summaryrefslogtreecommitdiff
path: root/src/include
diff options
context:
space:
mode:
authorFlorian Dold <florian@dold.me>2021-10-06 20:23:37 +0200
committerFlorian Dold <florian@dold.me>2021-10-06 20:23:37 +0200
commitbfb15f6f8786c777b0c6e63a3bef9c671c8d34fa (patch)
tree7c4098fe4f1369451cff79b977c91e31e9e7d773 /src/include
parent9328a55a72c4a61d62f7e052854ea8ba52801879 (diff)
downloadanastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.tar.gz
anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.tar.bz2
anastasis-bfb15f6f8786c777b0c6e63a3bef9c671c8d34fa.zip
use anastasis_(de|en)crypt primitive everywhere
Diffstat (limited to 'src/include')
-rw-r--r--src/include/anastasis_crypto_lib.h60
1 files changed, 43 insertions, 17 deletions
diff --git a/src/include/anastasis_crypto_lib.h b/src/include/anastasis_crypto_lib.h
index 6377baf..0075be7 100644
--- a/src/include/anastasis_crypto_lib.h
+++ b/src/include/anastasis_crypto_lib.h
@@ -133,15 +133,6 @@ struct ANASTASIS_CRYPTO_PolicyKeyP
/**
- * Specifies an encrypted master key, the key is used to encrypt the core secret from the user
- */
-struct ANASTASIS_CRYPTO_EncryptedMasterKeyP
-{
- struct GNUNET_HashCode key GNUNET_PACKED;
-};
-
-
-/**
* Specifies a Nonce used for the AES encryption, here defined as 32Byte large.
*/
struct ANASTASIS_CRYPTO_NonceP
@@ -271,6 +262,33 @@ struct ANASTASIS_AccountSignatureP
GNUNET_NETWORK_STRUCT_END
+/**
+ * Result of encrypting the core secret.
+ */
+struct ANASTASIS_CoreSecretEncryptionResult
+{
+ /**
+ * Encrypted core secret.
+ */
+ void *enc_core_secret;
+
+ /**
+ * Size of the encrypted core secret.
+ */
+ size_t enc_core_secret_size;
+
+ /**
+ * Array of encrypted master keys. Each key is encrypted
+ * to a different policy key.
+ */
+ void **enc_master_keys;
+
+ /**
+ * Sizes of the encrypted master keys.
+ */
+ size_t *enc_master_key_sizes;
+};
+
/**
* Hash a numerical answer to compute the hash value to be submitted
@@ -498,18 +516,24 @@ ANASTASIS_CRYPTO_policy_key_derive (
* @param policy_keys_length defines the amount of policy keys and also the amount of encrypted master keys
* @param core_secret the user provided core secret which is secured by anastasis
* @param core_secret_size the size of the core secret
- * @param[out] enc_core_secret the core secret is encrypted with the generated master key
- * @param[out] encrypted_master_keys array of encrypted master keys which will be safed inside the policies one encrypted
- * master key is created for each policy key
+ * @returns result of the encryption, must be freed with #ANASTASIS_CRYPTO_destroy_encrypted_core_secret
*/
-void
+struct ANASTASIS_CoreSecretEncryptionResult *
ANASTASIS_CRYPTO_core_secret_encrypt (
const struct ANASTASIS_CRYPTO_PolicyKeyP *policy_keys,
unsigned int policy_keys_length,
const void *core_secret,
- size_t core_secret_size,
- void **enc_core_secret,
- struct ANASTASIS_CRYPTO_EncryptedMasterKeyP *encrypted_master_keys);
+ size_t core_secret_size);
+
+
+/**
+ * Destroy a core secret encryption result.
+ *
+ * @param cser the result to destroy
+ */
+void
+ANASTASIS_CRYPTO_destroy_encrypted_core_secret (
+ struct ANASTASIS_CoreSecretEncryptionResult *cser);
/**
@@ -517,6 +541,7 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
* Afterwards the core secret is encrypted with the master key. The core secret is returned.
*
* @param encrypted_master_key master key for decrypting the core secret, is itself encrypted by the policy key
+ * @param encrypted_master_key_size size of the encrypted master key
* @param policy_key built policy key which will decrypt the master key
* @param encrypted_core_secret the encrypted core secret from the user, will be encrypted with the policy key
* @param encrypted_core_secret_size size of the encrypted core secret
@@ -525,7 +550,8 @@ ANASTASIS_CRYPTO_core_secret_encrypt (
*/
void
ANASTASIS_CRYPTO_core_secret_recover (
- const struct ANASTASIS_CRYPTO_EncryptedMasterKeyP *encrypted_master_key,
+ const void *encrypted_master_key,
+ size_t encrypted_master_key_size,
const struct ANASTASIS_CRYPTO_PolicyKeyP *policy_key,
const void *encrypted_core_secret,
size_t encrypted_core_secret_size,