GNUnet  0.10.x
Macros | Functions
crypto_ecc.c File Reference

public key cryptography (ECC) with libgcrypt More...

#include "platform.h"
#include <gcrypt.h>
#include "gnunet_crypto_lib.h"
#include "gnunet_strings_lib.h"
#include "benchmark.h"
Include dependency graph for crypto_ecc.c:

Go to the source code of this file.

Macros

#define EXTRA_CHECKS   0
 
#define CURVE   "Ed25519"
 Name of the curve we are using. More...
 
#define LOG(kind, ...)   GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
 
#define LOG_STRERROR(kind, syscall)   GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
 
#define LOG_STRERROR_FILE(kind, syscall, filename)   GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename)
 
#define LOG_GCRY(level, cmd, rc)
 Log an error message at log-level 'level' that indicates a failure of the command 'cmd' with the message given by gcry_strerror(rc). More...
 

Functions

static int key_from_sexp (gcry_mpi_t *array, gcry_sexp_t sexp, const char *topname, const char *elems)
 Extract values from an S-expression. More...
 
static gcry_sexp_t decode_private_ecdsa_key (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
 Convert the given private key from the network format to the S-expression that can be used by libgcrypt. More...
 
static gcry_sexp_t decode_private_eddsa_key (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
 Convert the given private key from the network format to the S-expression that can be used by libgcrypt. More...
 
static gcry_sexp_t decode_private_ecdhe_key (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv)
 Convert the given private key from the network format to the S-expression that can be used by libgcrypt. More...
 
void GNUNET_CRYPTO_ecdsa_key_get_public (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 Extract the public key for the given private key. More...
 
void GNUNET_CRYPTO_eddsa_key_get_public (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
 Extract the public key for the given private key. More...
 
void GNUNET_CRYPTO_ecdhe_key_get_public (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
 Extract the public key for the given private key. More...
 
char * GNUNET_CRYPTO_ecdsa_public_key_to_string (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 Convert a public key to a string. More...
 
char * GNUNET_CRYPTO_eddsa_public_key_to_string (const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
 Convert a public key to a string. More...
 
char * GNUNET_CRYPTO_eddsa_private_key_to_string (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
 Convert a private key to a string. More...
 
char * GNUNET_CRYPTO_ecdsa_private_key_to_string (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv)
 Convert a private key to a string. More...
 
int GNUNET_CRYPTO_ecdsa_public_key_from_string (const char *enc, size_t enclen, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 Convert a string representing a public key to a public key. More...
 
int GNUNET_CRYPTO_eddsa_public_key_from_string (const char *enc, size_t enclen, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
 Convert a string representing a public key to a public key. More...
 
int GNUNET_CRYPTO_eddsa_private_key_from_string (const char *enc, size_t enclen, struct GNUNET_CRYPTO_EddsaPrivateKey *priv)
 Convert a string representing a private key to a private key. More...
 
void GNUNET_CRYPTO_ecdhe_key_clear (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
 Clear memory that was used to store a private key. More...
 
void GNUNET_CRYPTO_ecdsa_key_clear (struct GNUNET_CRYPTO_EcdsaPrivateKey *pk)
 Clear memory that was used to store a private key. More...
 
void GNUNET_CRYPTO_eddsa_key_clear (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
 Clear memory that was used to store a private key. More...
 
struct GNUNET_CRYPTO_EcdhePrivateKeyGNUNET_CRYPTO_ecdhe_key_create ()
 Create a new private key. More...
 
int GNUNET_CRYPTO_ecdhe_key_create2 (struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
 Create a new private key. More...
 
struct GNUNET_CRYPTO_EcdsaPrivateKeyGNUNET_CRYPTO_ecdsa_key_create ()
 Create a new private key. More...
 
struct GNUNET_CRYPTO_EddsaPrivateKeyGNUNET_CRYPTO_eddsa_key_create ()
 Create a new private key. More...
 
const struct GNUNET_CRYPTO_EcdsaPrivateKeyGNUNET_CRYPTO_ecdsa_key_get_anonymous ()
 Get the shared private key we use for anonymous users. More...
 
static gcry_sexp_t data_to_eddsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
 Convert the data specified in the given purpose argument to an S-expression suitable for signature operations. More...
 
static gcry_sexp_t data_to_ecdsa_value (const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose)
 Convert the data specified in the given purpose argument to an S-expression suitable for signature operations. More...
 
int GNUNET_CRYPTO_ecdsa_sign (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
 Sign a given block. More...
 
int GNUNET_CRYPTO_eddsa_sign (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
 Sign a given block. More...
 
int GNUNET_CRYPTO_ecdsa_verify (uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EcdsaSignature *sig, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 Verify signature. More...
 
int GNUNET_CRYPTO_eddsa_verify (uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
 Verify signature. More...
 
int GNUNET_CRYPTO_ecc_ecdh (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
 Derive key material from a public and a private ECDHE key. More...
 
static gcry_mpi_t derive_h (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, const char *context)
 Derive the 'h' value for key derivation, where 'h = H(l,P)'. More...
 
struct GNUNET_CRYPTO_EcdsaPrivateKeyGNUNET_CRYPTO_ecdsa_private_key_derive (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const char *label, const char *context)
 Derive a private key from a given private key and a label. More...
 
void GNUNET_CRYPTO_ecdsa_public_key_derive (const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, const char *label, const char *context, struct GNUNET_CRYPTO_EcdsaPublicKey *result)
 Derive a public key from a given public key and a label. More...
 
static void reverse_buffer (unsigned char *buffer, size_t length)
 Reverse the sequence of the bytes in buffer. More...
 
static gcry_mpi_t eddsa_d_to_a (gcry_mpi_t d)
 Convert the secret d of an EdDSA key to the value that is actually used in the EdDSA computation. More...
 
static int point_to_hash (gcry_mpi_point_t result, gcry_ctx_t ctx, struct GNUNET_HashCode *key_material)
 Take point from ECDH and convert it to key material. More...
 
int GNUNET_CRYPTO_eddsa_ecdh (const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
 Derive key material from a ECDH public key and a private EdDSA key. More...
 
int GNUNET_CRYPTO_ecdsa_ecdh (const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
 Derive key material from a ECDH public key and a private ECDSA key. More...
 
int GNUNET_CRYPTO_ecdh_eddsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
 Derive key material from a EdDSA public key and a private ECDH key. More...
 
int GNUNET_CRYPTO_ecdh_ecdsa (const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub, struct GNUNET_HashCode *key_material)
 Derive key material from a EcDSA public key and a private ECDH key. More...
 

Detailed Description

public key cryptography (ECC) with libgcrypt

Author
Christian Grothoff

Definition in file crypto_ecc.c.

Macro Definition Documentation

◆ EXTRA_CHECKS

#define EXTRA_CHECKS   0

Definition at line 32 of file crypto_ecc.c.

◆ CURVE

#define CURVE   "Ed25519"

Name of the curve we are using.

Note that we have hard-coded structs that use 256 bits, so using a bigger curve will require changes that break stuff badly. The name of the curve given here must be agreed by all peers and be supported by libgcrypt.

Definition at line 40 of file crypto_ecc.c.

Referenced by decode_private_ecdhe_key(), decode_private_ecdsa_key(), decode_private_eddsa_key(), GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_ecdhe_key_create2(), GNUNET_CRYPTO_ecdsa_ecdh(), GNUNET_CRYPTO_ecdsa_key_create(), GNUNET_CRYPTO_ecdsa_private_key_derive(), GNUNET_CRYPTO_ecdsa_public_key_derive(), GNUNET_CRYPTO_ecdsa_verify(), GNUNET_CRYPTO_eddsa_ecdh(), GNUNET_CRYPTO_eddsa_key_create(), and GNUNET_CRYPTO_eddsa_verify().

◆ LOG

#define LOG (   kind,
  ... 
)    GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)

◆ LOG_STRERROR

#define LOG_STRERROR (   kind,
  syscall 
)    GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)

Definition at line 44 of file crypto_ecc.c.

◆ LOG_STRERROR_FILE

#define LOG_STRERROR_FILE (   kind,
  syscall,
  filename 
)    GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, filename)

Definition at line 47 of file crypto_ecc.c.

◆ LOG_GCRY

#define LOG_GCRY (   level,
  cmd,
  rc 
)
Value:
do \
{ \
LOG (level, \
_ ("`%s' failed at %s:%d with error: %s\n"), \
cmd, \
__FILE__, \
__LINE__, \
gcry_strerror (rc)); \
} while (0)
#define _(String)
GNU gettext support macro.
Definition: platform.h:208

Log an error message at log-level 'level' that indicates a failure of the command 'cmd' with the message given by gcry_strerror(rc).

Definition at line 55 of file crypto_ecc.c.

Referenced by data_to_ecdsa_value(), data_to_eddsa_value(), decode_private_ecdhe_key(), decode_private_ecdsa_key(), decode_private_eddsa_key(), GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_ecdhe_key_create2(), GNUNET_CRYPTO_ecdsa_key_create(), GNUNET_CRYPTO_ecdsa_verify(), GNUNET_CRYPTO_eddsa_key_create(), GNUNET_CRYPTO_eddsa_verify(), and point_to_hash().

Function Documentation

◆ key_from_sexp()

static int key_from_sexp ( gcry_mpi_t *  array,
gcry_sexp_t  sexp,
const char *  topname,
const char *  elems 
)
static

Extract values from an S-expression.

