summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2020-08-03 17:26:16 +0200
committerChristian Grothoff <christian@grothoff.org>2020-08-03 17:26:16 +0200
commit8b4d25630e965c6831d009f9948a10bf9bb346ee (patch)
treee18b071cb1dde4ac6894e5629e5389249cb86f50
parent969e2b3b796a805b4954ea38d8a409c27f861883 (diff)
begin signature registry
-rw-r--r--gnunet-signatures/.gitignore2
-rw-r--r--gnunet-signatures/Makefile15
-rw-r--r--gnunet-signatures/README7
-rw-r--r--gnunet-signatures/h.footer13
-rw-r--r--gnunet-signatures/h.header35
-rw-r--r--gnunet-signatures/h.template6
-rw-r--r--gnunet-signatures/registry.rec162
7 files changed, 240 insertions, 0 deletions
diff --git a/gnunet-signatures/.gitignore b/gnunet-signatures/.gitignore
new file mode 100644
index 0000000..8afd4e7
--- /dev/null
+++ b/gnunet-signatures/.gitignore
@@ -0,0 +1,2 @@
+gnunet_signatures.h
+gnunet_signatures.h.tmp
diff --git a/gnunet-signatures/Makefile b/gnunet-signatures/Makefile
new file mode 100644
index 0000000..32640e6
--- /dev/null
+++ b/gnunet-signatures/Makefile
@@ -0,0 +1,15 @@
+FILES=registry.rec gnunet_signatures.h
+all: check $(FILES)
+check: registry.rec
+ recfix --check registry.rec
+distclean:
+ rm -f *.tmp
+clean:
+ rm -f $(FILES) *.tmp
+gnunet_signatures.h.tmp: registry.rec h.template
+ ../format.sh h.template < registry.rec > $@
+
+gnunet_signatures.h: h.header gnunet_signatures.h.tmp h.footer
+ cat $^ > $@
+
+.PHONY: check clean distclean
diff --git a/gnunet-signatures/README b/gnunet-signatures/README
new file mode 100644
index 0000000..99587b7
--- /dev/null
+++ b/gnunet-signatures/README
@@ -0,0 +1,7 @@
+GNUnet signature purpose registry.
+
+Every time a signature is created or verified with libgnunetutil's
+signature functions, the signer must provide a "purpose" that provides
+the context for the signature. By signing over the "purpose", it is
+not possible for an adversary to use a signature made in one context
+in another context.
diff --git a/gnunet-signatures/h.footer b/gnunet-signatures/h.footer
new file mode 100644
index 0000000..5d32ee9
--- /dev/null
+++ b/gnunet-signatures/h.footer
@@ -0,0 +1,13 @@
+
+
+};
+
+
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/gnunet-signatures/h.header b/gnunet-signatures/h.header
new file mode 100644
index 0000000..57fced0
--- /dev/null
+++ b/gnunet-signatures/h.header
@@ -0,0 +1,35 @@
+/*
+ This file is part of GNUnet
+ Copyright (C) 2012-2020 GNUnet e.V.
+
+ GNUnet is free software: you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
+
+ GNUnet is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+ SPDX-License-Identifier: GPL3.0-or-later
+ */
+#ifndef GNUNET_SIGNATURES_H
+#define GNUNET_SIGNATURES_H
+
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+
+
+/**
+ * Network signature purpose definitions. Note that all values
+ * must be uint32_t and encoded in network byte order in the structs.
+ */
+enum GNUNET_SignaturePurpose {
diff --git a/gnunet-signatures/h.template b/gnunet-signatures/h.template
new file mode 100644
index 0000000..5fb7cf4
--- /dev/null
+++ b/gnunet-signatures/h.template
@@ -0,0 +1,6 @@
+
+
+ /**
+ * {{Description}} ({{Subsystem}})
+ */
+ GNUNET_SIGNATURE_PURPOSE_{{Identifier}} = {{Value}},
diff --git a/gnunet-signatures/registry.rec b/gnunet-signatures/registry.rec
new file mode 100644
index 0000000..36ea5f4
--- /dev/null
+++ b/gnunet-signatures/registry.rec
@@ -0,0 +1,162 @@
+# -*- mode: rec -*-
+#
+# Registry for GNUnet Signature purposes
+#
+
+%rec: SignaturePurpose
+%key: Number
+%type: Number int
+%mandatory: Number
+%typedef: Name_t regexp /^[ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_][ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_]*$/
+%type: Name Name_t
+%unique: Name
+%mandatory: Name
+%mandatory: Comment
+%allowed: Subsystem
+%sort: Number Name
+
+
+Number: 0
+Name: TEST
+Comment: Test signature, not valid for anything other than writing a test. (Note that the signature verification code will accept this value).
+Subsystem: GNUnet
+
+Number: 1
+Name: TRANSPORT_PONG_OWN
+Comment: Signature for confirming that this peer uses a particular address.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 2
+Name: TRANSPORT_DISCONNECT
+Comment: Signature for confirming that this peer intends to disconnect.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 3
+Name: REVOCATION
+Comment: Signature for confirming a key revocation.
+Subsystem: GNUnet-Revocation
+
+Number: 4
+Name: NAMESPACE_ADVERTISEMENT
+Comment: Signature for a namespace/pseudonym advertisement (by the namespace owner).
+Subsystem: GNUnet-FS
+
+Number: 5
+Name: PEER_PLACEMENT
+Comment: Signature by which a peer affirms that it is providing a certain bit of content for use in LOCation URIs.
+Subsystem: GNUnet-FS
+
+Number: 11
+Name: DNS_RECORD
+Comment: Signature on a GNUNET_DNS_Advertisement.
+Subsystem: GNUnet-DNS+Exit
+
+Number: 14
+Name: NSE_SEND
+Comment: Signature of a network size estimate message.
+Subsystem: GNUnet-NSE
+
+Number: 15
+Name: GNS_RECORD_SIGN
+Comment: Signature of a gnunet naming system record block
+Subsystem: GNUnet-GNSRECORD
+
+Number: 16
+Name: SET_ECC_KEY
+Comment: Purpose is to set a session key.
+Subsystem: GNUnet-CORE
+
+Number: 17
+Name: FS_UBLOCK
+Comment: UBlock Signature, done using DSS, not ECC
+Subsystem: GNUnet-FS
+
+Number: 18
+Name: REGEX_ACCEPT
+Comment: Accept state in regex DFA. Peer affirms that it offers the matching service.
+Subsystem: GNUnet-REGEX
+
+Number: 20
+Name: CONVERSATION_RING
+Comment: Signature of a conversation ring.
+Subsystem: GNUnet-CONVERSATION
+
+Number: 21
+Name: SECRETSHARING_DKG1
+Comment: Signature for the first round of distributed key generation.
+Subsystem: GNUnet-SECRETSHARING
+
+Number: 22
+Name: SECRETSHARING_DKG2
+Comment: Signature for the second round of distributed key generation.
+Subsystem: GNUnet-SECRETSHARING
+
+Number: 23
+Name: SECRETSHARING_DECRYPTION
+Comment: Signature for the cooperative decryption.
+Subsystem: GNUnet-SECRETSHARING
+
+Number: 27
+Name: RECLAIM_CODE_SIGN
+Comment: Signature for a GNUid Ticket
+Subsystem: Reclaim
+
+Number: 28
+Name: DELEGATE
+Comment: Signature for a GNUnet credential
+Subsystem: Reclaim
+
+Number: 29
+Name: TRANSPORT_ADDRESS
+Comment: Signature by a peer affirming that this is one of its addresses for the given time period.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 30
+Name: TRANSPORT_EPHEMERAL
+Comment: Signature by a peer affirming that the given ephemeral key is currently in use by that peer's transport service.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 31
+Name: COMMUNICATOR_TCP_HANDSHAKE
+Comment: Signature used by TCP communicator handshake.
+Subsystem: GNUnet-TRANSPORT-TCP
+
+Number: 32
+Name: COMMUNICATOR_TCP_REKEY
+Comment: Signature used by TCP communicator rekey.
+Subsystem: GNUnet-TRANSPORT-TCP
+
+Number: 33
+Name: COMMUNICATOR_UDP_HANDSHAKE
+Comment: Signature used by UDP communicator handshake.
+Subsystem: GNUnet-TRANSPORT-UDP
+
+Number: 34
+Name: COMMUNICATOR_UDP_BROADCAST
+Comment: Signature used by UDP broadcasts.
+Subsystem: GNUnet-TRANSPORT-UDP
+
+Number: 35
+Name: TRANSPORT_CHALLENGE
+Comment: Signature by a peer affirming that it received a challenge (and stating how long it expects the address on which the challenge was received to remain valid).
+Subsystem: GNUnet-TRANSPORT
+
+Number: 36
+Name: TRANSPORT_DV_HOP
+Comment: Signature by a peer affirming that it is on a DV path.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 37
+Name: TRANSPORT_DV_INITIATOR
+Comment: Signature by a peer affirming that it originated the DV path.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 38
+Name: CADET_CONNECTION_INITIATOR
+Comment: Signature by a peer that like to create a connection.
+Subsystem: GNUnet-CADET
+
+Number: 39
+Name: COMMUNICATOR_TCP_HANDSHAKE_ACK
+Comment: Signature by a peer sending back the nonce received at initial handshake.
+Subsystem: GNUnet-TRANSPORT-TCP