34 #define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-rsa", __VA_ARGS__)
105 if (! (
list = gcry_sexp_find_token (sexp, topname, 0)))
107 l2 = gcry_sexp_cadr (
list);
108 gcry_sexp_release (
list);
113 for (s = elems; *s; s++, idx++)
115 if (! (l2 = gcry_sexp_find_token (
list, s, 1)))
117 for (
unsigned int i = 0; i < idx; i++)
119 gcry_free (array[i]);
122 gcry_sexp_release (
list);
125 array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
126 gcry_sexp_release (l2);
129 for (
unsigned int i = 0; i < idx; i++)
131 gcry_free (array[i]);
134 gcry_sexp_release (
list);
138 gcry_sexp_release (
list);
148 gcry_sexp_t s_keyparam;
153 gcry_sexp_build (&s_keyparam,
155 "(genkey(rsa(nbits %d)))",
158 gcry_pk_genkey (&s_key,
160 gcry_sexp_release (s_keyparam);
163 gcry_pk_testkey (s_key));
175 gcry_sexp_release (
key->sexp);
188 n = gcry_sexp_sprint (
key->sexp,
189 GCRYSEXP_FMT_DEFAULT,
194 gcry_sexp_sprint (
key->sexp,
195 GCRYSEXP_FMT_DEFAULT,
211 gcry_sexp_new (&
key->sexp,
217 "Decoded private key is not valid\n");
221 if (0 != gcry_pk_testkey (
key->sexp))
224 "Decoded private key is not valid\n");
253 rc = gcry_sexp_build (&
result,
255 "(public-key(rsa(n %m)(e %m)))",
258 gcry_mpi_release (ne[0]);
259 gcry_mpi_release (ne[1]);
270 gcry_sexp_release (
key->sexp);
318 gcry_mpi_release (ne[0]);
319 gcry_mpi_release (ne[1]);
353 gcry_mpi_print (GCRYMPI_FMT_USG,
358 gcry_mpi_print (GCRYMPI_FMT_USG,
363 if ( (e_size > UINT16_MAX) ||
364 (n_size > UINT16_MAX) )
369 gcry_mpi_release (ne[0]);
370 gcry_mpi_release (ne[1]);
373 buf_size = n_size + e_size +
sizeof (hdr);
376 gcry_mpi_release (ne[0]);
377 gcry_mpi_release (ne[1]);
387 gcry_mpi_print (GCRYMPI_FMT_USG,
388 (
unsigned char *) &
buf[
sizeof (hdr)],
394 gcry_mpi_print (GCRYMPI_FMT_USG,
395 (
unsigned char *) &
buf[
sizeof (hdr) + n_size],
400 gcry_mpi_release (ne[0]);
401 gcry_mpi_release (ne[1]);
434 if (
len <
sizeof (hdr))
439 memcpy (&hdr,
buf,
sizeof (hdr));
442 if (
len !=
sizeof (hdr) + e_size + n_size)
460 &
buf[
sizeof (hdr) + n_size],
465 gcry_mpi_release (n);
470 gcry_sexp_build (&
data,
472 "(public-key(rsa(n %m)(e %m)))",
477 gcry_mpi_release (n);
478 gcry_mpi_release (
e);
481 gcry_mpi_release (n);
482 gcry_mpi_release (
e);
507 g = gcry_mpi_new (0);
508 t = gcry_mpi_gcd (g, r, n);
509 gcry_mpi_release (g);
525 const char *xts =
"Blinding KDF extractor HMAC key";
539 gcry_mpi_get_flag (n,
540 GCRYMPI_FLAG_OPAQUE));
549 gcry_mpi_release (blind->
r);
553 gcry_mpi_release (n);
690 rval = gcry_mpi_get_nbits (n);
691 gcry_mpi_release (n);
704 gcry_mpi_release (bkey->
r);
724 gcry_mpi_print (GCRYMPI_FMT_USG,
731 gcry_mpi_print (GCRYMPI_FMT_USG,
765 GNUNET_assert (0 == gcry_mpi_get_flag (n, GCRYMPI_FLAG_OPAQUE));
781 gcry_mpi_release (n);
784 gcry_mpi_release (
r);
820 goto rsa_gcd_validate_failure;
825 gcry_mpi_release (
data);
826 goto rsa_gcd_validate_failure;
829 r_e = gcry_mpi_new (0);
834 data_r_e = gcry_mpi_new (0);
835 gcry_mpi_mulm (data_r_e,
839 gcry_mpi_release (
data);
840 gcry_mpi_release (ne[0]);
841 gcry_mpi_release (ne[1]);
842 gcry_mpi_release (r_e);
847 gcry_mpi_release (data_r_e);
853 rsa_gcd_validate_failure:
856 gcry_mpi_release (ne[0]);
857 gcry_mpi_release (ne[1]);
873 gcry_sexp_t
data = NULL;
876 gcry_sexp_build (&
data,
878 "(data (flags raw) (value %M))",
903 (rc = gcry_pk_sign (&
result,
908 _ (
"RSA signing failed at %s:%d: %s\n"),
912 gcry_sexp_release (
data);
920 #if GCRYPT_VERSION_NUMBER < 0x010604
931 gcry_sexp_release (
data);
932 gcry_sexp_release (
result);
939 gcry_sexp_release (
data);
964 gcry_mpi_release (v);
985 gcry_mpi_release (v);
993 gcry_sexp_release (sig->
sexp);
1019 gcry_mpi_print (GCRYMPI_FMT_USG,
1026 gcry_mpi_print (GCRYMPI_FMT_USG,
1032 *buffer = (
void *)
buf;
1033 gcry_mpi_release (s);
1058 gcry_sexp_build (&
data,
1060 "(sig-val(rsa(s %M)))",
1064 gcry_mpi_release (s);
1067 gcry_mpi_release (s);
1078 gcry_sexp_t dup_sexp;
1082 dup_sexp = gcry_sexp_find_token (
key->sexp,
"public-key", 0);
1084 gcry_sexp_release (dup_sexp);
1086 GNUNET_assert (0 == gcry_sexp_build (&dup_sexp, &erroff,
"%S",
key->sexp));
1088 dup->
sexp = dup_sexp;
1121 gcry_mpi_release (n);
1134 gcry_mpi_release (n);
1135 gcry_mpi_release (s);
1139 r_inv = gcry_mpi_new (0);
1141 gcry_mpi_invm (r_inv,
1148 gcry_mpi_release (r_inv);
1150 gcry_mpi_release (n);
1151 gcry_mpi_release (s);
1155 ubsig = gcry_mpi_new (0);
1156 gcry_mpi_mulm (ubsig, s, r_inv, n);
1157 gcry_mpi_release (n);
1158 gcry_mpi_release (r_inv);
1159 gcry_mpi_release (s);
1164 gcry_sexp_build (&sret->
sexp,
1166 "(sig-val (rsa (s %M)))",
1168 gcry_mpi_release (ubsig);
1199 gcry_mpi_release (r);
1201 rc = gcry_pk_verify (sig->
sexp,
1204 gcry_sexp_release (
data);
1208 _ (
"RSA signature verification failed at %s:%d: %s\n"),
1211 gcry_strerror (rc));
1225 gcry_sexp_t dup_sexp;
1229 dup_sexp = gcry_sexp_find_token (
key->sexp,
"private-key", 0);
1231 gcry_sexp_release (dup_sexp);
1233 GNUNET_assert (0 == gcry_sexp_build (&dup_sexp, &erroff,
"%S",
key->sexp));
1235 dup->
sexp = dup_sexp;
1244 gcry_sexp_t dup_sexp;
1254 gcry_mpi_release (s);
1258 dup->
sexp = dup_sexp;
struct GNUNET_MessageHeader * msg
benchmarking for various operations
#define BENCHMARK_START(opname)
#define BENCHMARK_END(opname)
static int key_from_sexp(gcry_mpi_t *array, gcry_sexp_t sexp, const char *topname, const char *elems)
Extract values from an S-expression.
static void rsa_blinding_key_free(struct RsaBlindingKey *bkey)
Destroy a blinding key.
static gcry_sexp_t mpi_to_sexp(gcry_mpi_t value)
Convert an MPI to an S-expression suitable for signature operations.
static struct GNUNET_CRYPTO_RsaSignature * rsa_sign_mpi(const struct GNUNET_CRYPTO_RsaPrivateKey *key, gcry_mpi_t value)
Sign the given MPI.
static gcry_mpi_t rsa_full_domain_hash(const struct GNUNET_CRYPTO_RsaPublicKey *pkey, const struct GNUNET_HashCode *hash)
Computes a full domain hash seeded by the given public key.
static struct RsaBlindingKey * rsa_blinding_key_derive(const struct GNUNET_CRYPTO_RsaPublicKey *pkey, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks)
Create a blinding key.
static int rsa_gcd_validate(gcry_mpi_t r, gcry_mpi_t n)
Test for malicious RSA key.
static size_t numeric_mpi_alloc_n_print(gcry_mpi_t v, char **buffer)
Print an MPI to a newly created buffer.
static int ret
Return value of the commandline.
static int list
Set if we should print a list of currently running services.
static struct Experiment * e
struct GNUNET_HashCode key
The key used in the DHT.
uint32_t data
The data value.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
static char * pkey
Public key of the zone to look in, in ASCII.
static char * value
Value of the record to add/remove.
static int ok
Return value from 'main' (0 == success)
static int result
Global testing status.
static struct GNUNET_CRYPTO_EddsaPublicKey pub
static struct GNUNET_SCHEDULER_Task * t
Main task.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
struct GNUNET_CRYPTO_RsaPublicKey * GNUNET_CRYPTO_rsa_public_key_dup(const struct GNUNET_CRYPTO_RsaPublicKey *key)
Duplicate the given public key.
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won't work on W32.
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_signature_decode(const void *buf, size_t buf_size)
Decode the signature from the data-format back to the "normal", internal format.
void GNUNET_CRYPTO_rsa_signature_free(struct GNUNET_CRYPTO_RsaSignature *sig)
Free memory occupied by signature.
void GNUNET_CRYPTO_rsa_private_key_free(struct GNUNET_CRYPTO_RsaPrivateKey *key)
Free memory occupied by the private key.
void GNUNET_CRYPTO_kdf_mod_mpi(gcry_mpi_t *r, gcry_mpi_t n, const void *xts, size_t xts_len, const void *skm, size_t skm_len, const char *ctx)
Deterministically generate a pseudo-random number uniformly from the integers modulo a libgcrypt mpi.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_rsa_verify(const struct GNUNET_HashCode *hash, const struct GNUNET_CRYPTO_RsaSignature *sig, const struct GNUNET_CRYPTO_RsaPublicKey *pkey)
Verify whether the given hash corresponds to the given signature and the signature is valid with resp...
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_rsa_blind(const struct GNUNET_HashCode *hash, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey, void **buf, size_t *buf_size)
Blinds the given message with the given blinding key.
struct GNUNET_CRYPTO_RsaPrivateKey * GNUNET_CRYPTO_rsa_private_key_decode(const void *buf, size_t buf_size)
Decode the private key from the data-format back to the "normal", internal format.
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_unblind(const struct GNUNET_CRYPTO_RsaSignature *sig, const struct GNUNET_CRYPTO_RsaBlindingKeySecret *bks, struct GNUNET_CRYPTO_RsaPublicKey *pkey)
Unblind a blind-signed signature.
int GNUNET_CRYPTO_rsa_signature_cmp(const struct GNUNET_CRYPTO_RsaSignature *s1, const struct GNUNET_CRYPTO_RsaSignature *s2)
Compare the values of two signatures.
GNUNET_NETWORK_STRUCT_END bool GNUNET_CRYPTO_rsa_public_key_check(const struct GNUNET_CRYPTO_RsaPublicKey *key)
Check if key is well-formed.
unsigned int GNUNET_CRYPTO_rsa_public_key_len(const struct GNUNET_CRYPTO_RsaPublicKey *key)
Obtain the length of the RSA key in bits.
void GNUNET_CRYPTO_rsa_public_key_hash(const struct GNUNET_CRYPTO_RsaPublicKey *key, struct GNUNET_HashCode *hc)
Compute hash over the public key.
void GNUNET_CRYPTO_rsa_public_key_free(struct GNUNET_CRYPTO_RsaPublicKey *key)
Free memory occupied by the public key.
struct GNUNET_CRYPTO_RsaPublicKey * GNUNET_CRYPTO_rsa_public_key_decode(const char *buf, size_t len)
Decode the public key from the data-format back to the "normal", internal format.
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won't work on W32;.
size_t GNUNET_CRYPTO_rsa_public_key_encode(const struct GNUNET_CRYPTO_RsaPublicKey *key, void **buffer)
Encode the public key in a format suitable for storing it into a file.
int GNUNET_CRYPTO_rsa_private_key_cmp(const struct GNUNET_CRYPTO_RsaPrivateKey *p1, const struct GNUNET_CRYPTO_RsaPrivateKey *p2)
Compare the values of two private keys.
size_t GNUNET_CRYPTO_rsa_signature_encode(const struct GNUNET_CRYPTO_RsaSignature *sig, void **buffer)
Encode the given signature in a format suitable for storing it into a file.
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_signature_dup(const struct GNUNET_CRYPTO_RsaSignature *sig)
Duplicate the given rsa signature.
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_sign_fdh(const struct GNUNET_CRYPTO_RsaPrivateKey *key, const struct GNUNET_HashCode *hash)
Create and sign a full domain hash of a message.
int GNUNET_CRYPTO_rsa_public_key_cmp(const struct GNUNET_CRYPTO_RsaPublicKey *p1, const struct GNUNET_CRYPTO_RsaPublicKey *p2)
Compare the values of two public keys.
struct GNUNET_CRYPTO_RsaPublicKey * GNUNET_CRYPTO_rsa_private_key_get_public(const struct GNUNET_CRYPTO_RsaPrivateKey *priv)
Extract the public key of the given private key.
GNUNET_GenericReturnValue
Named constants for return values.
size_t GNUNET_CRYPTO_rsa_private_key_encode(const struct GNUNET_CRYPTO_RsaPrivateKey *key, void **buffer)
Encode the private key in a format suitable for storing it into a file.
struct GNUNET_CRYPTO_RsaPrivateKey * GNUNET_CRYPTO_rsa_private_key_create(unsigned int len)
Create a new private key.
struct GNUNET_CRYPTO_RsaPrivateKey * GNUNET_CRYPTO_rsa_private_key_dup(const struct GNUNET_CRYPTO_RsaPrivateKey *key)
Duplicate the given private key.
#define GNUNET_PACKED
gcc-ism to get packed structs.
struct GNUNET_CRYPTO_RsaSignature * GNUNET_CRYPTO_rsa_sign_blinded(const struct GNUNET_CRYPTO_RsaPrivateKey *key, const void *msg, size_t msg_len)
Sign a blinded value, which must be a full domain hash of a message.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
@ GNUNET_ERROR_TYPE_WARNING
#define GNUNET_new(type)
Allocate a struct or union of the given type.
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
Constant-size pre-secret for blinding key generation.
The private information of an RSA key pair.
gcry_sexp_t sexp
Libgcrypt S-expression for the RSA private key.
The public information of an RSA key pair.
gcry_sexp_t sexp
Libgcrypt S-expression for the RSA public key.
gcry_sexp_t sexp
Libgcrypt S-expression for the RSA signature.
gcry_mpi_t r
Random value used for blinding.