GNUnet 0.28.0-dev.2-5-gff43856e1
 
Loading...
Searching...
No Matches
crypto_ecc_setup.c
Go to the documentation of this file.
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2012, 2013, 2015, 2020, 2023 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
27#include "platform.h"
28#include <gcrypt.h>
29#include "gnunet_util_lib.h"
30
31#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
32
33#define LOG_STRERROR(kind, syscall) \
34 GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
35
36#define LOG_STRERROR_FILE(kind, syscall, filename) \
37 GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, \
38 filename)
39
45#define LOG_GCRY(level, cmd, rc) \
46 do \
47 { \
48 LOG (level, \
49 _ ("`%s' failed at %s:%d with error: %s\n"), \
50 cmd, \
51 __FILE__, \
52 __LINE__, \
53 gcry_strerror (rc)); \
54 } while (0)
55
56
66static enum GNUNET_GenericReturnValue
67read_from_file (const char *filename,
68 void *buf,
69 size_t buf_size)
70{
71 int fd;
72 struct stat sb;
73
74 fd = open (filename,
75 O_RDONLY);
76 if (-1 == fd)
77 {
78 memset (buf,
79 0,
80 buf_size);
81 return GNUNET_SYSERR;
82 }
83 if (0 != fstat (fd,
84 &sb))
85 {
86 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
87 "stat",
88 filename);
89 GNUNET_assert (0 == close (fd));
90 memset (buf,
91 0,
92 buf_size);
93 return GNUNET_SYSERR;
94 }
95 if (sb.st_size != buf_size)
96 {
97 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
98 "File `%s' has wrong size (%llu), expected %llu bytes\n",
99 filename,
100 (unsigned long long) sb.st_size,
101 (unsigned long long) buf_size);
102 GNUNET_assert (0 == close (fd));
103 memset (buf,
104 0,
105 buf_size);
106 return GNUNET_SYSERR;
107 }
108 if (buf_size !=
109 read (fd,
110 buf,
111 buf_size))
112 {
113 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
114 "read",
115 filename);
116 GNUNET_assert (0 == close (fd));
117 memset (buf,
118 0,
119 buf_size);
120 return GNUNET_SYSERR;
121 }
122 GNUNET_assert (0 == close (fd));
123 return GNUNET_OK;
124}
125
126
144enum GNUNET_GenericReturnValue
145GNUNET_CRYPTO_eddsa_key_from_file (const char *filename,
146 int do_create,
147 struct GNUNET_CRYPTO_EddsaPrivateKey *pkey)
148{
149 enum GNUNET_GenericReturnValue ret;
150
151 if (GNUNET_OK ==
152 read_from_file (filename,
153 pkey,
154 sizeof (*pkey)))
155 {
156 /* file existed, report that we didn't create it... */
157 return (do_create) ? GNUNET_NO : GNUNET_OK;
158 }
159 else if (! do_create)
160 {
161 return GNUNET_SYSERR;
162 }
163
164 GNUNET_CRYPTO_eddsa_key_create (pkey);
165 ret = GNUNET_DISK_fn_write (filename,
166 pkey,
167 sizeof (*pkey),
168 GNUNET_DISK_PERM_USER_READ);
169 if ( (GNUNET_OK == ret) ||
170 (GNUNET_SYSERR == ret) )
171 return ret;
172 /* maybe another process succeeded in the meantime, try reading one more time */
173 if (GNUNET_OK ==
174 read_from_file (filename,
175 pkey,
176 sizeof (*pkey)))
177 {
178 /* file existed, report that *we* didn't create it... */
179 return GNUNET_NO;
180 }
181 /* give up */
182 return GNUNET_SYSERR;
183}
184
185
194struct GNUNET_CRYPTO_EddsaPrivateKey *
195GNUNET_CRYPTO_eddsa_key_create_from_configuration (
196 const struct GNUNET_CONFIGURATION_Handle *cfg)
197{
198 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
199 char *fn;
200
201 if (GNUNET_OK !=
202 GNUNET_CONFIGURATION_get_value_filename (cfg,
203 "PEER",
204 "PRIVATE_KEY",
205 &fn))
206 return NULL;
207 priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey);
208 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_key_from_file (fn,
209 GNUNET_YES,
210 priv))
211 {
212 GNUNET_free (fn);
213 GNUNET_free (priv);
214 return NULL;
215 }
216 GNUNET_free (fn);
217 return priv;
218}
219
220
221enum GNUNET_GenericReturnValue
222GNUNET_CRYPTO_get_peer_identity (const struct GNUNET_CONFIGURATION_Handle *cfg,
223 struct GNUNET_PeerIdentity *dst)
224{
225 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
226
227 if (NULL == (priv = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg)))
228 {
229 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
230 _ ("Could not load peer's private key\n"));
231 return GNUNET_SYSERR;
232 }
233 GNUNET_CRYPTO_eddsa_key_get_public (priv,
234 &dst->public_key);
235 GNUNET_free (priv);
236 return GNUNET_OK;
237}
238
239
240enum GNUNET_GenericReturnValue
241GNUNET_CRYPTO_blinded_key_sign_by_peer_identity (const struct
242 GNUNET_CONFIGURATION_Handle *
243 cfg,
244 const struct
245 GNUNET_CRYPTO_SignaturePurpose
246 *purpose,
247 struct
248 GNUNET_CRYPTO_EddsaSignature *
249 sig)
250{
251 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
252 enum GNUNET_GenericReturnValue result;
253
254 if (NULL == (priv = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg)))
255 {
256 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
257 _ ("Could not load peer's private key\n"));
258 return GNUNET_SYSERR;
259 }
260
261 result = GNUNET_CRYPTO_eddsa_sign_ (priv, purpose, sig);
262 GNUNET_CRYPTO_eddsa_key_clear (priv);
263 return result;
264}
265
266
267enum GNUNET_GenericReturnValue
268GNUNET_CRYPTO_verify_peer_identity (uint32_t purpose,
269 const struct
270 GNUNET_CRYPTO_SignaturePurpose *validate,
271 const struct
272 GNUNET_CRYPTO_EddsaSignature *sig,
273 const struct GNUNET_PeerIdentity *identity)
274{
275 return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, sig,
276 &identity->public_key);
277}
278
279
303/* end of crypto_ecc_setup.c */
read_from_file
static enum GNUNET_GenericReturnValue read_from_file(const char *filename, void *buf, size_t buf_size)
Read file to buf.
