aboutsummaryrefslogtreecommitdiff
path: root/src/include/taler_rsa.h
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-01-08 18:37:20 +0100
committerChristian Grothoff <christian@grothoff.org>2015-01-08 18:37:20 +0100
commit57d1f08dbca256f5fe16d57b29bfa523dec8f6c4 (patch)
tree3b3ee5f3b8c174887217e5c465048dea4e79bae2 /src/include/taler_rsa.h
-initial import for mint
Diffstat (limited to 'src/include/taler_rsa.h')
-rw-r--r--src/include/taler_rsa.h357
1 files changed, 357 insertions, 0 deletions
diff --git a/src/include/taler_rsa.h b/src/include/taler_rsa.h
new file mode 100644
index 000000000..1ed530013
--- /dev/null
+++ b/src/include/taler_rsa.h
@@ -0,0 +1,357 @@
+/*
+ This file is part of TALER
+ (C) 2014 Christian Grothoff (and other contributing authors)
+
+ TALER is free software; you can redistribute it and/or modify it under the
+ terms of the GNU General Public License as published by the Free Software
+ Foundation; either version 3, or (at your option) any later version.
+
+ TALER is distributed in the hope that it will be useful, but WITHOUT ANY
+ WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
+ A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along with
+ TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/>
+*/
+
+/**
+ * @file include/taler_rsa.h
+ * @brief RSA key management utilities. Some code is taken from gnunet-0.9.5a
+ * @author Sree Harsha Totakura <sreeharsha@totakura.in>
+ *
+ * Authors of the gnunet code:
+ * Christian Grothoff
+ * Krista Bennett
+ * Gerd Knorr <kraxel@bytesex.org>
+ * Ioana Patrascu
+ * Tzvetan Horozov
+ */
+
+#ifndef TALER_RSA_H
+#define TALER_RSA_H
+
+#include <gnunet/gnunet_common.h>
+#include <gnunet/gnunet_crypto_lib.h>
+
+/**
+ * Length of an RSA KEY (n,e,len), 2048 bit (=256 octests) key n, 2 byte e
+ */
+#define TALER_RSA_KEY_LENGTH 258
+
+/**
+ * @brief Length of RSA encrypted data (2048 bit)
+ *
+ * We currently do not handle encryption of data
+ * that can not be done in a single call to the
+ * RSA methods (read: large chunks of data).
+ * We should never need that, as we can use
+ * the GNUNET_CRYPTO_hash for larger pieces of data for signing,
+ * and for encryption, we only need to encode sessionkeys!
+ */
+#define TALER_RSA_DATA_ENCODING_LENGTH 256
+
+/**
+ * The private information of an RSA key pair.
+ */
+struct TALER_RSA_PrivateKey;
+
+
+GNUNET_NETWORK_STRUCT_BEGIN
+
+/**
+ * GNUnet mandates a certain format for the encoding
+ * of private RSA key information that is provided
+ * by the RSA implementations. This format is used
+ * to serialize a private RSA key (typically when
+ * writing it to disk).
+ */
+struct TALER_RSA_PrivateKeyBinaryEncoded
+{
+ /**
+ * Total size of the structure, in bytes, in big-endian!
+ */
+ uint16_t len GNUNET_PACKED;
+ uint16_t sizen GNUNET_PACKED; /* in big-endian! */
+ uint16_t sizee GNUNET_PACKED; /* in big-endian! */
+ uint16_t sized GNUNET_PACKED; /* in big-endian! */
+ uint16_t sizep GNUNET_PACKED; /* in big-endian! */
+ uint16_t sizeq GNUNET_PACKED; /* in big-endian! */
+ uint16_t sizedmp1 GNUNET_PACKED; /* in big-endian! */
+ uint16_t sizedmq1 GNUNET_PACKED; /* in big-endian! */
+ /* followed by the actual values */
+};
+GNUNET_NETWORK_STRUCT_END
+
+
+/**
+ * @brief an RSA signature
+ */
+struct TALER_RSA_Signature
+{
+ unsigned char sig[TALER_RSA_DATA_ENCODING_LENGTH];
+};
+
+GNUNET_NETWORK_STRUCT_BEGIN
+/**
+ * @brief header of what an RSA signature signs
+ * this must be followed by "size - 8" bytes of
+ * the actual signed data
+ */
+struct TALER_RSA_SignaturePurpose
+{
+ /**
+ * How many bytes does this signature sign?
+ * (including this purpose header); in network
+ * byte order (!).
+ */
+ uint32_t size GNUNET_PACKED;
+
+ /**
+ * What does this signature vouch for? This
+ * must contain a GNUNET_SIGNATURE_PURPOSE_XXX
+ * constant (from gnunet_signatures.h). In
+ * network byte order!
+ */
+ uint32_t purpose GNUNET_PACKED;
+
+};
+
+
+struct TALER_RSA_BlindedSignaturePurpose
+{
+ unsigned char data[TALER_RSA_DATA_ENCODING_LENGTH];
+};
+
+
+/**
+ * @brief A public key.
+ */
+struct TALER_RSA_PublicKeyBinaryEncoded
+{
+ /**
+ * In big-endian, must be GNUNET_CRYPTO_RSA_KEY_LENGTH+4
+ */
+ uint16_t len GNUNET_PACKED;
+
+ /**
+ * Size of n in key; in big-endian!
+ */
+ uint16_t sizen GNUNET_PACKED;
+
+ /**
+ * The key itself, contains n followed by e.
+ */
+ unsigned char key[TALER_RSA_KEY_LENGTH];
+
+ /**
+ * Padding (must be 0)
+ */
+ uint16_t padding GNUNET_PACKED;
+};
+
+GNUNET_NETWORK_STRUCT_END
+
+/**
+ * Create a new private key. Caller must free return value.
+ *
+ * @return fresh private key
+ */
+struct TALER_RSA_PrivateKey *
+TALER_RSA_key_create ();
+
+
+/**
+ * Free memory occupied by the private key.
+ *
+ * @param key pointer to the memory to free
+ */
+void
+TALER_RSA_key_free (struct TALER_RSA_PrivateKey *key);
+
+
+/**
+ * Encode the private key in a format suitable for
+ * storing it into a file.
+ * @return encoding of the private key
+ */
+struct TALER_RSA_PrivateKeyBinaryEncoded *
+TALER_RSA_encode_key (const struct TALER_RSA_PrivateKey *hostkey);
+
+
+/**
+ * Extract the public key of the given private key.
+ *
+ * @param priv the private key
+ * @param pub where to write the public key
+ */
+void
+TALER_RSA_key_get_public (const struct TALER_RSA_PrivateKey *priv,
+ struct TALER_RSA_PublicKeyBinaryEncoded *pub);
+
+
+/**
+ * Decode the private key from the data-format back
+ * to the "normal", internal format.
+ *
+ * @param buf the buffer where the private key data is stored
+ * @param len the length of the data in 'buffer'
+ * @return NULL on error
+ */
+struct TALER_RSA_PrivateKey *
+TALER_RSA_decode_key (const char *buf, uint16_t len);
+
+
+/**
+ * Convert a public key to a string.
+ *
+ * @param pub key to convert
+ * @return string representing 'pub'
+ */
+char *
+TALER_RSA_public_key_to_string (const struct TALER_RSA_PublicKeyBinaryEncoded *pub);
+
+
+/**
+ * Convert a string representing a public key to a public key.
+ *
+ * @param enc encoded public key
+ * @param enclen number of bytes in enc (without 0-terminator)
+ * @param pub where to store the public key
+ * @return GNUNET_OK on success
+ */
+int
+TALER_RSA_public_key_from_string (const char *enc,
+ size_t enclen,
+ struct TALER_RSA_PublicKeyBinaryEncoded *pub);
+
+
+/**
+ * Sign a given block.h
+ *
+ * @param key private key to use for the signing
+ * @param msg the message
+ * @param size the size of the message
+ * @param sig where to write the signature
+ * @return GNUNET_SYSERR on error, GNUNET_OK on success
+ */
+int
+TALER_RSA_sign (const struct TALER_RSA_PrivateKey *key,
+ const void *msg,
+ size_t size,
+ struct TALER_RSA_Signature *sig);
+
+
+/**
+ * Verify signature with the given hash.
