diff options
Diffstat (limited to 'src/include/taler_crypto_lib.h')
-rw-r--r-- | src/include/taler_crypto_lib.h | 208 |
1 files changed, 208 insertions, 0 deletions
diff --git a/src/include/taler_crypto_lib.h b/src/include/taler_crypto_lib.h new file mode 100644 index 000000000..597c85cdd --- /dev/null +++ b/src/include/taler_crypto_lib.h | |||
@@ -0,0 +1,208 @@ | |||
1 | /* | ||
2 | This file is part of TALER | ||
3 | (C) 2014, 2015 Christian Grothoff (and other contributing authors) | ||
4 | |||
5 | TALER is free software; you can redistribute it and/or modify it under the | ||
6 | terms of the GNU General Public License as published by the Free Software | ||
7 | Foundation; either version 3, or (at your option) any later version. | ||
8 | |||
9 | TALER is distributed in the hope that it will be useful, but WITHOUT ANY | ||
10 | WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR | ||
11 | A PARTICULAR PURPOSE. See the GNU General Public License for more details. | ||
12 | |||
13 | You should have received a copy of the GNU General Public License along with | ||
14 | TALER; see the file COPYING. If not, If not, see <http://www.gnu.org/licenses/> | ||
15 | */ | ||
16 | /** | ||
17 | * @file include/taler_crypto_lib.h | ||
18 | * @brief taler-specific crypto functions | ||
19 | * @author Sree Harsha Totakura <sreeharsha@totakura.in> | ||
20 | */ | ||
21 | #ifndef TALER_CRYPTO_LIB_H | ||
22 | #define TALER_CRYPTO_LIB_H | ||
23 | |||
24 | #include <gnunet/gnunet_util_lib.h> | ||
25 | #include <gcrypt.h> | ||
26 | |||
27 | |||
28 | /* ****************** Coin crypto primitives ************* */ | ||
29 | |||
30 | /** | ||
31 | * Public information about a coin (including the public key | ||
32 | * of the coin, the denomination key and the signature with | ||
33 | * the denomination key). | ||
34 | */ | ||
35 | struct TALER_CoinPublicInfo | ||
36 | { | ||
37 | /** | ||
38 | * The coin's public key. | ||
39 | */ | ||
40 | struct GNUNET_CRYPTO_EcdsaPublicKey coin_pub; | ||
41 | |||
42 | /** | ||
43 | * Public key representing the denomination of the coin | ||
44 | * that is being deposited. | ||
45 | */ | ||
46 | struct GNUNET_CRYPTO_rsa_PublicKey *denom_pub; | ||
47 | |||
48 | /** | ||
49 | * (Unblinded) signature over @e coin_pub with @e denom_pub, | ||
50 | * which demonstrates that the coin is valid. | ||
51 | */ | ||
52 | struct GNUNET_CRYPTO_rsa_Signature *denom_sig; | ||
53 | }; | ||
54 | |||
55 | |||
56 | /** | ||
57 | * Check if a coin is valid; that is, whether the denomination key exists, | ||
58 | * is not expired, and the signature is correct. | ||
59 | * | ||
60 | * @param coin_public_info the coin public info to check for validity | ||
61 | * @return #GNUNET_YES if the coin is valid, | ||
62 | * #GNUNET_NO if it is invalid | ||
63 | * #GNUNET_SYSERROR if an internal error occured | ||
64 | */ | ||
65 | int | ||
66 | TALER_test_coin_valid (const struct TALER_CoinPublicInfo *coin_public_info); | ||
67 | |||
68 | |||
69 | /* ****************** Refresh crypto primitives ************* */ | ||
70 | |||
71 | /** | ||
72 | * Secret used to decrypt the key to decrypt link secrets. | ||
73 | */ | ||
74 | struct TALER_TransferSecret | ||
75 | { | ||
76 | /** | ||
77 | * Secret used to encrypt/decrypt the `struct TALER_LinkSecret`. | ||
78 | * Must be (currently) a hash as this is what | ||
79 | * #GNUNET_CRYPTO_ecc_ecdh() returns to us. | ||
80 | */ | ||
81 | struct GNUNET_HashCode key; | ||
82 | }; | ||
83 | |||
84 | |||
85 | /** | ||
86 | * Secret used to decrypt refresh links. | ||
87 | */ | ||
88 | struct TALER_LinkSecret | ||
89 | { | ||
90 | /** | ||
91 | * Secret used to decrypt the refresh link data. | ||
92 | */ | ||
93 | char key[sizeof (struct GNUNET_HashCode)]; | ||
94 | }; | ||
95 | |||
96 | |||
97 | /** | ||
98 | * Encrypted secret used to decrypt refresh links. | ||
99 | */ | ||
100 | struct TALER_EncryptedLinkSecret | ||
101 | { | ||
102 | /** | ||
103 | * Encrypted secret, must be the given size! | ||
104 | */ | ||
105 | char enc[sizeof (struct TALER_LinkSecret)]; | ||
106 | }; | ||
107 | |||
108 | |||
109 | /** | ||
110 | * Representation of an encrypted refresh link. | ||
111 | */ | ||
112 | struct TALER_RefreshLinkEncrypted | ||
113 | { | ||
114 | |||
115 | /** | ||
116 | * Encrypted blinding key with @e blinding_key_enc_size bytes, | ||
117 | * must be allocated at the end of this struct. | ||
118 | */ | ||
119 | const char *blinding_key_enc; | ||
120 | |||
121 | /** | ||
122 | * Number of bytes in @e blinding_key_enc. | ||
123 | */ | ||
124 | size_t blinding_key_enc_size; | ||
125 | |||
126 | /** | ||
127 | * Encrypted private key of the coin. | ||
128 | */ | ||
129 | char coin_priv_enc[sizeof (struct GNUNET_CRYPTO_EcdsaPrivateKey)]; | ||
130 | |||
131 | }; | ||
132 | |||
133 | |||
134 | /** | ||
135 | * Representation of an refresh link in cleartext. | ||
136 | */ | ||
137 | struct TALER_RefreshLinkDecrypted | ||
138 | { | ||
139 | |||
140 | /** | ||
141 | * Private key of the coin. | ||
142 | */ | ||
143 | struct GNUNET_CRYPTO_EcdsaPrivateKey coin_priv; | ||
144 | |||
145 | /** | ||
146 | * Blinding key with @e blinding_key_enc_size bytes. | ||
147 | */ | ||
148 | struct GNUNET_CRYPTO_rsa_BlindingKey *blinding_key; | ||
149 | |||
150 | }; | ||
151 | |||
152 | |||
153 | /** | ||
154 | * Use the @a trans_sec (from ECDHE) to decrypt the @a secret_enc | ||
155 | * to obtain the @a secret to decrypt the linkage data. | ||
156 | * | ||
157 | * @param secret_enc encrypted secret | ||
158 | * @param trans_sec transfer secret | ||
159 | * @param secret shared secret for refresh link decryption | ||
160 | * @return #GNUNET_OK on success | ||
161 | */ | ||
162 | int | ||
163 | TALER_transfer_decrypt (const struct TALER_EncryptedLinkSecret *secret_enc, | ||
164 | const struct TALER_TransferSecret *trans_sec, | ||
165 | struct TALER_LinkSecret *secret); | ||
166 | |||
167 | |||
168 | /** | ||
169 | * Use the @a trans_sec (from ECDHE) to encrypt the @a secret | ||
170 | * to obtain the @a secret_enc. | ||
171 | * | ||
172 | * @param secret shared secret for refresh link decryption | ||
173 | * @param trans_sec transfer secret | ||
174 | * @param secret_enc[out] encrypted secret | ||
175 | * @return #GNUNET_OK on success | ||
176 | */ | ||
177 | int | ||
178 | TALER_transfer_encrypt (const struct TALER_LinkSecret *secret, | ||
179 | const struct TALER_TransferSecret *trans_sec, | ||
180 | struct TALER_EncryptedLinkSecret *secret_enc); | ||
181 | |||
182 | |||
183 | /** | ||
184 | * Decrypt refresh link information. | ||
185 | * | ||
186 | * @param input encrypted refresh link data | ||
187 | * @param secret shared secret to use for decryption | ||
188 | * @return NULL on error | ||
189 | */ | ||
190 | struct TALER_RefreshLinkDecrypted * | ||
191 | TALER_refresh_decrypt (const struct TALER_RefreshLinkEncrypted *input, | ||
192 | const struct TALER_LinkSecret *secret); | ||
193 | |||
194 | |||
195 | /** | ||
196 | * Encrypt refresh link information. | ||
197 | * | ||
198 | * @param input plaintext refresh link data | ||
199 | * @param secret shared secret to use for encryption | ||
200 | * @return NULL on error (should never happen) | ||
201 | */ | ||
202 | struct TALER_RefreshLinkEncrypted * | ||
203 | TALER_refresh_encrypt (const struct TALER_RefreshLinkDecrypted *input, | ||
204 | const struct TALER_LinkSecret *secret); | ||
205 | |||
206 | |||
207 | |||
208 | #endif | ||