GNUnet 0.25.2-11-g84e94e98c
 
Loading...
Searching...
No Matches
crypto_ecc_setup.c
Go to the documentation of this file.
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2012, 2013, 2015, 2020, 2023 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
27#include "platform.h"
28#include <gcrypt.h>
29#include "gnunet_util_lib.h"
30
31#define LOG(kind, ...) GNUNET_log_from (kind, "util-crypto-ecc", __VA_ARGS__)
32
33#define LOG_STRERROR(kind, syscall) \
34 GNUNET_log_from_strerror (kind, "util-crypto-ecc", syscall)
35
36#define LOG_STRERROR_FILE(kind, syscall, filename) \
37 GNUNET_log_from_strerror_file (kind, "util-crypto-ecc", syscall, \
38 filename)
39
45#define LOG_GCRY(level, cmd, rc) \
46 do \
47 { \
48 LOG (level, \
49 _ ("`%s' failed at %s:%d with error: %s\n"), \
50 cmd, \
51 __FILE__, \
52 __LINE__, \
53 gcry_strerror (rc)); \
54 } while (0)
55
56
66static enum GNUNET_GenericReturnValue
67read_from_file (const char *filename,
68 void *buf,
69 size_t buf_size)
70{
71 int fd;
72 struct stat sb;
73
74 fd = open (filename,
75 O_RDONLY);
76 if (-1 == fd)
77 {
78 memset (buf,
79 0,
80 buf_size);
81 return GNUNET_SYSERR;
82 }
83 if (0 != fstat (fd,
84 &sb))
85 {
86 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
87 "stat",
88 filename);
89 GNUNET_assert (0 == close (fd));
90 memset (buf,
91 0,
92 buf_size);
93 return GNUNET_SYSERR;
94 }
95 if (sb.st_size != buf_size)
96 {
97 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
98 "File `%s' has wrong size (%llu), expected %llu bytes\n",
99 filename,
100 (unsigned long long) sb.st_size,
101 (unsigned long long) buf_size);
102 GNUNET_assert (0 == close (fd));
103 memset (buf,
104 0,
105 buf_size);
106 return GNUNET_SYSERR;
107 }
108 if (buf_size !=
109 read (fd,
110 buf,
111 buf_size))
112 {
113 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
114 "read",
115 filename);
116 GNUNET_assert (0 == close (fd));
117 memset (buf,
118 0,
119 buf_size);
120 return GNUNET_SYSERR;
121 }
122 GNUNET_assert (0 == close (fd));
123 return GNUNET_OK;
124}
125
126
144enum GNUNET_GenericReturnValue
145GNUNET_CRYPTO_eddsa_key_from_file (const char *filename,
146 int do_create,
147 struct GNUNET_CRYPTO_EddsaPrivateKey *pkey)
148{
149 enum GNUNET_GenericReturnValue ret;
150
151 if (GNUNET_OK ==
152 read_from_file (filename,
153 pkey,
154 sizeof (*pkey)))
155 {
156 /* file existed, report that we didn't create it... */
157 return (do_create) ? GNUNET_NO : GNUNET_OK;
158 }
159 else if (! do_create)
160 {
161 return GNUNET_SYSERR;
162 }
163
164 GNUNET_CRYPTO_eddsa_key_create (pkey);
165 ret = GNUNET_DISK_fn_write (filename,
166 pkey,
167 sizeof (*pkey),
168 GNUNET_DISK_PERM_USER_READ);
169 if ( (GNUNET_OK == ret) ||
170 (GNUNET_SYSERR == ret) )
171 return ret;
172 /* maybe another process succeeded in the meantime, try reading one more time */
173 if (GNUNET_OK ==
174 read_from_file (filename,
175 pkey,
176 sizeof (*pkey)))
177 {
178 /* file existed, report that *we* didn't create it... */
179 return GNUNET_NO;
180 }
181 /* give up */
182 return GNUNET_SYSERR;
183}
184
185
201enum GNUNET_GenericReturnValue
202GNUNET_CRYPTO_ecdsa_key_from_file (const char *filename,
203 int do_create,
204 struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey)
205{
206 if (GNUNET_OK ==
207 read_from_file (filename,
208 pkey,
209 sizeof (*pkey)))
210 {
211 /* file existed, report that we didn't create it... */
212 return (do_create) ? GNUNET_NO : GNUNET_OK;
213 }
214 else if (! do_create)
215 {
216 return GNUNET_SYSERR;
217 }
218 GNUNET_CRYPTO_ecdsa_key_create (pkey);
219 if (GNUNET_OK ==
220 GNUNET_DISK_fn_write (filename,
221 pkey,
222 sizeof (*pkey),
223 GNUNET_DISK_PERM_USER_READ))
224 return GNUNET_OK;
225 /* maybe another process succeeded in the meantime, try reading one more time */
226 if (GNUNET_OK ==
227 read_from_file (filename,
228 pkey,
229 sizeof (*pkey)))
230 {
231 /* file existed, report that *we* didn't create it... */
232 return GNUNET_NO;
233 }
234 /* give up */
235 return GNUNET_SYSERR;
236}
237
238
247struct GNUNET_CRYPTO_EddsaPrivateKey *
248GNUNET_CRYPTO_eddsa_key_create_from_configuration (
249 const struct GNUNET_CONFIGURATION_Handle *cfg)
250{
251 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
252 char *fn;
253
254 if (GNUNET_OK !=
255 GNUNET_CONFIGURATION_get_value_filename (cfg,
256 "PEER",
257 "PRIVATE_KEY",
258 &fn))
259 return NULL;
260 priv = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey);
261 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_key_from_file (fn,
262 GNUNET_YES,
263 priv))
264 {
265 GNUNET_free (fn);
266 GNUNET_free (priv);
267 return NULL;
268 }
269 GNUNET_free (fn);
270 return priv;
271}
272
273
274enum GNUNET_GenericReturnValue
275GNUNET_CRYPTO_get_peer_identity (const struct GNUNET_CONFIGURATION_Handle *cfg,
276 struct GNUNET_PeerIdentity *dst)
277{
278 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
279
280 if (NULL == (priv = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg)))
281 {
282 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
283 _ ("Could not load peer's private key\n"));
284 return GNUNET_SYSERR;
285 }
286 GNUNET_CRYPTO_eddsa_key_get_public (priv,
287 &dst->public_key);
288 GNUNET_free (priv);
289 return GNUNET_OK;
290}
291
292
293enum GNUNET_GenericReturnValue
294GNUNET_CRYPTO_blinded_key_sign_by_peer_identity (const struct
295 GNUNET_CONFIGURATION_Handle *
296 cfg,
297 const struct
298 GNUNET_CRYPTO_SignaturePurpose
299 *purpose,
300 struct
301 GNUNET_CRYPTO_EddsaSignature *
302 sig)
303{
304 struct GNUNET_CRYPTO_EddsaPrivateKey *priv;
305 enum GNUNET_GenericReturnValue result;
306
307 if (NULL == (priv = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg)))
308 {
309 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
310 _ ("Could not load peer's private key\n"));
311 return GNUNET_SYSERR;
312 }
313
314 result = GNUNET_CRYPTO_eddsa_sign_ (priv, purpose, sig);
315 GNUNET_CRYPTO_eddsa_key_clear (priv);
316 return result;
317}
318
319
320enum GNUNET_GenericReturnValue
321GNUNET_CRYPTO_verify_peer_identity (uint32_t purpose,
322 const struct
323 GNUNET_CRYPTO_SignaturePurpose *validate,
324 const struct
325 GNUNET_CRYPTO_EddsaSignature *sig,
326 const struct GNUNET_PeerIdentity *identity)
327{
328 return GNUNET_CRYPTO_eddsa_verify_ (purpose, validate, sig,
329 &identity->public_key);
330}
331
332
356/* end of crypto_ecc_setup.c */
read_from_file
static enum GNUNET_GenericReturnValue read_from_file(const char *filename, void *buf, size_t buf_size)
Read file to buf.
Definition crypto_ecc_setup.c:67
ret
static int ret
Final status code.
Definition gnunet-arm.c:93
cfg
static struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
Definition gnunet-arm.c:108
filename
static char * filename
Definition gnunet-download.c:52
pkey
static char * pkey
Public key of the zone to look in, in ASCII.
Definition gnunet-namecache.c:58
identity
static struct GNUNET_IDENTITY_Handle * identity
Which namespace do we publish to? NULL if we do not publish to a namespace.
Definition gnunet-publish.c:142
result
static int result
Global testing status.
Definition gnunet-regex-profiler.c:240
gnunet_util_lib.h
GNUNET_CONFIGURATION_get_value_filename
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_filename(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be the name of a file or directory.
Definition configuration.c:2225
GNUNET_CRYPTO_eddsa_verify_
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_verify_(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
Definition crypto_ecc.c:708
GNUNET_CRYPTO_ecdsa_key_from_file
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_key_from_file(const char *filename, int do_create, struct GNUNET_CRYPTO_EcdsaPrivateKey *pkey)
Create a new private key by reading it from a file.
