db/d86/crypto__blind__sign_8c_source.html

/*

  This file is part of GNUNET

  Copyright (C) 2021, 2022, 2023 GNUnet e.V.


  GNUNET is free software; you can redistribute it and/or modify it under the

  terms of the GNU General Public License as published by the Free Software

  Foundation; either version 3, or (at your option) any later version.


  GNUNET is distributed in the hope that it will be useful, but WITHOUT ANY

  WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR

  A PARTICULAR PURPOSE.  See the GNU General Public License for more details.


  You should have received a copy of the GNU General Public License along with

  GNUNET; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>

*/

#include "platform.h"

#include "gnunet_util_lib.h"


void

GNUNET_CRYPTO_blinding_input_values_decref (

  struct GNUNET_CRYPTO_BlindingInputValues *bm)

{

  GNUNET_assert (bm->rc > 0);

  bm->rc--;

  if (0 != bm->rc)

    return;

  switch (bm->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    break;

  case GNUNET_CRYPTO_BSA_RSA:

    bm->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  case GNUNET_CRYPTO_BSA_CS:

    bm->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  }

  GNUNET_free (bm);

}


void

GNUNET_CRYPTO_blind_sign_priv_decref (

  struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv)

{

  GNUNET_assert (bsign_priv->rc > 0);

  bsign_priv->rc--;

  if (0 != bsign_priv->rc)

    return;

  switch (bsign_priv->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    break;

  case GNUNET_CRYPTO_BSA_RSA:

    if (NULL != bsign_priv->details.rsa_private_key)

    {

      GNUNET_CRYPTO_rsa_private_key_free (bsign_priv->details.rsa_private_key);

      bsign_priv->details.rsa_private_key = NULL;

    }

    bsign_priv->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  case GNUNET_CRYPTO_BSA_CS:

    bsign_priv->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  }

  GNUNET_free (bsign_priv);

}


void

GNUNET_CRYPTO_blind_sign_pub_decref (struct

                                     GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub)

{

  GNUNET_assert (bsign_pub->rc > 0);

  bsign_pub->rc--;

  if (0 != bsign_pub->rc)

    return;

  switch (bsign_pub->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    break;

  case GNUNET_CRYPTO_BSA_RSA:

    if (NULL != bsign_pub->details.rsa_public_key)

    {

      GNUNET_CRYPTO_rsa_public_key_free (bsign_pub->details.rsa_public_key);

      bsign_pub->details.rsa_public_key = NULL;

    }

    bsign_pub->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  case GNUNET_CRYPTO_BSA_CS:

    break;

  }

  GNUNET_free (bsign_pub);

}


void

GNUNET_CRYPTO_unblinded_sig_decref (struct

                                    GNUNET_CRYPTO_UnblindedSignature *ub_sig)

{

  GNUNET_assert (ub_sig->rc > 0);

  ub_sig->rc--;

  if (0 != ub_sig->rc)

    return;

  switch (ub_sig->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    break;

  case GNUNET_CRYPTO_BSA_RSA:

    if (NULL != ub_sig->details.rsa_signature)

    {

      GNUNET_CRYPTO_rsa_signature_free (ub_sig->details.rsa_signature);

      ub_sig->details.rsa_signature = NULL;

    }

    ub_sig->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  case GNUNET_CRYPTO_BSA_CS:

    ub_sig->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  }

  GNUNET_free (ub_sig);

}


void

GNUNET_CRYPTO_blinded_sig_decref (

  struct GNUNET_CRYPTO_BlindedSignature *blind_sig)

{

  GNUNET_assert (blind_sig->rc > 0);

  blind_sig->rc--;

  if (0 != blind_sig->rc)

    return;

  switch (blind_sig->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    break;

  case GNUNET_CRYPTO_BSA_RSA:

    if (NULL != blind_sig->details.blinded_rsa_signature)

    {

      GNUNET_CRYPTO_rsa_signature_free (

        blind_sig->details.blinded_rsa_signature);

      blind_sig->details.blinded_rsa_signature = NULL;

    }

    blind_sig->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  case GNUNET_CRYPTO_BSA_CS:

    blind_sig->cipher = GNUNET_CRYPTO_BSA_INVALID;

    break;

  }

  GNUNET_free (blind_sig);

}


void

GNUNET_CRYPTO_blinded_message_decref (

  struct GNUNET_CRYPTO_BlindedMessage *bm)

{

  GNUNET_assert (bm->rc > 0);

  bm->rc--;

  if (0 != bm->rc)

    return;

  switch (bm->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    break;

  case GNUNET_CRYPTO_BSA_RSA:

    GNUNET_free (bm->details.rsa_blinded_message.blinded_msg);

    break;

  case GNUNET_CRYPTO_BSA_CS:

    break;

  }

  GNUNET_free (bm);

}


struct GNUNET_CRYPTO_BlindedMessage *

GNUNET_CRYPTO_blinded_message_incref (

  struct GNUNET_CRYPTO_BlindedMessage *bm)

{

  bm->rc++;

  return bm;

}


struct GNUNET_CRYPTO_BlindingInputValues *

GNUNET_CRYPTO_blinding_input_values_incref (

  struct GNUNET_CRYPTO_BlindingInputValues *bm)

{

  bm->rc++;

  return bm;

}


struct GNUNET_CRYPTO_BlindSignPublicKey *

GNUNET_CRYPTO_bsign_pub_incref (

  struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub)

{

  bsign_pub->rc++;

  return bsign_pub;

}


struct GNUNET_CRYPTO_BlindSignPrivateKey *

GNUNET_CRYPTO_bsign_priv_incref (

  struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv)

{

  bsign_priv->rc++;

  return bsign_priv;

}


struct GNUNET_CRYPTO_UnblindedSignature *

GNUNET_CRYPTO_ub_sig_incref (struct GNUNET_CRYPTO_UnblindedSignature *ub_sig)

{

  ub_sig->rc++;

  return ub_sig;

}


struct GNUNET_CRYPTO_BlindedSignature *

GNUNET_CRYPTO_blind_sig_incref (

  struct GNUNET_CRYPTO_BlindedSignature *blind_sig)

