GNUnet 0.22.0
gnsrecord_crypto.h File Reference

API for GNS record-related crypto. More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_constants.h"
#include "gnunet_signatures.h"
#include "gnunet_arm_service.h"
#include "gnunet_gnsrecord_lib.h"
Include dependency graph for gnsrecord_crypto.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  GNRBlockPS
 Information we have in an encrypted block with record data (i.e. More...
 

Functions

void GNR_derive_block_aes_key (unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 Derive session key and iv from label and public key. More...
 
void GNR_derive_block_xsalsa_key (unsigned char *nonce, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
 Derive session key and iv from label and public key. More...
 
struct GNUNET_GNSRECORD_SignaturePurposePSGNR_create_signature_message (const struct GNUNET_GNSRECORD_PowP *pow)
 Create the revocation metadata to sign for a revocation message. More...
 

Detailed Description

API for GNS record-related crypto.

Author
Martin Schanzenbach
Matthias Wachs
Christian Grothoff

Definition in file gnsrecord_crypto.h.

Function Documentation

◆ GNR_derive_block_aes_key()

void GNR_derive_block_aes_key ( unsigned char *  ctr,
unsigned char *  key,
const char *  label,
uint64_t  exp,
const struct GNUNET_CRYPTO_EcdsaPublicKey pub 
)

Derive session key and iv from label and public key.

Parameters
ivinitialization vector to initialize
skeysession key to initialize
labellabel to use for KDF
pubpublic key to use for KDF

4 byte nonce

Expiration time 64 bit.

Set counter part to 1

Definition at line 129 of file gnsrecord_crypto.c.

134{
135 static const char ctx_key[] = "gns-aes-ctx-key";
136 static const char ctx_iv[] = "gns-aes-ctx-iv";
137
139 ctx_key, strlen (ctx_key),
140 pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
141 label, strlen (label),
142 NULL, 0);
143 memset (ctr, 0, GNUNET_CRYPTO_AES_KEY_LENGTH / 2);
145 GNUNET_CRYPTO_kdf (ctr, 4,
146 ctx_iv, strlen (ctx_iv),
147 pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
148 label, strlen (label),
149 NULL, 0);
151 memcpy (ctr + 4, &exp, sizeof (exp));
153 ctr[15] |= 0x01;
154}
struct GNUNET_HashCode key
The key used in the DHT.
static struct GNUNET_CRYPTO_EddsaPublicKey pub
Definition: gnunet-scrypt.c:47
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:62
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...

References GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_CRYPTO_kdf(), key, and pub.

Referenced by block_create_ecdsa(), block_decrypt_ecdsa(), and run_pkey().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNR_derive_block_xsalsa_key()

void GNR_derive_block_xsalsa_key ( unsigned char *  nonce,
unsigned char *  key,
const char *  label,
uint64_t  exp,
const struct GNUNET_CRYPTO_EddsaPublicKey pub 
)

Derive session key and iv from label and public key.

Parameters
nonceinitialization vector to initialize
skeysession key to initialize
labellabel to use for KDF
pubpublic key to use for KDF

16 byte nonce

Expiration time 64 bit.

Definition at line 158 of file gnsrecord_crypto.c.

163{
164 static const char ctx_key[] = "gns-xsalsa-ctx-key";
165 static const char ctx_iv[] = "gns-xsalsa-ctx-iv";
166
167 GNUNET_CRYPTO_kdf (key, crypto_secretbox_KEYBYTES,
168 ctx_key, strlen (ctx_key),
169 pub, sizeof(struct GNUNET_CRYPTO_EddsaPublicKey),
170 label, strlen (label),
171 NULL, 0);
172 memset (nonce, 0, crypto_secretbox_NONCEBYTES);
174 GNUNET_CRYPTO_kdf (nonce, (crypto_secretbox_NONCEBYTES - sizeof (exp)),
175 ctx_iv, strlen (ctx_iv),
176 pub, sizeof(struct GNUNET_CRYPTO_EddsaPublicKey),
177 label, strlen (label),
178 NULL, 0);
180 memcpy (nonce + (crypto_secretbox_NONCEBYTES - sizeof (exp)),
181 &exp, sizeof (exp));
182}
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...

References GNUNET_CRYPTO_kdf(), key, and pub.

Referenced by block_create_eddsa(), block_decrypt_eddsa(), and run_edkey().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNR_create_signature_message()

struct GNUNET_GNSRECORD_SignaturePurposePS * GNR_create_signature_message ( const struct GNUNET_GNSRECORD_PowP pow)

Create the revocation metadata to sign for a revocation message.

Parameters
powthe PoW to sign
Returns
the signature purpose

Definition at line 104 of file gnsrecord_pow.c.

105{
107 const struct GNUNET_CRYPTO_PublicKey *pk;
108 size_t ksize;
109
110 pk = (const struct GNUNET_CRYPTO_PublicKey *) &pow[1];
112 spurp = GNUNET_malloc (sizeof (*spurp) + ksize);
113 spurp->timestamp = pow->timestamp;
115 spurp->purpose.size = htonl (sizeof(*spurp) + ksize);
117 (char*) &spurp[1],
118 ksize);
119 return spurp;
120}
struct GNUNET_CRYPTO_PrivateKey pk
Private key from command line option, or NULL.
ssize_t GNUNET_CRYPTO_public_key_get_length(const struct GNUNET_CRYPTO_PublicKey *key)
Get the compacted length of a GNUNET_CRYPTO_PublicKey.
Definition: crypto_pkey.c:85
ssize_t GNUNET_CRYPTO_write_public_key_to_buffer(const struct GNUNET_CRYPTO_PublicKey *key, void *buffer, size_t len)
Writes a GNUNET_CRYPTO_PublicKey to a compact buffer.
Definition: crypto_pkey.c:128
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION
GNS zone key revocation (GNS)
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!...
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
An identity key as per LSD0001.
struct GNUNET_TIME_AbsoluteNBO timestamp
The timestamp of the revocation.
The signature object we use for the PoW.
struct GNUNET_TIME_AbsoluteNBO timestamp
The timestamp of the revocation.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
The signature purpose.

References GNUNET_CRYPTO_public_key_get_length(), GNUNET_CRYPTO_write_public_key_to_buffer(), GNUNET_malloc, GNUNET_SIGNATURE_PURPOSE_GNS_REVOCATION, pk, GNUNET_CRYPTO_EccSignaturePurpose::purpose, GNUNET_GNSRECORD_SignaturePurposePS::purpose, GNUNET_CRYPTO_EccSignaturePurpose::size, GNUNET_GNSRECORD_PowP::timestamp, and GNUNET_GNSRECORD_SignaturePurposePS::timestamp.

Referenced by check_signature_identity(), run_with_key(), and sign_pow_identity().

Here is the call graph for this function:
Here is the caller graph for this function: