From 8b4d25630e965c6831d009f9948a10bf9bb346ee Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Mon, 3 Aug 2020 17:26:16 +0200
Subject: begin signature registry

---
 gnunet-signatures/.gitignore   |   2 +
 gnunet-signatures/Makefile     |  15 ++++
 gnunet-signatures/README       |   7 ++
 gnunet-signatures/h.footer     |  13 ++++
 gnunet-signatures/h.header     |  35 +++++++++
 gnunet-signatures/h.template   |   6 ++
 gnunet-signatures/registry.rec | 162 +++++++++++++++++++++++++++++++++++++++++
 7 files changed, 240 insertions(+)
 create mode 100644 gnunet-signatures/.gitignore
 create mode 100644 gnunet-signatures/Makefile
 create mode 100644 gnunet-signatures/README
 create mode 100644 gnunet-signatures/h.footer
 create mode 100644 gnunet-signatures/h.header
 create mode 100644 gnunet-signatures/h.template
 create mode 100644 gnunet-signatures/registry.rec

diff --git a/gnunet-signatures/.gitignore b/gnunet-signatures/.gitignore
new file mode 100644
index 0000000..8afd4e7
--- /dev/null
+++ b/gnunet-signatures/.gitignore
@@ -0,0 +1,2 @@
+gnunet_signatures.h
+gnunet_signatures.h.tmp
diff --git a/gnunet-signatures/Makefile b/gnunet-signatures/Makefile
new file mode 100644
index 0000000..32640e6
--- /dev/null
+++ b/gnunet-signatures/Makefile
@@ -0,0 +1,15 @@
+FILES=registry.rec gnunet_signatures.h
+all: check $(FILES)
+check: registry.rec
+	recfix --check registry.rec
+distclean:
+	rm -f *.tmp
+clean:
+	rm -f $(FILES) *.tmp
+gnunet_signatures.h.tmp: registry.rec h.template
+	../format.sh h.template < registry.rec > $@
+
+gnunet_signatures.h: h.header gnunet_signatures.h.tmp h.footer
+	cat $^ > $@
+
+.PHONY: check clean distclean
diff --git a/gnunet-signatures/README b/gnunet-signatures/README
new file mode 100644
index 0000000..99587b7
--- /dev/null
+++ b/gnunet-signatures/README
@@ -0,0 +1,7 @@
+GNUnet signature purpose registry.
+
+Every time a signature is created or verified with libgnunetutil's
+signature functions, the signer must provide a "purpose" that provides
+the context for the signature.  By signing over the "purpose", it is
+not possible for an adversary to use a signature made in one context
+in another context.
diff --git a/gnunet-signatures/h.footer b/gnunet-signatures/h.footer
new file mode 100644
index 0000000..5d32ee9
--- /dev/null
+++ b/gnunet-signatures/h.footer
@@ -0,0 +1,13 @@
+
+
+};
+
+
+#if 0 /* keep Emacsens' auto-indent happy */
+{
+#endif
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/gnunet-signatures/h.header b/gnunet-signatures/h.header
new file mode 100644
index 0000000..57fced0
--- /dev/null
+++ b/gnunet-signatures/h.header
@@ -0,0 +1,35 @@
+/*
+     This file is part of GNUnet
+     Copyright (C) 2012-2020 GNUnet e.V.
+
+     GNUnet is free software: you can redistribute it and/or modify it
+     under the terms of the GNU General Public License as published
+     by the Free Software Foundation, either version 3 of the License,
+     or (at your option) any later version.
+
+     GNUnet is distributed in the hope that it will be useful, but
+     WITHOUT ANY WARRANTY; without even the implied warranty of
+     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+     General Public License for more details.
+
+     You should have received a copy of the GNU General Public License
+     along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+     SPDX-License-Identifier: GPL3.0-or-later
+ */
+#ifndef GNUNET_SIGNATURES_H
+#define GNUNET_SIGNATURES_H
+
+#ifdef __cplusplus
+extern "C" {
+#if 0 /* keep Emacsens' auto-indent happy */
+}
+#endif
+#endif
+
+
+/**
+ * Network signature purpose definitions.  Note that all values
+ * must be uint32_t and encoded in network byte order in the structs.
+ */
+enum GNUNET_SignaturePurpose {
diff --git a/gnunet-signatures/h.template b/gnunet-signatures/h.template
new file mode 100644
index 0000000..5fb7cf4
--- /dev/null
+++ b/gnunet-signatures/h.template
@@ -0,0 +1,6 @@
+
+
+  /**
+   * {{Description}} ({{Subsystem}})
+   */
+  GNUNET_SIGNATURE_PURPOSE_{{Identifier}} = {{Value}},
diff --git a/gnunet-signatures/registry.rec b/gnunet-signatures/registry.rec
new file mode 100644
index 0000000..36ea5f4
--- /dev/null
+++ b/gnunet-signatures/registry.rec
@@ -0,0 +1,162 @@
+# -*- mode: rec -*-
+#
+# Registry for GNUnet Signature purposes
+#
+
+%rec: SignaturePurpose
+%key: Number
+%type: Number int
+%mandatory: Number
+%typedef: Name_t regexp /^[ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_][ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_]*$/
+%type: Name Name_t
+%unique: Name
+%mandatory: Name
+%mandatory: Comment
+%allowed: Subsystem
+%sort: Number Name
+
+
+Number: 0
+Name: TEST
+Comment: Test signature, not valid for anything other than writing a test. (Note that the signature verification code will accept this value).