{

  blind_sig->rc++;

  return blind_sig;

}


int

GNUNET_CRYPTO_bsign_pub_cmp (

  const struct GNUNET_CRYPTO_BlindSignPublicKey *bp1,

  const struct GNUNET_CRYPTO_BlindSignPublicKey *bp2)

{

  if (bp1->cipher != bp2->cipher)

    return (bp1->cipher > bp2->cipher) ? 1 : -1;

  switch (bp1->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    return 0;

  case GNUNET_CRYPTO_BSA_RSA:

    return GNUNET_memcmp (&bp1->pub_key_hash,

                          &bp2->pub_key_hash);

  case GNUNET_CRYPTO_BSA_CS:

    return GNUNET_memcmp (&bp1->pub_key_hash,

                          &bp2->pub_key_hash);

  }

  GNUNET_assert (0);

  return -2;

}


int

GNUNET_CRYPTO_ub_sig_cmp (

  const struct GNUNET_CRYPTO_UnblindedSignature *sig1,

  const struct GNUNET_CRYPTO_UnblindedSignature *sig2)

{

  if (sig1->cipher != sig2->cipher)

    return (sig1->cipher > sig2->cipher) ? 1 : -1;

  switch (sig1->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    return 0;

  case GNUNET_CRYPTO_BSA_RSA:

    return GNUNET_CRYPTO_rsa_signature_cmp (sig1->details.rsa_signature,

                                            sig2->details.rsa_signature);

  case GNUNET_CRYPTO_BSA_CS:

    return GNUNET_memcmp (&sig1->details.cs_signature,

                          &sig2->details.cs_signature);

  }

  GNUNET_assert (0);

  return -2;

}


int

GNUNET_CRYPTO_blind_sig_cmp (

  const struct GNUNET_CRYPTO_BlindedSignature *sig1,

  const struct GNUNET_CRYPTO_BlindedSignature *sig2)

{

  if (sig1->cipher != sig2->cipher)

    return (sig1->cipher > sig2->cipher) ? 1 : -1;

  switch (sig1->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    return 0;

  case GNUNET_CRYPTO_BSA_RSA:

    return GNUNET_CRYPTO_rsa_signature_cmp (sig1->details.blinded_rsa_signature,

                                            sig2->details.blinded_rsa_signature);

  case GNUNET_CRYPTO_BSA_CS:

    return GNUNET_memcmp (&sig1->details.blinded_cs_answer,

                          &sig2->details.blinded_cs_answer);

  }

  GNUNET_assert (0);

  return -2;

}


int

GNUNET_CRYPTO_blinded_message_cmp (

  const struct GNUNET_CRYPTO_BlindedMessage *bp1,

  const struct GNUNET_CRYPTO_BlindedMessage *bp2)

{

  if (bp1->cipher != bp2->cipher)

    return (bp1->cipher > bp2->cipher) ? 1 : -1;

  switch (bp1->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    return 0;

  case GNUNET_CRYPTO_BSA_RSA:

    if (bp1->details.rsa_blinded_message.blinded_msg_size !=

        bp2->details.rsa_blinded_message.blinded_msg_size)

      return (bp1->details.rsa_blinded_message.blinded_msg_size >

              bp2->details.rsa_blinded_message.blinded_msg_size) ? 1 : -1;

    return memcmp (bp1->details.rsa_blinded_message.blinded_msg,

                   bp2->details.rsa_blinded_message.blinded_msg,

                   bp1->details.rsa_blinded_message.blinded_msg_size);

  case GNUNET_CRYPTO_BSA_CS:

    return GNUNET_memcmp (&bp1->details.cs_blinded_message,

                          &bp2->details.cs_blinded_message);

  }

  GNUNET_assert (0);

  return -2;

}


enum GNUNET_GenericReturnValue

GNUNET_CRYPTO_blind_sign_keys_create (

  struct GNUNET_CRYPTO_BlindSignPrivateKey **bsign_priv,

  struct GNUNET_CRYPTO_BlindSignPublicKey **bsign_pub,

  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher,

  ...)

{

  enum GNUNET_GenericReturnValue ret;

  va_list ap;


  va_start (ap,

            cipher);

  ret = GNUNET_CRYPTO_blind_sign_keys_create_va (bsign_priv,

                                                 bsign_pub,

                                                 cipher,

                                                 ap);

  va_end (ap);

  return ret;

}


enum GNUNET_GenericReturnValue

GNUNET_CRYPTO_blind_sign_keys_create_va (

  struct GNUNET_CRYPTO_BlindSignPrivateKey **bsign_priv,

  struct GNUNET_CRYPTO_BlindSignPublicKey **bsign_pub,

  enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher,

  va_list ap)

{

  struct GNUNET_CRYPTO_BlindSignPrivateKey *priv;

  struct GNUNET_CRYPTO_BlindSignPublicKey *pub;


  priv = GNUNET_new (struct GNUNET_CRYPTO_BlindSignPrivateKey);

  priv->rc = 1;

  priv->cipher = cipher;

  *bsign_priv = priv;

  pub = GNUNET_new (struct GNUNET_CRYPTO_BlindSignPublicKey);

  pub->rc = 1;

  pub->cipher = cipher;

  *bsign_pub = pub;

  switch (cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    break;

  case GNUNET_CRYPTO_BSA_RSA:

    {

      unsigned int bits;


      bits = va_arg (ap,

                     unsigned int);

      if (bits < 512)

      {

        GNUNET_break (0);

        break;

      }

      priv->details.rsa_private_key

        = GNUNET_CRYPTO_rsa_private_key_create (bits);

    }

    if (NULL == priv->details.rsa_private_key)

    {

      GNUNET_break (0);

      break;

    }

    pub->details.rsa_public_key

      = GNUNET_CRYPTO_rsa_private_key_get_public (

          priv->details.rsa_private_key);

    GNUNET_CRYPTO_rsa_public_key_hash (pub->details.rsa_public_key,

                                       &pub->pub_key_hash);

    return GNUNET_OK;

  case GNUNET_CRYPTO_BSA_CS:

    GNUNET_CRYPTO_cs_private_key_generate (&priv->details.cs_private_key);

