[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r24385 - in gnunet/src: include util
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r24385 - in gnunet/src: include util |
|
Date: |
Wed, 17 Oct 2012 23:16:37 +0200 |
Author: grothoff
Date: 2012-10-17 23:16:37 +0200 (Wed, 17 Oct 2012)
New Revision: 24385
Modified:
gnunet/src/include/gnunet_crypto_lib.h
gnunet/src/util/crypto_ecc.c
gnunet/src/util/test_crypto_ecc.c
Log:
-ecc sign/verify only
Modified: gnunet/src/include/gnunet_crypto_lib.h
===================================================================
--- gnunet/src/include/gnunet_crypto_lib.h 2012-10-17 21:00:58 UTC (rev
24384)
+++ gnunet/src/include/gnunet_crypto_lib.h 2012-10-17 21:16:37 UTC (rev
24385)
@@ -270,7 +270,7 @@
struct GNUNET_CRYPTO_EccSignature
{
/**
- * Overall size of the encrypted data.
+ * Overall size of the signature data.
*/
uint16_t size;
@@ -319,23 +319,6 @@
/**
- * ECC Encrypted data.
- */
-struct GNUNET_CRYPTO_EccEncryptedData
-{
- /**
- * Overall size of the encrypted data.
- */
- uint16_t size;
-
- /**
- * S-expression, padded with zeros.
- */
- char encoding[GNUNET_CRYPTO_ECC_DATA_ENCODING_LENGTH];
-};
-
-
-/**
* @brief type for session keys
*/
struct GNUNET_CRYPTO_AesSessionKey
@@ -1325,39 +1308,6 @@
/**
- * Encrypt a block with the public key of another host that uses the
- * same cipher.
- *
- * @param block the block to encrypt
- * @param size the size of block
- * @param publicKey the encoded public key used to encrypt
- * @param target where to store the encrypted block
- * @returns GNUNET_SYSERR on error, GNUNET_OK if ok
- */
-int
-GNUNET_CRYPTO_ecc_encrypt (const void *block, size_t size,
- const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
- *publicKey,
- struct GNUNET_CRYPTO_EccEncryptedData *target);
-
-
-/**
- * Decrypt a given block with the hostkey.
- *
- * @param key the key with which to decrypt this block
- * @param block the data to decrypt, encoded as returned by encrypt
- * @param result pointer to a location where the result can be stored
- * @param max the maximum number of bits to store for the result, if
- * the decrypted block is bigger, an error is returned
- * @return the size of the decrypted block, -1 on error
- */
-ssize_t
-GNUNET_CRYPTO_ecc_decrypt (const struct GNUNET_CRYPTO_EccPrivateKey *key,
- const struct GNUNET_CRYPTO_EccEncryptedData *block,
- void *result, size_t max);
-
-
-/**
* Sign a given block.
*
* @param key private key to use for the signing
Modified: gnunet/src/util/crypto_ecc.c
===================================================================
--- gnunet/src/util/crypto_ecc.c 2012-10-17 21:00:58 UTC (rev 24384)
+++ gnunet/src/util/crypto_ecc.c 2012-10-17 21:16:37 UTC (rev 24385)
@@ -386,14 +386,28 @@
struct GNUNET_CRYPTO_EccPrivateKey *ret;
gcry_sexp_t s_key;
gcry_sexp_t s_keyparam;
+ int rc;
- GNUNET_assert (0 ==
- gcry_sexp_build (&s_keyparam, NULL,
- "(genkey(ecc(curve \"" CURVE "\")))"));
- GNUNET_assert (0 == gcry_pk_genkey (&s_key, s_keyparam));
+ if (0 != (rc = gcry_sexp_build (&s_keyparam, NULL,
+ "(genkey(ecdsa(curve 10:NIST P-521)))")))
+ {
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
+ return NULL;
+ }
+ if (0 != (rc = gcry_pk_genkey (&s_key, s_keyparam)))
+ {
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_genkey", rc);
+ gcry_sexp_release (s_keyparam);
+ return NULL;
+ }
gcry_sexp_release (s_keyparam);
#if EXTRA_CHECKS
- GNUNET_assert (0 == gcry_pk_testkey (s_key));
+ if (0 != (rc = gcry_pk_testkey (s_key)))
+ {
+ LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_pk_testkey", rc);
+ gcry_sexp_release (s_key);
+ return NULL;
+ }
#endif
ret = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EccPrivateKey));
ret->sexp = s_key;
@@ -927,111 +941,6 @@
/**
- * Encrypt a block with the public key of another host that uses the
- * same cipher.
- *
- * @param block the block to encrypt
- * @param size the size of block
- * @param publicKey the encoded public key used to encrypt
- * @param target where to store the encrypted block
- * @returns GNUNET_SYSERR on error, GNUNET_OK if ok
- */
-int
-GNUNET_CRYPTO_ecc_encrypt (const void *block, size_t size,
- const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded
- *publicKey,
- struct GNUNET_CRYPTO_EccEncryptedData *target)
-{
- gcry_sexp_t result;
- gcry_sexp_t data;
- gcry_sexp_t psexp;
- gcry_mpi_t val;
- size_t isize;
- size_t erroff;
-
- GNUNET_assert (size <= sizeof (struct GNUNET_HashCode));
- if (! (psexp = decode_public_key (publicKey)))
- return GNUNET_SYSERR;
- isize = size;
- GNUNET_assert (0 ==
- gcry_mpi_scan (&val, GCRYMPI_FMT_USG, block, isize, &isize));
- GNUNET_assert (0 ==
- gcry_sexp_build (&data, &erroff,
- "(data (flags pkcs1)(value %m))", val));
- gcry_mpi_release (val);
- GNUNET_assert (0 == gcry_pk_encrypt (&result, data, psexp));
- gcry_sexp_release (data);
- gcry_sexp_release (psexp);
- isize = gcry_sexp_sprint (result,
- GCRYSEXP_FMT_DEFAULT,
- target->encoding,
- GNUNET_CRYPTO_ECC_DATA_ENCODING_LENGTH);
- if (0 == isize)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- target->size = htons ((uint16_t) (isize + sizeof (uint16_t)));
- /* padd with zeros */
- memset (&target->encoding[isize], 0, GNUNET_CRYPTO_ECC_DATA_ENCODING_LENGTH
- isize);
- return GNUNET_OK;
-}
-
-
-/**
- * Decrypt a given block with the hostkey.
- *
- * @param key the key with which to decrypt this block
- * @param block the data to decrypt, encoded as returned by encrypt
- * @param result pointer to a location where the result can be stored
- * @param max the maximum number of bits to store for the result, if
- * the decrypted block is bigger, an error is returned
- * @return the size of the decrypted block, -1 on error
- */
-ssize_t
-GNUNET_CRYPTO_ecc_decrypt (const struct GNUNET_CRYPTO_EccPrivateKey *key,
- const struct GNUNET_CRYPTO_EccEncryptedData *block,
- void *result, size_t max)
-{
- gcry_sexp_t resultsexp;
- gcry_sexp_t data;
- size_t erroff;
- size_t size;
- gcry_mpi_t val;
- unsigned char *endp;
-
-#if EXTRA_CHECKS
- GNUNET_assert (0 == gcry_pk_testkey (key->sexp));
-#endif
- size = ntohs (block->size);
- if (size < sizeof (uint16_t))
- return -1;
- GNUNET_assert (0 ==
- gcry_sexp_sscan (&data,
- &erroff,
- block->encoding, size - sizeof (uint16_t)));
- GNUNET_assert (0 == gcry_pk_decrypt (&resultsexp, data, key->sexp));
- gcry_sexp_release (data);
- /* resultsexp has format "(value %m)" */
- GNUNET_assert (NULL !=
- (val = gcry_sexp_nth_mpi (resultsexp, 1, GCRYMPI_FMT_USG)));
- gcry_sexp_release (resultsexp);
- size = max + GNUNET_CRYPTO_ECC_DATA_ENCODING_LENGTH * 2;
- {
- unsigned char tmp[size];
-
- GNUNET_assert (0 == gcry_mpi_print (GCRYMPI_FMT_USG, tmp, size, &size,
val));
- gcry_mpi_release (val);
- endp = tmp;
- endp += (size - max);
- size = max;
- memcpy (result, endp, size);
- }
- return size;
-}
-
-
-/**
* Convert the data specified in the given purpose argument to an
* S-expression suitable for signature operations.
*
Modified: gnunet/src/util/test_crypto_ecc.c
===================================================================
--- gnunet/src/util/test_crypto_ecc.c 2012-10-17 21:00:58 UTC (rev 24384)
+++ gnunet/src/util/test_crypto_ecc.c 2012-10-17 21:16:37 UTC (rev 24385)
@@ -39,147 +39,6 @@
static int
-testEncryptDecrypt ()
-{
- struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_EccEncryptedData target;
- char result[MAX_TESTVAL];
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_ecc_key_get_public (key, &pkey);
- ok = 0;
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_ecc_encrypt (TESTSTRING, strlen (TESTSTRING) + 1, &pkey,
- &target))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_ecc_encrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (-1 ==
- GNUNET_CRYPTO_ecc_decrypt (key, &target, result,
- strlen (TESTSTRING) + 1))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_ecc_decrypt returned SYSERR\n");
- ok++;
- continue;
-
- }
- if (strncmp (TESTSTRING, result, strlen (TESTSTRING)) != 0)
- {
- printf ("%s != %.*s - testEncryptDecrypt failed!\n", TESTSTRING,
- (int) MAX_TESTVAL, result);
- ok++;
- continue;
- }
- }
- printf ("%d ECC encrypt/decrypt operations %s (%d failures)\n",
- ITER,
- GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_duration (start), GNUNET_YES),
- ok);
- if (ok == 0)
- return GNUNET_OK;
- return GNUNET_SYSERR;
-}
-
-
-#if PERF
-static int
-testEncryptPerformance ()
-{
- struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_EccEncryptedData target;
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_ecc_key_get_public (key, &pkey);
- ok = 0;
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_ecc_encrypt (TESTSTRING, strlen (TESTSTRING) + 1, &pkey,
- &target))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_ecc_encrypt returned SYSERR\n");
- ok++;
- continue;
- }
- }
- printf ("%d ECC encrypt operations %llu ms (%d failures)\n", ITER,
- (unsigned long long)
- GNUNET_TIME_absolute_get_duration (start).rel_value, ok);
- if (ok != 0)
- return GNUNET_SYSERR;
- return GNUNET_OK;
-}
-#endif
-
-static int
-testEncryptDecryptSK ()
-{
- struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded pkey;
- struct GNUNET_CRYPTO_EccEncryptedData target;
- struct GNUNET_CRYPTO_AesSessionKey insk;
- struct GNUNET_CRYPTO_AesSessionKey outsk;
- int i;
- struct GNUNET_TIME_Absolute start;
- int ok;
-
- FPRINTF (stderr, "%s", "W");
- GNUNET_CRYPTO_ecc_key_get_public (key, &pkey);
- ok = 0;
- start = GNUNET_TIME_absolute_get ();
- for (i = 0; i < ITER; i++)
- {
- FPRINTF (stderr, "%s", ".");
- GNUNET_CRYPTO_aes_create_session_key (&insk);
- if (GNUNET_SYSERR ==
- GNUNET_CRYPTO_ecc_encrypt (&insk,
- sizeof (struct GNUNET_CRYPTO_AesSessionKey),
- &pkey, &target))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_ecc_encrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (-1 ==
- GNUNET_CRYPTO_ecc_decrypt (key, &target, &outsk,
- sizeof (struct
GNUNET_CRYPTO_AesSessionKey)))
- {
- FPRINTF (stderr, "%s", "GNUNET_CRYPTO_ecc_decrypt returned SYSERR\n");
- ok++;
- continue;
- }
- if (0 !=
- memcmp (&insk, &outsk, sizeof (struct GNUNET_CRYPTO_AesSessionKey)))
- {
- printf ("testEncryptDecryptSK failed!\n");
- ok++;
- continue;
- }
- }
- printf ("%d ECC encrypt/decrypt SK operations %s (%d failures)\n",
- ITER,
- GNUNET_STRINGS_relative_time_to_string
(GNUNET_TIME_absolute_get_duration (start), GNUNET_YES),
- ok);
- if (ok != 0)
- return GNUNET_SYSERR;
- return GNUNET_OK;
-}
-
-
-static int
testSignVerify ()
{
struct GNUNET_CRYPTO_EccSignature sig;
@@ -330,15 +189,9 @@
failureCount++;
GNUNET_SCHEDULER_run (&test_async_creation, NULL);
#if PERF
- if (GNUNET_OK != testEncryptPerformance ())
- failureCount++;
if (GNUNET_OK != testSignPerformance ())
failureCount++;
#endif
- if (GNUNET_OK != testEncryptDecryptSK ())
- failureCount++;
- if (GNUNET_OK != testEncryptDecrypt ())
- failureCount++;
if (GNUNET_OK != testSignVerify ())
failureCount++;
GNUNET_CRYPTO_ecc_key_free (key);
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r24385 - in gnunet/src: include util,
gnunet <=