API for GNS record-related crypto. More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_constants.h"
#include "gnunet_signatures.h"
#include "gnunet_arm_service.h"
#include "gnunet_gnsrecord_lib.h"

Include dependency graph for gnsrecord_crypto.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures
struct	GNRBlockPS
	Information we have in an encrypted block with record data (i.e. More...

Functions
void	GNR_derive_block_aes_key (unsigned char ctr, unsigned char key, const char label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey pub)
	Derive session key and iv from label and public key. More...

void	GNR_derive_block_xsalsa_key (unsigned char nonce, unsigned char key, const char label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey pub)
	Derive session key and iv from label and public key. More...

struct GNUNET_GNSRECORD_SignaturePurposePS *	GNR_create_signature_message (const struct GNUNET_GNSRECORD_PowP *pow)
	Create the revocation metadata to sign for a revocation message. More...

Detailed Description

API for GNS record-related crypto.

Author: Martin Schanzenbach; Matthias Wachs; Christian Grothoff

Definition in file gnsrecord_crypto.h.

Function Documentation

◆ GNR_derive_block_aes_key()

void GNR_derive_block_aes_key	(	unsigned char *	ctr,
		unsigned char *	key,
		const char *	label,
		uint64_t	exp,
		const struct GNUNET_CRYPTO_EcdsaPublicKey *	pub
	)

Derive session key and iv from label and public key.

Parameters

iv	initialization vector to initialize
skey	session key to initialize
label	label to use for KDF
pub	public key to use for KDF

4 byte nonce

Expiration time 64 bit.

Set counter part to 1

Definition at line 129 of file gnsrecord_crypto.c.

{
  static const char ctx_key[] = "gns-aes-ctx-key";
  static const char ctx_iv[] = "gns-aes-ctx-iv";
 
  GNUNET_CRYPTO_kdf (key, GNUNET_CRYPTO_AES_KEY_LENGTH,
                     ctx_key, strlen (ctx_key),
                     pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
                     label, strlen (label),
                     NULL, 0);
  memset (ctr, 0, GNUNET_CRYPTO_AES_KEY_LENGTH / 2);
  GNUNET_CRYPTO_kdf (ctr, 4,
                     ctx_iv, strlen (ctx_iv),
                     pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
                     label, strlen (label),
                     NULL, 0);
  memcpy (ctr + 4, &exp, sizeof (exp));
  ctr[15] |= 0x01;
}

References GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_CRYPTO_kdf(), key, and pub.

Referenced by block_create_ecdsa(), block_decrypt_ecdsa(), and run_pkey().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ GNR_derive_block_xsalsa_key()

void GNR_derive_block_xsalsa_key	(	unsigned char *	nonce,
		unsigned char *	key,
		const char *	label,
		uint64_t	exp,
		const struct GNUNET_CRYPTO_EddsaPublicKey *	pub
	)

Derive session key and iv from label and public key.

Parameters

nonce	initialization vector to initialize
skey	session key to initialize
label	label to use for KDF
pub	public key to use for KDF

16 byte nonce

Expiration time 64 bit.

Definition at line 158 of file gnsrecord_crypto.c.

{
  static const char ctx_key[] = "gns-xsalsa-ctx-key";
  static const char ctx_iv[] = "gns-xsalsa-ctx-iv";
 
  GNUNET_CRYPTO_kdf (key, crypto_secretbox_KEYBYTES,
                     ctx_key, strlen (ctx_key),
                     pub, sizeof(struct GNUNET_CRYPTO_EddsaPublicKey),
                     label, strlen (label),
                     NULL, 0);
  memset (nonce, 0, crypto_secretbox_NONCEBYTES);
  GNUNET_CRYPTO_kdf (nonce, (crypto_secretbox_NONCEBYTES - sizeof (exp)),
                     ctx_iv, strlen (ctx_iv),
                     pub, sizeof(struct GNUNET_CRYPTO_EddsaPublicKey),
                     label, strlen (label),
                     NULL, 0);
  memcpy (nonce + (crypto_secretbox_NONCEBYTES - sizeof (exp)),
          &exp, sizeof (exp));
}

References GNUNET_CRYPTO_kdf(), key, and pub.

Referenced by block_create_eddsa(), block_decrypt_eddsa(), and run_edkey().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ GNR_create_signature_message()

struct GNUNET_GNSRECORD_SignaturePurposePS * GNR_create_signature_message ( const struct GNUNET_GNSRECORD_PowP * pow )

Create the revocation metadata to sign for a revocation message.

Parameters

pow	the PoW to sign

Returns: the signature purpose

Definition at line 103 of file gnsrecord_pow.c.

{
  struct GNUNET_GNSRECORD_SignaturePurposePS *spurp;
  const struct GNUNET_CRYPTO_PublicKey *pk;
  size_t ksize;
 
  pk = (const struct GNUNET_CRYPTO_PublicKey *) &pow[1];
  ksize = GNUNET_CRYPTO_public_key_get_length (pk);
  spurp = GNUNET_malloc (sizeof (*spurp) + ksize);
  spurp->timestamp = pow->timestamp;
  spurp->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION);
  spurp->purpose.size = htonl (sizeof(*spurp) + ksize);
  GNUNET_CRYPTO_write_public_key_to_buffer (pk,
                                            (char*) &spurp[1],
                                            ksize);
  return spurp;
}

References GNUNET_CRYPTO_public_key_get_length(), GNUNET_CRYPTO_write_public_key_to_buffer(), GNUNET_malloc, GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION, pk, GNUNET_CRYPTO_EccSignaturePurpose::purpose, GNUNET_GNSRECORD_SignaturePurposePS::purpose, GNUNET_CRYPTO_EccSignaturePurpose::size, GNUNET_GNSRECORD_PowP::timestamp, and GNUNET_GNSRECORD_SignaturePurposePS::timestamp.

Referenced by check_signature_identity(), run_with_key(), and sign_pow_identity().

Here is the call graph for this function:

Here is the caller graph for this function:

Data Structures

Functions

Detailed Description

Function Documentation

◆ GNR_derive_block_aes_key()

◆ GNR_derive_block_xsalsa_key()

◆ GNR_create_signature_message()