GNUnet  0.11.x
Data Structures | Macros | Functions
gnsrecord_crypto.c File Reference

API for GNS record-related crypto. More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_constants.h"
#include "gnunet_signatures.h"
#include "gnunet_arm_service.h"
#include "gnunet_gnsrecord_lib.h"
#include "gnunet_dnsparser_lib.h"
#include "gnunet_tun_lib.h"
Include dependency graph for gnsrecord_crypto.c:

Go to the source code of this file.

Data Structures

struct  KeyCacheLine
 Line in cache mapping private keys to public keys. More...
 

Macros

#define LOG(kind, ...)   GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)
 
#define CSIZE   64
 

Functions

ssize_t ecdsa_symmetric_decrypt (const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
 
ssize_t ecdsa_symmetric_encrypt (const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
 
enum GNUNET_GenericReturnValue eddsa_symmetric_decrypt (const void *block, size_t size, const unsigned char *key, const unsigned char *nonce, void *result)
 
enum GNUNET_GenericReturnValue eddsa_symmetric_encrypt (const void *block, size_t size, const unsigned char *key, const unsigned char *nonce, void *result)
 
static void derive_block_aes_key (unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
 Derive session key and iv from label and public key. More...
 
static void derive_block_xsalsa_key (unsigned char *nonce, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
 Derive session key and iv from label and public key. More...
 
static struct GNUNET_GNSRECORD_Blockblock_create_ecdsa (const struct GNUNET_CRYPTO_EcdsaPrivateKey *key, const struct GNUNET_CRYPTO_EcdsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
 Sign name and records. More...
 
static struct GNUNET_GNSRECORD_Blockblock_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, const struct GNUNET_CRYPTO_EddsaPublicKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
 Sign name and records (EDDSA version) More...
 
struct GNUNET_GNSRECORD_BlockGNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
 Sign name and records. More...
 
struct GNUNET_GNSRECORD_BlockGNUNET_GNSRECORD_block_create2 (const struct GNUNET_IDENTITY_PrivateKey *pkey, struct GNUNET_TIME_Absolute expire, const char *label, const struct GNUNET_GNSRECORD_Data *rd, unsigned int rd_count)
 Sign name and records, cache derived public key (also keeps the private key in static memory, so do not use this function if keeping the private key in the process'es RAM is a major issue). More...
 
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_verify (const struct GNUNET_GNSRECORD_Block *block)
 Check if a signature is valid. More...
 
enum GNUNET_GenericReturnValue block_decrypt_ecdsa (const struct GNUNET_GNSRECORD_EcdsaBlock *block, const struct GNUNET_CRYPTO_EcdsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
 
enum GNUNET_GenericReturnValue block_decrypt_eddsa (const struct GNUNET_GNSRECORD_EddsaBlock *block, const struct GNUNET_CRYPTO_EddsaPublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
 
enum GNUNET_GenericReturnValue GNUNET_GNSRECORD_block_decrypt (const struct GNUNET_GNSRECORD_Block *block, const struct GNUNET_IDENTITY_PublicKey *zone_key, const char *label, GNUNET_GNSRECORD_RecordCallback proc, void *proc_cls)
 Decrypt block. More...
 
void GNUNET_GNSRECORD_query_from_private_key (const struct GNUNET_IDENTITY_PrivateKey *zone, const char *label, struct GNUNET_HashCode *query)
 Calculate the DHT query for a given label in a given zone. More...
 
void GNUNET_GNSRECORD_query_from_public_key (const struct GNUNET_IDENTITY_PublicKey *pub, const char *label, struct GNUNET_HashCode *query)
 Calculate the DHT query for a given label in a given zone. More...
 

Detailed Description

API for GNS record-related crypto.

Author
Martin Schanzenbach
Matthias Wachs
Christian Grothoff

Definition in file gnsrecord_crypto.c.

Macro Definition Documentation

◆ LOG

#define LOG (   kind,
  ... 
)    GNUNET_log_from (kind, "gnsrecord", __VA_ARGS__)

Definition at line 38 of file gnsrecord_crypto.c.

◆ CSIZE

#define CSIZE   64

Function Documentation

◆ ecdsa_symmetric_decrypt()

ssize_t ecdsa_symmetric_decrypt ( const void *  block,
size_t  size,
const unsigned char *  key,
const unsigned char *  ctr,
void *  result 
)

Definition at line 41 of file gnsrecord_crypto.c.

References GNUNET_assert, GNUNET_CRYPTO_AES_KEY_LENGTH, handle, and size.

Referenced by block_decrypt_ecdsa().