Definition crypto_ecc_setup.c:202
GNUNET_CRYPTO_eddsa_key_from_file
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_key_from_file(const char *filename, int do_create, struct GNUNET_CRYPTO_EddsaPrivateKey *pkey)
Create a new private key by reading it from a file.
Definition crypto_ecc_setup.c:145
GNUNET_CRYPTO_eddsa_key_get_public
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition crypto_ecc.c:201
GNUNET_CRYPTO_eddsa_key_clear
void GNUNET_CRYPTO_eddsa_key_clear(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
Clear memory that was used to store a private key.
Definition crypto_ecc.c:447
GNUNET_CRYPTO_eddsa_sign_
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_sign_(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition crypto_ecc.c:625
GNUNET_CRYPTO_eddsa_key_create
void GNUNET_CRYPTO_eddsa_key_create(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
Create a new private key.
Definition crypto_ecc.c:480
GNUNET_CRYPTO_blinded_key_sign_by_peer_identity
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_blinded_key_sign_by_peer_identity(const struct GNUNET_CONFIGURATION_Handle *cfg, const struct GNUNET_CRYPTO_SignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
Sign a given block with a specific purpose using the host's peer identity.
Definition crypto_ecc_setup.c:294
GNUNET_CRYPTO_ecdsa_key_create
void GNUNET_CRYPTO_ecdsa_key_create(struct GNUNET_CRYPTO_EcdsaPrivateKey *pk)
Create a new private key.
Definition crypto_ecc.c:465
GNUNET_CRYPTO_verify_peer_identity
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_verify_peer_identity(uint32_t purpose, const struct GNUNET_CRYPTO_SignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_PeerIdentity *identity)
Verify a given signature with a peer's identity.
Definition crypto_ecc_setup.c:321
GNUNET_CRYPTO_get_peer_identity
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_get_peer_identity(const struct GNUNET_CONFIGURATION_Handle *cfg, struct GNUNET_PeerIdentity *dst)
Retrieve the identity of the host's peer.
Definition crypto_ecc_setup.c:275
GNUNET_CRYPTO_eddsa_key_create_from_configuration
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer's key from the file specified in the configuration.
Definition crypto_ecc_setup.c:248
GNUNET_DISK_fn_write
enum GNUNET_GenericReturnValue GNUNET_DISK_fn_write(const char *fn, const void *buf, size_t buf_size, enum GNUNET_DISK_AccessPermissions mode)
Write a buffer to a file atomically.
Definition disk.c:750
GNUNET_DISK_PERM_USER_READ
@ GNUNET_DISK_PERM_USER_READ
Owner can read.
Definition gnunet_disk_lib.h:174
GNUNET_log
#define GNUNET_log(kind,...)
Definition gnunet_common.h:551
GNUNET_GenericReturnValue
GNUNET_GenericReturnValue
Named constants for return values.
Definition gnunet_common.h:111
GNUNET_OK
@ GNUNET_OK
Definition gnunet_common.h:114
GNUNET_YES
@ GNUNET_YES
Definition gnunet_common.h:116
GNUNET_NO
@ GNUNET_NO
Definition gnunet_common.h:113
GNUNET_SYSERR
@ GNUNET_SYSERR
Definition gnunet_common.h:112
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition gnunet_common.h:960
GNUNET_log_strerror_file
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level 'level' that indicates a failure of the command 'cmd' with the mess...
Definition gnunet_common.h:1126
GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_WARNING
Definition gnunet_common.h:418
GNUNET_ERROR_TYPE_ERROR
@ GNUNET_ERROR_TYPE_ERROR
Definition gnunet_common.h:417
GNUNET_new
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition gnunet_common.h:1240
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition gnunet_common.h:1415
_
#define _(String)
GNU gettext support macro.
Definition platform.h:179
GNUNET_CONFIGURATION_Handle
configuration data
Definition configuration.c:149
GNUNET_CRYPTO_EcdsaPrivateKey
Private ECC key encoded for transmission.
Definition gnunet_crypto_lib.h:266
GNUNET_CRYPTO_EddsaPrivateKey
Private ECC key encoded for transmission.
Definition gnunet_crypto_lib.h:278
GNUNET_CRYPTO_EddsaSignature
an ECC signature using EdDSA.
Definition gnunet_crypto_lib.h:165
GNUNET_CRYPTO_SignaturePurpose
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
Definition gnunet_crypto_lib.h:142
GNUNET_PeerIdentity
The identity of the host (wraps the signing key of the peer).
Definition gnunet_crypto_lib.h:230
GNUNET_PeerIdentity::public_key
struct GNUNET_CRYPTO_EddsaPublicKey public_key
Definition gnunet_crypto_lib.h:231