    GNUNET_CRYPTO_cs_private_key_get_public (

      &priv->details.cs_private_key,

      &pub->details.cs_public_key);

    GNUNET_CRYPTO_hash (&pub->details.cs_public_key,

                        sizeof(pub->details.cs_public_key),

                        &pub->pub_key_hash);

    return GNUNET_OK;

  }

  GNUNET_free (priv);

  GNUNET_free (pub);

  *bsign_priv = NULL;

  *bsign_pub = NULL;

  return GNUNET_SYSERR;

}


struct GNUNET_CRYPTO_BlindingInputValues *

GNUNET_CRYPTO_get_blinding_input_values (

  const struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv,

  const union GNUNET_CRYPTO_BlindSessionNonce *nonce,

  const char *salt)

{

  struct GNUNET_CRYPTO_BlindingInputValues *biv;


  biv = GNUNET_new (struct GNUNET_CRYPTO_BlindingInputValues);

  biv->cipher = bsign_priv->cipher;

  biv->rc = 1;

  switch (bsign_priv->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    GNUNET_free (biv);

    return NULL;

  case GNUNET_CRYPTO_BSA_RSA:

    return biv;

  case GNUNET_CRYPTO_BSA_CS:

    {

      struct GNUNET_CRYPTO_CsRSecret cspriv[2];


      GNUNET_CRYPTO_cs_r_derive (&nonce->cs_nonce,

                                 salt,

                                 &bsign_priv->details.cs_private_key,

                                 cspriv);

      GNUNET_CRYPTO_cs_r_get_public (&cspriv[0],

                                     &biv->details.cs_values.r_pub[0]);

      GNUNET_CRYPTO_cs_r_get_public (&cspriv[1],

                                     &biv->details.cs_values.r_pub[1]);

      return biv;

    }

  }

  GNUNET_break (0);

  GNUNET_free (biv);

  return NULL;

}


struct GNUNET_CRYPTO_BlindedMessage *

GNUNET_CRYPTO_message_blind_to_sign (

  const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub,

  const union GNUNET_CRYPTO_BlindingSecretP *bks,

  const union GNUNET_CRYPTO_BlindSessionNonce *nonce,

  const void *message,

  size_t message_size,

  const struct GNUNET_CRYPTO_BlindingInputValues *alg_values)

{

  struct GNUNET_CRYPTO_BlindedMessage *bm;


  bm = GNUNET_new (struct GNUNET_CRYPTO_BlindedMessage);

  bm->cipher = bsign_pub->cipher;

  bm->rc = 1;

  switch (bsign_pub->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    GNUNET_free (bm);

    return NULL;

  case GNUNET_CRYPTO_BSA_RSA:

    if (GNUNET_YES !=

        GNUNET_CRYPTO_rsa_blind (

          message,

          message_size,

          &bks->rsa_bks,

          bsign_pub->details.rsa_public_key,

          &bm->details.rsa_blinded_message))

    {

      GNUNET_break (0);

      GNUNET_free (bm);

      return NULL;

    }

    return bm;

  case GNUNET_CRYPTO_BSA_CS:

    {

      struct GNUNET_CRYPTO_CSPublicRPairP blinded_r_pub;

      struct GNUNET_CRYPTO_CsBlindingSecret bs[2];


      if (NULL == nonce)

      {

        GNUNET_break_op (0);

        GNUNET_free (bm);

        return NULL;

      }

      GNUNET_CRYPTO_cs_blinding_secrets_derive (&bks->nonce,

                                                bs);

      GNUNET_CRYPTO_cs_calc_blinded_c (

        bs,

        alg_values->details.cs_values.r_pub,

        &bsign_pub->details.cs_public_key,

        message,

        message_size,

        bm->details.cs_blinded_message.c,

        &blinded_r_pub);

      bm->details.cs_blinded_message.nonce = nonce->cs_nonce;

      (void) blinded_r_pub;

      return bm;

    }

  }

  GNUNET_break (0);

  return NULL;

}


struct GNUNET_CRYPTO_BlindedSignature *

GNUNET_CRYPTO_blind_sign (

  const struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv,

  const char *salt,

  const struct GNUNET_CRYPTO_BlindedMessage *blinded_message)

{

  struct GNUNET_CRYPTO_BlindedSignature *blind_sig;


  if (blinded_message->cipher != bsign_priv->cipher)

  {

    GNUNET_break (0);

    return NULL;

  }


  blind_sig = GNUNET_new (struct GNUNET_CRYPTO_BlindedSignature);

  blind_sig->cipher = bsign_priv->cipher;

  blind_sig->rc = 1;

  switch (bsign_priv->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    GNUNET_free (blind_sig);

    return NULL;

  case GNUNET_CRYPTO_BSA_RSA:

    blind_sig->details.blinded_rsa_signature

      = GNUNET_CRYPTO_rsa_sign_blinded (

          bsign_priv->details.rsa_private_key,

          &blinded_message->details.rsa_blinded_message);

    if (NULL == blind_sig->details.blinded_rsa_signature)

    {

      GNUNET_break (0);

      GNUNET_free (blind_sig);

      return NULL;

    }

    return blind_sig;

  case GNUNET_CRYPTO_BSA_CS:

    {

      struct GNUNET_CRYPTO_CsRSecret r[2];


      GNUNET_CRYPTO_cs_r_derive (

        &blinded_message->details.cs_blinded_message.nonce,

        salt,

        &bsign_priv->details.cs_private_key,

        r);

      GNUNET_CRYPTO_cs_sign_derive (

        &bsign_priv->details.cs_private_key,

        r,

        &blinded_message->details.cs_blinded_message,

        &blind_sig->details.blinded_cs_answer);

    }

    return blind_sig;

  }

  GNUNET_break (0);

  return NULL;

}


struct GNUNET_CRYPTO_UnblindedSignature *

GNUNET_CRYPTO_blind_sig_unblind (

  const struct GNUNET_CRYPTO_BlindedSignature *blinded_sig,

  const union GNUNET_CRYPTO_BlindingSecretP *bks,

  const void *message,

  size_t message_size,

  const struct GNUNET_CRYPTO_BlindingInputValues *alg_values,

  const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub)

{

  struct GNUNET_CRYPTO_UnblindedSignature *ub_sig;


  if (blinded_sig->cipher != bsign_pub->cipher)

  {

    GNUNET_break (0);

    return NULL;

  }

  if (blinded_sig->cipher != alg_values->cipher)

  {

    GNUNET_break (0);

    return NULL;

  }

  ub_sig = GNUNET_new (struct GNUNET_CRYPTO_UnblindedSignature);

  ub_sig->cipher = blinded_sig->cipher;

  ub_sig->rc = 1;

  switch (bsign_pub->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    GNUNET_free (ub_sig);

    return NULL;

  case GNUNET_CRYPTO_BSA_RSA:

    ub_sig->details.rsa_signature

      = GNUNET_CRYPTO_rsa_unblind (

          blinded_sig->details.blinded_rsa_signature,

          &bks->rsa_bks,

          bsign_pub->details.rsa_public_key);

    if (NULL == ub_sig->details.rsa_signature)

    {

      GNUNET_break (0);

      GNUNET_free (ub_sig);

      return NULL;

    }

    return ub_sig;

  case GNUNET_CRYPTO_BSA_CS:

    {

      struct GNUNET_CRYPTO_CsBlindingSecret bs[2];

      struct GNUNET_CRYPTO_CsC c[2];

      struct GNUNET_CRYPTO_CSPublicRPairP r_pub_blind;

      unsigned int b;


      GNUNET_CRYPTO_cs_blinding_secrets_derive (&bks->nonce,

                                                bs);

      GNUNET_CRYPTO_cs_calc_blinded_c (

        bs,

        alg_values->details.cs_values.r_pub,

        &bsign_pub->details.cs_public_key,

        message,

        message_size,

        c,

        &r_pub_blind);

      b = blinded_sig->details.blinded_cs_answer.b;

      ub_sig->details.cs_signature.r_point

        = r_pub_blind.r_pub[b];

      GNUNET_CRYPTO_cs_unblind (

        &blinded_sig->details.blinded_cs_answer.s_scalar,

        &bs[b],

        &ub_sig->details.cs_signature.s_scalar);

      return ub_sig;

    }

  }

  GNUNET_break (0);

  GNUNET_free (ub_sig);

  return NULL;

}


enum GNUNET_GenericReturnValue

GNUNET_CRYPTO_blind_sig_verify (

  const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub,

  const struct GNUNET_CRYPTO_UnblindedSignature *ub_sig,

  const void *message,

  size_t message_size)

{

  if (bsign_pub->cipher != ub_sig->cipher)

  {

    GNUNET_break (0);

    return GNUNET_SYSERR;

  }

  switch (bsign_pub->cipher)

  {

  case GNUNET_CRYPTO_BSA_INVALID:

    GNUNET_break (0);

    return GNUNET_NO;

  case GNUNET_CRYPTO_BSA_RSA:

    if (GNUNET_OK !=

        GNUNET_CRYPTO_rsa_verify (message,

                                  message_size,

                                  ub_sig->details.rsa_signature,

                                  bsign_pub->details.rsa_public_key))

    {

      GNUNET_break_op (0);

      return GNUNET_NO;

    }

    return GNUNET_YES;

  case GNUNET_CRYPTO_BSA_CS:

    if (GNUNET_OK !=

        GNUNET_CRYPTO_cs_verify (&ub_sig->details.cs_signature,

                                 &bsign_pub->details.cs_public_key,

                                 message,

                                 message_size))

    {

      GNUNET_break_op (0);

      return GNUNET_NO;

    }

    return GNUNET_YES;

  }

  GNUNET_break (0);

  return GNUNET_NO;

}


/* end of crypto_blind_sign.c */

ret
static int ret
Final status code.
Definition: gnunet-arm.c:93

pub
static struct GNUNET_CRYPTO_EddsaPublicKey pub
Definition: gnunet-scrypt.c:47

salt
static struct GNUNET_CRYPTO_PowSalt salt
Salt for PoW calculations.
Definition: gnunet-scrypt.c:34

gnunet_util_lib.h

GNUNET_CRYPTO_hash
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41

GNUNET_CRYPTO_bsign_priv_incref
struct GNUNET_CRYPTO_BlindSignPrivateKey * GNUNET_CRYPTO_bsign_priv_incref(struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv)
Increment reference counter of the given bsign_priv.
Definition: crypto_blind_sign.c:216

GNUNET_CRYPTO_blinded_message_decref
void GNUNET_CRYPTO_blinded_message_decref(struct GNUNET_CRYPTO_BlindedMessage *bm)
Decrement reference counter of a bm, and free it if it reaches zero.
Definition: crypto_blind_sign.c:166

GNUNET_CRYPTO_blind_sign_keys_create
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_blind_sign_keys_create(struct GNUNET_CRYPTO_BlindSignPrivateKey **bsign_priv, struct GNUNET_CRYPTO_BlindSignPublicKey **bsign_pub, enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher,...)
Initialize public-private key pair for blind signatures.
Definition: crypto_blind_sign.c:343

GNUNET_CRYPTO_rsa_signature_free
void GNUNET_CRYPTO_rsa_signature_free(struct GNUNET_CRYPTO_RsaSignature *sig)
Free memory occupied by signature.
Definition: crypto_rsa.c:1015

GNUNET_CRYPTO_rsa_blind
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_rsa_blind(const void *message, size_t message_size, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey, struct GNUNET_CRYPTO_RsaBlindedMessage *bm)
Blinds the given message with the given blinding key.
Definition: crypto_rsa.c:807

GNUNET_CRYPTO_blind_sig_incref
struct GNUNET_CRYPTO_BlindedSignature * GNUNET_CRYPTO_blind_sig_incref(struct GNUNET_CRYPTO_BlindedSignature *blind_sig)
Increment reference counter of the given blind_sig.
Definition: crypto_blind_sign.c:233

GNUNET_CRYPTO_cs_r_get_public
void GNUNET_CRYPTO_cs_r_get_public(const struct GNUNET_CRYPTO_CsRSecret *r_priv, struct GNUNET_CRYPTO_CsRPublic *r_pub)
Extract the public R of the given secret r.
Definition: crypto_cs.c:98

