|
Tor 0.4.9.3-alpha-dev
|
Header for crypto_ed25519.c. More...
#include "lib/testsupport/testsupport.h"#include "lib/cc/torint.h"#include "lib/crypt_ops/crypto_curve25519.h"#include "lib/defs/x25519_sizes.h"Go to the source code of this file.
Data Structures | |
| struct | ed25519_signature_t |
| struct | ed25519_public_key_t |
| struct | ed25519_secret_key_t |
| struct | ed25519_keypair_t |
| struct | ed25519_checkable_t |
Macros | |
| #define | ed25519_keypair_free(kp) FREE_AND_NULL(ed25519_keypair_t, ed25519_keypair_free_, (kp)) |
Header for crypto_ed25519.c.
Definition in file crypto_ed25519.h.
| #define ed25519_keypair_free | ( | kp | ) | FREE_AND_NULL(ed25519_keypair_t, ed25519_keypair_free_, (kp)) |
Definition at line 122 of file crypto_ed25519.h.
| int ed25519_checksig | ( | const ed25519_signature_t * | signature, |
| const uint8_t * | msg, | ||
| size_t | len, | ||
| const ed25519_public_key_t * | pubkey | ||
| ) |
Check whether if signature is a valid signature for the len-byte message in msg made with the key pubkey.
Return 0 if the signature is valid; -1 if it isn't.
Definition at line 327 of file crypto_ed25519.c.
Referenced by channel_tls_process_authenticate_cell(), ed25519_checksig_batch(), and ed25519_checksig_prefixed().
| int ed25519_checksig_batch | ( | int * | okay_out, |
| const ed25519_checkable_t * | checkable, | ||
| int | n_checkable | ||
| ) |
Validate every signature among those in checkable, which contains exactly n_checkable elements. If okay_out is non-NULL, set the i'th element of okay_out to 1 if the i'th element of checkable is valid, and to 0 otherwise. Return 0 if every signature was valid. Otherwise return -N, where N is the number of invalid signatures.
Definition at line 376 of file crypto_ed25519.c.
Referenced by extrainfo_parse_entry_from_string(), or_handshake_certs_ed25519_ok(), router_parse_entry_from_string(), and tor_cert_checksig().
| int ed25519_checksig_prefixed | ( | const ed25519_signature_t * | signature, |
| const uint8_t * | msg, | ||
| size_t | msg_len, | ||
| const char * | prefix_str, | ||
| const ed25519_public_key_t * | pubkey | ||
| ) |
Like ed2519_checksig(), but also prefix msg with prefix_str before verifying signature. prefix_str must be a NUL-terminated string.
Definition at line 339 of file crypto_ed25519.c.
Referenced by desc_sig_is_valid(), and verify_establish_intro_cell().
| void ed25519_init | ( | void | ) |
Definition at line 774 of file crypto_ed25519.c.
| int ed25519_keypair_blind | ( | ed25519_keypair_t * | out, |
| const ed25519_keypair_t * | inp, | ||
| const uint8_t * | param | ||
| ) |
Given an ed25519 keypair in inp, generate a corresponding ed25519 keypair in out, blinded by the corresponding 32-byte input in 'param'.
Tor uses key blinding for the "next-generation" hidden services design: service descriptors are encrypted with a key derived from the service's long-term public key, and then signed with (and stored at a position indexed by) a short-term key derived by blinding the long-term keys.
Return 0 if blinding was successful, else return -1.
Definition at line 514 of file crypto_ed25519.c.
Referenced by hs_build_blinded_keypair().
| void ed25519_keypair_free_ | ( | ed25519_keypair_t * | kp | ) |
Release all storage held for kp.
Definition at line 631 of file crypto_ed25519.c.
| int ed25519_keypair_from_curve25519_keypair | ( | ed25519_keypair_t * | out, |
| int * | signbit_out, | ||
| const curve25519_keypair_t * | inp | ||
| ) |
Given a curve25519 keypair in inp, generate a corresponding ed25519 keypair in out, and set signbit_out to the sign bit of the X coordinate of the ed25519 key.
NOTE THAT IT IS PROBABLY NOT SAFE TO USE THE GENERATED KEY FOR ANYTHING OUTSIDE OF WHAT'S PRESENTED IN PROPOSAL 228. In particular, it's probably not a great idea to use it to sign attacker-supplied anything.
Definition at line 455 of file crypto_ed25519.c.
Referenced by make_ntor_onion_key_crosscert().
| int ed25519_keypair_generate | ( | ed25519_keypair_t * | keypair_out, |
| int | extra_strong | ||
| ) |
Generate a new ed25519 keypair in keypair_out. If extra_strong is set, try to mix some system entropy into the key generation process. Return 0 on success, -1 on failure.
Definition at line 214 of file crypto_ed25519.c.
Referenced by build_service_desc_keys(), create_family_id_key(), ed_key_new(), and service_intro_point_new().
| void ed25519_pubkey_copy | ( | ed25519_public_key_t * | dest, |
| const ed25519_public_key_t * | src | ||
| ) |
Set dest to contain the same key as src.
Definition at line 654 of file crypto_ed25519.c.
Referenced by build_service_desc_plaintext(), cache_client_desc_new(), circuit_send_intermediate_onion_skin(), connection_ap_handshake_attach_circuit(), consider_sending_introduce1(), create_family_id_key(), create_intro_circuit_identifier(), enqueue_rend_request(), find_service(), hs_client_setup_intro_circ_auth_key(), hs_ident_circuit_new(), hs_ident_dir_conn_init(), hs_ident_edge_conn_new(), hs_ident_server_dir_conn_new(), load_service_keys(), pick_needed_intro_points(), and server_onion_keys_new().
| int ed25519_pubkey_eq | ( | const ed25519_public_key_t * | key1, |
| const ed25519_public_key_t * | key2 | ||
| ) |
Return true iff key1 and key2 are the same public key.
Definition at line 642 of file crypto_ed25519.c.
Referenced by channel_rsa_id_group_set_badness(), check_one_family_cert(), circuit_matches_with_rend_stream(), close_directory_connections(), close_service_rp_circuits(), connection_or_client_learned_peer_id(), connection_or_set_identity_digest(), count_opened_desc_intro_point_circuits(), count_service_rp_circuits_pending(), directory_request_is_pending(), dirserv_orconn_tls_done(), ed_key_init_from_file(), extrainfo_dump_to_string_header_helper(), family_key_is_present(), find_desc_intro_point_by_ident(), flag_all_conn_wait_desc(), hs_service_ht_eq(), load_ed_keys(), node_ed25519_id_matches(), node_get_ed25519_id(), router_dump_router_to_string(), router_ed25519_id_is_me(), and router_parse_entry_from_string().
| int ed25519_pubkey_read_from_file | ( | ed25519_public_key_t * | pubkey_out, |
| char ** | tag_out, | ||
| const char * | filename | ||
| ) |
Store pubkey unencrypted to filename, marking it with tag. Return 0 on success, -1 on failure.
Definition at line 610 of file crypto_ed25519.c.
Referenced by ed_key_init_from_file().
| int ed25519_pubkey_write_to_file | ( | const ed25519_public_key_t * | pubkey, |
| const char * | filename, | ||
| const char * | tag | ||
| ) |
Store pubkey unencrypted to filename, marking it with tag. Return 0 on success, -1 on failure.
Definition at line 594 of file crypto_ed25519.c.
Referenced by ed_key_init_from_file(), and load_ed_keys().
| int ed25519_public_blind | ( | ed25519_public_key_t * | out, |
| const ed25519_public_key_t * | inp, | ||
| const uint8_t * | param | ||
| ) |
Given an ed25519 public key in inp, generate a corresponding blinded public key in out, blinded with the 32-byte parameter in param. Return 0 on success, -1 on railure.
Definition at line 541 of file crypto_ed25519.c.
Referenced by ed25519_keypair_blind(), and hs_build_blinded_pubkey().
| int ed25519_public_key_from_curve25519_public_key | ( | ed25519_public_key_t * | pubkey, |
| const curve25519_public_key_t * | pubkey_in, | ||
| int | signbit | ||
| ) |
Given a curve25519 public key and sign bit of X coordinate of the ed25519 public key, generate the corresponding ed25519 public key.
Definition at line 493 of file crypto_ed25519.c.
Referenced by ed25519_keypair_from_curve25519_keypair(), router_parse_entry_from_string(), and setup_desc_intro_point().
| int ed25519_public_key_generate | ( | ed25519_public_key_t * | pubkey_out, |
| const ed25519_secret_key_t * | seckey | ||
| ) |
Given a secret key in seckey, expand it into an ed25519 public key. Return 0 on success, -1 on failure.
Definition at line 202 of file crypto_ed25519.c.
Referenced by ed25519_keypair_blind(), ed25519_keypair_from_curve25519_keypair(), ed25519_keypair_generate(), ed_key_init_from_file(), hs_service_add_ephemeral(), and load_family_id_keys_impl().
| int ed25519_public_key_is_zero | ( | const ed25519_public_key_t * | pubkey | ) |
Return true iff 'pubkey' is set to zero (eg to indicate that it is not set).
Definition at line 227 of file crypto_ed25519.c.
Referenced by cache_client_intro_state_lookup(), channel_find_by_remote_identity(), circuit_n_chan_done(), connection_ap_handshake_attach_circuit(), connection_dir_client_refetch_hsdesc_if_needed(), connection_or_client_learned_peer_id(), connection_or_get_alleged_ed25519_id(), connection_or_set_identity_digest(), create_intro_circuit_identifier(), dirserv_orconn_tls_done(), ed25519_fmt(), extend_cell_format(), extend_info_describe(), extend_info_new(), find_desc_intro_point_by_ident(), hs_client_circuit_cleanup_on_free(), hs_ident_intro_circ_is_valid(), hs_pow_queue_work(), hs_pow_verify(), learned_router_identity(), node_add_to_ed25519_map(), node_ed25519_id_matches(), node_get_ed25519_id(), node_get_mutable_by_ed25519_id(), node_remove_from_ed25519_map(), nodelist_assert_ok(), onion_skin_create(), register_service(), remove_service(), and routerinfo_get_ed25519_id().
| int ed25519_seckey_read_from_file | ( | ed25519_secret_key_t * | seckey_out, |
| char ** | tag_out, | ||
| const char * | filename | ||
| ) |
Read seckey unencrypted from filename, storing it into seckey_out. Set *tag_out to the tag it was marked with. Return 0 on success, -1 on failure.
Definition at line 570 of file crypto_ed25519.c.
Referenced by ed_key_init_from_file(), and load_family_id_keys_impl().
| int ed25519_seckey_write_to_file | ( | const ed25519_secret_key_t * | seckey, |
| const char * | filename, | ||
| const char * | tag | ||
| ) |
Store seckey unencrypted to filename, marking it with tag. Return 0 on success, -1 on failure.
Definition at line 553 of file crypto_ed25519.c.
Referenced by create_family_id_key().
| int ed25519_secret_key_from_seed | ( | ed25519_secret_key_t * | seckey_out, |
| const uint8_t * | seed | ||
| ) |
Given a 32-byte random seed in seed, expand it into an ed25519 secret key in seckey_out. Return 0 on success, -1 on failure.
Definition at line 189 of file crypto_ed25519.c.
| int ed25519_secret_key_generate | ( | ed25519_secret_key_t * | seckey_out, |
| int | extra_strong | ||
| ) |
Initialize a new ed25519 secret key in seckey_out. If extra_strong, take the RNG inputs directly from the operating system. Return 0 on success, -1 on failure.
Definition at line 168 of file crypto_ed25519.c.
Referenced by add_onion_helper_keyarg(), and ed25519_keypair_generate().
| void ed25519_set_impl_params | ( | int | use_donna | ) |
Force the Ed25519 implementation to a given one, without sanity checking the output. Used for testing.
Definition at line 746 of file crypto_ed25519.c.
| int ed25519_sign | ( | ed25519_signature_t * | signature_out, |
| const uint8_t * | msg, | ||
| size_t | len, | ||
| const ed25519_keypair_t * | keypair | ||
| ) |
Set signature_out to a signature of the len-byte message msg, using the secret and public key in keypair.
Return 0 if we successfully signed the message, otherwise return -1.
Definition at line 271 of file crypto_ed25519.c.
Referenced by connection_or_compute_authenticate_cell_body(), ed25519_sign_prefixed(), extrainfo_dump_to_string_ed_sig_helper(), router_dump_router_to_string(), and tor_cert_create_raw().
| int ed25519_sign_prefixed | ( | ed25519_signature_t * | signature_out, |
| const uint8_t * | msg, | ||
| size_t | msg_len, | ||
| const char * | prefix_str, | ||
| const ed25519_keypair_t * | keypair | ||
| ) |
Like ed25519_sign(), but also prefix msg with prefix_str before signing. prefix_str must be a NUL-terminated string.
Definition at line 292 of file crypto_ed25519.c.
Referenced by desc_encode_v3(), and hs_cell_build_establish_intro().
| int ed25519_validate_pubkey | ( | const ed25519_public_key_t * | pubkey | ) |
Validate pubkey to ensure that it has no torsion component. Return 0 if pubkey is valid, else return -1.
Definition at line 796 of file crypto_ed25519.c.
Referenced by add_ed25519_to_dir(), dirserv_add_descriptor(), hs_address_is_valid(), and hs_service_add_ephemeral().
1.9.8