+Subsystem: GNUnet
+
+Number: 1
+Name: TRANSPORT_PONG_OWN
+Comment: Signature for confirming that this peer uses a particular address.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 2
+Name: TRANSPORT_DISCONNECT
+Comment: Signature for confirming that this peer intends to disconnect.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 3
+Name: REVOCATION
+Comment: Signature for confirming a key revocation.
+Subsystem: GNUnet-Revocation
+
+Number: 4
+Name: NAMESPACE_ADVERTISEMENT
+Comment: Signature for a namespace/pseudonym advertisement (by the namespace owner).
+Subsystem: GNUnet-FS
+
+Number: 5
+Name: PEER_PLACEMENT
+Comment: Signature by which a peer affirms that it is providing a certain bit of content for use in LOCation URIs.
+Subsystem: GNUnet-FS
+
+Number: 11
+Name: DNS_RECORD
+Comment: Signature on a GNUNET_DNS_Advertisement.
+Subsystem: GNUnet-DNS+Exit
+
+Number: 14
+Name: NSE_SEND
+Comment: Signature of a network size estimate message.
+Subsystem: GNUnet-NSE
+
+Number: 15
+Name: GNS_RECORD_SIGN
+Comment: Signature of a gnunet naming system record block
+Subsystem: GNUnet-GNSRECORD
+
+Number: 16
+Name: SET_ECC_KEY
+Comment: Purpose is to set a session key.
+Subsystem: GNUnet-CORE
+
+Number: 17
+Name: FS_UBLOCK
+Comment: UBlock Signature, done using DSS, not ECC
+Subsystem: GNUnet-FS
+
+Number: 18
+Name: REGEX_ACCEPT
+Comment: Accept state in regex DFA.  Peer affirms that it offers the matching service.
+Subsystem: GNUnet-REGEX
+
+Number: 20
+Name: CONVERSATION_RING
+Comment: Signature of a conversation ring.
+Subsystem: GNUnet-CONVERSATION
+
+Number: 21
+Name: SECRETSHARING_DKG1
+Comment: Signature for the first round of distributed key generation.
+Subsystem: GNUnet-SECRETSHARING
+
+Number: 22
+Name: SECRETSHARING_DKG2
+Comment: Signature for the second round of distributed key generation.
+Subsystem: GNUnet-SECRETSHARING
+
+Number: 23
+Name: SECRETSHARING_DECRYPTION
+Comment: Signature for the cooperative decryption.
+Subsystem: GNUnet-SECRETSHARING
+
+Number: 27
+Name: RECLAIM_CODE_SIGN
+Comment: Signature for a GNUid Ticket
+Subsystem: Reclaim
+
+Number: 28
+Name: DELEGATE
+Comment: Signature for a GNUnet credential
+Subsystem: Reclaim
+
+Number: 29
+Name: TRANSPORT_ADDRESS
+Comment: Signature by a peer affirming that this is one of its addresses for the given time period.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 30
+Name: TRANSPORT_EPHEMERAL
+Comment: Signature by a peer affirming that the given ephemeral key is currently in use by that peer's transport service.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 31
+Name: COMMUNICATOR_TCP_HANDSHAKE
+Comment: Signature used by TCP communicator handshake.
+Subsystem: GNUnet-TRANSPORT-TCP
+
+Number: 32
+Name: COMMUNICATOR_TCP_REKEY
+Comment: Signature used by TCP communicator rekey.
+Subsystem: GNUnet-TRANSPORT-TCP
+
+Number: 33
+Name: COMMUNICATOR_UDP_HANDSHAKE
+Comment: Signature used by UDP communicator handshake.
+Subsystem: GNUnet-TRANSPORT-UDP
+
+Number: 34
+Name: COMMUNICATOR_UDP_BROADCAST
+Comment: Signature used by UDP broadcasts.
+Subsystem: GNUnet-TRANSPORT-UDP
+
+Number: 35
+Name: TRANSPORT_CHALLENGE
+Comment: Signature by a peer affirming that it received a challenge (and stating how long it expects the address on which the challenge was received to remain valid).
+Subsystem: GNUnet-TRANSPORT
+
+Number: 36
+Name: TRANSPORT_DV_HOP
+Comment: Signature by a peer affirming that it is on a DV path.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 37
+Name: TRANSPORT_DV_INITIATOR
+Comment: Signature by a peer affirming that it originated the DV path.
+Subsystem: GNUnet-TRANSPORT
+
+Number: 38
+Name: CADET_CONNECTION_INITIATOR
+Comment: Signature by a peer that like to create a connection.
+Subsystem: GNUnet-CADET
+
+Number: 39
+Name: COMMUNICATOR_TCP_HANDSHAKE_ACK
+Comment: Signature by a peer sending back the nonce received at initial handshake.
+Subsystem: GNUnet-TRANSPORT-TCP
-- 
cgit v1.2.3