GNUNET_CRYPTO_rsa_private_key_create
struct GNUNET_CRYPTO_RsaPrivateKey * GNUNET_CRYPTO_rsa_private_key_create(unsigned int len)
Create a new private key.
Definition: crypto_rsa.c:144

GNUNET_CRYPTO_rsa_private_key_free
void GNUNET_CRYPTO_rsa_private_key_free(struct GNUNET_CRYPTO_RsaPrivateKey *key)
Free memory occupied by the private key.
Definition: crypto_rsa.c:173

GNUNET_CRYPTO_bsign_pub_cmp
int GNUNET_CRYPTO_bsign_pub_cmp(const struct GNUNET_CRYPTO_BlindSignPublicKey *bp1, const struct GNUNET_CRYPTO_BlindSignPublicKey *bp2)
Compare two denomination public keys.
Definition: crypto_blind_sign.c:242

GNUNET_CRYPTO_blind_sig_unblind
struct GNUNET_CRYPTO_UnblindedSignature * GNUNET_CRYPTO_blind_sig_unblind(const struct GNUNET_CRYPTO_BlindedSignature *blinded_sig, const union GNUNET_CRYPTO_BlindingSecretP *bks, const void *message, size_t message_size, const struct GNUNET_CRYPTO_BlindingInputValues *alg_values, const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub)
Unblind blind signature.
Definition: crypto_blind_sign.c:592

GNUNET_CRYPTO_blind_sign
struct GNUNET_CRYPTO_BlindedSignature * GNUNET_CRYPTO_blind_sign(const struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv, const char *salt, const struct GNUNET_CRYPTO_BlindedMessage *blinded_message)
Create blind signature.
Definition: crypto_blind_sign.c:535

GNUNET_CRYPTO_cs_r_derive
void GNUNET_CRYPTO_cs_r_derive(const struct GNUNET_CRYPTO_CsSessionNonce *nonce, const char *seed, const struct GNUNET_CRYPTO_CsPrivateKey *lts, struct GNUNET_CRYPTO_CsRSecret r[2])
Derive a new secret r pair r0 and r1.
Definition: crypto_cs.c:79

GNUNET_CRYPTO_BlindSignatureAlgorithm
GNUNET_CRYPTO_BlindSignatureAlgorithm
Types of public keys used for blind signatures.
Definition: gnunet_crypto_lib.h:4013

GNUNET_CRYPTO_ub_sig_incref
struct GNUNET_CRYPTO_UnblindedSignature * GNUNET_CRYPTO_ub_sig_incref(struct GNUNET_CRYPTO_UnblindedSignature *ub_sig)
Increment reference counter of the given ub_sig.
Definition: crypto_blind_sign.c:225

GNUNET_CRYPTO_ub_sig_cmp
int GNUNET_CRYPTO_ub_sig_cmp(const struct GNUNET_CRYPTO_UnblindedSignature *sig1, const struct GNUNET_CRYPTO_UnblindedSignature *sig2)
Compare two denomination signatures.
Definition: crypto_blind_sign.c:266

GNUNET_CRYPTO_message_blind_to_sign
struct GNUNET_CRYPTO_BlindedMessage * GNUNET_CRYPTO_message_blind_to_sign(const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub, const union GNUNET_CRYPTO_BlindingSecretP *bks, const union GNUNET_CRYPTO_BlindSessionNonce *nonce, const void *message, size_t message_size, const struct GNUNET_CRYPTO_BlindingInputValues *alg_values)
Blind message for blind signing with dk using blinding secret coin_bks.
Definition: crypto_blind_sign.c:470

GNUNET_CRYPTO_blinded_message_cmp
int GNUNET_CRYPTO_blinded_message_cmp(const struct GNUNET_CRYPTO_BlindedMessage *bp1, const struct GNUNET_CRYPTO_BlindedMessage *bp2)
Compare two blinded messages.
Definition: crypto_blind_sign.c:314

GNUNET_CRYPTO_rsa_signature_cmp
int GNUNET_CRYPTO_rsa_signature_cmp(const struct GNUNET_CRYPTO_RsaSignature *s1, const struct GNUNET_CRYPTO_RsaSignature *s2)
Compare the values of two signatures.
Definition: crypto_rsa.c:602

GNUNET_CRYPTO_blind_sig_cmp
int GNUNET_CRYPTO_blind_sig_cmp(const struct GNUNET_CRYPTO_BlindedSignature *sig1, const struct GNUNET_CRYPTO_BlindedSignature *sig2)
Compare two blinded denomination signatures.
Definition: crypto_blind_sign.c:290

GNUNET_CRYPTO_cs_private_key_get_public
void GNUNET_CRYPTO_cs_private_key_get_public(const struct GNUNET_CRYPTO_CsPrivateKey *priv, struct GNUNET_CRYPTO_CsPublicKey *pub)
Extract the public key of the given private key.
Definition: crypto_cs.c:52

GNUNET_CRYPTO_cs_unblind
void GNUNET_CRYPTO_cs_unblind(const struct GNUNET_CRYPTO_CsBlindS *blinded_signature_scalar, const struct GNUNET_CRYPTO_CsBlindingSecret *bs, struct GNUNET_CRYPTO_CsS *signature_scalar)
Unblind a blind-signed signature using a c that was blinded.
Definition: crypto_cs.c:318

GNUNET_CRYPTO_blind_sign_keys_create_va
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_blind_sign_keys_create_va(struct GNUNET_CRYPTO_BlindSignPrivateKey **bsign_priv, struct GNUNET_CRYPTO_BlindSignPublicKey **bsign_pub, enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher, va_list ap)
Initialize public-private key pair for blind signatures.
Definition: crypto_blind_sign.c:364

GNUNET_CRYPTO_rsa_public_key_hash
void GNUNET_CRYPTO_rsa_public_key_hash(const struct GNUNET_CRYPTO_RsaPublicKey *key, struct GNUNET_HashCode *hc)
Compute hash over the public key.
Definition: crypto_rsa.c:407

GNUNET_CRYPTO_rsa_public_key_free
void GNUNET_CRYPTO_rsa_public_key_free(struct GNUNET_CRYPTO_RsaPublicKey *key)
Free memory occupied by the public key.
Definition: crypto_rsa.c:268

GNUNET_CRYPTO_cs_calc_blinded_c
void GNUNET_CRYPTO_cs_calc_blinded_c(const struct GNUNET_CRYPTO_CsBlindingSecret bs[2], const struct GNUNET_CRYPTO_CsRPublic r_pub[2], const struct GNUNET_CRYPTO_CsPublicKey *pub, const void *msg, size_t msg_len, struct GNUNET_CRYPTO_CsC blinded_c[2], struct GNUNET_CRYPTO_CSPublicRPairP *r_pub_blind)
Calculate two blinded c's.
Definition: crypto_cs.c:240

GNUNET_CRYPTO_blinding_input_values_decref
void GNUNET_CRYPTO_blinding_input_values_decref(struct GNUNET_CRYPTO_BlindingInputValues *bm)
Decrement reference counter of the given bi, and free it if it reaches zero.
Definition: crypto_blind_sign.c:26

GNUNET_memcmp
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
Definition: gnunet_common.h:1246

GNUNET_CRYPTO_blind_sig_verify
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_blind_sig_verify(const struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub, const struct GNUNET_CRYPTO_UnblindedSignature *ub_sig, const void *message, size_t message_size)
Verify signature made blindly.
Definition: crypto_blind_sign.c:668

GNUNET_CRYPTO_blinding_input_values_incref
struct GNUNET_CRYPTO_BlindingInputValues * GNUNET_CRYPTO_blinding_input_values_incref(struct GNUNET_CRYPTO_BlindingInputValues *bm)
Increment reference counter of the given bi.
Definition: crypto_blind_sign.c:198

GNUNET_CRYPTO_unblinded_sig_decref
void GNUNET_CRYPTO_unblinded_sig_decref(struct GNUNET_CRYPTO_UnblindedSignature *ub_sig)
Decrement reference counter of a ub_sig, and free it if it reaches zero.
Definition: crypto_blind_sign.c:107

GNUNET_CRYPTO_rsa_sign_blinded
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_sign_blinded(const struct GNUNET_CRYPTO_RsaPrivateKey *key, const struct GNUNET_CRYPTO_RsaBlindedMessage *bm)
Sign a blinded value, which must be a full domain hash of a message.
Definition: crypto_rsa.c:970

GNUNET_CRYPTO_blinded_message_incref
struct GNUNET_CRYPTO_BlindedMessage * GNUNET_CRYPTO_blinded_message_incref(struct GNUNET_CRYPTO_BlindedMessage *bm)
Increment reference counter of the given bm.
Definition: crypto_blind_sign.c:189

GNUNET_CRYPTO_blinded_sig_decref
void GNUNET_CRYPTO_blinded_sig_decref(struct GNUNET_CRYPTO_BlindedSignature *blind_sig)
Decrement reference counter of a blind_sig, and free it if it reaches zero.
Definition: crypto_blind_sign.c:136

GNUNET_CRYPTO_cs_verify
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_cs_verify(const struct GNUNET_CRYPTO_CsSignature *sig, const struct GNUNET_CRYPTO_CsPublicKey *pub, const void *msg, size_t msg_len)
Verify whether the given message corresponds to the given signature and the signature is valid with r...
Definition: crypto_cs.c:330

GNUNET_GenericReturnValue
GNUNET_GenericReturnValue
Named constants for return values.
Definition: gnunet_common.h:108

GNUNET_CRYPTO_bsign_pub_incref
struct GNUNET_CRYPTO_BlindSignPublicKey * GNUNET_CRYPTO_bsign_pub_incref(struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub)
Increment reference counter of the given bsign_pub.
Definition: crypto_blind_sign.c:207

GNUNET_CRYPTO_rsa_unblind
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_unblind(const struct GNUNET_CRYPTO_RsaSignature *sig, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey)
Unblind a blind-signed signature.
Definition: crypto_rsa.c:1118

GNUNET_CRYPTO_rsa_private_key_get_public
struct GNUNET_CRYPTO_RsaPublicKey * GNUNET_CRYPTO_rsa_private_key_get_public(const struct GNUNET_CRYPTO_RsaPrivateKey *priv)
Extract the public key of the given private key.
Definition: crypto_rsa.c:233

GNUNET_CRYPTO_blind_sign_pub_decref
void GNUNET_CRYPTO_blind_sign_pub_decref(struct GNUNET_CRYPTO_BlindSignPublicKey *bsign_pub)
Decrement reference counter of a bsign_pub, and free it if it reaches zero.
Definition: crypto_blind_sign.c:79

GNUNET_CRYPTO_cs_sign_derive
void GNUNET_CRYPTO_cs_sign_derive(const struct GNUNET_CRYPTO_CsPrivateKey *priv, const struct GNUNET_CRYPTO_CsRSecret r[2], const struct GNUNET_CRYPTO_CsBlindedMessage *bm, struct GNUNET_CRYPTO_CsBlindSignature *cs_blind_sig)
Sign a blinded c.
Definition: crypto_cs.c:284

GNUNET_CRYPTO_cs_private_key_generate
void GNUNET_CRYPTO_cs_private_key_generate(struct GNUNET_CRYPTO_CsPrivateKey *priv)
Create a new random private key.
Definition: crypto_cs.c:45

GNUNET_CRYPTO_blind_sign_priv_decref
void GNUNET_CRYPTO_blind_sign_priv_decref(struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv)
Decrement reference counter of a bsign_priv, and free it if it reaches zero.
Definition: crypto_blind_sign.c:50

GNUNET_CRYPTO_rsa_verify
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_rsa_verify(const void *message, size_t message_size, const struct GNUNET_CRYPTO_RsaSignature *sig, const struct GNUNET_CRYPTO_RsaPublicKey *public_key)
Verify whether the given hash corresponds to the given signature and the signature is valid with resp...
Definition: crypto_rsa.c:1199

GNUNET_CRYPTO_get_blinding_input_values
struct GNUNET_CRYPTO_BlindingInputValues * GNUNET_CRYPTO_get_blinding_input_values(const struct GNUNET_CRYPTO_BlindSignPrivateKey *bsign_priv, const union GNUNET_CRYPTO_BlindSessionNonce *nonce, const char *salt)
Compute blinding input values for a given nonce and salt.
Definition: crypto_blind_sign.c:430

GNUNET_CRYPTO_cs_blinding_secrets_derive
void GNUNET_CRYPTO_cs_blinding_secrets_derive(const struct GNUNET_CRYPTO_CsBlindingNonce *blind_seed, struct GNUNET_CRYPTO_CsBlindingSecret bs[2])
Derives new random blinding factors.
Definition: crypto_cs.c:108

GNUNET_CRYPTO_BSA_INVALID
@ GNUNET_CRYPTO_BSA_INVALID
Invalid type of signature.
Definition: gnunet_crypto_lib.h:4018

GNUNET_CRYPTO_BSA_CS
@ GNUNET_CRYPTO_BSA_CS
Clause Blind Schnorr signature.
Definition: gnunet_crypto_lib.h:4028

GNUNET_CRYPTO_BSA_RSA
@ GNUNET_CRYPTO_BSA_RSA
RSA blind signature.
Definition: gnunet_crypto_lib.h:4023

GNUNET_OK
@ GNUNET_OK
Definition: gnunet_common.h:111

GNUNET_YES
@ GNUNET_YES
Definition: gnunet_common.h:113

GNUNET_NO
@ GNUNET_NO
Definition: gnunet_common.h:110

GNUNET_SYSERR
@ GNUNET_SYSERR
Definition: gnunet_common.h:109

GNUNET_break_op
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
Definition: gnunet_common.h:1063

GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:956

GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
Definition: gnunet_common.h:1041

GNUNET_new
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition: gnunet_common.h:1236

GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1411

platform.h

GNUNET_CRYPTO_BlindSignPrivateKey
Type of private signing keys for blind signing.
Definition: gnunet_crypto_lib.h:4151

GNUNET_CRYPTO_BlindSignPrivateKey::cs_private_key
struct GNUNET_CRYPTO_CsPrivateKey cs_private_key
If we use GNUNET_CRYPTO_BSA_CS in cipher.
Definition: gnunet_crypto_lib.h:4171

GNUNET_CRYPTO_BlindSignPrivateKey::rc
unsigned int rc
Reference counter.
Definition: gnunet_crypto_lib.h:4161

GNUNET_CRYPTO_BlindSignPrivateKey::rsa_private_key
struct GNUNET_CRYPTO_RsaPrivateKey * rsa_private_key
If we use GNUNET_CRYPTO_BSA_RSA in cipher.
Definition: gnunet_crypto_lib.h:4176

GNUNET_CRYPTO_BlindSignPrivateKey::cipher
enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher
Type of the public key.
Definition: gnunet_crypto_lib.h:4156

GNUNET_CRYPTO_BlindSignPrivateKey::details
union GNUNET_CRYPTO_BlindSignPrivateKey::@17 details
Details, depending on cipher.

GNUNET_CRYPTO_BlindSignPublicKey
Type of public signing keys for blind signatures.
Definition: gnunet_crypto_lib.h:4111

GNUNET_CRYPTO_BlindSignPublicKey::details
union GNUNET_CRYPTO_BlindSignPublicKey::@16 details
Details, depending on cipher.

GNUNET_CRYPTO_BlindSignPublicKey::rc
unsigned int rc
Reference counter.
Definition: gnunet_crypto_lib.h:4121

GNUNET_CRYPTO_BlindSignPublicKey::pub_key_hash
struct GNUNET_HashCode pub_key_hash
Hash of the public key.
Definition: gnunet_crypto_lib.h:4126

GNUNET_CRYPTO_BlindSignPublicKey::cs_public_key
struct GNUNET_CRYPTO_CsPublicKey cs_public_key
If we use GNUNET_CRYPTO_BSA_CS in cipher.
Definition: gnunet_crypto_lib.h:4136

GNUNET_CRYPTO_BlindSignPublicKey::cipher
enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher
Type of the public key.
Definition: gnunet_crypto_lib.h:4116

GNUNET_CRYPTO_BlindSignPublicKey::rsa_public_key
struct GNUNET_CRYPTO_RsaPublicKey * rsa_public_key
If we use GNUNET_CRYPTO_BSA_RSA in cipher.
Definition: gnunet_crypto_lib.h:4141

GNUNET_CRYPTO_BlindedMessage
Blinded message ready for blind signing.
Definition: gnunet_crypto_lib.h:4186

GNUNET_CRYPTO_BlindedMessage::rc
unsigned int rc
Reference counter.
Definition: gnunet_crypto_lib.h:4195

GNUNET_CRYPTO_BlindedMessage::cipher
enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher
Type of the sign blinded message.
Definition: gnunet_crypto_lib.h:4190

GNUNET_CRYPTO_BlindedMessage::cs_blinded_message
struct GNUNET_CRYPTO_CsBlindedMessage cs_blinded_message
If we use GNUNET_CRYPTO_BSA_CS in cipher.
Definition: gnunet_crypto_lib.h:4205

GNUNET_CRYPTO_BlindedMessage::details
union GNUNET_CRYPTO_BlindedMessage::@18 details
Details, depending on cipher.

GNUNET_CRYPTO_BlindedMessage::rsa_blinded_message
struct GNUNET_CRYPTO_RsaBlindedMessage rsa_blinded_message
If we use GNUNET_CRYPTO_BSA_RSA in cipher.
Definition: gnunet_crypto_lib.h:4210

GNUNET_CRYPTO_BlindedSignature
Type for blinded signatures.
Definition: gnunet_crypto_lib.h:4073

GNUNET_CRYPTO_BlindedSignature::rc
unsigned int rc
Reference counter.
Definition: gnunet_crypto_lib.h:4083

GNUNET_CRYPTO_BlindedSignature::blinded_cs_answer
struct GNUNET_CRYPTO_CsBlindSignature blinded_cs_answer
If we use GNUNET_CRYPTO_BSA_CS in cipher.
Definition: gnunet_crypto_lib.h:4095

GNUNET_CRYPTO_BlindedSignature::details
union GNUNET_CRYPTO_BlindedSignature::@15 details
Details, depending on cipher.