Parameters
arraywhere to store the result(s)
sexpS-expression to parse
topnametop-level name in the S-expression that is of interest
elemsnames of the elements to extract
Returns
0 on success

Definition at line 77 of file crypto_ecc.c.

References list.

Referenced by GNUNET_CRYPTO_ecdhe_key_create2(), GNUNET_CRYPTO_ecdsa_key_create(), GNUNET_CRYPTO_ecdsa_sign(), GNUNET_CRYPTO_eddsa_key_create(), and GNUNET_CRYPTO_eddsa_sign().

81 {
82  gcry_sexp_t list;
83  gcry_sexp_t l2;
84  const char *s;
85  unsigned int i;
86  unsigned int idx;
87 
88  list = gcry_sexp_find_token (sexp, topname, 0);
89  if (! list)
90  return 1;
91  l2 = gcry_sexp_cadr (list);
92  gcry_sexp_release (list);
93  list = l2;
94  if (! list)
95  return 2;
96 
97  idx = 0;
98  for (s = elems; *s; s++, idx++)
99  {
100  l2 = gcry_sexp_find_token (list, s, 1);
101  if (! l2)
102  {
103  for (i = 0; i < idx; i++)
104  {
105  gcry_free (array[i]);
106  array[i] = NULL;
107  }
108  gcry_sexp_release (list);
109  return 3; /* required parameter not found */
110  }
111  array[idx] = gcry_sexp_nth_mpi (l2, 1, GCRYMPI_FMT_USG);
112  gcry_sexp_release (l2);
113  if (! array[idx])
114  {
115  for (i = 0; i < idx; i++)
116  {
117  gcry_free (array[i]);
118  array[i] = NULL;
119  }
120  gcry_sexp_release (list);
121  return 4; /* required parameter is invalid */
122  }
123  }
124  gcry_sexp_release (list);
125  return 0;
126 }
static int list
Set if we should print a list of currently running services.
Definition: gnunet-arm.c:64
Here is the caller graph for this function:

◆ decode_private_ecdsa_key()

static gcry_sexp_t decode_private_ecdsa_key ( const struct GNUNET_CRYPTO_EcdsaPrivateKey priv)
static

Convert the given private key from the network format to the S-expression that can be used by libgcrypt.

Parameters
privprivate key to decode
Returns
NULL on error

Definition at line 137 of file crypto_ecc.c.

References CURVE, GNUNET_CRYPTO_EcdsaPrivateKey::d, GNUNET_assert, GNUNET_ERROR_TYPE_ERROR, LOG_GCRY, and result.

Referenced by GNUNET_CRYPTO_ecdsa_key_get_public(), and GNUNET_CRYPTO_ecdsa_sign().

138 {
139  gcry_sexp_t result;
140  int rc;
141 
142  rc = gcry_sexp_build (&result,
143  NULL,
144  "(private-key(ecc(curve \"" CURVE "\")"
145  "(d %b)))",
146  (int) sizeof (priv->d),
147  priv->d);
148  if (0 != rc)
149  {
150  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
151  GNUNET_assert (0);
152  }
153 #if EXTRA_CHECKS
154  if (0 != (rc = gcry_pk_testkey (result)))
155  {
156  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
157  GNUNET_assert (0);
158  }
159 #endif
160  return result;
161 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static int result
Global testing status.
#define LOG_GCRY(level, cmd, rc)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
Definition: crypto_ecc.c:55
#define CURVE
Name of the curve we are using.
Definition: crypto_ecc.c:40
unsigned char d[256/8]
d is a value mod n, where n has at most 256 bits.
Here is the caller graph for this function:

◆ decode_private_eddsa_key()

static gcry_sexp_t decode_private_eddsa_key ( const struct GNUNET_CRYPTO_EddsaPrivateKey priv)
static

Convert the given private key from the network format to the S-expression that can be used by libgcrypt.

Parameters
privprivate key to decode
Returns
NULL on error

Definition at line 172 of file crypto_ecc.c.

References CURVE, GNUNET_CRYPTO_EddsaPrivateKey::d, GNUNET_assert, GNUNET_ERROR_TYPE_ERROR, LOG_GCRY, and result.

Referenced by GNUNET_CRYPTO_eddsa_key_get_public(), and GNUNET_CRYPTO_eddsa_sign().

173 {
174  gcry_sexp_t result;
175  int rc;
176 
177  rc = gcry_sexp_build (&result,
178  NULL,
179  "(private-key(ecc(curve \"" CURVE "\")"
180  "(flags eddsa)(d %b)))",
181  (int) sizeof (priv->d),
182  priv->d);
183  if (0 != rc)
184  {
185  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
186  GNUNET_assert (0);
187  }
188 #if EXTRA_CHECKS
189  if (0 != (rc = gcry_pk_testkey (result)))
190  {
191  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
192  GNUNET_assert (0);
193  }
194 #endif
195  return result;
196 }
unsigned char d[256/8]
d is a value mod n, where n has at most 256 bits.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static int result
Global testing status.
#define LOG_GCRY(level, cmd, rc)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
Definition: crypto_ecc.c:55
#define CURVE
Name of the curve we are using.
Definition: crypto_ecc.c:40
Here is the caller graph for this function:

◆ decode_private_ecdhe_key()

static gcry_sexp_t decode_private_ecdhe_key ( const struct GNUNET_CRYPTO_EcdhePrivateKey priv)
static

Convert the given private key from the network format to the S-expression that can be used by libgcrypt.

Parameters
privprivate key to decode
Returns
NULL on error

Definition at line 207 of file crypto_ecc.c.

References CURVE, GNUNET_CRYPTO_EcdhePrivateKey::d, GNUNET_assert, GNUNET_ERROR_TYPE_ERROR, LOG_GCRY, and result.

Referenced by GNUNET_CRYPTO_ecdhe_key_get_public().

208 {
209  gcry_sexp_t result;
210  int rc;
211 
212  rc = gcry_sexp_build (&result,
213  NULL,
214  "(private-key(ecc(curve \"" CURVE "\")"
215  "(d %b)))",
216  (int) sizeof (priv->d),
217  priv->d);
218  if (0 != rc)
219  {
220  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
221  GNUNET_assert (0);
222  }
223 #if EXTRA_CHECKS
224  if (0 != (rc = gcry_pk_testkey (result)))
225  {
226  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
227  GNUNET_assert (0);
228  }
229 #endif
230  return result;
231 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
unsigned char d[256/8]
d is a value mod n, where n has at most 256 bits.
static int result
Global testing status.
#define LOG_GCRY(level, cmd, rc)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
Definition: crypto_ecc.c:55
#define CURVE
Name of the curve we are using.
Definition: crypto_ecc.c:40
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_ecdsa_public_key_to_string()

char* GNUNET_CRYPTO_ecdsa_public_key_to_string ( const struct GNUNET_CRYPTO_EcdsaPublicKey pub)

Convert a public key to a string.

Parameters
pubkey to convert
Returns
string representing pub

Definition at line 334 of file crypto_ecc.c.

References end, GNUNET_free, GNUNET_malloc, and GNUNET_STRINGS_data_to_string().

Referenced by attribute_delegation_to_json(), create_finished(), credential_to_json(), credential_value_to_string(), ego_get_for_subsystem(), get_ego(), gns_value_to_string(), GNUNET_CREDENTIAL_credential_to_string(), GNUNET_GNSRECORD_pkey_to_zkey(), handle_collect_response(), handle_verify_response(), handle_verify_result(), id_connect_cb(), init_egos(), list_ego(), print_ego(), and send_cred_response().

336 {
337  char *pubkeybuf;
338  size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
339  char *end;
340 
341  if (keylen % 5 > 0)
342  keylen += 5 - keylen % 5;
343  keylen /= 5;
344  pubkeybuf = GNUNET_malloc (keylen + 1);
345  end =
346  GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
347  sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey),
348  pubkeybuf,
349  keylen);
350  if (NULL == end)
351  {
352  GNUNET_free (pubkeybuf);
353  return NULL;
354  }
355  *end = '\0';
356  return pubkeybuf;
357 }
static int end
Set if we are to shutdown all services (including ARM).
Definition: gnunet-arm.c:34
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
#define GNUNET_malloc(size)
Wrapper around malloc.
char * GNUNET_STRINGS_data_to_string(const void *data, size_t size, char *out, size_t out_size)
Convert binary data to ASCII encoding using CrockfordBase32.
Definition: strings.c:924
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_eddsa_public_key_to_string()

char* GNUNET_CRYPTO_eddsa_public_key_to_string ( const struct GNUNET_CRYPTO_EddsaPublicKey pub)

Convert a public key to a string.

Parameters
pubkey to convert
Returns
string representing pub

Definition at line 367 of file crypto_ecc.c.

References end, GNUNET_free, GNUNET_malloc, and GNUNET_STRINGS_data_to_string().

Referenced by conversation_value_to_string(), create_keys(), GCP_2s(), GNUNET_FRIENDS_write(), GNUNET_HELLO_compose_uri(), GNUNET_i2s(), GNUNET_i2s2(), GNUNET_i2s_full(), main(), print_key(), run(), and uri_loc_to_string().

369 {
370  char *pubkeybuf;
371  size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
372  char *end;
373 
374  if (keylen % 5 > 0)
375  keylen += 5 - keylen % 5;
376  keylen /= 5;
377  pubkeybuf = GNUNET_malloc (keylen + 1);
378  end =
379  GNUNET_STRINGS_data_to_string ((unsigned char *) pub,
380  sizeof (struct GNUNET_CRYPTO_EddsaPublicKey),
381  pubkeybuf,
382  keylen);
383  if (NULL == end)
384  {
385  GNUNET_free (pubkeybuf);
386  return NULL;
387  }
388  *end = '\0';
389  return pubkeybuf;
390 }
static int end
Set if we are to shutdown all services (including ARM).
Definition: gnunet-arm.c:34
#define GNUNET_malloc(size)
Wrapper around malloc.
char * GNUNET_STRINGS_data_to_string(const void *data, size_t size, char *out, size_t out_size)
Convert binary data to ASCII encoding using CrockfordBase32.
Definition: strings.c:924
#define GNUNET_free(ptr)
Wrapper around free.
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_eddsa_private_key_to_string()

char* GNUNET_CRYPTO_eddsa_private_key_to_string ( const struct GNUNET_CRYPTO_EddsaPrivateKey priv)

Convert a private key to a string.

Parameters
privkey to convert
Returns
string representing pub

Definition at line 400 of file crypto_ecc.c.

References end, GNUNET_free, GNUNET_malloc, and GNUNET_STRINGS_data_to_string().

Referenced by run().

402 {
403  char *privkeybuf;
404  size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
405  char *end;
406 
407  if (keylen % 5 > 0)
408  keylen += 5 - keylen % 5;
409  keylen /= 5;
410  privkeybuf = GNUNET_malloc (keylen + 1);
411  end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
412  sizeof (
414  privkeybuf,
415  keylen);
416  if (NULL == end)
417  {
418  GNUNET_free (privkeybuf);
419  return NULL;
420  }
421  *end = '\0';
422  return privkeybuf;
423 }
static int end
Set if we are to shutdown all services (including ARM).
Definition: gnunet-arm.c:34
Private ECC key encoded for transmission.
#define GNUNET_malloc(size)
Wrapper around malloc.
char * GNUNET_STRINGS_data_to_string(const void *data, size_t size, char *out, size_t out_size)
Convert binary data to ASCII encoding using CrockfordBase32.
Definition: strings.c:924
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_ecdsa_private_key_to_string()

char* GNUNET_CRYPTO_ecdsa_private_key_to_string ( const struct GNUNET_CRYPTO_EcdsaPrivateKey priv)

Convert a private key to a string.

Parameters
privkey to convert
Returns
string representing priv

Definition at line 433 of file crypto_ecc.c.

References end, GNUNET_free, GNUNET_malloc, and GNUNET_STRINGS_data_to_string().

Referenced by create_finished(), and print_ego().

435 {
436  char *privkeybuf;
437  size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)) * 8;
438  char *end;
439 
440  if (keylen % 5 > 0)
441  keylen += 5 - keylen % 5;
442  keylen /= 5;
443  privkeybuf = GNUNET_malloc (keylen + 1);
444  end = GNUNET_STRINGS_data_to_string ((unsigned char *) priv,
445  sizeof (
447  privkeybuf,
448  keylen);
449  if (NULL == end)
450  {
451  GNUNET_free (privkeybuf);
452  return NULL;
453  }
454  *end = '\0';
455  return privkeybuf;
456 }
static int end
Set if we are to shutdown all services (including ARM).
Definition: gnunet-arm.c:34
Private ECC key encoded for transmission.
#define GNUNET_malloc(size)
Wrapper around malloc.
char * GNUNET_STRINGS_data_to_string(const void *data, size_t size, char *out, size_t out_size)
Convert binary data to ASCII encoding using CrockfordBase32.
Definition: strings.c:924
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_ecdsa_public_key_from_string()

int GNUNET_CRYPTO_ecdsa_public_key_from_string ( const char *  enc,
size_t  enclen,
struct GNUNET_CRYPTO_EcdsaPublicKey pub 
)

Convert a string representing a public key to a public key.

Parameters
encencoded public key
enclennumber of bytes in enc (without 0-terminator)
pubwhere to store the public key
Returns
GNUNET_OK on success

Definition at line 468 of file crypto_ecc.c.

References GNUNET_OK, GNUNET_STRINGS_string_to_data(), and GNUNET_SYSERR.

Referenced by access_handler_callback(), authorize_endpoint(), code_redirect(), collect_cred_cont(), create_response(), credential_string_to_value(), get_cred_issuer_cb(), gns_string_to_value(), GNUNET_CREDENTIAL_credential_from_string(), GNUNET_GNS_lookup_with_tld(), GNUNET_GNSRECORD_zkey_to_pkey(), identity_cb(), json_to_credential(), lookup_it_finished(), run(), run_with_zone_pkey(), start_process(), tld_iter(), and verify_cred_cont().

472 {
473  size_t keylen = (sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey)) * 8;
474 
475  if (keylen % 5 > 0)
476  keylen += 5 - keylen % 5;
477  keylen /= 5;
478  if (enclen != keylen)
479  return GNUNET_SYSERR;
480 
481  if (GNUNET_OK !=
483  enclen,
484  pub,
485  sizeof (
487  return GNUNET_SYSERR;
488  return GNUNET_OK;
489 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
static OpusEncoder * enc
OPUS encoder.
int GNUNET_STRINGS_string_to_data(const char *enc, size_t enclen, void *out, size_t out_size)
Convert CrockfordBase32 encoding back to data.
Definition: strings.c:1021
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_eddsa_public_key_from_string()

int GNUNET_CRYPTO_eddsa_public_key_from_string ( const char *  enc,
size_t  enclen,
struct GNUNET_CRYPTO_EddsaPublicKey pub 
)

Convert a string representing a public key to a public key.

Parameters
encencoded public key
enclennumber of bytes in enc (without 0-terminator)
pubwhere to store the public key
Returns
GNUNET_OK on success

Definition at line 501 of file crypto_ecc.c.

References GNUNET_OK, GNUNET_STRINGS_string_to_data(), and GNUNET_SYSERR.

Referenced by blacklist_cfg_iter(), conversation_string_to_value(), create_keys(), gns_string_to_value(), GNUNET_FRIENDS_parse(), hosts_directory_scan_callback(), run(), s2i_full(), server_parse_url(), show_peer(), and uri_loc_parse().

505 {
506  size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) * 8;
507 
508  if (keylen % 5 > 0)
509  keylen += 5 - keylen % 5;
510  keylen /= 5;
511  if (enclen != keylen)
512  return GNUNET_SYSERR;
513 
514  if (GNUNET_OK !=
516  enclen,
517  pub,
518  sizeof (
520  return GNUNET_SYSERR;
521  return GNUNET_OK;
522 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
static OpusEncoder * enc
OPUS encoder.
int GNUNET_STRINGS_string_to_data(const char *enc, size_t enclen, void *out, size_t out_size)
Convert CrockfordBase32 encoding back to data.
Definition: strings.c:1021
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GNUNET_CRYPTO_eddsa_private_key_from_string()

int GNUNET_CRYPTO_eddsa_private_key_from_string ( const char *  enc,
size_t  enclen,
struct GNUNET_CRYPTO_EddsaPrivateKey priv 
)

Convert a string representing a private key to a private key.

Parameters
encencoded public key
enclennumber of bytes in enc (without 0-terminator)
privwhere to store the private key
Returns
GNUNET_OK on success

Definition at line 534 of file crypto_ecc.c.

References GNUNET_break, GNUNET_OK, GNUNET_STRINGS_string_to_data(), and GNUNET_SYSERR.

538 {
539  size_t keylen = (sizeof (struct GNUNET_CRYPTO_EddsaPrivateKey)) * 8;
540 
541  if (keylen % 5 > 0)
542  keylen += 5 - keylen % 5;
543  keylen /= 5;
544  if (enclen != keylen)
545  return GNUNET_SYSERR;
546 
547  if (GNUNET_OK !=
549  enclen,
550  priv,
551  sizeof (
553  return GNUNET_SYSERR;
554 #if CRYPTO_BUG
555  if (GNUNET_OK != check_eddsa_key (priv))
556  {
557  GNUNET_break (0);
558  return GNUNET_OK;
559  }
560 #endif
561  return GNUNET_OK;
562 }
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
Private ECC key encoded for transmission.
static OpusEncoder * enc
OPUS encoder.
int GNUNET_STRINGS_string_to_data(const char *enc, size_t enclen, void *out, size_t out_size)
Convert CrockfordBase32 encoding back to data.
Definition: strings.c:1021
Here is the call graph for this function:

◆ data_to_eddsa_value()

static gcry_sexp_t data_to_eddsa_value ( const struct GNUNET_CRYPTO_EccSignaturePurpose purpose)
static

Convert the data specified in the given purpose argument to an S-expression suitable for signature operations.

Parameters
purposedata to convert
Returns
converted s-expression

Definition at line 841 of file crypto_ecc.c.

References data, GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_ERROR, LOG_GCRY, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by GNUNET_CRYPTO_eddsa_sign(), and GNUNET_CRYPTO_eddsa_verify().

