diff options
author | Christian Grothoff <christian@grothoff.org> | 2013-04-11 19:29:14 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2013-04-11 19:29:14 +0000 |
commit | 6b99f6d2c48e79b3bc27929a21aa25b5e014e936 (patch) | |
tree | 3072f3d44370980e0fdd1a53c0915812111795ac | |
parent | 94b2f31f285e6483fbced750204f7464b16058e8 (diff) | |
download | gnunet-6b99f6d2c48e79b3bc27929a21aa25b5e014e936.tar.gz gnunet-6b99f6d2c48e79b3bc27929a21aa25b5e014e936.zip |
-towards proper pseudonym support
-rw-r--r-- | src/util/pseudonym.c | 17 | ||||
-rw-r--r-- | src/util/test_pseudonym.c | 4 |
2 files changed, 8 insertions, 13 deletions
diff --git a/src/util/pseudonym.c b/src/util/pseudonym.c index 428e81943..497f6ad6f 100644 --- a/src/util/pseudonym.c +++ b/src/util/pseudonym.c | |||
@@ -1140,11 +1140,9 @@ GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph, | |||
1140 | gcry_mpi_release (h); | 1140 | gcry_mpi_release (h); |
1141 | gcry_mpi_release (n); | 1141 | gcry_mpi_release (n); |
1142 | 1142 | ||
1143 | /* now build sexpression with the signing key; | 1143 | /* now build sexpression with the signing key */ |
1144 | NOTE: libgcrypt docs say that we should specify 'Q', but hopefully soon | ||
1145 | libgcrypt will derive it from 'd' for us... */ | ||
1146 | if (0 != (rc = gcry_sexp_build (&spriv, &erroff, | 1144 | if (0 != (rc = gcry_sexp_build (&spriv, &erroff, |
1147 | "(private-key(ecc(curve \"NIST P-256\")(d %m)))", | 1145 | "(private-key(ecdsa(curve \"NIST P-256\")(d %m)))", |
1148 | d))) | 1146 | d))) |
1149 | { | 1147 | { |
1150 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); | 1148 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); |
@@ -1188,8 +1186,9 @@ GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph, | |||
1188 | gcry_sexp_release (data); | 1186 | gcry_sexp_release (data); |
1189 | gcry_sexp_release (spriv); | 1187 | gcry_sexp_release (spriv); |
1190 | 1188 | ||
1189 | |||
1191 | /* extract 'r' and 's' values from sexpression 'result' and store in 'signature' */ | 1190 | /* extract 'r' and 's' values from sexpression 'result' and store in 'signature' */ |
1192 | if (0 != (rc = key_from_sexp (rs, result, "ecdsa", "rs"))) | 1191 | if (0 != (rc = key_from_sexp (rs, result, "sig-val", "rs"))) |
1193 | { | 1192 | { |
1194 | GNUNET_break (0); | 1193 | GNUNET_break (0); |
1195 | gcry_sexp_release (result); | 1194 | gcry_sexp_release (result); |
@@ -1375,7 +1374,6 @@ GNUNET_PSEUDONYM_verify (const struct GNUNET_PseudonymSignaturePurpose *purpose, | |||
1375 | const struct GNUNET_PseudonymSignature *signature, | 1374 | const struct GNUNET_PseudonymSignature *signature, |
1376 | const struct GNUNET_PseudonymIdentifier *verification_key) | 1375 | const struct GNUNET_PseudonymIdentifier *verification_key) |
1377 | { | 1376 | { |
1378 | #if FUTURE | ||
1379 | gcry_sexp_t data; | 1377 | gcry_sexp_t data; |
1380 | gcry_sexp_t sig_sexpr; | 1378 | gcry_sexp_t sig_sexpr; |
1381 | gcry_sexp_t pk_sexpr; | 1379 | gcry_sexp_t pk_sexpr; |
@@ -1461,8 +1459,8 @@ GNUNET_PSEUDONYM_verify (const struct GNUNET_PseudonymSignaturePurpose *purpose, | |||
1461 | gcry_mpi_ec_set_point ("q", q, ctx); | 1459 | gcry_mpi_ec_set_point ("q", q, ctx); |
1462 | gcry_mpi_point_release (q); | 1460 | gcry_mpi_point_release (q); |
1463 | 1461 | ||
1464 | /* convert 'ctx' to 'sexp' (this hurts) */ | 1462 | /* convert 'ctx' to 'sexp' */ |
1465 | if (0 != (rc = gcry_sexp_from_context (&pk_sexpr, ctx))) | 1463 | if (0 != (rc = gcry_pubkey_get_sexp (&pk_sexpr, GCRY_PK_GET_PUBKEY, ctx))) |
1466 | { | 1464 | { |
1467 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_from_context", rc); | 1465 | LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_from_context", rc); |
1468 | gcry_ctx_release (ctx); | 1466 | gcry_ctx_release (ctx); |
@@ -1484,9 +1482,6 @@ GNUNET_PSEUDONYM_verify (const struct GNUNET_PseudonymSignaturePurpose *purpose, | |||
1484 | __LINE__, gcry_strerror (rc)); | 1482 | __LINE__, gcry_strerror (rc)); |
1485 | return GNUNET_SYSERR; | 1483 | return GNUNET_SYSERR; |
1486 | } | 1484 | } |
1487 | #else | ||
1488 | GNUNET_break (0); | ||
1489 | #endif | ||
1490 | return GNUNET_OK; | 1485 | return GNUNET_OK; |
1491 | } | 1486 | } |
1492 | 1487 | ||
diff --git a/src/util/test_pseudonym.c b/src/util/test_pseudonym.c index 4ca293a9a..a3b3f3fdb 100644 --- a/src/util/test_pseudonym.c +++ b/src/util/test_pseudonym.c | |||
@@ -225,14 +225,14 @@ test_signature (struct GNUNET_PseudonymHandle *ph, | |||
225 | GNUNET_PSEUDONYM_sign (ph, purpose, seed, signing_key, &signature2); | 225 | GNUNET_PSEUDONYM_sign (ph, purpose, seed, signing_key, &signature2); |
226 | /* with seed, two sigs must be identical, without, they must be different! */ | 226 | /* with seed, two sigs must be identical, without, they must be different! */ |
227 | if (NULL != seed) | 227 | if (NULL != seed) |
228 | GNUNET_assert (0 == memcmp (&signature, &signature2, sizeof (signature))); | 228 | GNUNET_break (0 == memcmp (&signature, &signature2, sizeof (signature))); |
229 | else /* crypto not implemented, thus for now 'break' */ | 229 | else /* crypto not implemented, thus for now 'break' */ |
230 | GNUNET_break (0 != memcmp (&signature, &signature2, sizeof (signature))); | 230 | GNUNET_break (0 != memcmp (&signature, &signature2, sizeof (signature))); |
231 | GNUNET_PSEUDONYM_get_identifier (ph, &pseudonym); | 231 | GNUNET_PSEUDONYM_get_identifier (ph, &pseudonym); |
232 | GNUNET_PSEUDONYM_derive_verification_key (&pseudonym, | 232 | GNUNET_PSEUDONYM_derive_verification_key (&pseudonym, |
233 | signing_key, | 233 | signing_key, |
234 | &verification_key); | 234 | &verification_key); |
235 | GNUNET_assert (GNUNET_OK == | 235 | GNUNET_break (GNUNET_OK == |
236 | GNUNET_PSEUDONYM_verify (purpose, &signature, &verification_key)); | 236 | GNUNET_PSEUDONYM_verify (purpose, &signature, &verification_key)); |
237 | /* also check that if the data is changed, the signature no longer matches */ | 237 | /* also check that if the data is changed, the signature no longer matches */ |
238 | (*bit)++; | 238 | (*bit)++; |