GNUNET_CRYPTO_BlindedSignature::cipher
enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher
Type of the signature.
Definition: gnunet_crypto_lib.h:4078

GNUNET_CRYPTO_BlindedSignature::blinded_rsa_signature
struct GNUNET_CRYPTO_RsaSignature * blinded_rsa_signature
If we use GNUNET_CRYPTO_BSA_RSA in cipher.
Definition: gnunet_crypto_lib.h:4100

GNUNET_CRYPTO_BlindingInputValues
Input needed for blinding a message.
Definition: gnunet_crypto_lib.h:4229

GNUNET_CRYPTO_BlindingInputValues::rc
unsigned int rc
Reference counter.
Definition: gnunet_crypto_lib.h:4239

GNUNET_CRYPTO_BlindingInputValues::cs_values
struct GNUNET_CRYPTO_CSPublicRPairP cs_values
If we use GNUNET_CRYPTO_BSA_CS in cipher.
Definition: gnunet_crypto_lib.h:4249

GNUNET_CRYPTO_BlindingInputValues::details
union GNUNET_CRYPTO_BlindingInputValues::@19 details
Details, depending on cipher.

GNUNET_CRYPTO_BlindingInputValues::cipher
enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher
Type of the signature.
Definition: gnunet_crypto_lib.h:4234

GNUNET_CRYPTO_CSPublicRPairP
Pair of Public R values for Cs denominations.
Definition: gnunet_crypto_lib.h:3907

GNUNET_CRYPTO_CSPublicRPairP::r_pub
struct GNUNET_CRYPTO_CsRPublic r_pub[2]
Definition: gnunet_crypto_lib.h:3908

GNUNET_CRYPTO_CsBlindSignature::s_scalar
struct GNUNET_CRYPTO_CsBlindS s_scalar
The blinded s scalar calculated from c_b.
Definition: gnunet_crypto_lib.h:3951

GNUNET_CRYPTO_CsBlindSignature::b
unsigned int b
To make ROS problem harder, the signer chooses an unpredictable b and only calculates signature of c_...
Definition: gnunet_crypto_lib.h:3946

GNUNET_CRYPTO_CsBlindedMessage::c
struct GNUNET_CRYPTO_CsC c[2]
The Clause Schnorr c_0 and c_1 containing the blinded message.
Definition: gnunet_crypto_lib.h:3893

GNUNET_CRYPTO_CsBlindedMessage::nonce
struct GNUNET_CRYPTO_CsSessionNonce nonce
Nonce used in initial request.
Definition: gnunet_crypto_lib.h:3898

GNUNET_CRYPTO_CsBlindingSecret
Secret used for blinding (alpha and beta).
Definition: gnunet_crypto_lib.h:628

GNUNET_CRYPTO_CsC
Schnorr c to be signed.
Definition: gnunet_crypto_lib.h:656

GNUNET_CRYPTO_CsRSecret
the private r used in the signature
Definition: gnunet_crypto_lib.h:638

GNUNET_CRYPTO_CsSignature::s_scalar
struct GNUNET_CRYPTO_CsS s_scalar
Schnorr signatures are composed of a scalar s and a curve point.
Definition: gnunet_crypto_lib.h:687

GNUNET_CRYPTO_CsSignature::r_point
struct GNUNET_CRYPTO_CsRPublic r_point
Curve point of the Schnorr signature.
Definition: gnunet_crypto_lib.h:692

GNUNET_CRYPTO_RsaBlindedMessage::blinded_msg_size
size_t blinded_msg_size
Size of the blinded_msg to be signed.
Definition: gnunet_crypto_lib.h:3674

GNUNET_CRYPTO_RsaBlindedMessage::blinded_msg
void * blinded_msg
Blinded message to be signed Note: is malloc()'ed!
Definition: gnunet_crypto_lib.h:3669

GNUNET_CRYPTO_UnblindedSignature
Type of (unblinded) signatures.
Definition: gnunet_crypto_lib.h:4036

GNUNET_CRYPTO_UnblindedSignature::rsa_signature
struct GNUNET_CRYPTO_RsaSignature * rsa_signature
If we use GNUNET_CRYPTO_BSA_RSA in cipher.
Definition: gnunet_crypto_lib.h:4061

GNUNET_CRYPTO_UnblindedSignature::rc
unsigned int rc
Reference counter.
Definition: gnunet_crypto_lib.h:4046

GNUNET_CRYPTO_UnblindedSignature::details
union GNUNET_CRYPTO_UnblindedSignature::@14 details
Details, depending on cipher.

GNUNET_CRYPTO_UnblindedSignature::cs_signature
struct GNUNET_CRYPTO_CsSignature cs_signature
If we use GNUNET_CRYPTO_BSA_CS in cipher.
Definition: gnunet_crypto_lib.h:4056

GNUNET_CRYPTO_UnblindedSignature::cipher
enum GNUNET_CRYPTO_BlindSignatureAlgorithm cipher
Type of the signature.
Definition: gnunet_crypto_lib.h:4041

GNUNET_CRYPTO_BlindSessionNonce
Nonce used to deterministiacally derive input values used in multi-round blind signature protocols.
Definition: gnunet_crypto_lib.h:4261

GNUNET_CRYPTO_BlindSessionNonce::cs_nonce
struct GNUNET_CRYPTO_CsSessionNonce cs_nonce
Nonce used when signing with CS.
Definition: gnunet_crypto_lib.h:4265

GNUNET_CRYPTO_BlindingSecretP
Type of blinding secrets.
Definition: gnunet_crypto_lib.h:4508

GNUNET_CRYPTO_BlindingSecretP::nonce
struct GNUNET_CRYPTO_CsBlindingNonce nonce
Clause Schnorr nonce.
Definition: gnunet_crypto_lib.h:4512

GNUNET_CRYPTO_BlindingSecretP::rsa_bks
struct GNUNET_CRYPTO_RsaBlindingKeySecret rsa_bks
Variant for RSA for blind signatures.
Definition: gnunet_crypto_lib.h:4517