842 {
843  gcry_sexp_t data;
844  int rc;
845 
846 /* SEE #5398 */
847 #if 1
848  struct GNUNET_HashCode hc;
849 
850  GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
851  if (0 != (rc = gcry_sexp_build (&data,
852  NULL,
853  "(data(flags eddsa)(hash-algo %s)(value %b))",
854  "sha512",
855  (int) sizeof (hc),
856  &hc)))
857  {
858  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
859  return NULL;
860  }
861 #else
862  GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
863  if (0 != (rc = gcry_sexp_build (&data,
864  NULL,
865  "(data(flags eddsa)(hash-algo %s)(value %b))",
866  "sha512",
867  ntohl (purpose->size),
868  purpose)))
869  {
870  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
871  return NULL;
872  }
873 #endif
874  return data;
875 }
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:44
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
A 512-bit hashcode.
#define LOG_GCRY(level, cmd, rc)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
Definition: crypto_ecc.c:55
uint32_t data
The data value.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ data_to_ecdsa_value()

static gcry_sexp_t data_to_ecdsa_value ( const struct GNUNET_CRYPTO_EccSignaturePurpose purpose)
static

Convert the data specified in the given purpose argument to an S-expression suitable for signature operations.

Parameters
purposedata to convert
Returns
converted s-expression

Definition at line 886 of file crypto_ecc.c.

References data, GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_ERROR, LOG_GCRY, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by GNUNET_CRYPTO_ecdsa_sign(), and GNUNET_CRYPTO_ecdsa_verify().

887 {
888  gcry_sexp_t data;
889  int rc;
890 
891 /* See #5398 */
892 #if 1
893  struct GNUNET_HashCode hc;
894 
895  GNUNET_CRYPTO_hash (purpose, ntohl (purpose->size), &hc);
896  if (0 != (rc = gcry_sexp_build (&data,
897  NULL,
898  "(data(flags rfc6979)(hash %s %b))",
899  "sha512",
900  (int) sizeof (hc),
901  &hc)))
902  {
903  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
904  return NULL;
905  }
906 #else
907  if (0 != (rc = gcry_sexp_build (&data,
908  NULL,
909  "(data(flags rfc6979)(hash %s %b))",
910  "sha512",
911  ntohl (purpose->size),
912  purpose)))
913  {
914  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
915  return NULL;
916  }
917 #endif
918  return data;
919 }
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:44
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
A 512-bit hashcode.
#define LOG_GCRY(level, cmd, rc)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
Definition: crypto_ecc.c:55
uint32_t data
The data value.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ derive_h()

static gcry_mpi_t derive_h ( const struct GNUNET_CRYPTO_EcdsaPublicKey pub,
const char *  label,
const char *  context 
)
static

Derive the 'h' value for key derivation, where 'h = H(l,P)'.

Parameters
pubpublic key for deriviation
labellabel for deriviation
contextadditional context to use for HKDF of 'h'; typically the name of the subsystem/application
Returns
h value

Definition at line 1257 of file crypto_ecc.c.

References GNUNET_CRYPTO_kdf(), GNUNET_CRYPTO_mpi_scan_unsigned(), and h.

Referenced by GNUNET_CRYPTO_ecdsa_private_key_derive(), and GNUNET_CRYPTO_ecdsa_public_key_derive().

1260 {
1261  gcry_mpi_t h;
1262  struct GNUNET_HashCode hc;
1263  static const char *const salt = "key-derivation";
1264 
1265  GNUNET_CRYPTO_kdf (&hc,
1266  sizeof (hc),
1267  salt,
1268  strlen (salt),
1269  pub,
1270  sizeof (*pub),
1271  label,
1272  strlen (label),
1273  context,
1274  strlen (context),
1275  NULL,
1276  0);
1277  GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof (hc));
1278  return h;
1279 }
static struct GNUNET_ARM_Handle * h
Connection with ARM.
Definition: gnunet-arm.c:94
static pa_context * context
Pulseaudio context.
A 512-bit hashcode.
void GNUNET_CRYPTO_mpi_scan_unsigned(gcry_mpi_t *result, const void *data, size_t size)
Convert data buffer into MPI value.
Definition: crypto_mpi.c:128
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:91
Here is the call graph for this function:
Here is the caller graph for this function:

◆ reverse_buffer()

static void reverse_buffer ( unsigned char *  buffer,
size_t  length 
)
static

Reverse the sequence of the bytes in buffer.

Parameters

Definition at line 1396 of file crypto_ecc.c.

Referenced by eddsa_d_to_a().

1397 {
1398  unsigned char tmp;
1399  size_t i;
1400 
1401  for (i = 0; i < length / 2; i++)
1402  {
1403  tmp = buffer[i];
1404  buffer[i] = buffer[length - 1 - i];
1405  buffer[length - 1 - i] = tmp;
1406  }
1407 }
Here is the caller graph for this function:

◆ eddsa_d_to_a()

static gcry_mpi_t eddsa_d_to_a ( gcry_mpi_t  d)
static

Convert the secret d of an EdDSA key to the value that is actually used in the EdDSA computation.