47 {
48  gcry_cipher_hd_t handle;
49  int rc;
50 
51  GNUNET_assert (0 == gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
52  GCRY_CIPHER_MODE_CTR, 0));
53  rc = gcry_cipher_setkey (handle,
54  key,
56  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
57  rc = gcry_cipher_setctr (handle,
58  ctr,
60  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
61  GNUNET_assert (0 == gcry_cipher_decrypt (handle, result, size, block, size));
62  gcry_cipher_close (handle);
63  return size;
64 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static int result
Global testing status.
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned int size
Size of the "table".
Definition: peer.c:67
Here is the caller graph for this function:

◆ ecdsa_symmetric_encrypt()

ssize_t ecdsa_symmetric_encrypt ( const void *  block,
size_t  size,
const unsigned char *  key,
const unsigned char *  ctr,
void *  result 
)

Definition at line 68 of file gnsrecord_crypto.c.

References GNUNET_assert, GNUNET_CRYPTO_AES_KEY_LENGTH, handle, and size.

Referenced by block_create_ecdsa().

74 {
75  gcry_cipher_hd_t handle;
76  int rc;
77 
78  GNUNET_assert (0 == gcry_cipher_open (&handle, GCRY_CIPHER_AES256,
79  GCRY_CIPHER_MODE_CTR, 0));
80  rc = gcry_cipher_setkey (handle,
81  key,
83  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
84  rc = gcry_cipher_setctr (handle,
85  ctr,
87  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
88  GNUNET_assert (0 == gcry_cipher_encrypt (handle, result, size, block, size));
89  gcry_cipher_close (handle);
90  return size;
91 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static struct GNUNET_DNS_Handle * handle
Handle to transport service.
static int result
Global testing status.
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned int size
Size of the "table".
Definition: peer.c:67
Here is the caller graph for this function:

◆ eddsa_symmetric_decrypt()

enum GNUNET_GenericReturnValue eddsa_symmetric_decrypt ( const void *  block,
size_t  size,
const unsigned char *  key,
const unsigned char *  nonce,
void *  result 
)

Definition at line 95 of file gnsrecord_crypto.c.

References GNUNET_OK, and GNUNET_SYSERR.

Referenced by block_decrypt_eddsa().

101 {
102  ssize_t ctlen = size - crypto_secretbox_MACBYTES;
103  if (ctlen < 0)
104  return GNUNET_SYSERR;
105  if (0 != crypto_secretbox_open_detached (result,
106  block, // Ciphertext
107  ((unsigned char*)block) + ctlen, // TAG
108  ctlen,
109  nonce, key))
110  {
111  return GNUNET_SYSERR;
112  }
113  return GNUNET_OK;
114 }
static int result
Global testing status.
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned int size
Size of the "table".
Definition: peer.c:67
Here is the caller graph for this function:

◆ eddsa_symmetric_encrypt()

enum GNUNET_GenericReturnValue eddsa_symmetric_encrypt ( const void *  block,
size_t  size,
const unsigned char *  key,
const unsigned char *  nonce,
void *  result 
)

Definition at line 118 of file gnsrecord_crypto.c.

References GNUNET_OK, and GNUNET_SYSERR.

Referenced by block_create_eddsa().

124 {
125  if (size > crypto_secretbox_MESSAGEBYTES_MAX)
126  return GNUNET_SYSERR;
127  crypto_secretbox_detached (result, // Ciphertext
128  result + size, // TAG
129  block, size, nonce, key);
130  return GNUNET_OK;
131 }
static int result
Global testing status.
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned int size
Size of the "table".
Definition: peer.c:67
Here is the caller graph for this function:

◆ derive_block_aes_key()

static void derive_block_aes_key ( unsigned char *  ctr,
unsigned char *  key,
const char *  label,
uint64_t  exp,
const struct GNUNET_CRYPTO_EcdsaPublicKey pub 
)
static

Derive session key and iv from label and public key.

Parameters
ivinitialization vector to initialize
skeysession key to initialize
labellabel to use for KDF
pubpublic key to use for KDF

4 byte nonce

Expiration time 64 bit.

Set counter part to 1

Definition at line 143 of file gnsrecord_crypto.c.

References GNUNET_CRYPTO_AES_KEY_LENGTH, and GNUNET_CRYPTO_kdf().

Referenced by block_create_ecdsa(), and block_decrypt_ecdsa().

148 {
149  static const char ctx_key[] = "gns-aes-ctx-key";
150  static const char ctx_iv[] = "gns-aes-ctx-iv";
151 
153  ctx_key, strlen (ctx_key),
154  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
155  label, strlen (label),
156  NULL, 0);
157  memset (ctr, 0, GNUNET_CRYPTO_AES_KEY_LENGTH / 2);
159  GNUNET_CRYPTO_kdf (ctr, 4,
160  ctx_iv, strlen (ctx_iv),
161  pub, sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey),
162  label, strlen (label),
163  NULL, 0);
165  memcpy (ctr + 4, &exp, sizeof (exp));
167  ctr[15] |= 0x01;
168 }
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:90
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and ECDS...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ derive_block_xsalsa_key()

static void derive_block_xsalsa_key ( unsigned char *  nonce,
unsigned char *  key,
const char *  label,
uint64_t  exp,
const struct GNUNET_CRYPTO_EddsaPublicKey pub 
)
static

Derive session key and iv from label and public key.

Parameters
nonceinitialization vector to initialize
skeysession key to initialize
labellabel to use for KDF
pubpublic key to use for KDF

16 byte nonce

Expiration time 64 bit.

Definition at line 180 of file gnsrecord_crypto.c.

References GNUNET_CRYPTO_kdf().

Referenced by block_create_eddsa(), and block_decrypt_eddsa().

185 {
186  static const char ctx_key[] = "gns-aes-ctx-key";
187  static const char ctx_iv[] = "gns-aes-ctx-iv";
188 
189  GNUNET_CRYPTO_kdf (key, crypto_secretbox_KEYBYTES,
190  ctx_key, strlen (ctx_key),
191  pub, sizeof(struct GNUNET_CRYPTO_EddsaPublicKey),
192  label, strlen (label),
193  NULL, 0);
194  memset (nonce, 0, crypto_secretbox_NONCEBYTES);
196  GNUNET_CRYPTO_kdf (nonce, (crypto_secretbox_NONCEBYTES - sizeof (exp)),
197  ctx_iv, strlen (ctx_iv),
198  pub, sizeof(struct GNUNET_CRYPTO_EddsaPublicKey),
199  label, strlen (label),
200  NULL, 0);
202  memcpy (nonce + (crypto_secretbox_NONCEBYTES - sizeof (exp)),
203  &exp, sizeof (exp));
204 }
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:90
struct GNUNET_HashCode key
The key used in the DHT.
Public ECC key (always for curve Ed25519) encoded in a format suitable for network transmission and E...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ block_create_ecdsa()

static struct GNUNET_GNSRECORD_Block* block_create_ecdsa ( const struct GNUNET_CRYPTO_EcdsaPrivateKey key,
const struct GNUNET_CRYPTO_EcdsaPublicKey pkey,
struct GNUNET_TIME_Absolute  expire,
const char *  label,
const struct GNUNET_GNSRECORD_Data rd,
unsigned int  rd_count 
)
static

Sign name and records.

Parameters
keythe private key
pkeyassociated public key
expireblock expiration
labelthe name for the records
rdrecord data
rd_countnumber of records
Returns
NULL on error (block too large)

Definition at line 219 of file gnsrecord_crypto.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, derive_block_aes_key(), GNUNET_GNSRECORD_EcdsaBlock::derived_key, GNUNET_GNSRECORD_Block::ecdsa_block, ecdsa_symmetric_encrypt(), GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EcdsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_CRYPTO_ecdsa_key_get_public(), GNUNET_CRYPTO_ecdsa_private_key_derive(), GNUNET_CRYPTO_ecdsa_sign_(), GNUNET_free, GNUNET_GNSRECORD_MAX_BLOCK_SIZE, GNUNET_GNSRECORD_records_get_size(), GNUNET_GNSRECORD_records_serialize(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_TYPE_PKEY, GNUNET_malloc, GNUNET_memcpy, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, GNUNET_TIME_absolute_add(), GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_hton(), payload, GNUNET_CRYPTO_EccSignaturePurpose::purpose, GNUNET_GNSRECORD_EcdsaBlock::purpose, GNUNET_TIME_Relative::rel_value_us, GNUNET_GNSRECORD_EcdsaBlock::signature, GNUNET_CRYPTO_EccSignaturePurpose::size, and GNUNET_GNSRECORD_Block::type.

Referenced by GNUNET_GNSRECORD_block_create(), and GNUNET_GNSRECORD_block_create2().

225 {
226  ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
227  rd);
228  struct GNUNET_GNSRECORD_Block *block;
229  struct GNUNET_GNSRECORD_EcdsaBlock *ecblock;
230  struct GNUNET_CRYPTO_EcdsaPrivateKey *dkey;
231  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
232  unsigned char skey[GNUNET_CRYPTO_AES_KEY_LENGTH];
233  struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
234  uint32_t rd_count_nbo;
235  struct GNUNET_TIME_Absolute now;
236 
237  if (payload_len < 0)
238  {
239  GNUNET_break (0);
240  return NULL;
241  }
242  if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE)
243  {
244  GNUNET_break (0);
245  return NULL;
246  }
247  /* convert relative to absolute times */
248  now = GNUNET_TIME_absolute_get ();
249  for (unsigned int i = 0; i < rd_count; i++)
250  {
251  rdc[i] = rd[i];
252  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
253  {
254  struct GNUNET_TIME_Relative t;
255 
256  /* encrypted blocks must never have relative expiration times, convert! */
257  rdc[i].flags &= ~GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
258  t.rel_value_us = rdc[i].expiration_time;
259  rdc[i].expiration_time = GNUNET_TIME_absolute_add (now, t).abs_value_us;
260  }
261  }
262  /* serialize */
263  rd_count_nbo = htonl (rd_count);
264  {
265  char payload[sizeof(uint32_t) + payload_len];
266 
268  &rd_count_nbo,
269  sizeof(uint32_t));
270  GNUNET_assert (payload_len ==
272  rdc,
273  payload_len,
274  &payload[sizeof(uint32_t)
275  ]));
276  block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block)
277  + sizeof(uint32_t)
278  + payload_len);
279  ecblock = &block->ecdsa_block;
280  block->type = htonl (GNUNET_GNSRECORD_TYPE_PKEY);
281  ecblock->purpose.size = htonl (sizeof(uint32_t)
282  + payload_len
283  + sizeof(struct
285  + sizeof(struct GNUNET_TIME_AbsoluteNBO));
287  ecblock->expiration_time = GNUNET_TIME_absolute_hton (expire);
288  /* encrypt and sign */
290  label,
291  "gns");
293  &ecblock->derived_key);
295  skey,
296  label,
298  pkey);
299  GNUNET_break (payload_len + sizeof(uint32_t) ==
301  payload_len
302  + sizeof(uint32_t),
303  skey,
304  ctr,
305  &ecblock[1]));
306  }
307  if (GNUNET_OK !=
309  &ecblock->purpose,
310  &ecblock->signature))
311  {
312  GNUNET_break (0);
313  GNUNET_free (dkey);
314  GNUNET_free (block);
315  return NULL;
316  }
317  GNUNET_free (dkey);
318  return block;
319 }
#define GNUNET_GNSRECORD_TYPE_PKEY
WARNING: This header is generated! In order to add GNS record types, you must register them in GANA...
Information we have in an encrypted block with record data (i.e.
struct GNUNET_CRYPTO_EcdsaSignature signature
Signature of the block.
GNUNET_NETWORK_STRUCT_END ssize_t GNUNET_GNSRECORD_records_get_size(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Calculate how many bytes we will need to serialize the given records.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
struct GNUNET_GNSRECORD_EcdsaBlock ecdsa_block
ssize_t GNUNET_GNSRECORD_records_serialize(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd, size_t dest_size, char *dest)
Serialize the given records to the given destination buffer.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
struct GNUNET_CRYPTO_EcdsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:277
Private ECC key encoded for transmission.
static struct GNUNET_SCHEDULER_Task * t
Main task.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
ssize_t ecdsa_symmetric_encrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
uint64_t abs_value_us
The actual value.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
static void derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive session key and iv from label and public key.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdsa_sign_(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EcdsaSignature *sig)
ECDSA Sign a given block.
Definition: crypto_ecc.c:549
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:86
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
void GNUNET_CRYPTO_ecdsa_key_get_public(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:186
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
uint64_t abs_value_us__
The actual value (in network byte order).
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
Signature of a gnunet naming system record block.
Time for absolute times used by GNUnet, in microseconds.
This expiration time of the record is a relative time (not an absolute time).
struct GNUNET_CRYPTO_EcdsaPrivateKey * GNUNET_CRYPTO_ecdsa_private_key_derive(const struct GNUNET_CRYPTO_EcdsaPrivateKey *priv, const char *label, const char *context)
Derive a private key from a given private key and a label.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:464
#define GNUNET_malloc(size)
Wrapper around malloc.
#define GNUNET_free(ptr)
Wrapper around free.
Time for relative time used by GNUnet, in microseconds.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ block_create_eddsa()

static struct GNUNET_GNSRECORD_Block* block_create_eddsa ( const struct GNUNET_CRYPTO_EddsaPrivateKey key,
const struct GNUNET_CRYPTO_EddsaPublicKey pkey,
struct GNUNET_TIME_Absolute  expire,
const char *  label,
const struct GNUNET_GNSRECORD_Data rd,
unsigned int  rd_count 
)
static

Sign name and records (EDDSA version)

Parameters
keythe private key
pkeyassociated public key
expireblock expiration
labelthe name for the records
rdrecord data
rd_countnumber of records
Returns
NULL on error (block too large)

Definition at line 334 of file gnsrecord_crypto.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, derive_block_xsalsa_key(), GNUNET_GNSRECORD_EddsaBlock::derived_key, GNUNET_GNSRECORD_Block::eddsa_block, eddsa_symmetric_encrypt(), GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EddsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_eddsa_key_get_public_from_scalar(), GNUNET_CRYPTO_eddsa_private_key_derive(), GNUNET_CRYPTO_eddsa_sign_with_scalar(), GNUNET_GNSRECORD_MAX_BLOCK_SIZE, GNUNET_GNSRECORD_records_get_size(), GNUNET_GNSRECORD_records_serialize(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_TYPE_EDKEY, GNUNET_malloc, GNUNET_memcpy, GNUNET_OK, GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN, GNUNET_TIME_absolute_add(), GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_hton(), payload, GNUNET_CRYPTO_EccSignaturePurpose::purpose, GNUNET_GNSRECORD_EddsaBlock::purpose, GNUNET_TIME_Relative::rel_value_us, GNUNET_GNSRECORD_EddsaBlock::signature, GNUNET_CRYPTO_EccSignaturePurpose::size, and GNUNET_GNSRECORD_Block::type.

Referenced by GNUNET_GNSRECORD_block_create(), and GNUNET_GNSRECORD_block_create2().

340 {
341  ssize_t payload_len = GNUNET_GNSRECORD_records_get_size (rd_count,
342  rd);
343  struct GNUNET_GNSRECORD_Block *block;
344  struct GNUNET_GNSRECORD_EddsaBlock *edblock;
346  unsigned char nonce[crypto_secretbox_NONCEBYTES];
347  unsigned char skey[crypto_secretbox_KEYBYTES];
348  struct GNUNET_GNSRECORD_Data rdc[GNUNET_NZL (rd_count)];
349  uint32_t rd_count_nbo;
350  struct GNUNET_TIME_Absolute now;
351 
352  if (payload_len < 0)
353  {
354  GNUNET_break (0);
355  return NULL;
356  }
357  if (payload_len > GNUNET_GNSRECORD_MAX_BLOCK_SIZE)
358  {
359  GNUNET_break (0);
360  return NULL;
361  }
362  /* convert relative to absolute times */
363  now = GNUNET_TIME_absolute_get ();
364  for (unsigned int i = 0; i < rd_count; i++)
365  {
366  rdc[i] = rd[i];
367  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
368  {
369  struct GNUNET_TIME_Relative t;
370 
371  /* encrypted blocks must never have relative expiration times, convert! */
372  rdc[i].flags &= ~GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION;
373  t.rel_value_us = rdc[i].expiration_time;
374  rdc[i].expiration_time = GNUNET_TIME_absolute_add (now, t).abs_value_us;
375  }
376  }
377  /* serialize */
378  rd_count_nbo = htonl (rd_count);
379  {
380  char payload[sizeof(uint32_t) + payload_len];
381 
383  &rd_count_nbo,
384  sizeof(uint32_t));
385  GNUNET_assert (payload_len ==
387  rdc,
388  payload_len,
389  &payload[sizeof(uint32_t)
390  ]));
391  block = GNUNET_malloc (sizeof(struct GNUNET_GNSRECORD_Block)
392  + sizeof(uint32_t)
393  + payload_len
394  + crypto_secretbox_MACBYTES);
395  edblock = &block->eddsa_block;
396  block->type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY);
397  edblock->purpose.size = htonl (sizeof(uint32_t)
398  + payload_len
399  + sizeof(struct
401  + sizeof(struct GNUNET_TIME_AbsoluteNBO)
402  + crypto_secretbox_MACBYTES);
404  edblock->expiration_time = GNUNET_TIME_absolute_hton (expire);
405  /* encrypt and sign */
407  label,
408  "gns",
409  &dkey);
411  &edblock->derived_key);
413  skey,
414  label,
416  pkey);
419  payload_len
420  + sizeof(uint32_t),
421  skey,
422  nonce,
423  &edblock[1]));
424  }
426  &edblock->purpose,
427  &edblock->signature);
428  return block;
429 }
Information we have in an encrypted block with record data (i.e.
GNUNET_NETWORK_STRUCT_END ssize_t GNUNET_GNSRECORD_records_get_size(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd)
Calculate how many bytes we will need to serialize the given records.
struct GNUNET_CRYPTO_EddsaPublicKey derived_key
Derived key used for signing; hash of this is the query.
struct GNUNET_GNSRECORD_EddsaBlock eddsa_block
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
enum GNUNET_GenericReturnValue eddsa_symmetric_encrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *nonce, void *result)
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
ssize_t GNUNET_GNSRECORD_records_serialize(unsigned int rd_count, const struct GNUNET_GNSRECORD_Data *rd, size_t dest_size, char *dest)
Serialize the given records to the given destination buffer.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Private ECC scalar encoded for transmission.
#define GNUNET_GNSRECORD_MAX_BLOCK_SIZE
Maximum size of a value that can be stored in a GNS block.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:277
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
uint64_t abs_value_us
The actual value.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
void GNUNET_CRYPTO_eddsa_private_key_derive(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const char *label, const char *context, struct GNUNET_CRYPTO_EddsaPrivateScalar *result)
Derive a private scalar from a given private key and a label.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:86
static void derive_block_xsalsa_key(unsigned char *nonce, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Derive session key and iv from label and public key.
static unsigned long long payload
How much data are we currently storing in the database?
struct GNUNET_CRYPTO_EddsaSignature signature
Signature of the block.
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
void GNUNET_CRYPTO_eddsa_key_get_public_from_scalar(const struct GNUNET_CRYPTO_EddsaPrivateScalar *s, struct GNUNET_CRYPTO_EddsaPublicKey *pkey)
Extract the public key of the given private scalar.
uint64_t abs_value_us__
The actual value (in network byte order).
void GNUNET_CRYPTO_eddsa_sign_with_scalar(const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
This is a signature function for EdDSA which takes the secret scalar sk instead of the private seed w...
#define GNUNET_SIGNATURE_PURPOSE_GNS_RECORD_SIGN
Signature of a gnunet naming system record block.
Time for absolute times used by GNUnet, in microseconds.
#define GNUNET_GNSRECORD_TYPE_EDKEY
Record type for EDKEY zone delegations.
This expiration time of the record is a relative time (not an absolute time).
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:464
#define GNUNET_malloc(size)
Wrapper around malloc.
Time for relative time used by GNUnet, in microseconds.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ block_decrypt_ecdsa()

enum GNUNET_GenericReturnValue block_decrypt_ecdsa ( const struct GNUNET_GNSRECORD_EcdsaBlock block,
const struct GNUNET_CRYPTO_EcdsaPublicKey zone_key,
const char *  label,
GNUNET_GNSRECORD_RecordCallback  proc,
void *  proc_cls 
)

Definition at line 585 of file gnsrecord_crypto.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, derive_block_aes_key(), ecdsa_symmetric_decrypt(), GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EcdsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNUNET_break, GNUNET_break_op, GNUNET_CRYPTO_AES_KEY_LENGTH, GNUNET_ERROR_TYPE_INFO, GNUNET_GNSRECORD_records_deserialize(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_RF_SHADOW_RECORD, GNUNET_log, GNUNET_memcpy, GNUNET_NO, GNUNET_OK, GNUNET_STRINGS_absolute_time_to_string(), GNUNET_SYSERR, GNUNET_TIME_absolute_get(), GNUNET_YES, KeyCacheLine::key, payload, GNUNET_GNSRECORD_EcdsaBlock::purpose, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by GNUNET_GNSRECORD_block_decrypt().

591 {
592  size_t payload_len = ntohl (block->purpose.size)
593  - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
594  - sizeof(struct GNUNET_TIME_AbsoluteNBO);
595  unsigned char ctr[GNUNET_CRYPTO_AES_KEY_LENGTH / 2];
596  unsigned char key[GNUNET_CRYPTO_AES_KEY_LENGTH];
597 
598  if (ntohl (block->purpose.size) <
599  sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
600  + sizeof(struct GNUNET_TIME_AbsoluteNBO))
601  {
602  GNUNET_break_op (0);
603  return GNUNET_SYSERR;
604  }
606  key,
607  label,
609  zone_key);
610  {
611  char payload[payload_len];
612  uint32_t rd_count;
613 
614  GNUNET_break (payload_len ==
615  ecdsa_symmetric_decrypt (&block[1], payload_len,
616  key, ctr,
617  payload));
618  GNUNET_memcpy (&rd_count,
619  payload,
620  sizeof(uint32_t));
621  rd_count = ntohl (rd_count);
622  if (rd_count > 2048)
623  {
624  /* limit to sane value */
625  GNUNET_break_op (0);
626  return GNUNET_SYSERR;
627  }
628  {
629  struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL (rd_count)];
630  unsigned int j;
631  struct GNUNET_TIME_Absolute now;
632 
633  if (GNUNET_OK !=
634  GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t),
635  &payload[sizeof(uint32_t)],
636  rd_count,
637  rd))
638  {
639  GNUNET_break_op (0);
640  return GNUNET_SYSERR;
641  }
642  /* hide expired records */
643  now = GNUNET_TIME_absolute_get ();
644  j = 0;
645  for (unsigned int i = 0; i < rd_count; i++)
646  {
647  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
648  {
649  /* encrypted blocks must never have relative expiration times, skip! */
650  GNUNET_break_op (0);
651  continue;
652  }
653 
654  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD))
655  {
656  int include_record = GNUNET_YES;
657  /* Shadow record, figure out if we have a not expired active record */
658  for (unsigned int k = 0; k < rd_count; k++)
659  {
660  if (k == i)
661  continue;
662  if (rd[i].expiration_time < now.abs_value_us)
663  include_record = GNUNET_NO; /* Shadow record is expired */
664  if ((rd[k].record_type == rd[i].record_type) &&
665  (rd[k].expiration_time >= now.abs_value_us) &&
666  (0 == (rd[k].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD)))
667  {
668  include_record = GNUNET_NO; /* We have a non-expired, non-shadow record of the same type */
670  "Ignoring shadow record\n");
671  break;
672  }
673  }
674  if (GNUNET_YES == include_record)
675  {
676  rd[i].flags ^= GNUNET_GNSRECORD_RF_SHADOW_RECORD; /* Remove Flag */
677  if (j != i)
678  rd[j] = rd[i];
679  j++;
680  }
681  }
682  else if (rd[i].expiration_time >= now.abs_value_us)
683  {
684  /* Include this record */
685  if (j != i)
686  rd[j] = rd[i];
687  j++;
688  }
689  else
690  {
691  struct GNUNET_TIME_Absolute at;
692 
693  at.abs_value_us = rd[i].expiration_time;
695  "Excluding record that expired %s (%llu ago)\n",
697  (unsigned long long) rd[i].expiration_time
698  - now.abs_value_us);
699  }
700  }
701  rd_count = j;
702  if (NULL != proc)
703  proc (proc_cls,
704  rd_count,
705  (0 != rd_count) ? rd : NULL);
706  }
707  }
708  return GNUNET_OK;
709 }
This record should not be used unless all (other) records with an absolute expiration time have expir...
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
uint64_t abs_value_us
The actual value.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
static void derive_block_aes_key(unsigned char *ctr, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EcdsaPublicKey *pub)
Derive session key and iv from label and public key.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:86
#define GNUNET_CRYPTO_AES_KEY_LENGTH
length of the sessionkey in bytes (256 BIT sessionkey)
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
uint64_t abs_value_us__
The actual value (in network byte order).
#define GNUNET_log(kind,...)
Time for absolute times used by GNUnet, in microseconds.
This expiration time of the record is a relative time (not an absolute time).
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
Definition: strings.c:604
ssize_t ecdsa_symmetric_decrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *ctr, void *result)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ block_decrypt_eddsa()

enum GNUNET_GenericReturnValue block_decrypt_eddsa ( const struct GNUNET_GNSRECORD_EddsaBlock block,
const struct GNUNET_CRYPTO_EddsaPublicKey zone_key,
const char *  label,
GNUNET_GNSRECORD_RecordCallback  proc,
void *  proc_cls 
)

Definition at line 713 of file gnsrecord_crypto.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_TIME_AbsoluteNBO::abs_value_us__, derive_block_xsalsa_key(), eddsa_symmetric_decrypt(), GNUNET_GNSRECORD_Data::expiration_time, GNUNET_GNSRECORD_EddsaBlock::expiration_time, GNUNET_GNSRECORD_Data::flags, GNUNET_break, GNUNET_break_op, GNUNET_ERROR_TYPE_INFO, GNUNET_GNSRECORD_records_deserialize(), GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION, GNUNET_GNSRECORD_RF_SHADOW_RECORD, GNUNET_log, GNUNET_memcpy, GNUNET_NO, GNUNET_OK, GNUNET_STRINGS_absolute_time_to_string(), GNUNET_SYSERR, GNUNET_TIME_absolute_get(), GNUNET_YES, KeyCacheLine::key, payload, GNUNET_GNSRECORD_EddsaBlock::purpose, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by GNUNET_GNSRECORD_block_decrypt().

719 {
720  size_t payload_len = ntohl (block->purpose.size)
721  - sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
722  - sizeof(struct GNUNET_TIME_AbsoluteNBO);
723  unsigned char nonce[crypto_secretbox_NONCEBYTES];
724  unsigned char key[crypto_secretbox_KEYBYTES];
725 
726  if (ntohl (block->purpose.size) <
727  sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
728  + sizeof(struct GNUNET_TIME_AbsoluteNBO))
729  {
730  GNUNET_break_op (0);
731  return GNUNET_SYSERR;
732  }
734  key,
735  label,
737  zone_key);
738  {
739  char payload[payload_len];
740  uint32_t rd_count;
741 
743  eddsa_symmetric_decrypt (&block[1], payload_len,
744  key, nonce,
745  payload));
746  GNUNET_memcpy (&rd_count,
747  payload,
748  sizeof(uint32_t));
749  rd_count = ntohl (rd_count);
750  if (rd_count > 2048)
751  {
752  /* limit to sane value */
753  GNUNET_break_op (0);
754  return GNUNET_SYSERR;
755  }
756  {
757  struct GNUNET_GNSRECORD_Data rd[GNUNET_NZL (rd_count)];
758  unsigned int j;
759  struct GNUNET_TIME_Absolute now;
760 
761  if (GNUNET_OK !=
762  GNUNET_GNSRECORD_records_deserialize (payload_len - sizeof(uint32_t),
763  &payload[sizeof(uint32_t)],
764  rd_count,
765  rd))
766  {
767  GNUNET_break_op (0);
768  return GNUNET_SYSERR;
769  }
770  /* hide expired records */
771  now = GNUNET_TIME_absolute_get ();
772  j = 0;
773  for (unsigned int i = 0; i < rd_count; i++)
774  {
775  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION))
776  {
777  /* encrypted blocks must never have relative expiration times, skip! */
778  GNUNET_break_op (0);
779  continue;
780  }
781 
782  if (0 != (rd[i].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD))
783  {
784  int include_record = GNUNET_YES;
785  /* Shadow record, figure out if we have a not expired active record */
786  for (unsigned int k = 0; k < rd_count; k++)
787  {
788  if (k == i)
789  continue;
790  if (rd[i].expiration_time < now.abs_value_us)
791  include_record = GNUNET_NO; /* Shadow record is expired */
792  if ((rd[k].record_type == rd[i].record_type) &&
793  (rd[k].expiration_time >= now.abs_value_us) &&
794  (0 == (rd[k].flags & GNUNET_GNSRECORD_RF_SHADOW_RECORD)))
795  {
796  include_record = GNUNET_NO; /* We have a non-expired, non-shadow record of the same type */
798  "Ignoring shadow record\n");
799  break;
800  }
801  }
802  if (GNUNET_YES == include_record)
803  {
804  rd[i].flags ^= GNUNET_GNSRECORD_RF_SHADOW_RECORD; /* Remove Flag */
805  if (j != i)
806  rd[j] = rd[i];
807  j++;
808  }
809  }
810  else if (rd[i].expiration_time >= now.abs_value_us)
811  {
812  /* Include this record */
813  if (j != i)
814  rd[j] = rd[i];
815  j++;
816  }
817  else
818  {
819  struct GNUNET_TIME_Absolute at;
820 
821  at.abs_value_us = rd[i].expiration_time;
823  "Excluding record that expired %s (%llu ago)\n",
825  (unsigned long long) rd[i].expiration_time
826  - now.abs_value_us);
827  }
828  }
829  rd_count = j;
830  if (NULL != proc)
831  proc (proc_cls,
832  rd_count,
833  (0 != rd_count) ? rd : NULL);
834  }
835  }
836  return GNUNET_OK;
837 }
This record should not be used unless all (other) records with an absolute expiration time have expir...
enum GNUNET_GenericReturnValue eddsa_symmetric_decrypt(const void *block, size_t size, const unsigned char *key, const unsigned char *nonce, void *result)
struct GNUNET_TIME_AbsoluteNBO expiration_time
Expiration time of the block.
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
int GNUNET_GNSRECORD_records_deserialize(size_t len, const char *src, unsigned int rd_count, struct GNUNET_GNSRECORD_Data *dest)
Deserialize the given records to the given destination.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Number of bytes signed; also specifies the number of bytes of encrypted data that follow...
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
uint64_t abs_value_us
The actual value.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:86
static void derive_block_xsalsa_key(unsigned char *nonce, unsigned char *key, const char *label, uint64_t exp, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Derive session key and iv from label and public key.
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned long long payload
How much data are we currently storing in the database?
#define GNUNET_NZL(l)
Macro used to avoid using 0 for the length of a variable-size array (Non-Zero-Length).
uint64_t abs_value_us__
The actual value (in network byte order).
#define GNUNET_log(kind,...)
Time for absolute times used by GNUnet, in microseconds.
This expiration time of the record is a relative time (not an absolute time).
const char * GNUNET_STRINGS_absolute_time_to_string(struct GNUNET_TIME_Absolute t)
Like asctime, except for GNUnet time.
Definition: strings.c:604
Here is the call graph for this function:
Here is the caller graph for this function: