diff --git a/dap_chain_cert.c b/dap_chain_cert.c
index 81871e23ba7a7794935fd3de55885e6697eda9d6..7f0f05ca62a3ded158ef488b3f2e6c9f7301b713 100644
--- a/dap_chain_cert.c
+++ b/dap_chain_cert.c
@@ -75,7 +75,7 @@ int dap_chain_cert_init()
*/
size_t dap_chain_cert_sign_output_size(dap_chain_cert_t * a_cert, size_t a_size_wished)
{
- return dap_chain_sign_create_output_cals_size( a_cert->key_private,a_size_wished);
+ return dap_chain_sign_create_output_cals_size( a_cert->enc_key,a_size_wished);
}
/**
@@ -89,7 +89,7 @@ dap_chain_addr_t * dap_chain_cert_to_addr(dap_chain_cert_t * a_cert, dap_chain_n
dap_chain_addr_t * l_addr = DAP_NEW_Z(dap_chain_addr_t);
l_addr->addr_ver = 1;
l_addr->net_id.uint64 = a_net_id.uint64;
- l_addr->sig_type.raw = dap_chain_sign_type_from_key_type( a_cert->key_private->type).raw;
+ l_addr->sig_type.raw = dap_chain_sign_type_from_key_type( a_cert->enc_key->type).raw;
// dap_hash(&l_addr);
l_addr->checksum;
}
@@ -106,7 +106,7 @@ dap_chain_addr_t * dap_chain_cert_to_addr(dap_chain_cert_t * a_cert, dap_chain_n
int dap_chain_cert_sign_output(dap_chain_cert_t * a_cert, const void * a_data, size_t a_data_size,
void * a_output, size_t a_output_size)
{
- return dap_chain_sign_create_output( a_cert->key_private,a_data,a_data_size,a_output,a_output_size);
+ return dap_chain_sign_create_output( a_cert->enc_key,a_data,a_data_size,a_output,a_output_size);
}
/**
@@ -120,7 +120,7 @@ int dap_chain_cert_sign_output(dap_chain_cert_t * a_cert, const void * a_data, s
dap_chain_sign_t * dap_chain_cert_sign(dap_chain_cert_t * a_cert, const void * a_data
, size_t a_data_size, size_t a_output_size_wished )
{
- dap_enc_key_t * l_key = a_cert->key_private;
+ dap_enc_key_t * l_key = a_cert->enc_key;
size_t l_ret_size = dap_chain_sign_create_output_cals_size( l_key,a_output_size_wished);
if (l_ret_size > 0 ) {
dap_chain_sign_t * l_ret = DAP_NEW_Z_SIZE(dap_chain_sign_t,
@@ -144,9 +144,9 @@ dap_chain_sign_t * dap_chain_cert_sign(dap_chain_cert_t * a_cert, const void * a
*/
int dap_chain_cert_add_cert_sign(dap_chain_cert_t * a_cert, dap_chain_cert_t * a_cert_signer)
{
- if (a_cert->key_private->pub_key_data_size && a_cert->key_private->pub_key_data) {
+ if (a_cert->enc_key->pub_key_data_size && a_cert->enc_key->pub_key_data) {
dap_chain_sign_item_t * l_sign_item = DAP_NEW_Z(dap_chain_sign_item_t);
- l_sign_item->sign = dap_chain_cert_sign (a_cert_signer,a_cert->key_private->pub_key_data,a_cert->key_private->pub_key_data_size,0);
+ l_sign_item->sign = dap_chain_cert_sign (a_cert_signer,a_cert->enc_key->pub_key_data,a_cert->enc_key->pub_key_data_size,0);
DL_APPEND ( PVT(a_cert)->signs, l_sign_item );
return 0;
} else {
@@ -166,8 +166,8 @@ dap_chain_cert_t * dap_chain_cert_generate_mem(const char * a_cert_name,
dap_enc_key_type_t a_key_type )
{
dap_chain_cert_t * l_cert = dap_chain_cert_new(a_cert_name);
- l_cert->key_private = dap_enc_key_new_generate(a_key_type, NULL, 0, NULL, 0, 0);
- if ( l_cert->key_private ){
+ l_cert->enc_key = dap_enc_key_new_generate(a_key_type, NULL, 0, NULL, 0, 0);
+ if ( l_cert->enc_key ){
log_it(L_DEBUG,"Certificate generated");
dap_chain_cert_item_t * l_cert_item = DAP_NEW_Z(dap_chain_cert_item_t);
snprintf(l_cert_item->name,sizeof(l_cert_item->name),"%s",a_cert_name);
@@ -264,8 +264,8 @@ void dap_chain_cert_delete(dap_chain_cert_t * a_cert)
if ( l_cert_item )
HASH_DEL(s_certs,l_cert_item);
- if( a_cert->key_private )
- dap_enc_key_delete (a_cert->key_private );
+ if( a_cert->enc_key )
+ dap_enc_key_delete (a_cert->enc_key );
if( a_cert->metadata )
DAP_DELETE (a_cert->metadata );
if (a_cert->_pvt)
@@ -304,11 +304,28 @@ dap_chain_cert_t * dap_chain_cert_add_file(const char * a_cert_name,const char *
dap_chain_pkey_t * dap_chain_cert_to_pkey(dap_chain_cert_t * a_cert)
{
if ( a_cert )
- return dap_chain_pkey_from_enc_key( a_cert->key_private );
+ return dap_chain_pkey_from_enc_key( a_cert->enc_key );
else
return NULL;
}
+/**
+ * @brief dap_chain_cert_compare_with_sign
+ * @param a_cert
+ * @param a_sign
+ * @return
+ */
+int dap_chain_cert_compare_with_sign (dap_chain_cert_t * a_cert,dap_chain_sign_t * a_sign)
+{
+ if ( dap_chain_sign_type_from_key_type( a_cert->enc_key->type ).type == a_sign->header.type.type ){
+ if ( a_cert->enc_key->pub_key_data_size == (size_t) a_sign->header.sign_pkey_size ){
+ return memcmp ( a_cert->enc_key->pub_key_data, a_sign->pkey_n_sign, a_sign->header.sign_pkey_size );
+ }else
+ return -2; // Wrong pkey size
+ }else
+ return -1; // Wrong sign type
+}
+
/**
@@ -332,9 +349,9 @@ size_t dap_chain_cert_count_cert_sign(dap_chain_cert_t * a_cert)
void dap_chain_cert_dump(dap_chain_cert_t * a_cert)
{
printf ("Certificate name: %s\n",a_cert->name);
- printf ("Signature type: %s\n", dap_chain_sign_type_to_str( dap_chain_sign_type_from_key_type(a_cert->key_private->type) ) );
- printf ("Private key size: %u\n",a_cert->key_private->priv_key_data_size);
- printf ("Public key size: %u\n", a_cert->key_private->pub_key_data_size);
+ printf ("Signature type: %s\n", dap_chain_sign_type_to_str( dap_chain_sign_type_from_key_type(a_cert->enc_key->type) ) );
+ printf ("Private key size: %u\n",a_cert->enc_key->priv_key_data_size);
+ printf ("Public key size: %u\n", a_cert->enc_key->pub_key_data_size);
printf ("Metadata section size: %u\n",a_cert->metadata?strlen(a_cert->metadata):0);
printf ("Certificates signatures chain size: %u\n",dap_chain_cert_count_cert_sign (a_cert));
}
diff --git a/dap_chain_cert.h b/dap_chain_cert.h
index c85b38240ef9b6e6f276b98ff5221a5b086736e9..a809353fc0a19db6b3021ebc7433e01624df7851 100644
--- a/dap_chain_cert.h
+++ b/dap_chain_cert.h
@@ -33,7 +33,7 @@
#define DAP_CHAIN_CERT_ITEM_NAME_MAX 40
typedef struct dap_chain_cert {
- dap_enc_key_t * key_private;
+ dap_enc_key_t * enc_key;
char name[DAP_CHAIN_CERT_ITEM_NAME_MAX];
void * _pvt;
char * metadata;
@@ -60,6 +60,9 @@ dap_chain_cert_t * dap_chain_cert_find_by_name(const char * a_cert_name);
dap_chain_sign_t * dap_chain_cert_sign(dap_chain_cert_t * a_cert, const void * a_data, size_t a_data_size, size_t a_output_size_wished );
+int dap_chain_cert_compare_with_sign (dap_chain_cert_t * a_cert,dap_chain_sign_t * a_sign);
+
+
size_t dap_chain_cert_sign_output_size(dap_chain_cert_t * a_cert, size_t a_size_wished);
diff --git a/dap_chain_cert_file.c b/dap_chain_cert_file.c
index dccc20081a8fc8b51029d62339ac7b085c78038d..81d9a7acf1c580bcf1fd8d06f86489b1d3936a16 100644
--- a/dap_chain_cert_file.c
+++ b/dap_chain_cert_file.c
@@ -41,8 +41,8 @@
size_t dap_chain_cert_save_mem_size(dap_chain_cert_t * a_cert )
{
return sizeof (dap_chain_cert_file_hdr_t)
- + a_cert->key_private->pub_key_data_size
- + a_cert->key_private->priv_key_data_size
+ + a_cert->enc_key->pub_key_data_size
+ + a_cert->enc_key->priv_key_data_size
+ (a_cert->metadata?strlen(a_cert->metadata):0);
}
@@ -88,7 +88,7 @@ int dap_chain_cert_save_mem(dap_chain_cert_t * a_cert, void * a_data )
dap_chain_cert_file_hdr_t l_hdr={0};
uint8_t * l_data = (uint8_t *) a_data;
size_t l_data_offset = 0;
- dap_enc_key_t * l_key = a_cert->key_private;
+ dap_enc_key_t * l_key = a_cert->enc_key;
int ret = 0;
l_hdr.sign = DAP_CHAIN_CERT_FILE_HDR_SIGN;
@@ -188,19 +188,19 @@ dap_chain_cert_t* dap_chain_cert_mem_load(void * a_data, size_t a_data_size)
}
l_ret = DAP_NEW_Z(dap_chain_cert_t);
- l_ret->key_private = dap_enc_key_new( dap_chain_sign_type_to_key_type( l_hdr.sign_type ));
- l_ret->key_private->last_used_timestamp = l_hdr.ts_last_used;
+ l_ret->enc_key = dap_enc_key_new( dap_chain_sign_type_to_key_type( l_hdr.sign_type ));
+ l_ret->enc_key->last_used_timestamp = l_hdr.ts_last_used;
if ( l_hdr.data_size > 0 ){
- l_ret->key_private->pub_key_data_size = l_hdr.data_size;
- l_ret->key_private->pub_key_data = DAP_NEW_SIZE (void,l_hdr.data_size);
- memcpy(l_ret->key_private->pub_key_data, l_data + sizeof(l_hdr),l_ret->key_private->pub_key_data_size);
+ l_ret->enc_key->pub_key_data_size = l_hdr.data_size;
+ l_ret->enc_key->pub_key_data = DAP_NEW_SIZE (void,l_hdr.data_size);
+ memcpy(l_ret->enc_key->pub_key_data, l_data + sizeof(l_hdr),l_ret->enc_key->pub_key_data_size);
}
- l_ret->key_private->priv_key_data_size = l_hdr.data_size;
+ l_ret->enc_key->priv_key_data_size = l_hdr.data_size;
if ( l_hdr.data_pvt_size > 0 ){
- l_ret->key_private->priv_key_data = DAP_NEW_SIZE (void,l_ret->key_private->priv_key_data_size);
- memcpy(l_ret->key_private->priv_key_data, l_data + sizeof(l_hdr)
- + l_ret->key_private->pub_key_data_size
- ,l_ret->key_private->priv_key_data_size);
+ l_ret->enc_key->priv_key_data = DAP_NEW_SIZE (void,l_ret->enc_key->priv_key_data_size);
+ memcpy(l_ret->enc_key->priv_key_data, l_data + sizeof(l_hdr)
+ + l_ret->enc_key->pub_key_data_size
+ ,l_ret->enc_key->priv_key_data_size);
}
log_it(L_NOTICE,"Successfuly loaded certificate");
diff --git a/dap_chain_pkey.c b/dap_chain_pkey.c
