aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2013-04-14 18:45:55 +0000
committerChristian Grothoff <christian@grothoff.org>2013-04-14 18:45:55 +0000
commit7d9d8f793ebc261192fe33a87905133e1bf36512 (patch)
treed9dd0eaa5863a36878cd65190aeff96a41f25ca4
parentd03a033c429a993d0d0511600fef0c15ada5d950 (diff)
downloadgnunet-7d9d8f793ebc261192fe33a87905133e1bf36512.tar.gz
gnunet-7d9d8f793ebc261192fe33a87905133e1bf36512.zip
-move pseudonym code to fs, mark fs as experimental for now
-rw-r--r--src/Makefile.am3
-rw-r--r--src/fs/Makefile.am14
-rw-r--r--src/fs/fs_pseudonym.c (renamed from src/util/pseudonym.c)130
-rw-r--r--src/fs/plugin_block_fs.c1
-rw-r--r--src/fs/test_pseudonym.c (renamed from src/util/test_pseudonym.c)8
-rw-r--r--src/include/Makefile.am1
-rw-r--r--src/include/block_fs.h1
-rw-r--r--src/include/gnunet_fs_service.h371
-rw-r--r--src/include/gnunet_pseudonym_lib.h418
-rw-r--r--src/include/gnunet_util_lib.h1
-rw-r--r--src/util/Makefile.am7
11 files changed, 490 insertions, 465 deletions
diff --git a/src/Makefile.am b/src/Makefile.am
index 771432a91..11e260e5a 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -3,7 +3,7 @@
3#endif 3#endif
4 4
5if HAVE_EXPERIMENTAL 5if HAVE_EXPERIMENTAL
6 EXP_DIR = chat consensus dv 6 EXP_DIR = fs chat consensus dv
7endif 7endif
8 8
9if LINUX 9if LINUX
@@ -55,7 +55,6 @@ SUBDIRS = \
55 mesh \ 55 mesh \
56 lockmanager \ 56 lockmanager \
57 stream \ 57 stream \
58 fs \
59 $(LINUX_DIR) \ 58 $(LINUX_DIR) \
60 $(MINGW_DIR) \ 59 $(MINGW_DIR) \
61 integration-tests \ 60 integration-tests \
diff --git a/src/fs/Makefile.am b/src/fs/Makefile.am
index 54267c57c..e9d5f40db 100644
--- a/src/fs/Makefile.am
+++ b/src/fs/Makefile.am
@@ -34,6 +34,7 @@ libgnunetfs_la_SOURCES = \
34 fs_file_information.c \ 34 fs_file_information.c \
35 fs_getopt.c \ 35 fs_getopt.c \
36 fs_list_indexed.c \ 36 fs_list_indexed.c \
37 fs_pseudonym.c \
37 fs_publish.c \ 38 fs_publish.c \
38 fs_publish_ksk.c \ 39 fs_publish_ksk.c \
39 fs_misc.c \ 40 fs_misc.c \
@@ -47,7 +48,7 @@ libgnunetfs_la_SOURCES = \
47libgnunetfs_la_LIBADD = \ 48libgnunetfs_la_LIBADD = \
48 $(top_builddir)/src/datastore/libgnunetdatastore.la \ 49 $(top_builddir)/src/datastore/libgnunetdatastore.la \
49 $(top_builddir)/src/util/libgnunetutil.la \ 50 $(top_builddir)/src/util/libgnunetutil.la \
50 $(GN_LIBINTL) $(XLIB) -lunistring -lextractor 51 $(GN_LIBINTL) $(XLIB) -lunistring -lextractor -lgcrypt
51 52
52libgnunetfs_la_LDFLAGS = \ 53libgnunetfs_la_LDFLAGS = \
53 $(GN_LIB_LDFLAGS) $(WINFLAGS) \ 54 $(GN_LIB_LDFLAGS) $(WINFLAGS) \
@@ -214,6 +215,7 @@ libgnunet_plugin_block_fs_la_SOURCES = \
214 plugin_block_fs.c 215 plugin_block_fs.c
215libgnunet_plugin_block_fs_la_LIBADD = \ 216libgnunet_plugin_block_fs_la_LIBADD = \
216 $(top_builddir)/src/block/libgnunetblock.la \ 217 $(top_builddir)/src/block/libgnunetblock.la \
218 $(top_builddir)/src/fs/libgnunetfs.la \
217 $(top_builddir)/src/util/libgnunetutil.la \ 219 $(top_builddir)/src/util/libgnunetutil.la \
218 $(LTLIBINTL) 220 $(LTLIBINTL)
219libgnunet_plugin_block_fs_la_LDFLAGS = \ 221libgnunet_plugin_block_fs_la_LDFLAGS = \
@@ -243,6 +245,7 @@ check_PROGRAMS = \
243 test_fs_list_indexed \ 245 test_fs_list_indexed \
244 test_fs_namespace \ 246 test_fs_namespace \
245 test_fs_namespace_list_updateable \ 247 test_fs_namespace_list_updateable \
248 test_pseudonym \
246 test_fs_publish \ 249 test_fs_publish \
247 test_fs_publish_persistence \ 250 test_fs_publish_persistence \
248 test_fs_search \ 251 test_fs_search \
@@ -288,6 +291,7 @@ TESTS = \
288 test_fs_list_indexed \ 291 test_fs_list_indexed \
289 test_fs_namespace \ 292 test_fs_namespace \
290 test_fs_namespace_list_updateable \ 293 test_fs_namespace_list_updateable \
294 test_pseudonym \
291 test_fs_publish \ 295 test_fs_publish \
292 test_fs_publish_persistence \ 296 test_fs_publish_persistence \
293 test_fs_search \ 297 test_fs_search \
@@ -308,6 +312,14 @@ TESTS = \
308endif 312endif
309 313
310 314
315test_pseudonym_SOURCES = \
316 test_pseudonym.c
317test_pseudonym_LDADD = \
318 -lgcrypt \
319 $(top_builddir)/src/fs/libgnunetfs.la \
320 $(top_builddir)/src/util/libgnunetutil.la
321
322
311test_fs_directory_SOURCES = \ 323test_fs_directory_SOURCES = \
312 test_fs_directory.c 324 test_fs_directory.c
313test_fs_directory_LDADD = \ 325test_fs_directory_LDADD = \
diff --git a/src/util/pseudonym.c b/src/fs/fs_pseudonym.c
index 497f6ad6f..5e9c9816e 100644
--- a/src/util/pseudonym.c
+++ b/src/fs/fs_pseudonym.c
@@ -18,8 +18,8 @@
18 Boston, MA 02111-1307, USA. 18 Boston, MA 02111-1307, USA.
19*/ 19*/
20/** 20/**
21 * @file util/pseudonym.c 21 * @file fs/fs_pseudonym.c
22 * @brief helper functions 22 * @brief pseudonym functions
23 * @author Christian Grothoff 23 * @author Christian Grothoff
24 * 24 *
25 * TODO: 25 * TODO:
@@ -27,13 +27,11 @@
27 * provided by stubs that merely pretend to work! 27 * provided by stubs that merely pretend to work!
28 */ 28 */
29#include "platform.h" 29#include "platform.h"
30#include "gnunet_common.h" 30#include "gnunet_util_lib.h"
31#include "gnunet_container_lib.h" 31#include "gnunet_fs_service.h"
32#include "gnunet_disk_lib.h"
33#include "gnunet_pseudonym_lib.h"
34#include "gnunet_bio_lib.h"
35#include <gcrypt.h> 32#include <gcrypt.h>
36 33
34
37#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__) 35#define LOG(kind,...) GNUNET_log_from (kind, "util", __VA_ARGS__)
38 36
39#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall) 37#define LOG_STRERROR(kind,syscall) GNUNET_log_from_strerror (kind, "util", syscall)
@@ -61,7 +59,7 @@
61/** 59/**
62 * Configuration section we use. 60 * Configuration section we use.
63 */ 61 */
64#define GNUNET_CLIENT_SERVICE_NAME "client" 62#define GNUNET_CLIENT_SERVICE_NAME "fs"
65 63
66 64
67/* ************************* Disk operations (pseudonym data mgmt) **************** */ 65/* ************************* Disk operations (pseudonym data mgmt) **************** */
@@ -1069,17 +1067,19 @@ data_to_pkcs1 (const struct GNUNET_PseudonymSignaturePurpose *purpose)
1069 return data; 1067 return data;
1070} 1068}
1071 1069
1070gcry_ctx_t xctx;
1071
1072 1072
1073/** 1073/**
1074 * Cryptographically sign some data with the pseudonym. 1074 * Cryptographically sign some data with the pseudonym.
1075 * 1075 *
1076 * @param ph private key used for signing (corresponds to 'x' in #2564) 1076 * @param ph private key 'd' used for signing (corresponds to 'x' in #2564)
1077 * @param purpose data to sign 1077 * @param purpose data to sign
1078 * @param seed hash of the plaintext of the data that we are signing, 1078 * @param seed hash of the plaintext of the data that we are signing,
1079 * used for deterministic PRNG for anonymous signing; 1079 * used for deterministic PRNG for anonymous signing;
1080 * corresponds to 'k' in section 2.7 of #2564 1080 * corresponds to 'k' in section 2.7 of #2564
1081 * @param signing_key modifier to apply to the private key for signing; 1081 * @param signing_key modifier to apply to the private key for signing ('h');
1082 * corresponds to 'h' in section 2.3 of #2564. 1082 * see section 2.3 of #2564.
1083 * @param signature where to store the signature 1083 * @param signature where to store the signature
1084 * @return GNUNET_SYSERR on failure 1084 * @return GNUNET_SYSERR on failure
1085 */ 1085 */
@@ -1092,10 +1092,10 @@ GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph,
1092{ 1092{
1093 size_t size; 1093 size_t size;
1094 size_t erroff; 1094 size_t erroff;
1095 gcry_mpi_t x; 1095 gcry_mpi_t d;
1096 gcry_mpi_t k; 1096 gcry_mpi_t k;
1097 gcry_mpi_t h; 1097 gcry_mpi_t h;
1098 gcry_mpi_t d; 1098 gcry_mpi_t dh;
1099 gcry_mpi_t n; /* n from P-256 */ 1099 gcry_mpi_t n; /* n from P-256 */
1100 gcry_sexp_t spriv; 1100 gcry_sexp_t spriv;
1101 gcry_sexp_t data; 1101 gcry_sexp_t data;
@@ -1103,23 +1103,23 @@ GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph,
1103 gcry_mpi_t rs[2]; 1103 gcry_mpi_t rs[2];
1104 int rc; 1104 int rc;
1105 1105
1106 /* get private key 'x' from pseudonym */ 1106 /* get private key 'd' from pseudonym */
1107 size = sizeof (ph->d); 1107 size = sizeof (ph->d);
1108 if (0 != (rc = gcry_mpi_scan (&x, GCRYMPI_FMT_USG, 1108 if (0 != (rc = gcry_mpi_scan (&d, GCRYMPI_FMT_USG,
1109 &ph->d, 1109 &ph->d,
1110 size, &size))) 1110 size, &size)))
1111 { 1111 {
1112 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); 1112 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1113 return GNUNET_SYSERR; 1113 return GNUNET_SYSERR;
1114 } 1114 }
1115 /* get 'h' value from signing key */ 1115 /* get 'x' value from signing key */
1116 size = sizeof (struct GNUNET_HashCode); 1116 size = sizeof (struct GNUNET_HashCode);
1117 if (0 != (rc = gcry_mpi_scan (&h, GCRYMPI_FMT_USG, 1117 if (0 != (rc = gcry_mpi_scan (&h, GCRYMPI_FMT_USG,
1118 signing_key, 1118 signing_key,
1119 size, &size))) 1119 size, &size)))
1120 { 1120 {
1121 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); 1121 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1122 gcry_mpi_release (x); 1122 gcry_mpi_release (d);
1123 return GNUNET_SYSERR; 1123 return GNUNET_SYSERR;
1124 } 1124 }
1125 1125
@@ -1128,28 +1128,66 @@ GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph,
1128 "0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", 0, NULL))) 1128 "0xffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", 0, NULL)))
1129 { 1129 {
1130 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); 1130 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1131 gcry_mpi_release (x); 1131 gcry_mpi_release (d);
1132 gcry_mpi_release (h); 1132 gcry_mpi_release (h);
1133 return GNUNET_SYSERR; 1133 return GNUNET_SYSERR;
1134 } 1134 }
1135 1135
1136 /* calculate d = x + h mod n */ 1136 /* calculate dx = d + h mod n */
1137 d = gcry_mpi_new (256); 1137 dh = gcry_mpi_new (256);
1138 gcry_mpi_addm (d, x, h, n); 1138 gcry_mpi_addm (dh, d, h, n);
1139 gcry_mpi_release (x); 1139 // gcry_mpi_release (d);
1140 gcry_mpi_release (h); 1140 // gcry_mpi_release (h);
1141 gcry_mpi_release (n); 1141 gcry_mpi_release (n);
1142
1143 if (1) {
1144 gcry_mpi_point_t g;
1145 gcry_mpi_point_t v;
1146 gcry_mpi_point_t hg;
1147 gcry_mpi_point_t q;
1148 gcry_mpi_t v_x;
1149 gcry_mpi_t v_y;
1150
1151 gcry_mpi_ec_new (&xctx, NULL, "NIST P-256");
1152 g = gcry_mpi_ec_get_point ("g", xctx, 0);
1153
1154 hg = gcry_mpi_point_new (0);
1155 gcry_mpi_ec_mul (hg, h, g, xctx);
1156 fprintf (stderr, "\nExpected verification hG value:\n");
1157 v_x = gcry_mpi_new (256);
1158 v_y = gcry_mpi_new (256);
1159 gcry_mpi_ec_get_affine (v_x, v_y, hg, xctx);
1160 gcry_mpi_dump (v_x);
1161 gcry_mpi_dump (v_y);
1162
1163 q = gcry_mpi_point_new (0);
1164 gcry_mpi_ec_mul (q, d, g, xctx);
1165 fprintf (stderr, "\nExpected verification q value:\n");
1166 gcry_mpi_ec_get_affine (v_x, v_y, q, xctx);
1167 gcry_mpi_dump (v_x);
1168 gcry_mpi_dump (v_y);
1169
1170 v = gcry_mpi_point_new (0);
1171 gcry_mpi_ec_add (v, q, hg, xctx);
1172 gcry_mpi_ec_get_affine (v_x, v_y, v, xctx);
1173 fprintf (stderr, "\nExpected verification key public point value V := q + hG:\n");
1174 gcry_mpi_dump (v_x);
1175 gcry_mpi_dump (v_y);
1176 fprintf (stderr, "\n");
1177
1178 }
1179
1142 1180
1143 /* now build sexpression with the signing key */ 1181 /* now build sexpression with the signing key */
1144 if (0 != (rc = gcry_sexp_build (&spriv, &erroff, 1182 if (0 != (rc = gcry_sexp_build (&spriv, &erroff,
1145 "(private-key(ecdsa(curve \"NIST P-256\")(d %m)))", 1183 "(private-key(ecdsa(curve \"NIST P-256\")(d %m)))",
1146 d))) 1184 dh)))
1147 { 1185 {
1148 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc); 1186 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_sexp_build", rc);
1149 gcry_mpi_release (d); 1187 gcry_mpi_release (dh);
1150 return GNUNET_SYSERR; 1188 return GNUNET_SYSERR;
1151 } 1189 }
1152 gcry_mpi_release (d); 1190 gcry_mpi_release (dh);
1153 /* prepare data for signing */ 1191 /* prepare data for signing */
1154 data = data_to_pkcs1 (purpose); 1192 data = data_to_pkcs1 (purpose);
1155 1193
@@ -1162,7 +1200,6 @@ GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph,
1162 size, &size))) 1200 size, &size)))
1163 { 1201 {
1164 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc); 1202 LOG_GCRY (GNUNET_ERROR_TYPE_ERROR, "gcry_mpi_scan", rc);
1165 gcry_mpi_release (x);
1166 return GNUNET_SYSERR; 1203 return GNUNET_SYSERR;
1167 } 1204 }
1168 } 1205 }
@@ -1276,10 +1313,10 @@ get_context_from_pseudonym (struct GNUNET_PseudonymIdentifier *pseudonym)
1276 * Given a pseudonym and a signing key, derive the corresponding public 1313 * Given a pseudonym and a signing key, derive the corresponding public
1277 * key that would be used to verify the resulting signature. 1314 * key that would be used to verify the resulting signature.