Parameters
dsecret input
Returns
value used for the calculation in EdDSA

Definition at line 1418 of file crypto_ecc.c.

References GNUNET_assert, GNUNET_CRYPTO_mpi_scan_unsigned(), and reverse_buffer().

Referenced by GNUNET_CRYPTO_eddsa_ecdh().

1419 {
1420  unsigned char rawmpi[32]; /* 256-bit value */
1421  size_t rawmpilen;
1422  unsigned char digest[64]; /* 512-bit hash value */
1423  gcry_buffer_t hvec[2];
1424  unsigned int b;
1425  gcry_mpi_t a;
1426 
1427  b = 256 / 8; /* number of bytes in `d` */
1428 
1429  /* Note that we clear DIGEST so we can use it as input to left pad
1430  the key with zeroes for hashing. */
1431  memset (digest, 0, sizeof digest);
1432  memset (hvec, 0, sizeof hvec);
1433  rawmpilen = sizeof (rawmpi);
1434  GNUNET_assert (
1435  0 == gcry_mpi_print (GCRYMPI_FMT_USG, rawmpi, rawmpilen, &rawmpilen, d));
1436  hvec[0].data = digest;
1437  hvec[0].off = 0;
1438  hvec[0].len = b > rawmpilen ? (b - rawmpilen) : 0;
1439  hvec[1].data = rawmpi;
1440  hvec[1].off = 0;
1441  hvec[1].len = rawmpilen;
1442  GNUNET_assert (
1443  0 == gcry_md_hash_buffers (GCRY_MD_SHA512, 0 /* flags */, digest, hvec, 2));
1444  /* Compute the A value. */
1445  reverse_buffer (digest, 32); /* Only the first half of the hash. */
1446  digest[0] = (digest[0] & 0x7f) | 0x40;
1447  digest[31] &= 0xf8;
1448 
1449  GNUNET_CRYPTO_mpi_scan_unsigned (&a, digest, 32);
1450  return a;
1451 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static void reverse_buffer(unsigned char *buffer, size_t length)
Reverse the sequence of the bytes in buffer.
Definition: crypto_ecc.c:1396
void GNUNET_CRYPTO_mpi_scan_unsigned(gcry_mpi_t *result, const void *data, size_t size)
Convert data buffer into MPI value.
Definition: crypto_mpi.c:128
Here is the call graph for this function:
Here is the caller graph for this function:

◆ point_to_hash()

static int point_to_hash ( gcry_mpi_point_t  result,
gcry_ctx_t  ctx,
struct GNUNET_HashCode key_material 
)
static

Take point from ECDH and convert it to key material.

Parameters
resultpoint from ECDH
ctxECC context
key_material[out]set to derived key material
Returns
GNUNET_OK on success

Definition at line 1463 of file crypto_ecc.c.

References GNUNET_assert, GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_ERROR, GNUNET_OK, GNUNET_SYSERR, and LOG_GCRY.

Referenced by GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_ecdsa_ecdh(), and GNUNET_CRYPTO_eddsa_ecdh().

1466 {
1467  gcry_mpi_t result_x;
1468  unsigned char xbuf[256 / 8];
1469  size_t rsize;
1470 
1471  /* finally, convert point to string for hashing */
1472  result_x = gcry_mpi_new (256);
1473  if (gcry_mpi_ec_get_affine (result_x, NULL, result, ctx))
1474  {
1475  LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "get_affine failed", 0);
1476  return GNUNET_SYSERR;
1477  }
1478 
1479  rsize = sizeof (xbuf);
1480  GNUNET_assert (! gcry_mpi_get_flag (result_x, GCRYMPI_FLAG_OPAQUE));
1481  /* result_x can be negative here, so we do not use 'GNUNET_CRYPTO_mpi_print_unsigned'
1482  as that does not include the sign bit; x should be a 255-bit
1483  value, so with the sign it should fit snugly into the 256-bit
1484  xbuf */
1485  GNUNET_assert (
1486  0 == gcry_mpi_print (GCRYMPI_FMT_STD, xbuf, rsize, &rsize, result_x));
1487  GNUNET_CRYPTO_hash (xbuf, rsize, key_material);
1488  gcry_mpi_release (result_x);
1489  return GNUNET_OK;
1490 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:78
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:44
static int result
Global testing status.
#define GNUNET_SYSERR
Definition: gnunet_common.h:79
#define LOG_GCRY(level, cmd, rc)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
Definition: crypto_ecc.c:55
Here is the call graph for this function:
Here is the caller graph for this function: