[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[taler-anastasis] branch master updated: helper routines for recdoc meta
From: |
gnunet |
Subject: |
[taler-anastasis] branch master updated: helper routines for recdoc meta data encryption/decryption |
Date: |
Wed, 19 Jan 2022 13:49:41 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository anastasis.
The following commit(s) were added to refs/heads/master by this push:
new 5694afc helper routines for recdoc meta data encryption/decryption
5694afc is described below
commit 5694afc25e4363c15756fe6c529c441750870cff
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Wed Jan 19 13:49:39 2022 +0100
helper routines for recdoc meta data encryption/decryption
---
src/include/anastasis_crypto_lib.h | 38 +++++++++++++++++
src/util/anastasis_crypto.c | 84 ++++++++++++++++++++++++--------------
2 files changed, 91 insertions(+), 31 deletions(-)
diff --git a/src/include/anastasis_crypto_lib.h
b/src/include/anastasis_crypto_lib.h
index c28b83a..da60630 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -395,6 +395,44 @@ ANASTASIS_CRYPTO_recovery_document_decrypt (
size_t *rd_size);
+/**
+ * Encrypt recovery document meta data.
+ *
+ * @param id Hashed User input, used for the generation of the encryption key
+ * @param meta_data contains the recovery document meta data
+ * @param meta_data_size number of bytes in @a meta_data
+ * @param[out] enc_meta_data set to the encrypted meta data
+ * @param[out] enc_meta_data_size size of the result
+ */
+void
+ANASTASIS_CRYPTO_recovery_metadata_encrypt (
+ const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const void *meta_data,
+ size_t meta_data_size,
+ void **enc_meta_data,
+ size_t *enc_meta_data_size);
+
+
+/**
+ * Decrypts the recovery meta data.
+ *
+ * @param id Hashed User input, used for the generation of the decryption key
+ * @param enc_meta_data encrypted meta data
+ * @param enc_meta_data_size number of bytes in @a enc_meta_data
+ * @param[out] meta_data decrypted meta data
+ * @param[out] meta_data_size size of the result in @a meta_data
+ * @return #GNUNET_OK on success, #GNUNET_NO if the authentication tag
+ * was wrong
+ */
+enum GNUNET_GenericReturnValue
+ANASTASIS_CRYPTO_recovery_metadata_decrypt (
+ const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const void *enc_meta_data,
+ size_t enc_meta_data_size,
+ void **meta_data,
+ size_t *meta_data_size);
+
+
/**
* Encrypts a keyshare with a key generated with the user identification as
entropy and the salt "eks".
*
diff --git a/src/util/anastasis_crypto.c b/src/util/anastasis_crypto.c
index f9ae657..89750e4 100644
--- a/src/util/anastasis_crypto.c
+++ b/src/util/anastasis_crypto.c
@@ -170,8 +170,9 @@ anastasis_encrypt (const struct ANASTASIS_CRYPTO_NonceP
*nonce,
* @param salt salt value which is used for key derivation
* @param[out] res plaintext output
* @param[out] res_size size of the plaintext
+ * @return #GNUNET_OK on success
*/
-static void
+static enum GNUNET_GenericReturnValue
anastasis_decrypt (const void *key,
size_t key_len,
const void *data,
@@ -204,7 +205,9 @@ anastasis_decrypt (const void *key,
{
GNUNET_break (0);
GNUNET_free (*res);
+ return GNUNET_SYSERR;
}
+ return GNUNET_OK;
}
@@ -332,9 +335,9 @@ ANASTASIS_CRYPTO_keyshare_encrypt (
sizeof (nonce));
anastasis_encrypt (&nonce,
id,
- sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
+ sizeof (*id),
key_share,
- sizeof (struct ANASTASIS_CRYPTO_KeyShareP),
+ sizeof (*key_share),
(NULL == xsalt) ? salt : xsalt,
&eks,
&eks_size);
@@ -359,9 +362,9 @@ ANASTASIS_CRYPTO_keyshare_decrypt (
void *ks = NULL;
anastasis_decrypt (id,
- sizeof (struct ANASTASIS_CRYPTO_UserIdentifierP),
+ sizeof (*id),
enc_key_share,
- sizeof (struct ANASTASIS_CRYPTO_EncryptedKeyShareP),
+ sizeof (*enc_key_share),
(NULL == xsalt) ? salt : xsalt,
&ks,
&ks_size);
@@ -505,18 +508,6 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
}
-/**
- * Decrypts the core secret with the master key. First the master key is
decrypted with the provided policy key.
- * Afterwards the core secret is encrypted with the master key. The core
secret is returned.
- *
- * @param encrypted_master_key master key for decrypting the core secret, is
itself encrypted by the policy key
- * @param encrypted_master_key_size size of the encrypted master key
- * @param policy_key built policy key which will decrypt the master key
- * @param encrypted_core_secret the encrypted core secret from the user, will
be encrypted with the policy key
- * @param encrypted_core_secret_size size of the encrypted core secret
- * @param[out] core_secret decrypted core secret will be returned
- * @param[out] core_secret_size size of core secret
- */
void
ANASTASIS_CRYPTO_core_secret_recover (
const void *encrypted_master_key,
@@ -561,11 +552,6 @@ ANASTASIS_CRYPTO_core_secret_recover (
}
-/**
- * Destroy a core secret encryption result.
- *
- * @param cser the result to destroy
- */
void
ANASTASIS_CRYPTO_destroy_encrypted_core_secret (
struct ANASTASIS_CoreSecretEncryptionResult *cser)
@@ -579,15 +565,6 @@ ANASTASIS_CRYPTO_destroy_encrypted_core_secret (
}
-/**
- * Convert a @a uuid to a shortened, human-readable string
- * useful to show to users to identify the truth.
- * Note that the return value is in a global variable and
- * only valid until the next invocation of this function.
- *
- * @param uuid UUID to convert
- * @return string representation
- */
const char *
ANASTASIS_CRYPTO_uuid2s (const struct ANASTASIS_CRYPTO_TruthUUIDP *uuid)
{
@@ -604,4 +581,49 @@ ANASTASIS_CRYPTO_uuid2s (const struct
ANASTASIS_CRYPTO_TruthUUIDP *uuid)
}
+void
+ANASTASIS_CRYPTO_recovery_metadata_encrypt (
+ const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const void *meta_data,
+ size_t meta_data_size,
+ void **enc_meta_data,
+ size_t *enc_meta_data_size)
+{
+ const char *salt = "rmd";
+ struct ANASTASIS_CRYPTO_NonceP nonce;
+
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
+ &nonce,
+ sizeof (nonce));
+ anastasis_encrypt (&nonce,
+ id,
+ sizeof (*id),
+ meta_data,
+ meta_data_size,
+ salt,
+ enc_meta_data,
+ enc_meta_data_size);
+}
+
+
+enum GNUNET_GenericReturnValue
+ANASTASIS_CRYPTO_recovery_metadata_decrypt (
+ const struct ANASTASIS_CRYPTO_UserIdentifierP *id,
+ const void *enc_meta_data,
+ size_t enc_meta_data_size,
+ void **meta_data,
+ size_t *meta_data_size)
+{
+ const char *salt = "rmd";
+
+ return anastasis_decrypt (id,
+ sizeof (*id),
+ enc_meta_data,
+ enc_meta_data_size,
+ salt,
+ meta_data,
+ meta_data_size);
+}
+
+
/* end of anastasis_crypto.c */
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [taler-anastasis] branch master updated: helper routines for recdoc meta data encryption/decryption,
gnunet <=