+ *
+ * @param hash the hash code to verify against the signature
+ * @param sig signature that is being validated
+ * @param publicKey public key of the signer
+ * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
+ */
+int
+TALER_RSA_hash_verify (const struct GNUNET_HashCode *hash,
+ const struct TALER_RSA_Signature *sig,
+ const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey);
+
+
+/**
+ * Verify signature on the given message
+ *
+ * @param msg the message
+ * @param size the size of the message
+ * @param sig signature that is being validated
+ * @param publicKey public key of the signer
+ * @returns GNUNET_OK if ok, GNUNET_SYSERR if invalid
+ */
+int
+TALER_RSA_verify (const void *msg, size_t size,
+ const struct TALER_RSA_Signature *sig,
+ const struct TALER_RSA_PublicKeyBinaryEncoded *publicKey);
+
+/**
+ * Key used to blind a message
+ */
+struct TALER_RSA_BlindingKey;
+
+/**
+ * Create a blinding key
+ *
+ * @return the newly created blinding key
+ */
+struct TALER_RSA_BlindingKey *
+TALER_RSA_blinding_key_create ();
+
+
+/**
+ * Destroy a blinding key
+ *
+ * @param bkey the blinding key to destroy
+ */
+void
+TALER_RSA_blinding_key_destroy (struct TALER_RSA_BlindingKey *bkey);
+
+
+/**
+ * Binary encoding for TALER_RSA_BlindingKey
+ */
+struct TALER_RSA_BlindingKeyBinaryEncoded
+{
+ unsigned char data[TALER_RSA_DATA_ENCODING_LENGTH];
+};
+
+
+/**
+ * Encode a blinding key
+ *
+ * @param bkey the blinding key to encode
+ * @param bkey_enc where to store the encoded binary key
+ * @return #GNUNET_OK upon successful encoding; #GNUNET_SYSERR upon failure
+ */
+int
+TALER_RSA_blinding_key_encode (struct TALER_RSA_BlindingKey *bkey,
+ struct TALER_RSA_BlindingKeyBinaryEncoded *bkey_enc);
+
+
+/**
+ * Decode a blinding key from its encoded form
+ *
+ * @param bkey_enc the encoded blinding key
+ * @return the decoded blinding key; NULL upon error
+ */
+struct TALER_RSA_BlindingKey *
+TALER_RSA_blinding_key_decode (struct TALER_RSA_BlindingKeyBinaryEncoded *bkey_enc);
+
+
+/**
+ * Blinds the given message with the given blinding key
+ *
+ * @param msg the message
+ * @param size the size of the message
+ * @param bkey the blinding key
+ * @param pkey the public key of the signer
+ * @return the blinding signature purpose; NULL upon any error
+ */
+struct TALER_RSA_BlindedSignaturePurpose *
+TALER_RSA_message_blind (const void *msg, size_t size,
+ struct TALER_RSA_BlindingKey *bkey,
+ struct TALER_RSA_PublicKeyBinaryEncoded *pkey);
+
+
+/**
+ * Unblind a signature made on blinding signature purpose. The signature
+ * purpose should have been generated with TALER_RSA_message_blind() function.
+ *
+ * @param sig the signature made on the blinded signature purpose
+ * @param bkey the blinding key used to blind the signature purpose
+ * @param pkey the public key of the signer
+ * @return GNUNET_SYSERR upon error; GNUNET_OK upon success.
+ */
+int
+TALER_RSA_unblind (struct TALER_RSA_Signature *sig,
+ struct TALER_RSA_BlindingKey *bkey,
+ struct TALER_RSA_PublicKeyBinaryEncoded *pkey);
+
+#endif /* TALER_RSA_H */
+
+/* end of include/taler_rsa.h */