaBlock *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
Definition: gnsrecord_crypto.c:381
GNUNET_TIME_Absolute
Time for absolute times used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:48
KeyCacheLine
Line in cache mapping private keys to public keys.
Definition: gnsrecord_crypto.c:288
GNUNET_GNSRECORD_Data::flags
enum GNUNET_GNSRECORD_Flags flags
Flags for the record.
Definition: gnunet_gnsrecord_lib.h:242
GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION
This expiration time of the record is a relative time (not an absolute time).
Definition: gnunet_gnsrecord_lib.h:187
GNUNET_STRINGS_absolute_time_to_string
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
Definition: strings.c:758
ecdsa_symmetric_decrypt
ssize_t ecdsa_symmetric_decrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
Definition: gnsrecord_crypto.c:41
GNUNET_CRYPTO_ecdsa_private_key_derive
struct GNUNET_CRYPTO_EcdsaPrivateKey * GNUNET_CRYPTO_ecdsa_private_key_derive(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const char *label, const char *context)
Derive a private key from a given private key and a label.
Definition: crypto_ecc.c:911
GNUNET_TIME_absolute_hton
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
GNUNET_CRYPTO_kdf
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:90
GNUNET_YES
Definition: gnunet_common.h:89
gnunet_tun_lib.h
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1262
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1322
GNUNET_TIME_Relative
Time for relative time used by GNUnet, in microseconds.
Definition: gnunet_time_lib.h:60
Generated by   doxygen 1.8.13