index ffda342b696d89db5f437edb50ceed0af6a8699e..284506fda92396f0bb205a2e4c7041697f793c63 100644
--- a/dap_chain_pkey.c
+++ b/dap_chain_pkey.c
@@ -82,3 +82,20 @@ int dap_chain_pkey_from_enc_key_output(dap_enc_key_t *a_key, void * a_output)
}
return -3;
}
+
+/**
+ * @brief dap_chain_pkey_type_from_sign
+ * @param a_pkey_type
+ * @return
+ */
+dap_chain_sign_type_t dap_chain_pkey_type_from_sign( dap_chain_pkey_type_t a_pkey_type)
+{
+ dap_chain_sign_type_t l_sign_type={0};
+ switch (a_pkey_type.type){
+ case PKEY_TYPE_SIGN_BLISS: l_sign_type.type = SIG_TYPE_BLISS; break;
+ case PKEY_TYPE_SIGN_PICNIC: l_sign_type.type = SIG_TYPE_PICNIC; break;
+ case PKEY_TYPE_SIGN_TESLA: l_sign_type.type = SIG_TYPE_TESLA; break;
+ }
+ return l_sign_type;
+}
+
diff --git a/dap_chain_pkey.h b/dap_chain_pkey.h
index a24e7729067844f11e83bd085248128c663d8807..a687b3293b5f324258b1586e1bed5a74c912e0ab 100644
--- a/dap_chain_pkey.h
+++ b/dap_chain_pkey.h
@@ -37,3 +37,5 @@ static inline size_t dap_chain_pkey_from_enc_key_output_calc(dap_enc_key_t *a_ke
}
int dap_chain_pkey_from_enc_key_output(dap_enc_key_t *a_key, void * a_output);
+
+dap_chain_sign_type_t dap_chain_pkey_type_from_sign( dap_chain_pkey_type_t a_pkey_type);
diff --git a/dap_chain_sign.c b/dap_chain_sign.c
index e843126be04bfde09401b635e7413454879e5c33..b9d04ad276b422221dd56ae515888c73df84692c 100644
--- a/dap_chain_sign.c
+++ b/dap_chain_sign.c
@@ -78,6 +78,8 @@ dap_enc_key_type_t dap_chain_sign_type_to_key_type(dap_chain_sign_type_t a_cha
}
}
+
+
/**
* @brief dap_chain_sign_type_to_str
* @param a_chain_sign_type
@@ -169,6 +171,7 @@ int dap_chain_sign_create_output(dap_enc_key_t *a_key, const void * a_data, cons
}
}
+
/**
* @brief dap_chain_sign_to_enc_key
* @param a_chain_sign
diff --git a/dap_chain_sign.h b/dap_chain_sign.h
index 7511ed705fc52fb518309af0850ba9ccd1f2524c..2c9612c4e76b5635199da0da13bfc4cce9d9c845 100644
--- a/dap_chain_sign.h
+++ b/dap_chain_sign.h
@@ -28,18 +28,10 @@
#include "dap_common.h"
#include "dap_enc_ca.h"
#include "dap_enc_key.h"
+#include "dap_chain_common.h"
+#include "dap_chain_pkey.h"
+
-typedef union dap_chain_sign_type{
- enum {
- SIG_TYPE_NULL = 0x0000,
- SIG_TYPE_BLISS = 0x0001,
- SIG_TYPE_DEFO = 0x0002, /// @brief key image for anonymous transaction
- SIG_TYPE_TESLA = 0x0003, /// @brief
- SIG_TYPE_PICNIC = 0x0101, /// @brief
- SIG_TYPE_MULTI = 0xffff /// @brief Has inside subset of different signatures and sign composed with all of them
- } type: 16;
- uint16_t raw;
-} dap_chain_sign_type_t;
/**
* @struct dap_chain_sign
@@ -54,6 +46,7 @@ typedef struct dap_chain_sign{
uint8_t pkey_n_sign[]; /// @param sig @brief raw signature data
} DAP_ALIGN_PACKED dap_chain_sign_t;
+
int dap_chain_sign_verify (dap_chain_sign_t * a_chain_sign, const void * a_data, const size_t a_data_size);
dap_chain_sign_t * dap_chain_sign_create(dap_enc_key_t *a_key, const void * a_data, const size_t a_data_size