1278 * 1315 *
1279 * @param pseudonym the public key (g^x in DSA, dQ in ECDSA) 1316 * @param pseudonym the public key (dQ in ECDSA)
1280 * @param signing_key input to derive 'h' (see section 2.4 of #2564) 1317 * @param signing_key input to derive 'h' (see section 2.4 of #2564)
1281 * @param verification_key resulting public key to verify the signature 1318 * @param verification_key resulting public key to verify the signature
1282 * created from the 'ph' of 'pseudonym' and the 'signing_key'; 1319 * created from the '(d+h)' of 'pseudonym' and the 'signing_key';
1283 * the value stored here can then be given to GNUNET_PSEUDONYM_verify. 1320 * the value stored here can then be given to GNUNET_PSEUDONYM_verify.
1284 * @return GNUNET_OK on success, GNUNET_SYSERR on error 1321 * @return GNUNET_OK on success, GNUNET_SYSERR on error
1285 */ 1322 */
@@ -1320,19 +1357,45 @@ GNUNET_PSEUDONYM_derive_verification_key (struct GNUNET_PseudonymIdentifier *pse
1320 /* then call the 'multiply' function, to compute the product hG */ 1357 /* then call the 'multiply' function, to compute the product hG */
1321 hg = gcry_mpi_point_new (0); 1358 hg = gcry_mpi_point_new (0);
1322 gcry_mpi_ec_mul (hg, h, g, ctx); 1359 gcry_mpi_ec_mul (hg, h, g, ctx);
1360
1361 {
1362 fprintf (stderr, "\nVerification hG value:\n");
1363 v_x = gcry_mpi_new (256);
1364 v_y = gcry_mpi_new (256);
1365 gcry_mpi_ec_get_affine (v_x, v_y, hg, ctx);
1366 gcry_mpi_dump (v_x);
1367 gcry_mpi_dump (v_y);
1368 }
1323 gcry_mpi_release (h); 1369 gcry_mpi_release (h);
1324 1370
1325 /* get Q = dG from 'pseudonym' */ 1371 /* get Q = dG from 'pseudonym' */
1326 q = gcry_mpi_ec_get_point ("q", ctx, 0); 1372 q = gcry_mpi_ec_get_point ("q", ctx, 0);
1327 1373 {
1328 /* calculate V = q + hG = dG + hG */ 1374 fprintf (stderr, "\nVerification q value:\n");
1375 v_x = gcry_mpi_new (256);
1376 v_y = gcry_mpi_new (256);
1377 gcry_mpi_ec_get_affine (v_x, v_y, q, ctx);
1378 gcry_mpi_dump (v_x);
1379 gcry_mpi_dump (v_y);
1380 }
1381 /* calculate V = Q + hG = dG + hG = (d + h)G*/
1329 v = gcry_mpi_point_new (0); 1382 v = gcry_mpi_point_new (0);
1330 gcry_mpi_ec_add (v, q, hg, ctx); 1383 gcry_mpi_ec_add (v, q, hg, xctx);
1384 /* FIXME: free 'hg'? */
1331 1385
1332 /* store 'v' point in "verification_key" */ 1386 /* store 'v' point in "verification_key" */
1333 v_x = gcry_mpi_new (256); 1387 v_x = gcry_mpi_new (256);
1334 v_y = gcry_mpi_new (256); 1388 v_y = gcry_mpi_new (256);
1335 gcry_mpi_ec_get_affine (v_x, v_y, v, ctx); 1389 gcry_mpi_ec_get_affine (v_x, v_y, v, xctx);
1390
1391 {
1392 fprintf (stderr, "\nVerification key public point value V := q + hG:\n");
1393 gcry_mpi_dump (v_x);
1394 gcry_mpi_dump (v_y);
1395 fprintf (stderr, " <=== WTF!?\n");
1396 }
1397
1398
1336 gcry_mpi_point_release (v); 1399 gcry_mpi_point_release (v);
1337 gcry_ctx_release (ctx); 1400 gcry_ctx_release (ctx);
1338 1401
@@ -1480,6 +1543,7 @@ GNUNET_PSEUDONYM_verify (const struct GNUNET_PseudonymSignaturePurpose *purpose,
1480 LOG (GNUNET_ERROR_TYPE_WARNING, 1543 LOG (GNUNET_ERROR_TYPE_WARNING,
1481 _("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__, 1544 _("ECDSA signature verification failed at %s:%d: %s\n"), __FILE__,
1482 __LINE__, gcry_strerror (rc)); 1545 __LINE__, gcry_strerror (rc));
1546exit (1);
1483 return GNUNET_SYSERR; 1547 return GNUNET_SYSERR;
1484 } 1548 }
1485 return GNUNET_OK; 1549 return GNUNET_OK;
diff --git a/src/fs/plugin_block_fs.c b/src/fs/plugin_block_fs.c
index 468dd96a3..a05283f16 100644
--- a/src/fs/plugin_block_fs.c
+++ b/src/fs/plugin_block_fs.c
@@ -26,6 +26,7 @@
26 26
27#include "platform.h" 27#include "platform.h"
28#include "gnunet_block_plugin.h" 28#include "gnunet_block_plugin.h"
29#include "gnunet_fs_service.h"
29#include "block_fs.h" 30#include "block_fs.h"
30#include "gnunet_signatures.h" 31#include "gnunet_signatures.h"
31 32
diff --git a/src/util/test_pseudonym.c b/src/fs/test_pseudonym.c
index a3b3f3fdb..5247d6dcc 100644
--- a/src/util/test_pseudonym.c
+++ b/src/fs/test_pseudonym.c
@@ -19,13 +19,14 @@
19*/ 19*/
20 20
21/** 21/**
22 * @file util/test_pseudonym.c 22 * @file fs/test_pseudonym.c
23 * @brief testcase for pseudonym.c 23 * @brief testcase for fs_pseudonym.c
24 * @author Christian Grothoff 24 * @author Christian Grothoff
25 */ 25 */
26#include "platform.h" 26#include "platform.h"
27#include "gnunet_common.h" 27#include "gnunet_common.h"
28#include "gnunet_util_lib.h" 28#include "gnunet_util_lib.h"
29#include "gnunet_fs_service.h"
29#include "gnunet_signatures.h" 30#include "gnunet_signatures.h"
30 31
31#define CHECK(a) do { if (!(a)) { ok = GNUNET_NO; GNUNET_break(0); goto FAILURE; } } while (0) 32#define CHECK(a) do { if (!(a)) { ok = GNUNET_NO; GNUNET_break(0); goto FAILURE; } } while (0)
@@ -222,12 +223,15 @@ test_signature (struct GNUNET_PseudonymHandle *ph,
222 struct GNUNET_PseudonymIdentifier verification_key; 223 struct GNUNET_PseudonymIdentifier verification_key;
223 224
224 GNUNET_PSEUDONYM_sign (ph, purpose, seed, signing_key, &signature); 225 GNUNET_PSEUDONYM_sign (ph, purpose, seed, signing_key, &signature);
226 if (0)
227 {
225 GNUNET_PSEUDONYM_sign (ph, purpose, seed, signing_key, &signature2); 228 GNUNET_PSEUDONYM_sign (ph, purpose, seed, signing_key, &signature2);
226 /* with seed, two sigs must be identical, without, they must be different! */ 229 /* with seed, two sigs must be identical, without, they must be different! */
227 if (NULL != seed) 230 if (NULL != seed)
228 GNUNET_break (0 == memcmp (&signature, &signature2, sizeof (signature))); 231 GNUNET_break (0 == memcmp (&signature, &signature2, sizeof (signature)));
229 else /* crypto not implemented, thus for now 'break' */ 232 else /* crypto not implemented, thus for now 'break' */
230 GNUNET_break (0 != memcmp (&signature, &signature2, sizeof (signature))); 233 GNUNET_break (0 != memcmp (&signature, &signature2, sizeof (signature)));
234 }
231 GNUNET_PSEUDONYM_get_identifier (ph, &pseudonym); 235 GNUNET_PSEUDONYM_get_identifier (ph, &pseudonym);
232 GNUNET_PSEUDONYM_derive_verification_key (&pseudonym, 236 GNUNET_PSEUDONYM_derive_verification_key (&pseudonym,
233 signing_key, 237 signing_key,
diff --git a/src/include/Makefile.am b/src/include/Makefile.am
index 0d7a52d39..e27fc7027 100644
--- a/src/include/Makefile.am
+++ b/src/include/Makefile.am
@@ -67,7 +67,6 @@ gnunetinclude_HEADERS = \
67 gnunet_postgres_lib.h \ 67 gnunet_postgres_lib.h \
68 gnunet_program_lib.h \ 68 gnunet_program_lib.h \
69 gnunet_protocols.h \ 69 gnunet_protocols.h \
70 gnunet_pseudonym_lib.h \
71 gnunet_resolver_service.h \ 70 gnunet_resolver_service.h \
72 gnunet_regex_lib.h \ 71 gnunet_regex_lib.h \
73 gnunet_scheduler_lib.h \ 72 gnunet_scheduler_lib.h \
diff --git a/src/include/block_fs.h b/src/include/block_fs.h
index 6f37dcf0e..233d8035e 100644
--- a/src/include/block_fs.h
+++ b/src/include/block_fs.h
@@ -27,6 +27,7 @@
27#define BLOCK_FS_H 27#define BLOCK_FS_H
28 28
29#include "gnunet_util_lib.h" 29#include "gnunet_util_lib.h"
30#include "gnunet_fs_service.h"
30 31
31 32
32/** 33/**
diff --git a/src/include/gnunet_fs_service.h b/src/include/gnunet_fs_service.h
index 931406e2d..6143f0630 100644
--- a/src/include/gnunet_fs_service.h
+++ b/src/include/gnunet_fs_service.h
@@ -79,6 +79,78 @@ extern "C"
79 */ 79 */
80struct GNUNET_FS_Uri; 80struct GNUNET_FS_Uri;
81 81
82
83/**
84 * Identifier for a GNUnet pseudonym (the public key).
85 * Q-point, Q=dp.
86 */
87struct GNUNET_PseudonymIdentifier
88{
89 /**
90 * Q consists of an x- and a y-value, each mod p (256 bits),
91 * given here in affine coordinates.
92 */
93 unsigned char q_x[256 / 8];
94
95 /**
96 * Q consists of an x- and a y-value, each mod p (256 bits),
97 * given here in affine coordinates.
98 */
99 unsigned char q_y[256 / 8];
100
101};
102
103
104/**
105 * Handle for a pseudonym (private key).
106 */
107struct GNUNET_PseudonymHandle;
108
109
110/**
111 * Signature made with a pseudonym (includes the full public key).
112 * The ECDSA signature is a pair (r,s) with r = x1 mod n where
113 * (x1,y1) = kG for "random" k and s = k^{-1}(z + rd) mod n,
114 * where z is derived from the hash of the message that is being
115 * signed.
116 */
117struct GNUNET_PseudonymSignature
118{
119
120 /**
121 * Who created the signature? (public key of the signer), 'd' value in NIST P-256.
122 */
123 struct GNUNET_PseudonymIdentifier signer;
124
125 /**
126 * Binary ECDSA signature data, r-value. Value is mod n, and n is 256 bits.
127 */
128 unsigned char sig_r[256 / 8];
129
130 /**
131 * Binary ECDSA signature data, s-value. Value is mod n, and n is 256 bits.
132 */
133 unsigned char sig_s[256 / 8];
134};
135
136
137/**
138 * Purpose for signature made with a pseudonym.
139 */
140struct GNUNET_PseudonymSignaturePurpose
141{
142 /**
143 * How many bytes are being signed (including this header)?
144 */
145 uint32_t size;
146
147 /**
148 * What is the context/purpose of the signature?
149 */
150 uint32_t purpose;
151};
152
153
82/** 154/**
83 * Iterator over keywords 155 * Iterator over keywords
84 * 156 *
@@ -90,6 +162,303 @@ struct GNUNET_FS_Uri;
90typedef int (*GNUNET_FS_KeywordIterator) (void *cls, const char *keyword, 162typedef int (*GNUNET_FS_KeywordIterator) (void *cls, const char *keyword,
91 int is_mandatory); 163 int is_mandatory);
92 164
165
166
167
168/**
169 * Create a pseudonym.
170 *
171 * @param filename name of the file to use for storage, NULL for in-memory only
172 * @return handle to the private key of the pseudonym
173 */
174struct GNUNET_PseudonymHandle *
175GNUNET_PSEUDONYM_create (const char *filename);
176
177
178/**
179 * Create a pseudonym, from a file that must already exist.
180 *
181 * @param filename name of the file to use for storage, NULL for in-memory only
182 * @return handle to the private key of the pseudonym
183 */
184struct GNUNET_PseudonymHandle *
185GNUNET_PSEUDONYM_create_from_existing_file (const char *filename);
186
187
188/**
189 * Get the handle for the 'anonymous' pseudonym shared by all users.
190 * That pseudonym uses a fixed 'secret' for the private key; this
191 * construction is useful to make anonymous and pseudonymous APIs
192 * (and packets) indistinguishable on the network. See #2564.
193 *
194 * @return handle to the (non-secret) private key of the 'anonymous' pseudonym
195 */
196struct GNUNET_PseudonymHandle *
197GNUNET_PSEUDONYM_get_anonymous_pseudonym_handle (void);
198
199
200/**
201 * Destroy a pseudonym handle. Does NOT remove the private key from
202 * the disk.
203 *
204 * @param ph pseudonym handle to destroy
205 */
206void
207GNUNET_PSEUDONYM_destroy (struct GNUNET_PseudonymHandle *ph);
208
209
210/**
211 * Cryptographically sign some data with the pseudonym.
212 *
213 * @param ph private key used for signing (corresponds to 'x' in #2564)
214 * @param purpose data to sign
215 * @param seed hash of the plaintext of the data that we are signing,
216 * used for deterministic PRNG for anonymous signing;
217 * corresponds to 'k' in section 2.7 of #2564
218 * @param signing_key modifier to apply to the private key for signing;
219 * corresponds to 'h' in section 2.3 of #2564.
220 * @param signature where to store the signature
221 * @return GNUNET_SYSERR on failure
222 */
223int
224GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph,
225 const struct GNUNET_PseudonymSignaturePurpose *purpose,
226 const struct GNUNET_HashCode *seed,
227 const struct GNUNET_HashCode *signing_key,
228 struct GNUNET_PseudonymSignature *signature);
229
230
231/**
232 * Given a pseudonym and a signing key, derive the corresponding public
233 * key that would be used to verify the resulting signature.
234 *
235 * @param pseudonym the public key (g^x in DSA, dQ in ECDSA)
236 * @param signing_key input to derive 'h' (see section 2.4 of #2564)
237 * @param verification_key resulting public key to verify the signature
238 * created from the 'ph' of 'pseudonym' and the 'signing_key';
239 * the value stored here can then be given to GNUNET_PSEUDONYM_verify.
240 * @return GNUNET_OK on success, GNUNET_SYSERR on error
241 */
242int
243GNUNET_PSEUDONYM_derive_verification_key (struct GNUNET_PseudonymIdentifier *pseudonym,
244 const struct GNUNET_HashCode *signing_key,
245 struct GNUNET_PseudonymIdentifier *verification_key);
246
247
248/**
249 * Verify a signature made with a pseudonym.
250 *
251 * @param purpose data that was signed
252 * @param signature signature to verify
253 * @param verification_key public key to use for checking the signature;
254 * corresponds to 'g^(x+h)' in section 2.4 of #2564.
255 * @return GNUNET_OK on success (signature valid, 'pseudonym' set),
256 * GNUNET_SYSERR if the signature is invalid
257 */
258int
259GNUNET_PSEUDONYM_verify (const struct GNUNET_PseudonymSignaturePurpose *purpose,
260 const struct GNUNET_PseudonymSignature *signature,
261 const struct GNUNET_PseudonymIdentifier *verification_key);
262
263
264/**
265 * Get the identifier (public key) of a pseudonym.
266 *
267 * @param ph pseudonym handle with the private key
268 * @param pseudonym pseudonym identifier (set based on 'ph')
269 */
270void
271GNUNET_PSEUDONYM_get_identifier (struct GNUNET_PseudonymHandle *ph,
272 struct GNUNET_PseudonymIdentifier *pseudonym);
273
274
275
276/**
277 * Iterator over all known pseudonyms.
278 *
279 * @param cls closure
280 * @param pseudonym hash code of public key of pseudonym
281 * @param name name of the pseudonym (might be NULL)
282 * @param unique_name unique name of the pseudonym (might be NULL)
283 * @param md meta data known about the pseudonym
284 * @param rating the local rating of the pseudonym
285 * @return GNUNET_OK to continue iteration, GNUNET_SYSERR to abort
286 */
287typedef int (*GNUNET_PSEUDONYM_Iterator) (void *cls,
288 const struct GNUNET_PseudonymIdentifier *pseudonym,
289 const char *name,
290 const char *unique_name,
291 const struct GNUNET_CONTAINER_MetaData *md,
292 int32_t rating);
293
294
295/**
296 * Change the rank of a pseudonym.
297 *
298 * @param cfg overall configuration
299 * @param pseudonym identity of the pseudonym
300 * @param delta by how much should the rating be changed?
301 * @return new rating of the pseudonym
302 */
303int
304GNUNET_PSEUDONYM_rank (const struct GNUNET_CONFIGURATION_Handle *cfg,
305 const struct GNUNET_PseudonymIdentifier *pseudonym,
306 int32_t delta);
307
308
309/**
310 * Add a pseudonym to the set of known pseudonyms.
311 * For all pseudonym advertisements that we discover
312 * FS should automatically call this function.
313 *
314 * @param cfg overall configuration
315 * @param pseudonym the pseudonym identifier
316 * @param meta metadata for the pseudonym
317 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
318 */
319int
320GNUNET_PSEUDONYM_add (const struct GNUNET_CONFIGURATION_Handle *cfg,
321 const struct GNUNET_PseudonymIdentifier *pseudonym,
322 const struct GNUNET_CONTAINER_MetaData *meta);
323
324
325/**
326 * List all known pseudonyms.
327 *
328 * @param cfg overall configuration
329 * @param iterator function to call for each pseudonym
330 * @param iterator_cls closure for iterator
331 * @return number of pseudonyms found
332 */
333int
334GNUNET_PSEUDONYM_list_all (const struct GNUNET_CONFIGURATION_Handle *cfg,
335 GNUNET_PSEUDONYM_Iterator iterator,
336 void *iterator_cls);
337
338
339/**
340 * Handle for a discovery callback registration.
341 */
342struct GNUNET_PSEUDONYM_DiscoveryHandle;
343
344
345/**
346 * Register callback to be invoked whenever we discover
347 * a new pseudonym.
348 *
349 * @param cfg our configuration
350 * @param iterator function to invoke on discovery
351 * @param iterator_cls closure for iterator
352 * @return registration handle
353 */
354struct GNUNET_PSEUDONYM_DiscoveryHandle *
355GNUNET_PSEUDONYM_discovery_callback_register (const struct GNUNET_CONFIGURATION_Handle *cfg,
356 GNUNET_PSEUDONYM_Iterator iterator,
357 void *iterator_cls);
358
359
360/**
361 * Unregister pseudonym discovery callback.
362 *
363 * @param dh registration to unregister
364 */
365void
366GNUNET_PSEUDONYM_discovery_callback_unregister (struct GNUNET_PSEUDONYM_DiscoveryHandle *dh);
367
368
369/**
370 * Return unique variant of the pseudonym name. Use after
371 * GNUNET_PSEUDONYM_id_to_name() to make sure that name is unique.
372 *
373 * @param cfg configuration
374 * @param pseudonym cryptographic ID of the pseudonym
375 * @param name name to uniquify
376 * @param suffix if not NULL, filled with the suffix value
377 * @return NULL on failure (should never happen), name on success.
378 * Free the name with GNUNET_free().
379 */
380char *
381GNUNET_PSEUDONYM_name_uniquify (const struct GNUNET_CONFIGURATION_Handle *cfg,
382 const struct GNUNET_PseudonymIdentifier *pseudonym,
383 const char *name,
384 unsigned int *suffix);
385
386
387/**
388 * Get pseudonym name, metadata and rank. This is a wrapper around
389 * internal read_info() call, and ensures that returned data is not
390 * invalid (not NULL). Writing back information returned by this
391 * function will give a name "no-name" to pseudonyms that have no
392 * name. This side-effect is unavoidable, but hardly harmful.
393 *
394 * @param cfg configuration
395 * @param pseudonym cryptographic ID of the pseudonym
396 * @param ret_meta a location to store metadata pointer. NULL, if metadata
397 * is not needed. Destroy with GNUNET_CONTAINER_meta_data_destroy().
398 * @param ret_rank a location to store rank. NULL, if rank not needed.
399 * @param ret_name a location to store human-readable name. Name is not unique.
400 * NULL, if name is not needed. Free with GNUNET_free().
401 * @param name_is_a_dup is set to GNUNET_YES, if ret_name was filled with
402 * a duplicate of a "no-name" placeholder
403 * @return GNUNET_OK on success. GNUENT_SYSERR if the data was
404 * unobtainable (in that case ret_* are filled with placeholders -
405 * empty metadata container, rank -1 and a "no-name" name).
406 */
407int
408GNUNET_PSEUDONYM_get_info (const struct GNUNET_CONFIGURATION_Handle *cfg,
409 const struct GNUNET_PseudonymIdentifier *pseudonym,
410 struct GNUNET_CONTAINER_MetaData **ret_meta,
411 int32_t *ret_rank,
412 char **ret_name,
413 int *name_is_a_dup);
414
415
416/**
417 * Get the pseudonym ID belonging to the given pseudonym name.
418 *
419 * @param cfg configuration to use
420 * @param ns_uname unique (!) human-readable name for the pseudonym
421 * @param pseudonym set to pseudonym ID based on 'ns_uname'
422 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
423 */
424int
425GNUNET_PSEUDONYM_name_to_id (const struct GNUNET_CONFIGURATION_Handle *cfg,
426 const char *ns_uname,
427 struct GNUNET_PseudonymIdentifier *pseudonym);
428
429
430/**
431 * Set the pseudonym metadata, rank and name.
432 *
433 * @param cfg overall configuration
434 * @param pseudonym id of the pseudonym
435 * @param name name to set. Must be the non-unique version of it.
436 * May be NULL, in which case it erases pseudonym's name!
437 * @param md metadata to set
438 * May be NULL, in which case it erases pseudonym's metadata!
439 * @param rank rank to assign
440 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
441 */
442int
443GNUNET_PSEUDONYM_set_info (const struct GNUNET_CONFIGURATION_Handle *cfg,
444 const struct GNUNET_PseudonymIdentifier *pseudonym,
445 const char *name,
446 const struct GNUNET_CONTAINER_MetaData *md,
447 int32_t rank);
448
449
450/**
451 * Remove pseudonym from the set of known pseudonyms.
452 *
453 * @param cfg overall configuration
454 * @param id the pseudonym identifier
455 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
456 */
457int
458GNUNET_PSEUDONYM_remove (const struct GNUNET_CONFIGURATION_Handle *cfg,
459 const struct GNUNET_PseudonymIdentifier *id);
460
461
93/** 462/**
94 * Get a unique key from a URI. This is for putting URIs 463 * Get a unique key from a URI. This is for putting URIs
95 * into HashMaps. The key may change between FS implementations. 464 * into HashMaps. The key may change between FS implementations.
@@ -100,6 +469,7 @@ typedef int (*GNUNET_FS_KeywordIterator) (void *cls, const char *keyword,
100void 469void
101GNUNET_FS_uri_to_key (const struct GNUNET_FS_Uri *uri, struct GNUNET_HashCode * key); 470GNUNET_FS_uri_to_key (const struct GNUNET_FS_Uri *uri, struct GNUNET_HashCode * key);
102 471
472
103/** 473/**
104 * Convert a URI to a UTF-8 String. 474 * Convert a URI to a UTF-8 String.
105 * 475 *
@@ -109,6 +479,7 @@ GNUNET_FS_uri_to_key (const struct GNUNET_FS_Uri *uri, struct GNUNET_HashCode *
109char * 479char *
110GNUNET_FS_uri_to_string (const struct GNUNET_FS_Uri *uri); 480GNUNET_FS_uri_to_string (const struct GNUNET_FS_Uri *uri);
111 481
482
112/** 483/**
113 * Convert keyword URI to a human readable format 484 * Convert keyword URI to a human readable format
114 * (i.e. the search query that was used in the first place) 485 * (i.e. the search query that was used in the first place)
diff --git a/src/include/gnunet_pseudonym_lib.h b/src/include/gnunet_pseudonym_lib.h
deleted file mode 100644
index e0b36887b..000000000
--- a/src/include/gnunet_pseudonym_lib.h
+++ /dev/null
@@ -1,418 +0,0 @@
1/*
2 This file is part of GNUnet.
3 (C) 2001--2013 Christian Grothoff (and other contributing authors)
4
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 2, or (at your
8 option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
14
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
19*/
20
21/**
22 * @file include/gnunet_pseudonym_lib.h
23 * @brief functions related to pseudonyms
24 * @author Christian Grothoff
25 */
26
27#ifndef GNUNET_PSEUDONYM_LIB_H
28#define GNUNET_PSEUDONYM_LIB_H
29
30#ifdef __cplusplus
31extern "C"
32{
33#if 0 /* keep Emacsens' auto-indent happy */
34}
35#endif
36#endif
37
38#include "gnunet_common.h"
39#include "gnunet_configuration_lib.h"
40#include "gnunet_container_lib.h"
41
42
43/**
44 * Identifier for a GNUnet pseudonym (the public key).
45 * Q-point, Q=dp.
46 */
47struct GNUNET_PseudonymIdentifier
48{
49 /**
50 * Q consists of an x- and a y-value, each mod p (256 bits),
51 * given here in affine coordinates.
52 */
53 unsigned char q_x[256 / 8];
54
55 /**
56 * Q consists of an x- and a y-value, each mod p (256 bits),
57 * given here in affine coordinates.
58 */
59 unsigned char q_y[256 / 8];
60
61};
62
63
64/**
65 * Handle for a pseudonym (private key).
66 */
67struct GNUNET_PseudonymHandle;
68
69
70/**
71 * Signature made with a pseudonym (includes the full public key).
72 * The ECDSA signature is a pair (r,s) with r = x1 mod n where
73 * (x1,y1) = kG for "random" k and s = k^{-1}(z + rd) mod n,
74 * where z is derived from the hash of the message that is being
75 * signed.
76 */
77struct GNUNET_PseudonymSignature
78{
79
80 /**
81 * Who created the signature? (public key of the signer), 'd' value in NIST P-256.
82 */
83 struct GNUNET_PseudonymIdentifier signer;
84
85 /**
86 * Binary ECDSA signature data, r-value. Value is mod n, and n is 256 bits.
87 */
88 unsigned char sig_r[256 / 8];
89
90 /**
91 * Binary ECDSA signature data, s-value. Value is mod n, and n is 256 bits.
92 */
93 unsigned char sig_s[256 / 8];
94};
95
96
97/**
98 * Purpose for signature made with a pseudonym.
99 */
100struct GNUNET_PseudonymSignaturePurpose
101{
102 /**
103 * How many bytes are being signed (including this header)?
104 */
105 uint32_t size;
106
107 /**
108 * What is the context/purpose of the signature?
109 */
110 uint32_t purpose;
111};
112
113
114/**
115 * Create a pseudonym.
116 *
117 * @param filename name of the file to use for storage, NULL for in-memory only
118 * @return handle to the private key of the pseudonym
119 */
120struct GNUNET_PseudonymHandle *
121GNUNET_PSEUDONYM_create (const char *filename);
122
123
124/**
125 * Create a pseudonym, from a file that must already exist.
126 *
127 * @param filename name of the file to use for storage, NULL for in-memory only
128 * @return handle to the private key of the pseudonym
129 */
130struct GNUNET_PseudonymHandle *
131GNUNET_PSEUDONYM_create_from_existing_file (const char *filename);
132
133
134/**
135 * Get the handle for the 'anonymous' pseudonym shared by all users.
136 * That pseudonym uses a fixed 'secret' for the private key; this
137 * construction is useful to make anonymous and pseudonymous APIs
138 * (and packets) indistinguishable on the network. See #2564.
139 *
140 * @return handle to the (non-secret) private key of the 'anonymous' pseudonym
141 */
142struct GNUNET_PseudonymHandle *
143GNUNET_PSEUDONYM_get_anonymous_pseudonym_handle (void);
144
145
146/**
147 * Destroy a pseudonym handle. Does NOT remove the private key from
148 * the disk.
149 *
150 * @param ph pseudonym handle to destroy
151 */
152void
153GNUNET_PSEUDONYM_destroy (struct GNUNET_PseudonymHandle *ph);
154
155
156/**
157 * Cryptographically sign some data with the pseudonym.
158 *
159 * @param ph private key used for signing (corresponds to 'x' in #2564)
160 * @param purpose data to sign
161 * @param seed hash of the plaintext of the data that we are signing,
162 * used for deterministic PRNG for anonymous signing;
163 * corresponds to 'k' in section 2.7 of #2564
164 * @param signing_key modifier to apply to the private key for signing;
165 * corresponds to 'h' in section 2.3 of #2564.
166 * @param signature where to store the signature
167 * @return GNUNET_SYSERR on failure
168 */
169int
170GNUNET_PSEUDONYM_sign (struct GNUNET_PseudonymHandle *ph,
171 const struct GNUNET_PseudonymSignaturePurpose *purpose,
172 const struct GNUNET_HashCode *seed,
173 const struct GNUNET_HashCode *signing_key,
174 struct GNUNET_PseudonymSignature *signature);
175
176
177/**
178 * Given a pseudonym and a signing key, derive the corresponding public
179 * key that would be used to verify the resulting signature.
180 *
181 * @param pseudonym the public key (g^x in DSA, dQ in ECDSA)
182 * @param signing_key input to derive 'h' (see section 2.4 of #2564)
183 * @param verification_key resulting public key to verify the signature
184 * created from the 'ph' of 'pseudonym' and the 'signing_key';
185 * the value stored here can then be given to GNUNET_PSEUDONYM_verify.
186 * @return GNUNET_OK on success, GNUNET_SYSERR on error
187 */
188int
189GNUNET_PSEUDONYM_derive_verification_key (struct GNUNET_PseudonymIdentifier *pseudonym,
190 const struct GNUNET_HashCode *signing_key,
191 struct GNUNET_PseudonymIdentifier *verification_key);
192
193
194/**
195 * Verify a signature made with a pseudonym.
196 *
197 * @param purpose data that was signed
198 * @param signature signature to verify
199 * @param verification_key public key to use for checking the signature;
200 * corresponds to 'g^(x+h)' in section 2.4 of #2564.
201 * @return GNUNET_OK on success (signature valid, 'pseudonym' set),
202 * GNUNET_SYSERR if the signature is invalid
203 */
204int
205GNUNET_PSEUDONYM_verify (const struct GNUNET_PseudonymSignaturePurpose *purpose,
206 const struct GNUNET_PseudonymSignature *signature,
207 const struct GNUNET_PseudonymIdentifier *verification_key);
208
209
210/**
211 * Get the identifier (public key) of a pseudonym.
212 *
213 * @param ph pseudonym handle with the private key
214 * @param pseudonym pseudonym identifier (set based on 'ph')
215 */
216void
217GNUNET_PSEUDONYM_get_identifier (struct GNUNET_PseudonymHandle *ph,
218 struct GNUNET_PseudonymIdentifier *pseudonym);
219
220
221
222/**
223 * Iterator over all known pseudonyms.
224 *
225 * @param cls closure
226 * @param pseudonym hash code of public key of pseudonym
227 * @param name name of the pseudonym (might be NULL)
228 * @param unique_name unique name of the pseudonym (might be NULL)
229 * @param md meta data known about the pseudonym
230 * @param rating the local rating of the pseudonym
231 * @return GNUNET_OK to continue iteration, GNUNET_SYSERR to abort
232 */
233typedef int (*GNUNET_PSEUDONYM_Iterator) (void *cls,
234 const struct GNUNET_PseudonymIdentifier *pseudonym,
235 const char *name,
236 const char *unique_name,
237 const struct GNUNET_CONTAINER_MetaData *md,
238 int32_t rating);
239
240
241/**
242 * Change the rank of a pseudonym.
243 *
244 * @param cfg overall configuration
245 * @param pseudonym identity of the pseudonym
246 * @param delta by how much should the rating be changed?
247 * @return new rating of the pseudonym
248 */
249int
250GNUNET_PSEUDONYM_rank (const struct GNUNET_CONFIGURATION_Handle *cfg,
251 const struct GNUNET_PseudonymIdentifier *pseudonym,
252 int32_t delta);
253
254
255/**
256 * Add a pseudonym to the set of known pseudonyms.
257 * For all pseudonym advertisements that we discover
258 * FS should automatically call this function.
259 *
260 * @param cfg overall configuration
261 * @param pseudonym the pseudonym identifier
262 * @param meta metadata for the pseudonym
263 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
264 */
265int
266GNUNET_PSEUDONYM_add (const struct GNUNET_CONFIGURATION_Handle *cfg,
267 const struct GNUNET_PseudonymIdentifier *pseudonym,
268 const struct GNUNET_CONTAINER_MetaData *meta);
269
270
271/**
272 * List all known pseudonyms.
273 *
274 * @param cfg overall configuration
275 * @param iterator function to call for each pseudonym
276 * @param iterator_cls closure for iterator
277 * @return number of pseudonyms found
278 */
279int
280GNUNET_PSEUDONYM_list_all (const struct GNUNET_CONFIGURATION_Handle *cfg,
281 GNUNET_PSEUDONYM_Iterator iterator,
282 void *iterator_cls);
283
284
285/**
286 * Handle for a discovery callback registration.
287 */
288struct GNUNET_PSEUDONYM_DiscoveryHandle;
289
290
291/**
292 * Register callback to be invoked whenever we discover
293 * a new pseudonym.
294 *
295 * @param cfg our configuration
296 * @param iterator function to invoke on discovery
297 * @param iterator_cls closure for iterator
298 * @return registration handle
299 */
300struct GNUNET_PSEUDONYM_DiscoveryHandle *
301GNUNET_PSEUDONYM_discovery_callback_register (const struct GNUNET_CONFIGURATION_Handle *cfg,
302 GNUNET_PSEUDONYM_Iterator iterator,
303 void *iterator_cls);
304
305
306/**
307 * Unregister pseudonym discovery callback.
308 *
309 * @param dh registration to unregister
310 */
311void
312GNUNET_PSEUDONYM_discovery_callback_unregister (struct GNUNET_PSEUDONYM_DiscoveryHandle *dh);
313
314
315/**
316 * Return unique variant of the pseudonym name. Use after
317 * GNUNET_PSEUDONYM_id_to_name() to make sure that name is unique.
318 *
319 * @param cfg configuration
320 * @param pseudonym cryptographic ID of the pseudonym
321 * @param name name to uniquify
322 * @param suffix if not NULL, filled with the suffix value
323 * @return NULL on failure (should never happen), name on success.
324 * Free the name with GNUNET_free().
325 */
326char *
327GNUNET_PSEUDONYM_name_uniquify (const struct GNUNET_CONFIGURATION_Handle *cfg,
328 const struct GNUNET_PseudonymIdentifier *pseudonym,
329 const char *name,
330 unsigned int *suffix);
331
332
333/**
334 * Get pseudonym name, metadata and rank. This is a wrapper around
335 * internal read_info() call, and ensures that returned data is not
336 * invalid (not NULL). Writing back information returned by this
337 * function will give a name "no-name" to pseudonyms that have no
338 * name. This side-effect is unavoidable, but hardly harmful.
339 *
340 * @param cfg configuration
341 * @param pseudonym cryptographic ID of the pseudonym
342 * @param ret_meta a location to store metadata pointer. NULL, if metadata
343 * is not needed. Destroy with GNUNET_CONTAINER_meta_data_destroy().
344 * @param ret_rank a location to store rank. NULL, if rank not needed.
345 * @param ret_name a location to store human-readable name. Name is not unique.
346 * NULL, if name is not needed. Free with GNUNET_free().
347 * @param name_is_a_dup is set to GNUNET_YES, if ret_name was filled with
348 * a duplicate of a "no-name" placeholder
349 * @return GNUNET_OK on success. GNUENT_SYSERR if the data was
350 * unobtainable (in that case ret_* are filled with placeholders -
351 * empty metadata container, rank -1 and a "no-name" name).
352 */
353int
354GNUNET_PSEUDONYM_get_info (const struct GNUNET_CONFIGURATION_Handle *cfg,
355 const struct GNUNET_PseudonymIdentifier *pseudonym,
356 struct GNUNET_CONTAINER_MetaData **ret_meta,
357 int32_t *ret_rank,
358 char **ret_name,
359 int *name_is_a_dup);
360
361
362/**
363 * Get the pseudonym ID belonging to the given pseudonym name.
364 *
365 * @param cfg configuration to use
366 * @param ns_uname unique (!) human-readable name for the pseudonym
367 * @param pseudonym set to pseudonym ID based on 'ns_uname'
368 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
369 */
370int
371GNUNET_PSEUDONYM_name_to_id (const struct GNUNET_CONFIGURATION_Handle *cfg,
372 const char *ns_uname,
373 struct GNUNET_PseudonymIdentifier *pseudonym);
374
375
376/**
377 * Set the pseudonym metadata, rank and name.
378 *
379 * @param cfg overall configuration
380 * @param pseudonym id of the pseudonym
381 * @param name name to set. Must be the non-unique version of it.
382 * May be NULL, in which case it erases pseudonym's name!
383 * @param md metadata to set
384 * May be NULL, in which case it erases pseudonym's metadata!
385 * @param rank rank to assign
386 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
387 */
388int
389GNUNET_PSEUDONYM_set_info (const struct GNUNET_CONFIGURATION_Handle *cfg,
390 const struct GNUNET_PseudonymIdentifier *pseudonym,
391 const char *name,
392 const struct GNUNET_CONTAINER_MetaData *md,
393 int32_t rank);
394
395
396/**
397 * Remove pseudonym from the set of known pseudonyms.
398 *
399 * @param cfg overall configuration
400 * @param id the pseudonym identifier
401 * @return GNUNET_OK on success, GNUNET_SYSERR on failure
402 */
403int
404GNUNET_PSEUDONYM_remove (const struct GNUNET_CONFIGURATION_Handle *cfg,
405 const struct GNUNET_PseudonymIdentifier *id);
406
407
408
409#if 0 /* keep Emacsens' auto-indent happy */
410{
411#endif
412#ifdef __cplusplus
413}
414#endif
415
416/* ifndef GNUNET_PSEUDONYM_LIB_H */
417#endif
418/* end of gnunet_pseudonym_lib.h */
diff --git a/src/include/gnunet_util_lib.h b/src/include/gnunet_util_lib.h
index 5f01cded8..30ec7cd3f 100644
--- a/src/include/gnunet_util_lib.h
+++ b/src/include/gnunet_util_lib.h
@@ -53,7 +53,6 @@ extern "C"
53#include "gnunet_plugin_lib.h" 53#include "gnunet_plugin_lib.h"
54#include "gnunet_program_lib.h" 54#include "gnunet_program_lib.h"
55#include "gnunet_protocols.h" 55#include "gnunet_protocols.h"
56#include "gnunet_pseudonym_lib.h"
57#include "gnunet_scheduler_lib.h" 56#include "gnunet_scheduler_lib.h"
58#include "gnunet_server_lib.h" 57#include "gnunet_server_lib.h"
59#include "gnunet_service_lib.h" 58#include "gnunet_service_lib.h"
diff --git a/src/util/Makefile.am b/src/util/Makefile.am
index ef9ec7281..42d91c0ba 100644
--- a/src/util/Makefile.am
+++ b/src/util/Makefile.am
@@ -96,7 +96,6 @@ libgnunetutil_la_SOURCES = \
96 peer.c \ 96 peer.c \
97 plugin.c \ 97 plugin.c \
98 program.c \ 98 program.c \
99 pseudonym.c \
100 resolver_api.c resolver.h \ 99 resolver_api.c resolver.h \
101 scheduler.c \ 100 scheduler.c \
102 server.c \ 101 server.c \
@@ -234,7 +233,6 @@ check_PROGRAMS = \
234 test_peer \ 233 test_peer \
235 test_plugin \ 234 test_plugin \
236 test_program \ 235 test_program \
237 test_pseudonym \
238 test_resolver_api \ 236 test_resolver_api \
239 test_scheduler \ 237 test_scheduler \
240 test_scheduler_delay \ 238 test_scheduler_delay \
@@ -436,11 +434,6 @@ test_program_SOURCES = \
436test_program_LDADD = \ 434test_program_LDADD = \
437 $(top_builddir)/src/util/libgnunetutil.la 435 $(top_builddir)/src/util/libgnunetutil.la
438 436
439test_pseudonym_SOURCES = \
440 test_pseudonym.c
441test_pseudonym_LDADD = \
442 $(top_builddir)/src/util/libgnunetutil.la
443
444test_resolver_api_SOURCES = \ 437test_resolver_api_SOURCES = \
445 test_resolver_api.c 438 test_resolver_api.c
446test_resolver_api_LDADD = \ 439test_resolver_api_LDADD = \