Definition crypto_ecc_setup.c:67
ret
static int ret
Final status code.
Definition gnunet-arm.c:93
cfg
static struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
Definition gnunet-arm.c:108
filename
static char * filename
Definition gnunet-download.c:52
pkey
static char * pkey
Public key of the zone to look in, in ASCII.
Definition gnunet-namecache.c:58
identity
static struct GNUNET_IDENTITY_Handle * identity
Which namespace do we publish to? NULL if we do not publish to a namespace.
Definition gnunet-publish.c:142
result
static int result
Global testing status.
Definition gnunet-regex-profiler.c:240
gnunet_util_lib.h
GNUNET_CONFIGURATION_get_value_filename
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_filename(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be the name of a file or directory.
Definition configuration.c:2236
GNUNET_CRYPTO_eddsa_verify_
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
Definition crypto_ecc.c:731
GNUNET_CRYPTO_eddsa_key_from_file
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_key_from_file(const char *filename, int do_create, struct GNUNET_CRYPTO_EddsaPrivateKey *pkey)
Create a new private key by reading it from a file.
Definition crypto_ecc_setup.c:145
GNUNET_CRYPTO_eddsa_key_get_public
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition crypto_ecc.c:201
GNUNET_CRYPTO_eddsa_key_clear
void GNUNET_CRYPTO_eddsa_key_clear(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
Clear memory that was used to store a private key.
Definition crypto_ecc.c:447
GNUNET_CRYPTO_eddsa_sign_
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition crypto_ecc.c:648
GNUNET_CRYPTO_eddsa_key_create
void GNUNET_CRYPTO_eddsa_key_create(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
Create a new private key.
Definition crypto_ecc.c:480
GNUNET_CRYPTO_blinded_key_sign_by_peer_identity
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_blinded_key_sign_by_peer_identity(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
Sign a given block with a specific purpose using the host's peer identity.
Definition crypto_ecc_setup.c:241
GNUNET_CRYPTO_verify_peer_identity
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_verify_peer_identity(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_PeerIdentity *identity)
Verify a given signature with a peer's identity.
Definition crypto_ecc_setup.c:268
GNUNET_CRYPTO_get_peer_identity
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_get_peer_identity(const struct GNUNET_CONFIGURATION_Handle *cfg, struct GNUNET_PeerIdentity *dst)
Retrieve the identity of the host's peer.
Definition crypto_ecc_setup.c:222
GNUNET_CRYPTO_eddsa_key_create_from_configuration
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer's key from the file specified in the configuration.
Definition crypto_ecc_setup.c:195
GNUNET_DISK_fn_write
enum GNUNET_GenericReturnValue GNUNET_DISK_fn_write(const char *fn, const void *buf, size_t buf_size, enum GNUNET_DISK_AccessPermissions mode)
Write a buffer to a file atomically.
Definition disk.c:792
GNUNET_DISK_PERM_USER_READ
@ GNUNET_DISK_PERM_USER_READ
Owner can read.
Definition gnunet_disk_lib.h:185
GNUNET_log
#define GNUNET_log(kind,...)
Definition gnunet_common.h:551
GNUNET_GenericReturnValue
GNUNET_GenericReturnValue
Named constants for return values.
Definition gnunet_common.h:111
GNUNET_OK
@ GNUNET_OK
Definition gnunet_common.h:114
GNUNET_YES
@ GNUNET_YES
Definition gnunet_common.h:116
GNUNET_NO
@ GNUNET_NO
Definition gnunet_common.h:113
GNUNET_SYSERR
@ GNUNET_SYSERR
Definition gnunet_common.h:112
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition gnunet_common.h:960
GNUNET_log_strerror_file
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level 'level' that indicates a failure of the command 'cmd' with the mess...
Definition gnunet_common.h:1126
GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_WARNING
Definition gnunet_common.h:418
GNUNET_ERROR_TYPE_ERROR
@ GNUNET_ERROR_TYPE_ERROR
Definition gnunet_common.h:417
GNUNET_new
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition gnunet_common.h:1240
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition gnunet_common.h:1415
_
#define _(String)
GNU gettext support macro.
Definition platform.h:179
GNUNET_CONFIGURATION_Handle
configuration data
Definition configuration.c:149
GNUNET_CRYPTO_EddsaPrivateKey
Private ECC key encoded for transmission.
Definition gnunet_crypto_lib.h:283
GNUNET_CRYPTO_EddsaSignature
an ECC signature using EdDSA.
Definition gnunet_crypto_lib.h:170
GNUNET_CRYPTO_SignaturePurpose
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
Definition gnunet_crypto_lib.h:147
GNUNET_PeerIdentity
The identity of the host (wraps the signing key of the peer).
Definition gnunet_crypto_lib.h:235
GNUNET_PeerIdentity::public_key
struct GNUNET_CRYPTO_EddsaPublicKey public_key
Definition gnunet_crypto_lib.h:236